Tactics
Techniques
Countermeasures
Countermeasures
SPARTA Requirements
Space Segment Control Tailoring
NIST References
ISO IEC 27001
NASA Best Practice Guide
D3FEND
Tactics
Technqiues
Artifacts
Resources
SPARTA User Guide
TTP Recommended Practices
General Information
FAQ
Working with SPARTA
Updates
SPARTA Versions
Contribute
Related Work
Indicators of Behavior
Spacecraft Functional Decomposition
Space System Cybersecurity Questionnaire
Defense-in-Depth Space Systems
Threat Levels
Threats
Risk Assessment
Cybersecurity Protections for
Spacecraft: A Threat Based
Approach (pdf)
Tools
Navigator
Countermeasure Mapper
Control Mapper
Spacecraft Mapper
JSON Creator
Notional Risk Scores
Attack Flow (
Code
|
Tool
)
Search
Updates
v3.2
v3.1
v3.0
v2.0
v1.6
v1.5
v1.5.1
v1.4
v1.3
v1.3.2
v1.3.1
v1.3.1.1
v1.2
v1.1
v1.0
Home
Resources
Updates
Update - SPARTA v3.2
Start Date
End Date
March 11 2026
This is the current version of SPARTA
Below highlights the changes to the website, techniques, sub-techniques, and/or countermeasures.
Website Updates
Updated
User Guide
Space Segment Guidance for NIST Controls
Added Tiers to
CMs
Added
CM Prioritization
presentation
Revamped
SPARTA requirements
BSI TR-03184
Mappings for TTPs and CMs
NIST CSF 2.0
Mappings to CMs
Revamped Technique descriptions
Techniques
New Techniques
Modified Techniques
REC-0001:
Gather Spacecraft Design Information
REC-0002:
Gather Spacecraft Descriptors
REC-0003:
Gather Spacecraft Communications Information
REC-0004:
Gather Launch Information
REC-0005:
Eavesdropping
REC-0006:
Gather FSW Development Information
REC-0007:
Monitor for Safe-Mode Indicators
REC-0008:
Gather Supply Chain Information
REC-0009:
Gather Mission Information
RD-0001:
Acquire Infrastructure
RD-0002:
Compromise Infrastructure
RD-0003:
Obtain Cyber Capabilities
RD-0004:
Stage Capabilities
RD-0005:
Obtain Non-Cyber Capabilities
IA-0001:
Compromise Supply Chain
IA-0002:
Compromise Software Defined Radio
IA-0003:
Crosslink via Compromised Neighbor
IA-0004:
Secondary/Backup Communication Channel
IA-0005:
Rendezvous & Proximity Operations
IA-0006:
Compromise Hosted Payload
IA-0007:
Compromise Ground System
IA-0008:
Rogue External Entity
IA-0009:
Trusted Relationship
IA-0010:
Unauthorized Access During Safe-Mode
IA-0011:
Auxiliary Device Compromise
IA-0012:
Assembly, Test, and Launch Operation Compromise
IA-0013:
Compromise Host Spacecraft
EX-0001:
Replay
EX-0002:
Position, Navigation, and Timing (PNT) Geofencing
EX-0003:
Modify Authentication Process
EX-0004:
Compromise Boot Memory
EX-0005:
Exploit Hardware/Firmware Corruption
EX-0006:
Disable/Bypass Encryption
EX-0007:
Trigger Single Event Upset
EX-0008:
Time Synchronized Execution
EX-0009:
Exploit Code Flaws
EX-0010:
Malicious Code
EX-0011:
Exploit Reduced Protections During Safe-Mode
EX-0012:
Modify On-Board Values
EX-0013:
Flooding
EX-0014:
Spoofing
EX-0015:
Side-Channel Attack
EX-0016:
Jamming
EX-0017:
Kinetic Physical Attack
EX-0018:
Non-Kinetic Physical Attack
PER-0001:
Memory Compromise
PER-0002:
Backdoor
PER-0003:
Ground System Presence
PER-0004:
Replace Cryptographic Keys
DE-0001:
Disable Fault Management
DE-0003:
On-Board Values Obfuscation
DE-0004:
Masquerading
DE-0005:
Subvert Protections via Safe-Mode
DE-0007:
Evasion via Rootkit
DE-0008:
Evasion via Bootkit
DE-0009:
Camouflage, Concealment, and Decoys (CCD)
DE-0010:
Overflow Audit Log
DE-0012:
Component Collusion
LM-0001:
Hosted Payload
LM-0002:
Exploit Lack of Bus Segregation
LM-0003:
Constellation Hopping via Crosslink
LM-0004:
Visiting Vehicle Interface(s)
LM-0005:
Virtualization Escape
LM-0006:
Launch Vehicle Interface
LM-0007:
Credentialed Traversal
EXF-0001:
Replay
EXF-0002:
Side-Channel Exfiltration
EXF-0003:
Signal Interception
EXF-0004:
Out-of-Band Communications Link
EXF-0005:
Proximity Operations
EXF-0006:
Modify Communications Configuration
EXF-0007:
Compromised Ground System
EXF-0008:
Compromised Developer Site
EXF-0009:
Compromised Partner Site
EXF-0010:
Payload Communication Channel
Sub-Techniques
New Sub-Techniques
Modified Sub-Techniques
REC-0001.01:
Software Design
REC-0001.02:
Firmware
REC-0001.03:
Cryptographic Algorithms
REC-0001.04:
Data Bus
REC-0001.05:
Thermal Control System
REC-0001.06:
Maneuver & Control
REC-0001.07:
Payload
REC-0001.08:
Power
REC-0001.09:
Fault Management
REC-0002.01:
Identifiers
REC-0002.02:
Organization
REC-0002.03:
Operations
REC-0003.01:
Communications Equipment
REC-0003.02:
Commanding Details
REC-0003.03:
Mission-Specific Channel Scanning
REC-0003.04:
Valid Credentials
REC-0004.01:
Flight Termination
REC-0005.01:
Uplink Intercept Eavesdropping
REC-0005.02:
Downlink Intercept
REC-0005.03:
Proximity Operations
REC-0005.04:
Active Scanning (RF/Optical)
REC-0006.01:
Development Environment
REC-0006.02:
Security Testing Tools
REC-0008.01:
Hardware Recon
REC-0008.02:
Software Recon
REC-0008.03:
Known Vulnerabilities
REC-0008.04:
Business Relationships
RD-0001.01:
Ground Station Equipment
RD-0001.02:
Commercial Ground Station Services
RD-0001.03:
Spacecraft
RD-0001.04:
Launch Facility
RD-0002.01:
Mission-Operated Ground System
RD-0002.02:
3rd Party Ground System
RD-0002.03:
3rd-Party Spacecraft
RD-0003.01:
Exploit/Payload
RD-0003.02:
Cryptographic Keys
RD-0004.01:
Identify/Select Delivery Mechanism
RD-0004.02:
Upload Exploit/Payload
RD-0005.01:
Launch Services
RD-0005.02:
Non-Kinetic Physical ASAT
RD-0005.03:
Kinetic Physical ASAT
RD-0005.04:
Electronic ASAT
IA-0001.01:
Software Dependencies & Development Tools
IA-0001.02:
Software Supply Chain
IA-0001.03:
Hardware Supply Chain
IA-0004.01:
Ground Station
IA-0004.02:
Receiver
IA-0005.01:
Compromise Emanations
IA-0005.02:
Docked Vehicle / OSAM
IA-0005.03:
Proximity Grappling
IA-0007.01:
Compromise On-Orbit Update
IA-0007.02:
Malicious Commanding via Valid GS
IA-0008.01:
Rogue Ground Station
IA-0008.02:
Rogue Spacecraft
IA-0008.03:
ASAT/Counterspace Weapon
IA-0009.01:
Mission Collaborator (academia, international, etc.)
IA-0009.02:
Vendor
IA-0009.03:
User Segment
EX-0001.01:
Command Packets
EX-0001.02:
Bus Traffic Replay
EX-0005.01:
Design Flaws
EX-0005.02:
Malicious Use of Hardware Commands
EX-0008.01:
Absolute Time Sequences
EX-0008.02:
Relative Time Sequences
EX-0009.01:
Flight Software
EX-0009.02:
Operating System
EX-0009.03:
Known Vulnerability (COTS/FOSS)
EX-0010.01:
Ransomware
EX-0010.02:
Wiper Malware
EX-0010.03:
Rootkit
EX-0010.04:
Bootkit
EX-0012.01:
Registers
EX-0012.02:
Internal Routing Tables
EX-0012.03:
Memory Write/Loads
EX-0012.04:
App/Subscriber Tables
EX-0012.05:
Scheduling Algorithm
EX-0012.06:
Science/Payload Data
EX-0012.07:
Propulsion Subsystem
EX-0012.08:
Attitude Determination & Control Subsystem
EX-0012.09:
Electrical Power Subsystem
EX-0012.10:
Command & Data Handling Subsystem
EX-0012.11:
Watchdog Timer (WDT)
EX-0012.12:
System Clock
EX-0012.13:
Poison AI/ML Training Data
EX-0013.01:
Valid Commands
EX-0013.02:
Erroneous Input
EX-0014.01:
Time Spoof
EX-0014.02:
Bus Traffic Spoofing
EX-0014.03:
Sensor Data
EX-0014.04:
Position, Navigation, and Timing (PNT) Spoofing
EX-0014.05:
Ballistic Missile Spoof
EX-0016.01:
Uplink Jamming
EX-0016.03:
Position, Navigation, and Timing (PNT) Jamming
EX-0017.02:
Co-Orbital ASAT
EX-0018.01:
Electromagnetic Pulse (EMP)
PER-0002.01:
Hardware Backdoor
PER-0002.02:
Software Backdoor
DE-0002.01:
Inhibit Ground System Functionality
DE-0002.03:
Inhibit Spacecraft Functionality
DE-0003.01:
Vehicle Command Counter (VCC)
DE-0003.02:
Rejected Command Counter
DE-0003.03:
Command Receiver On/Off Mode
DE-0003.05:
Command Receiver Lock Modes
DE-0003.06:
Telemetry Downlink Modes
DE-0003.07:
Cryptographic Modes
DE-0003.08:
Received Commands
DE-0003.09:
System Clock for Evasion
DE-0003.11:
Watchdog Timer (WDT) for Evasion
DE-0003.12:
Poison AI/ML Training for Evasion
DE-0009.01:
Debris Field
DE-0009.02:
Space Weather
DE-0009.03:
Trigger Premature Intercept
DE-0009.04:
Targeted Deception of Onboard SSA/SDA Sensors
DE-0009.05:
Corruption or Overload of Ground-Based SDA Systems
LM-0006.01:
Rideshare Payload
EXF-0002.01:
Power Analysis Attacks
EXF-0002.02:
Electromagnetic Leakage Attacks
EXF-0002.04:
Timing Attacks
EXF-0003.01:
Uplink Exfiltration
EXF-0003.02:
Downlink Exfiltration
EXF-0006.01:
Software Defined Radio
EXF-0006.02:
Transponder
Countermeasures
New Countermeasures
Modified Countermeasures
×