Tactics
Techniques
Countermeasures
Countermeasures
Space Segment Control Tailoring
NIST References
ISO IEC 27001
NASA Best Practice Guide
D3FEND
Tactics
Technqiues
Artifacts
Resources
SPARTA User Guide
TTP Recommended Practices
General Information
FAQ
Working with SPARTA
Updates
SPARTA Versions
Contribute
Related Work
Indicators of Behavior
Spacecraft Functional Decomposition
Space System Cybersecurity Questionnaire
Defense-in-Depth Space Systems
Threat Levels
Threats
Risk Assessment
Cybersecurity Protections for
Spacecraft: A Threat Based
Approach (pdf)
Tools
Navigator
Countermeasure Mapper
Control Mapper
Spacecraft Mapper
JSON Creator
Notional Risk Scores
Attack Flow (
Code
|
Tool
)
Search
Spacecraft Mapper
show subsystems
hide subsystems
Choose All
Clear All
Export JSON
Export PNG
Export Excel
Spacecraft
Spacecraft Bus
Spacecraft Payload
Docking
Command and Data Handling (C&DH)
=
On-Board Computer (OBC)/Single-Board Computer (SBC)
=
Radiation Hardened OBC
=
Radiation Effects
Mission Critical Systems
Longevity of the Mission
Reliability and Redundancy
Cost Considerations
Flight Software (FSW)
Secure Over-the-Air (OTA) Update
Command Execution (CMD)
Telemetry (TLM)
Health Monitoring/Health and Safety
Fault Detection and Recovery/FMS
=
Sensor Data Analytics
Software Monitoring
Diagnostic Algorithms
Redundancy Analysis
Autonomous Recovery
Safe Mode
Event Logging
Data Transmission
Real-Time Monitoring
Intrusion Detection/Intrusion Prevention
Data Processing
Data Storage/Recorder
Autonomous Operations/Stored Commanding
Limit Files
Timekeeping
Communication Protocols
Operating System (OS)
=
CPU Allocation
Memory Allocation
Task Prioritization
Real-Time Constraints
Device Drivers
Input/Output Operations
Error Handling
Fault Tolerance
Access Control
Network Stack
Process Isolation
Privilege Management
Security Hardenings
Communication Equipment
=
Antennas
Modulators
Demodulators
Transmitters
Receivers
Optical
=
Laser Transmitters
Optical Receivers
Cryptography Module
=
Encryption
Authentication
Integrity Check
Secure Key Exchange/Key Management
Secure Boot and Firmware Verification
Data Security
Tamper Resistance
Flight Termination System (FTS)
Electrical Power System (EPS)
=
Solar Arrays
Radioisotope Power Systems (RPS)
Power Storage via Batteries
Power Storage via Capacitors
Power Conditioning Unit (PCU)
Power Distribution and Control Unit (PDCU)/Power Distribution Unit (PDU)
Pyrotechnic Devices
Voltage and Current Monitoring
Fault Detection and Recovery
Power Management Algorithms
Propulsion Subsystem (PS)
=
Electric Propulsion
=
Ionization Chamber
Accelerator Grids
Power Supply
Thruster
Magnets or Electric Field
Nuclear Propulsion
=
Nuclear Thermal Propulsion (NTP)
=
Nuclear Reactor
Heat Exchanger
Expansion Nozzle
Orbit Insertion
Trajectory Corrections
Attitude Control
Station Keeping
Deorbit and End-of-Mission Maneuvers
Orbit-Raising Maneuvers
Orbit-Lowering Maneuvers
Collision Avoidance Maneuvers
Spin Up/Spin Down Maneuvers
Communication Bus
=
Intrabus Communications
Interbus Communications
SpaceWire (Serial Bus)
MIL-STD-1553 (Serial Bus)
Controller Area Network (Serial Bus)
SpaceFibre (Serial Bus)
Ethernet (Network Protocol)
Time-Triggered Ethernet (TTEthernet)
Inter-Integrated Circuit (Serial Bus)
Serial Peripheral Interface (Serial Bus)
RS-422/RS-485 (Serial Bus)
Structures and Mechanisms (S&M) Subsystem
=
Structural Support/Frame and Skeleton
=
Struts and Supports
Bearings and Joints
Latches and Locking Mechanisms
Deployable Structures
=
Latch and Release Mechanisms
Spring Mechanisms
Shielding/Insulation
=
Thermal Blankets and Insulation
Whipple Shields
Multi-Layer Insulation (MLI)
Conductive Foils
Attitude Control and Pointing Structure/Hardware
=
Reaction Wheels
Momentum Wheels
Gimbal Mechanisms
Thermal Control Subsystem
=
Thermal Insulation/Multi-Layer Insulation (MLI)
Thermal Paintings/Coatings
Thermal Louvers
Radiators
Electric Heaters
Thermal Blankets
Thermal Shields
Thermal Sensors
Thermal Controllers
Attitude Determination and Control Subsystem
=
Position Determination
=
GPS Receivers
Navigation (Attitude Determination)
=
Attitude Sensors
=
Inertial Measurement Unit (IMU)
Sun Sensors
Star Trackers
Magnetometers
Horizon Sensors
Lasers
Optical (Cameras)
Actuators
=
Reaction Wheels
Thrusters
Magnetic Torquers
Timing (Timekeeping)
=
Atomic Clocks
Internal Clocks
ADCS Analysis
=
Control Algorithms
Sensor Fusion
Kalman Filtering
Power Distribution
Data Handling
Communication Equipment
Temperature Regulation
Mounting and Deployment
Commands and Instruction
Payload Telemetry, Tracking, and Command (TTC)
=
Telemetry
Transmission to Ground/Data Downlink
Positional Information
Receiving Commands
Autonomous Operations
Crosslinks
=
Radio Frequency (RF) Signals
Laser Beams
Docking Ports
Mechanical Alignment
Docking Mechanisms
Proximity Sensors
Guidance and Control
Automated and Manual Docking
Capture and Docking
Hard Docking
Controlled Interface
Soft Capture
Possible SPARTA TTPs
Reconnaissance
Resource Development
Initial Access
Execution
Persistence
Defense Evasion
Lateral Movement
Exfiltration
Impact
9 techniques
5 techniques
13 techniques
18 techniques
5 techniques
12 techniques
7 techniques
10 techniques
6 techniques
Gather Spacecraft Design Information
(9)
=
Software Design
Firmware
Cryptographic Algorithms
Data Bus
Thermal Control System
Maneuver & Control
Payload
Power
Fault Management
Gather Spacecraft Descriptors
(3)
=
Identifiers
Organization
Operations
Gather Spacecraft Communications Information
(4)
=
Communications Equipment
Commanding Details
Mission-Specific Channel Scanning
Valid Credentials
Gather Launch Information
(1)
=
Flight Termination
Eavesdropping
(4)
=
Uplink Intercept Eavesdropping
Downlink Intercept
Proximity Operations
Active Scanning (RF/Optical)
Gather FSW Development Information
(2)
=
Development Environment
Security Testing Tools
Monitor for Safe-Mode Indicators
(0)
Gather Supply Chain Information
(4)
=
Hardware Recon
Software Recon
Known Vulnerabilities
Business Relationships
Gather Mission Information
(0)
Acquire Infrastructure
(4)
=
Ground Station Equipment
Commercial Ground Station Services
Spacecraft
Launch Facility
Compromise Infrastructure
(3)
=
Mission-Operated Ground System
3rd Party Ground System
3rd-Party Spacecraft
Obtain Cyber Capabilities
(2)
=
Exploit/Payload
Cryptographic Keys
Stage Capabilities
(2)
=
Identify/Select Delivery Mechanism
Upload Exploit/Payload
Obtain Non-Cyber Capabilities
(4)
=
Launch Services
Non-Kinetic Physical ASAT
Kinetic Physical ASAT
Electronic ASAT
Compromise Supply Chain
(3)
=
Software Dependencies & Development Tools
Software Supply Chain
Hardware Supply Chain
Compromise Software Defined Radio
(0)
Crosslink via Compromised Neighbor
(0)
Secondary/Backup Communication Channel
(2)
=
Ground Station
Receiver
Rendezvous & Proximity Operations
(3)
=
Compromise Emanations
Docked Vehicle / OSAM
Proximity Grappling
Compromise Hosted Payload
(0)
Compromise Ground System
(2)
=
Compromise On-Orbit Update
Malicious Commanding via Valid GS
Rogue External Entity
(3)
=
Rogue Ground Station
Rogue Spacecraft
ASAT/Counterspace Weapon
Trusted Relationship
(3)
=
Mission Collaborator (academia, international, etc.)
Vendor
User Segment
Unauthorized Access During Safe-Mode
(0)
Auxiliary Device Compromise
(0)
Assembly, Test, and Launch Operation Compromise
(0)
Compromise Host Spacecraft
(0)
Replay
(2)
=
Command Packets
Bus Traffic Replay
Position, Navigation, and Timing (PNT) Geofencing
(0)
Modify Authentication Process
(0)
Compromise Boot Memory
(0)
Exploit Hardware/Firmware Corruption
(2)
=
Design Flaws
Malicious Use of Hardware Commands
Disable/Bypass Encryption
(0)
Trigger Single Event Upset
(0)
Time Synchronized Execution
(2)
=
Absolute Time Sequences
Relative Time Sequences
Exploit Code Flaws
(3)
=
Flight Software
Operating System
Known Vulnerability (COTS/FOSS)
Malicious Code
(4)
=
Ransomware
Wiper Malware
Rootkit
Bootkit
Exploit Reduced Protections During Safe-Mode
(0)
Modify On-Board Values
(13)
=
Registers
Internal Routing Tables
Memory Write/Loads
App/Subscriber Tables
Scheduling Algorithm
Science/Payload Data
Propulsion Subsystem
Attitude Determination & Control Subsystem
Electrical Power Subsystem
Command & Data Handling Subsystem
Watchdog Timer (WDT)
System Clock
Poison AI/ML Training Data
Flooding
(2)
=
Valid Commands
Erroneous Input
Spoofing
(5)
=
Time Spoof
Bus Traffic Spoofing
Sensor Data
Position, Navigation, and Timing (PNT) Spoofing
Ballistic Missile Spoof
Side-Channel Attack
(0)
Jamming
(3)
=
Uplink Jamming
Downlink Jamming
Position, Navigation, and Timing (PNT) Jamming
Kinetic Physical Attack
(2)
=
Direct Ascent ASAT
Co-Orbital ASAT
Non-Kinetic Physical Attack
(3)
=
Electromagnetic Pulse (EMP)
High-Powered Laser
High-Powered Microwave
Memory Compromise
(0)
Backdoor
(2)
=
Hardware Backdoor
Software Backdoor
Ground System Presence
(0)
Replace Cryptographic Keys
(0)
Credentialed Persistence
(0)
Disable Fault Management
(0)
Disrupt or Deceive Downlink
(3)
=
Inhibit Ground System Functionality
Jam Link Signal
Inhibit Spacecraft Functionality
On-Board Values Obfuscation
(12)
=
Vehicle Command Counter (VCC)
Rejected Command Counter
Command Receiver On/Off Mode
Command Receivers Received Signal Strength
Command Receiver Lock Modes
Telemetry Downlink Modes
Cryptographic Modes
Received Commands
System Clock for Evasion
GPS Ephemeris
Watchdog Timer (WDT) for Evasion
Poison AI/ML Training for Evasion
Masquerading
(0)
Subvert Protections via Safe-Mode
(0)
Modify Whitelist
(0)
Evasion via Rootkit
(0)
Evasion via Bootkit
(0)
Camouflage, Concealment, and Decoys (CCD)
(5)
=
Debris Field
Space Weather
Trigger Premature Intercept
Targeted Deception of Onboard SSA/SDA Sensors
Corruption or Overload of Ground-Based SDA Systems
Overflow Audit Log
(0)
Credentialed Evasion
(0)
Component Collusion
(0)
Hosted Payload
(0)
Exploit Lack of Bus Segregation
(0)
Constellation Hopping via Crosslink
(0)
Visiting Vehicle Interface(s)
(0)
Virtualization Escape
(0)
Launch Vehicle Interface
(1)
=
Rideshare Payload
Credentialed Traversal
(0)
Replay
(0)
Side-Channel Exfiltration
(5)
=
Power Analysis Attacks
Electromagnetic Leakage Attacks
Traffic Analysis Attacks
Timing Attacks
Thermal Imaging attacks
Signal Interception
(2)
=
Uplink Exfiltration
Downlink Exfiltration
Out-of-Band Communications Link
(0)
Proximity Operations
(0)
Modify Communications Configuration
(2)
=
Software Defined Radio
Transponder
Compromised Ground System
(0)
Compromised Developer Site
(0)
Compromised Partner Site
(0)
Payload Communication Channel
(0)
Deception (or Misdirection)
(0)
Disruption
(0)
Denial
(0)
Degradation
(0)
Destruction
(0)
Theft
(0)
Potential Countermeasures to Apply to Subsystem(s)
Data
Spacecraft Software
Single Board Computer
IDS/IPS
Cryptography
Comms Link
Ground
Prevention
TEMPEST
Shared Resource Leakage
Machine Learning Data Integrity
On-board Message Encryption
Development Environment Security
Software Version Numbers
Update Software
Vulnerability Scanning
Software Bill of Materials
Dependency Confusion
Software Source Control
CWE List
Coding Standard
Dynamic Testing
Static Analysis
Software Digital Signature
Configuration Management
Session Termination
Least Privilege
Long Duration Testing
Operating System Security
Secure Command Mode(s)
Dummy Process - Aggregator Node
Process White Listing
Secure boot
Disable Physical Ports
Segmentation
Backdoor Commands
Error Detection and Correcting Memory
Resilient Position, Navigation, and Timing
Tamper Resistant Body
Power Randomization
Power Consumption Obfuscation
Secret Shares
Power Masking
Increase Clock Cycles/Timing
Dual Layer Protection
OSAM Dual Authorization
Communication Physical Medium
Protocol Update / Refactoring
Cloaking Safe-mode
On-board Intrusion Detection & Prevention
Robust Fault Management
Cyber-safe Mode
Fault Injection Redundancy
Model-based System Verification
Smart Contracts
Reinforcement Learning
COMSEC
Crypto Key Management
Authentication
Relay Protection
Traffic Flow Analysis Defense
TRANSEC
Ground-based Countermeasures
Monitor Critical Telemetry Points
Protect Authenticators
Physical Security Controls
Data Backup
Alternate Communications Paths
Protect Sensitive Information
Security Testing Results
Threat Intelligence Program
Threat modeling
Criticality Analysis
Anti-counterfeit Hardware
Supplier Review
Original Component Manufacturer
ASIC/FPGA Manufacturing
Tamper Protection
User Training
Insider Threat Protection
Two-Person Rule
Distributed Constellations
Proliferated Constellations
Diversified Architectures
Space Domain Awareness
Space-Based Radio Frequency Mapping
Maneuverability
Stealth Technology
Defensive Jamming and Spoofing
Deception and Decoys
Antenna Nulling and Adaptive Filtering
Physical Seizure
Electromagnetic Shielding
Filtering and Shuttering
Defensive Dazzling/Blinding
Organizational Policy
Assessment & Authorization
Continuous Monitoring
×