Ensuring sufficient breadth and depth of vulnerability monitoring and scanning requires a layered approach beyond “checklist” exercises. At the broadest level, baseline scans look for known issues across onboard firmware, ground-station software, and supporting networks. In parallel, deeper, more specialized scans target mission-critical components such as flight software modules, cryptographic key-management subsystems, or cross-platform data links. High-fidelity testing environments—often simulators or hardware-in-the-loop setups—allow for advanced scanning that can reveal latent vulnerabilities. Balancing these efforts with real-world constraints (like limited bandwidth or communication windows) is key. Adopting a varied scanning regimen—coupled with rigorous post-scan analyses—helps ensure that emergent or stealthy threats do not slip through the cracks, thus reinforcing overall mission assurance from pre-launch testing to decommissioning.
The [organization] shall verify that the scope of security testing/evaluation provides complete coverage of required security controls (to include abuse cases and penetration testing) at the depth of testing defined in the test documents.{SV-SP-1,SV-SP-2,SV-SP-3,SV-SP-6,SV-SP-7,SV-SP-9,SV-SP-11}{CA-2,CA-8,RA-5(3),SA-11(5),SA-11(7)}
* The frequency of testing should be driven by Program completion events and updates.
* Examples of approaches are static analyses, dynamic analyses, binary analysis, or a hybrid of the three approaches
The [organization] shall ensure that the vulnerability scanning tools (e.g., static analysis and/or component analysis tools) used include the capability to readily update the list of potential information system vulnerabilities to be scanned.{SV-SP-1,SV-SP-2,SV-SP-3,SV-SP-6,SV-SP-7,SV-SP-9,SV-SP-11}{RA-5,RA-5(1),RA-5(3),SI-3}
The [organization] shall ensure that vulnerability scanning tools and techniques are employed that facilitate interoperability among tools and automate parts of the vulnerability management process by using standards for: (1) Enumerating platforms, custom software flaws, and improper configurations; (2) Formatting checklists and test procedures; and (3) Measuring vulnerability impact.{SV-SP-1,SV-SP-2,SV-SP-3,SV-SP-6,SV-SP-7,SV-SP-9,SV-SP-11}{RA-5,RA-5(3),SI-3}
Component/Origin scanning looks for open-source libraries/software that may be included into the baseline and looks for known vulnerabilities and open-source license violations.