Cybersecurity matrices have become an industry standard approach for providing a knowledge base of adversary behaviors and serve as a taxonomy for adversarial actions across the attack lifecycle. The Aerospace Corporation created the Space Attack Research and Tactic Analysis (SPARTA) matrix to address the information and communication barriers that hinder the identification and sharing of space-cyber Tactic, Techniques, and Procedures (TTP). The MITRE ATT&CK Getting Started page provides relevant information on the value of using cybersecurity matrices and breaking down the TTPs using this method. Since SPARTA is building off of the industry standard approach laid out by ATT&CK, it is recommended to review the basics of how these frameworks work by reviewing the MITRE ATT&CK Getting Started
For SPARTA specific information, please review the following articles
Due to information and communication barriers that hinder the identification and sharing of space-cyber Tactic, Techniques, and Procedures (TTPs), the Aerospace Corporation created the SPARTA matrix. SPARTA is intended to provide unclassified information to space professionals about how spacecrafts may be compromised via cyber means, and it defines and categorizes commonly identified activities that contribute to spacecraft compromises. TTP matrices are becoming standard across the cybersecurity community as they enable a visual way to organize TTPs and document attack chains.
SPARTA attempts to aggregate unclassified research from academia, Federally Funded Research and Development Centers, and space cyber professionals into a single pane of glass to better educate the space community on TTPs while also identifying countermeasures within SPARTA. SPARTA’s goal is to raise the bar on space-cyber common knowledge across the community so that space systems are engineered with defense-in-depth principles. SPARTA is cross referenced to cybersecurity best practices like NIST SP 800-53, MITRE ATT&CK where applicable, as well as previously published spacecraft cyber protections within TOR 2021-01333 REV A. This correlation provides further justification for adherence to these best practices as it enables a more threat-informed design process.
Contribute to SPARTA: We rely on the community to help us improve SPARTA. If you want to contribute, here’s how to contribute.