Minimized sharing reduces covert-channel risk. Design payload processors, flight computers, and encryption modules to exchange data only through narrow, well-audited paths. For example, dedicate a single-purpose serial link for key uploads instead of multiplexing that traffic over the main telemetry bus. When physical separation is impossible, authenticated messages and strict time-division schedules should be applied so one function cannot monopolize bandwidth or eavesdrop on another.
The [spacecraft] shall ensure that processes reusing a shared system resource (e.g., registers, main memory, secondary storage) do not have access to information (including encrypted representations of information) previously stored in that resource during a prior use by a process after formal release of that resource back to the system or reuse.{SV-AC-6}{AC-3,PM-32,SA-8(2),SA-8(5),SA-8(6),SA-8(19),SC-4,SI-3}