Tactics
Techniques
Countermeasures
Countermeasures
NIST References
ISO IEC 27001
D3FEND
Tactics
Technqiues
Artifacts
Resources
General Information
Getting Started
FAQ
Working with SPARTA
Updates
SPARTA Versions
Contribute
Related Work
Defense-in-Depth Space Systems
Threat Levels
Threats
Risk Assessment
Cybersecurity Protections for
Spacecraft: A Threat Based
Approach (pdf)
Search
Updates
v2.0
v1.3.1.1
v1.3
v1.5
v1.2
v1.4
v1.3.1
v1.6
v1.0
v1.1
v1.5.1
v1.3.2
Home
Resources
Updates
v1.2
Update - v1.2
Start Date
End Date
December 08 2022
April 22 2023
Below highlights the changes to the website, techniques, sub-techniques, and/or countermeasures.
Website Updates
Added
Working with SPARTA
page where there is a
STIX2 JSON
file download as well as Excel export capability
Added
General Information
page
Techniques
New Techniques
DE-0007:
Rootkit
DE-0008:
Bootkit
LM-0005:
Virtualization Escape
EXF-0010:
Payload Communication Channel
Modified Techniques
REC-0001:
Gather Spacecraft Design Information
REC-0002:
Gather Spacecraft Descriptors
REC-0003:
Gather Spacecraft Communications Information
REC-0005:
Eavesdropping
REC-0006:
Gather FSW Development Information
REC-0007:
Monitor for Safe-Mode Indicators
REC-0008:
Gather Supply Chain Information
RD-0001:
Acquire Infrastructure
IA-0003:
Crosslink via Compromised Neighbor
IA-0004:
Secondary/Backup Communication Channel
IA-0005:
Rendezvous & Proximity Operations
IA-0006:
Compromise Hosted Payload
IA-0007:
Compromise Ground System
IA-0008:
Rogue External Entity
IA-0010:
Exploit Reduced Protections During Safe-Mode
EX-0003:
Modify Authentication Process
EX-0004:
Compromise Boot Memory
EX-0006:
Disable/Bypass Encryption
EX-0007:
Trigger Single Event Upset
EX-0009:
Exploit Code Flaws
EX-0010:
Inject Malicious Code
EX-0011:
Exploit Reduced Protections During Safe-Mode
EX-0012:
Modify On-Board Values
EX-0013:
Flooding
EX-0014:
Spoofing
EX-0015:
Side-Channel Attack
PER-0001:
Memory Compromise
PER-0002:
Backdoor
PER-0003:
Ground System Presence
PER-0004:
Replace Cryptographic Keys
DE-0001:
Disable Fault Management
DE-0002:
Prevent Downlink
DE-0003:
Modify On-Board Values
DE-0004:
Masquerading
DE-0005:
Exploit Reduced Protections During Safe-Mode
LM-0001:
Hosted Payload
LM-0002:
Exploit Lack of Bus Segregation
LM-0003:
Constellation Hopping via Crosslink
LM-0004:
Visiting Vehicle Interface(s)
EXF-0001:
Replay
EXF-0002:
Side-Channel Attack
EXF-0003:
Eavesdropping
EXF-0004:
Out-of-Band Communications Link
EXF-0005:
Proximity Operations
EXF-0006:
Modify Communications Configuration
EXF-0007:
Compromised Ground System
EXF-0008:
Compromised Developer Site
EXF-0009:
Compromised Partner Site
IMP-0001:
Deception (or Misdirection)
IMP-0002:
Disruption
IMP-0003:
Denial
IMP-0004:
Degradation
IMP-0005:
Destruction
IMP-0006:
Theft
Sub-Techniques
New Sub-Techniques
REC-0003.03:
Mission-Specific Channel Scanning
REC-0005.04:
Active Scanning (RF/Optical)
REC-0008.04:
Business Relationships
EX-0013.03:
Position, Navigation, and Timing (PNT)
EX-0014.04:
Position, Navigation, and Timing (PNT)
EXF-0006.01:
Software Defined Radio
EXF-0006.02:
Transponder
Modified Sub-Techniques
REC-0001.01:
Software
REC-0001.02:
Firmware
REC-0001.03:
Cryptographic Algorithms
REC-0001.04:
Data Bus
REC-0001.05:
Thermal Control System
REC-0001.06:
Maneuver & Control
REC-0001.07:
Payload
REC-0001.08:
Power
REC-0001.09:
Fault Management
REC-0002.01:
Identifiers
REC-0002.02:
Organization
REC-0002.03:
Operations
REC-0003.01:
Communications Equipment
REC-0003.02:
Commanding Details
REC-0005.01:
Uplink Intercept
REC-0005.02:
Downlink Intercept
REC-0005.03:
Proximity Operations
REC-0006.01:
Development Environment
REC-0006.02:
Security Testing Tools
REC-0008.01:
Hardware
REC-0008.03:
Known Vulnerabilities
RD-0001.01:
Ground Station Equipment
RD-0001.03:
Spacecraft
RD-0002.01:
Mission-Operated Ground System
RD-0002.02:
3rd Party Ground System
RD-0002.03:
3rd-Party Spacecraft
RD-0003.01:
Exploit/Payload
RD-0003.02:
Cryptographic Keys
RD-0004.01:
Identify/Select Delivery Mechanism
RD-0004.02:
Upload Exploit/Payload
IA-0001.01:
Software Dependencies & Development Tools
IA-0001.02:
Software Supply Chain
IA-0001.03:
Hardware Supply Chain
IA-0004.01:
Ground Station
IA-0005.01:
Compromise Emanations
IA-0005.02:
Docked Vehicle / OSAM
IA-0005.03:
Proximity Grappling
IA-0007.01:
Compromise On-Orbit Update
IA-0007.02:
Malicious Commanding via Valid GS
IA-0008.01:
Rogue Ground Station
IA-0008.02:
Rogue Spacecraft
IA-0009.01:
Mission Collaborator (academia, international, etc.)
EX-0001.01:
Command Packets
EX-0001.02:
Bus Traffic
EX-0005.02:
Malicious Use of Hardware Commands
EX-0009.01:
Flight Software
EX-0009.02:
Operating System
EX-0009.03:
Known Vulnerability (COTS/FOSS)
EX-0012.01:
Registers
EX-0012.03:
Memory Write/Loads
EX-0012.05:
Scheduling Algorithm
EX-0012.06:
Science/Payload Data
EX-0012.07:
Propulsion Subsystem
EX-0012.08:
Attitude Determination & Control Subsystem
EX-0012.09:
Electrical Power Subsystem
EX-0012.10:
Command & Data Handling Subsystem
EX-0013.01:
Valid Commands
EX-0013.02:
Erroneous Input
EX-0014.01:
Time Spoof
EX-0014.02:
Bus Traffic
PER-0002.01:
Hardware
PER-0002.02:
Software
DE-0002.01:
Inhibit Ground System Functionality
DE-0002.02:
Jam Link Signal
DE-0002.03:
Inhibit Spacecraft Functionality
DE-0003.01:
Vehicle Command Counter (VCC)
DE-0003.02:
Rejected Command Counter
DE-0003.03:
Command Receiver On/Off Mode
DE-0003.04:
Command Receivers Received Signal Strength
DE-0003.05:
Command Receiver Lock Modes
DE-0003.06:
Telemetry Downlink Modes
DE-0003.07:
Cryptographic Modes
DE-0003.08:
Received Commands
DE-0003.09:
System Clock
DE-0003.10:
GPS Ephemeris
DE-0003.11:
Watchdog Timer (WDT)
EXF-0002.02:
Electromagnetic Leakage Attacks
EXF-0002.03:
Traffic Analysis Attacks
EXF-0003.01:
Uplink Intercept
EXF-0003.02:
Downlink Intercept
Countermeasures
New Countermeasures
CM0073:
Traffic Flow Analysis Defense
CM0071:
Communication Physical Medium
CM0072:
Protocol Update / Refactoring
Modified Countermeasures
CM0000:
Countermeasure Not Identified
CM0001:
Protect Sensitive Information
CM0008:
Security Testing Results
CM0009:
Threat Intelligence Program
CM0020:
Threat modeling
CM0022:
Criticality Analysis
CM0024:
Anti-counterfeit Hardware
CM0025:
Supplier Review
CM0026:
Original Component Manufacturer
CM0027:
ASIC/FPGA Manufacturing
CM0028:
Tamper Protection
CM0041:
User Training
CM0052:
Insider Threat Protection
CM0054:
Two-Person Rule
CM0002:
COMSEC
CM0030:
Crypto Key Management
CM0031:
Authentication
CM0033:
Relay Protection
CM0003:
TEMPEST
CM0040:
Shared Resource Leakage
CM0049:
Machine Learning Data Integrity
CM0050:
On-board Message Encryption
CM0004:
Development Environment Security
CM0007:
Software Version Numbers
CM0010:
Update Software
CM0011:
Vulnerability Scanning
CM0012:
Software Bill of Materials
CM0013:
Dependency Confusion
CM0015:
Software Source Control
CM0016:
CWE List
CM0017:
Coding Standard
CM0018:
Dynamic Analysis
CM0019:
Static Analysis
CM0021:
Software Digital Signature
CM0023:
Configuration Management
CM0036:
Session Termination
CM0039:
Least Privilege
CM0046:
Long Duration Testing
CM0047:
Operating System Security
CM0055:
Secure Command Mode(s)
CM0062:
Dummy Process - Aggregator Node
CM0069:
Process White Listing
CM0005:
Ground-based Countermeasures
CM0034:
Monitor Critical Telemetry Points
CM0035:
Protect Authenticators
CM0053:
Physical Security Controls
CM0056:
Data Backup
CM0070:
Alternate Communications Paths
CM0006:
Cloaking Safe-mode
CM0032:
On-board Intrusion Detection & Prevention
CM0042:
Robust Fault Management
CM0044:
Cyber-safe Mode
CM0051:
Fault Injection Redundancy
CM0066:
Model-based System Verification
CM0067:
Smart Contracts
CM0068:
Reinforcement Learning
CM0014:
Secure boot
CM0037:
Disable Physical Ports
CM0038:
Segmentation
CM0043:
Backdoor Commands
CM0045:
Error Detection and Correcting Memory
CM0048:
Resilient Position, Navigation, and Timing
CM0057:
Tamper Resistant Body
CM0058:
Power Randomization
CM0059:
Power Consumption Obfuscation
CM0060:
Secret Shares
CM0061:
Power Masking
CM0063:
Increase Clock Cycles/Timing
CM0064:
Dual Layer Protection
CM0065:
OSAM Dual Authorization
CM0029:
TRANSEC
×
load more results