Forgot your password?
typodupeerror
Government Networking Space NASA Security The Military Science Technology

Air Force Looking To Beef Up Spacecraft Network Security 31

Posted by Soulskill
from the phishing-the-space-station dept.
coondoggie writes "How is spacecraft development — from the space parts supply chain to actual space operations — protected from those who would try to penetrate or disrupt the networks involved in that process? The U.S. Air Force Research Laboratory (AFRL) has put out a call for research to understand that security scenario. They say, 'we are much less concerned about information on the broader themes of cyber-security but rather those that pertain to the mission of the spacecraft, the spacecraft as a platform, the systems that constitute the spacecraft, the computers and their software, the busses and networks within, and the elements that interface to the spacecraft.'"
This discussion has been archived. No new comments can be posted.

Air Force Looking To Beef Up Spacecraft Network Security

Comments Filter:
  • by Anonymous Coward on Wednesday March 27, 2013 @06:38PM (#43297605)

    If you cannot control every single aspect of the spacecraft platform they had better just plan around having been compromised already.

  • 1st step (Score:4, Insightful)

    by Nidi62 (1525137) on Wednesday March 27, 2013 @06:58PM (#43297771)
    Don't buy from China, develop and manufacture domestically instead?
    • Re:1st step (Score:4, Insightful)

      by AHuxley (892839) on Wednesday March 27, 2013 @08:35PM (#43298515) Homepage Journal
      That worked well in the Cold War. The NSA, GCHQ produced as needed via a short list of trusted front companies or their own domestic "world leaders".
      This was all good and neat - until the end of the cold war and start of the public war on terror.
      US air and space needs where also well served and lots of cash flowed into domestic producers. Add in the export market to 2nd/3rd world friends and NATO - US profits where good
      The US was still spending but how could your average multi national get limited US spending without a made in the USA/secure/political link to the needed paper work?
      Find a US state in need, local political leaders in need and a small trusted firm in need with all the local security issues filled in and buy in.
      Pump out a lot of paper work at the US gov for any local mil bidding - as a multi national you have the skills - but to the US tax payer your a small 100% US firm getting 'domestic' support in very hard times.
      Now some smart group at the Air Force has finally tracked the huge supply lines - secure US hardware needs are been contracted around the world like car parts.
      So can a gov in South Korea, Brazil, France, Gemany, Spain, the UK, Japan ... work out what the US is doing by watching their top tech exports?
      What the USA do with 99% of an advanced drone/sat/space 'thing' while waiting for news about riots/looting/flooding/banking issues at some distant industrial estate?
      So the US can hope the software is safe at local producers but how much of the "spacecraft as a platform" is now arriving in the US as a box, getting unpacked and been repacked as 100% made in the USA? Joined with a few other imported products and having software loaded might just pass "Made in the USA" laws on a fancy new box to be shipped to a US base/fort/camp?
  • by code_monkey_steve (651206) on Wednesday March 27, 2013 @07:23PM (#43297947)
    Did somebody just now get around to watching Independence Day?
  • The Cylons will get in and control all the systems right away if they are networked!

    The NASA guys must be mad if they are even thinking about it.

  • by mlts (1038732) * on Wednesday March 27, 2013 @07:43PM (#43298117)

    I don't know what rad-hardened storage is out there that can be used, but if security is critical, there is always the good old fashioned one time pad.

    OTPs could be consumed directly for maximum security commands, or used as a way to encrypt a Diffie-Hellman session key generation for stuff that needs less security. The session key can be used without drawing down the random number pool.

    Of course the ultimate downside of OTPs are that when the number pool is exhausted, you are fscked, so trying to use the pool as little as possible is important.

    • by lgw (121541)

      I was very impressed by the security design for the Range Safety Device on the shuttle (the button that makes the shuttle blow up). In addition to the crypto involved, there's a mechanical lock that prevents the RSD from triggering until very close to launch:

      * In order for the RSD to fire, an electrical signal is sent from the computer that authenticates the request to the actual detonation system.
      * The signal path is only closed when a mechanical arm swings into place.
      * The arm is swung into place right b

    • If it were possible, I'd moderate you -5 "completely misses the point'.

  • by Type44Q (1233630)

    How is spacecraft development â" from the space parts supply chain to actual space operations â" protected from those who would try to penetrate or disrupt the networks involved in that process?

    Well, I'd start by asking Gary McKinnon... :p

    • by slick7 (1703596)

      How is spacecraft development â" from the space parts supply chain to actual space operations â" protected from those who would try to penetrate or disrupt the networks involved in that process?

      Well, I'd start by asking Gary McKinnon... :p

      Let's ask Aaron Swartz, oh, wait.
      How about Kevin Mitnick, oh, wait.

  • Mars, Bitches! (Score:4, Insightful)

    by PopeRatzo (965947) on Wednesday March 27, 2013 @07:56PM (#43298227) Homepage Journal

    Somebody's looking for a big bump in military spending, I think.

    I wonder how high the percentage of Air Force brass that end up working as "consultants" in the defense industry to supplement their pensions from Uncle Sam? I wonder what they're expected to "deliver" to their new employees for those fat consultancy contracts?

  • From 2011: http://it.slashdot.org/comments.pl?sid=2368162&threshold=0&commentsort=0&mode=thread&cid=37016386 [slashdot.org]
    "Twirlip: Towards a 21st Century Worldwide Public Intelligence Desktop Platform for Collaborative Sensemaking, Analysis, Risk Assessment, and Horizon Scanning"

    Around them, I also put together another proposal to collect and organize stories about security issues as a modernized "Risks Digest" using software like my wife desiged my wife wrote called "Rakontu":
    http://www.rakontu.org/ [rakontu.org]

    Anot

  • If the enemy does not know the prefix command code of our spacecraft, then they cannot remotely command it to lower its shields.

  • Unlike other cyberattacks, that one probably needs the attacker to show up. You need a good antenna, which I suspect is visible from spy satellites. If attack can be attributed reliably, then ballistic defense is possible.
  • Don't you need a spacecraft....before you can even consider how to secure its communications?

Whenever a system becomes completely defined, some damn fool discovers something which either abolishes the system or expands it beyond recognition.

Working...