Building a launchpad for satellite cyber-security research: lessons from 60 years of spaceflight

As the space industry approaches a period of rapid change, securing both emerging and legacy satellite missions will become vital. However, space technology has been largely overlooked by the systems security community. This survey seeks to understand why this is the case and to offer a starting point for technical security researchers seeking impactful contributions beyond the Earth's mesosphere. The paper begins with a cross-disciplinary synthesis of relevant threat models from a diverse array of fields, ranging from legal and policy studies to aerospace engineering. This is presented as a "threat matrix toolbox," which security researchers may leverage to motivate technical research into given attack vectors and defenses. We derive this model from an original chronology of > 100 significant satellite hacking incidents spanning the previous 60 years. Together, these are used to assess the state-of-the-art in satellite security across four sub-domains: satellite radio-link security, space hardware security, ground station security, and operational/mission security. In each area, we note significant findings and unresolved questions which the systems security community is aptly poised to tackle. By consolidating this research, we present the case that satellite systems security researchers can build on strong, but disparate, academic foundations and rise to meet an urgent need for future space missions.