Leaf Space, a company that provides ground segment services for smallsats, has signed an MoU consolidating a partnership agreement with CYSEC, a Swiss cybersecurity company, to offer end-to-end cyber security protection for satellite communications (SATCOM).
Smallsats with a size ranging from a shoebox to the size of a washing machine are revolutionizing the space industry by combining excellent capabilities with lower development costs and a shorter time-to-market, making them attractive for a whole new range of services relying on data collected in space.
Cybersecurity has not been, historically, a priority for space engineers, with the focus being on maximizing the available mass on board rather than adding extra security features. That situation is changing as smallsats are quite capable in collecting sensitive and valuable data, raising numerous questions on the resilience of the ground and space infrastructure against cyber attacks.
CYSEC is a cybersecurity company with a mission to offer smallsat operators the first off-the-shelf solutions protecting their infrastructure and data against cyber risks. Initially supported by the ESA Business Incubation program to research the gap in the market and develop dedicated solutions, CYSEC is now releasing a full product portfolio for both the ground and space segments providing end-to-end cyber security protection for satellite communications.
As a ground segment as-a-service relying on a growing critical infrastructure with ground stations distributed all over the globe, Leaf Space is well-positioned to understand the cybersecurity challenges faced by smallsat operators.
Due to the complexity of satellite architectures, there are many possible entry points for a hacker from which to eavesdrop, tamper with information, cause a service interruption or, even worse, take control of satellites.
ARCA, CYSEC’s flagship product, consists of a secured backend infrastructure that can run critical software and store sensitive data. Its main advantage is the simplicity of its integration as it is compatible with modern virtualization tools that software developers use today such as Docker, Kubernetes, VMWare, etc while using state-of-the-art certified hardware. The collaboration between CYSEC and Leaf Space offers an end-to-end protection covering the ground station network and the mission control software on the ground hosted by the satellite operator.
The partners will extend their collaboration by offering smallsat operators and manufacturers the possibility of adding a dedicated root of trust on board the satellites. The companies are in advanced discussions with several operators to implement a common security architecture on the ground that combines the Leaf Space network of ground stations with the mission control software in ARCA.
Jonata Puglia, CEO of Leaf Space, said, “Cybersecurity is now a major concern for certain Newspace actors and will become always more relevant in the near future in our industry. As a provider of ground infrastructure we want our customers to benefit from the best level of protection available today. CYSEC is the first to propose pragmatic solutions to this issue. ”
A few simple steps can efficiently discourage criminals, as Mathieu Bailly, VP Space at CYSEC explained, “Our goal is to offer operators accessible tools that show the best compromise between the level of protection and the impact on the satellite design and operations. With the help of Leaf Space, we can now easily secure all ground operations using our ARCA platform. In addition to the ground segment, we want to stress the importance of having a root of trust on board the satellite to prevent any attack prior to launch. We designed our ARCASpace product line to secure the minimum amount of information required to trust all operations performed on board.”
Giovanni Pandolfi, Leaf Space CTO, added, “ARCA truly makes cyber security finally accessible for smallsat operators without even having to change their current habits. Combining the Leaf Space network engine with the mission control software in the ARCA trusted execution environment is a game-changer in terms of cyber resilience.”
Alexandre Karlov, CYSEC CTO, noted, “We understood very quickly that in the smallsat market there is no cybersecurity culture yet. In particular about the generation, storage, management and handling of the cryptographic secrets that will be used on board the satellite during the mission, for example to encrypt the payload data collected in space. If these secrets are compromised then the entire mission is at risk.”