Cyber-Securing Australia's Space Infrastructure: An Assessment of the Policy and Legal Frameworks

Vinicius Guedes Goncalves de Oliveira, Clémence Poirier, Marco Aliberti, Rodrigo Praino, Daniel Floreani

Research output: Contribution to conferenceAbstractpeer-review

Abstract

As space assets continue to move towards the integration of more advanced information technologies the entry points for cyber-attacks are inevitably bound to increase. Similarly, the globalization of the space supply chain, the proliferation of small satellites using COTS components and the possibility to operate space mission payloads across networks through public internet connectivity substantially increase the vulnerability of space systems to cyber-attacks. In the emergent Australia's space sector, these risks are exacerbated by the fact that the cybersecurity of the space infrastructure is scantly addressed at the operational and policy levels. Despite the rising efforts of the Australian Cyber Security Centre within the Signal Directorate and the Attorney-General's Department, numerous technology and policy gaps remain, including those regarding the definition of roles and responsibilities of the different stakeholders in case of cyber-attacks and those pertaining to policy guidance for R&D and procurement activities by public bodies. 

Building on an ongoing research project conducted by Flinders University in cooperation with CyberOps, this paper aims to contribute to bridging these gaps by identifying cyber threats that exist within the Australian space market today and assessing the policy and legal protection (or lack thereof) available to satellite operators in case of cyber-attack with a view to underpin the case for the creation of a dedicated framework providing Australia space industry and public institutions with strategic and operational cyber security guidance. Towards this, the paper will first identify a representative set of cyber threats that Australia's space missions can be subject to throughout their lifecycle, from the manufacturing of satellite systems to their exploitation, passing through their launch and operations. The exercise will in turn enable the identification and assessment of vulnerabilities of the different space systems as well as the identification and assessment of risks associated with the identified vulnerabilities. Subsequently, the paper will complement the threat analysis with an investigation of the policy and legal frameworks that surround threat vectors. The project will also examine the extant roles and responsibilities of different stakeholders in response to different types of incidents affecting the space infrastructure's cybersecurity and the applicable legal framework. Based on the findings of this assessment, the paper will eventually provide considerations for the development of a Space Cyber Framework specifically designed and tailored for use by the nascent Australian satellite industry. The value-adding nature of this paper is that it will provide Australia's space companies and public stakeholders with actionable inputs to tackle the cybersecurity threats associated with space operations.

Original languageEnglish
Number of pages2
Publication statusPublished - 2022
Event73rd International Astronautical Congress 2022 - Paris, France
Duration: 18 Sept 202222 Sept 2022

Conference

Conference73rd International Astronautical Congress 2022
Abbreviated titleIAC Paris 2022
Country/TerritoryFrance
CityParis
Period18/09/2222/09/22

Bibliographical note

Session IAC-22.E9.2.1, Sunday, September 18, 2022

Keywords

  • Australia
  • cyber resilience
  • cybersecurity
  • space cyber policy
  • space infrastructure

Fingerprint

Dive into the research topics of 'Cyber-Securing Australia's Space Infrastructure: An Assessment of the Policy and Legal Frameworks'. Together they form a unique fingerprint.

Cite this