SCOR SPACE-SHIELD Mitigations
ESA SPACE-SHIELD Mitigations adapted to the SCOR namespace for operational and technical countermeasures.
Authors
| Authors and/or Contributors |
|---|
| H4CK32N4U75® |
Access control
Authenticate users and enforce authorization to prevent unauthorized access, configuration changes, or spacecraft takeover.
Internal MISP references
UUID 8d56dac0-e53f-4737-905c-c40592d2f5f9 which can be used as unique global reference for Access control in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2022 |
Accountability of actions
Ensure every access or action is attributable to a user or entity for traceability and forensic analysis.
Internal MISP references
UUID fba019b3-7eab-4e8c-a9f8-d9fd192b3ede which can be used as unique global reference for Accountability of actions in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2026 |
Anti-replay protection mechanisms
Use sequence numbers, timestamps, or message identifiers to prevent adversaries from replaying commands.
Internal MISP references
UUID 52069af7-e025-4507-8bb8-90f5726f3dfc which can be used as unique global reference for Anti-replay protection mechanisms in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2046 |
Authenticated encryption
Ensure confidentiality and authenticity of telemetry and telecommand data with authenticated encryption.
Internal MISP references
UUID fb792a62-18f6-4ffc-9d51-2e8ee03b92e0 which can be used as unique global reference for Authenticated encryption in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2068 |
Authentication
Verify actor identity and protect commands/messages from spoofing or tampering.
Internal MISP references
UUID 0d3cab87-b269-4b17-b998-8e603c51b75a which can be used as unique global reference for Authentication in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2002 |
Authorization
Protect functionality from being executed by unauthorized entities.
Internal MISP references
UUID 8fc6e98b-3946-4b4f-9dbd-03ea2974575b which can be used as unique global reference for Authorization in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2025 |
Autonomy
Maintain spacecraft function during TT&C disruptions with autonomous fallback behaviors.
Internal MISP references
UUID e851fe1d-d0e1-48bd-9fca-b013a9d2b328 which can be used as unique global reference for Autonomy in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2027 |
Boot Integrity
Secure boot ensures OS integrity and loading mechanism verification.
Internal MISP references
UUID 9700a630-6cbd-4759-8fee-3edec4a3af96 which can be used as unique global reference for Boot Integrity in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M1046 |
CCSDS SDLS Sequence numbers
Protect TT&C against replay through secure sequence numbering.
Internal MISP references
UUID 9c37310c-d98d-413d-a020-c1260dfe61f6 which can be used as unique global reference for CCSDS SDLS Sequence numbers in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2004 |
Code signing
Verify digital signatures to ensure only trusted code executes.
Internal MISP references
UUID 65da765d-f1d3-4a21-9f08-b30823147f7c which can be used as unique global reference for Code signing in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M1045 |
Credential Access Protection
Block credential dumping or key compromise through hardened key storage and encryption.
Internal MISP references
UUID d7f910c6-d8ad-4219-a768-014a79ac885b which can be used as unique global reference for Credential Access Protection in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M1043 |
Defense-in-depth measures
Use layered protection mechanisms, including authentication, encryption, and anomaly detection.
Internal MISP references
UUID 8be1c655-4827-44e8-bc71-044e78a48dcb which can be used as unique global reference for Defense-in-depth measures in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2049 |
Detection of abnormal behaviour at avionics bus / Prevention mechanisms
Detect and prevent unauthorized interactions with the avionics bus.
Internal MISP references
UUID 90ea681c-85a7-4477-a8f1-265a2fefa235 which can be used as unique global reference for Detection of abnormal behaviour at avionics bus / Prevention mechanisms in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2078 |
Digital certificates
Use digital certificates (CCSDS 357.0-B-1) for identity assurance and command protection.
Internal MISP references
UUID cde78ea8-ac8c-4120-b864-712f42be4640 which can be used as unique global reference for Digital certificates in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2037 |
Diversity
Introduce diversity in components or software to limit single points of failure.
Internal MISP references
UUID dedde572-c809-442f-9a62-23a97ddcb408 which can be used as unique global reference for Diversity in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2010 |
Encrypt Sensitive Information
Apply strong encryption to protect sensitive data.
Internal MISP references
UUID d1280f0a-df59-4fe6-8e70-10ed7a211d4d which can be used as unique global reference for Encrypt Sensitive Information in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M1041 |
Encryption of communications
Encrypt RF and optical links to ensure confidentiality.
Internal MISP references
UUID cddf4565-3f0d-418d-aa1d-0cc1d7062643 which can be used as unique global reference for Encryption of communications in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2003 |
Filter Network Traffic
Apply protocol-based network filtering on endpoints and network perimeters.
Internal MISP references
UUID c5fe0bb2-ae20-4b42-a2ce-dae411ea3911 which can be used as unique global reference for Filter Network Traffic in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M1037 |
Frequency Hopping
Regularly change carrier frequencies to make interception or jamming harder.
Internal MISP references
UUID af27f11c-5dfe-4d5e-a2d0-21ff557c8f93 which can be used as unique global reference for Frequency Hopping in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2016 |
MMU and MPU
Protect avionics memory access with MMU/MPU for isolation.
Internal MISP references
UUID 5fed55ae-40b2-475a-ad8f-40c90449e86a which can be used as unique global reference for MMU and MPU in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2008 |
Monitoring
Monitor systems and radio channels for unauthorized activity or DoS events.
Internal MISP references
UUID 604a7a61-bc83-471f-a984-410e88496f6c which can be used as unique global reference for Monitoring in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2017 |
Multi-factor authentication
Require multiple factors to authenticate users and commands.
Internal MISP references
UUID f32d8b06-119f-4d52-9115-43e33c2dc70d which can be used as unique global reference for Multi-factor authentication in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2041 |
Network Intrusion Prevention
Block malicious network activity using signatures and behavioral indicators.
Internal MISP references
UUID 2898b686-0745-4e8d-9cf4-3950951abc6a which can be used as unique global reference for Network Intrusion Prevention in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M1031 |
Network Segmentation
Isolate critical systems through physical and logical segmentation.
Internal MISP references
UUID f22c574a-5758-4e11-9735-50d9d7941109 which can be used as unique global reference for Network Segmentation in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M1030 |
Non-repudiation mechanisms
Ensure actions cannot be denied, using digital signatures and logging.
Internal MISP references
UUID 1e198416-76d7-4efc-840c-0136f21f818d which can be used as unique global reference for Non-repudiation mechanisms in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2018 |
On Board Authentication for executing critical commands
Authenticate commands on-board to prevent unauthorized execution.
Internal MISP references
UUID 1d36e242-c3e2-4d04-a2ac-29264c74883d which can be used as unique global reference for On Board Authentication for executing critical commands in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2051 |
Partitioning/Separation
Separate functions and components to contain compromises and faults.
Internal MISP references
UUID 4cf42ba9-a7be-4bf5-9a34-4f676e768da0 which can be used as unique global reference for Partitioning/Separation in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2007 |
Physical security
Use guards, gates, and other countermeasures to defend ground facilities.
Internal MISP references
UUID 96d1dcb4-e658-488d-be78-6aa01b70db9b which can be used as unique global reference for Physical security in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2021 |
Redundancy
Introduce redundant components and communication links to improve availability.
Internal MISP references
UUID 49865241-7f37-482e-9e5e-f2dcd67527df which can be used as unique global reference for Redundancy in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2009 |
Remote attestation
Validate integrity of spacecraft software/firmware remotely.
Internal MISP references
UUID f88bdd12-3b0b-4a09-93b3-cf174352ecbf which can be used as unique global reference for Remote attestation in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2061 |
Resilience
Harden hardware and systems to maintain operations under attack.
Internal MISP references
UUID b5be3682-9edf-48e8-9144-2e30cbab547f which can be used as unique global reference for Resilience in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2020 |
Secure PKI implementation
Implement robust PKI for authentication, key management, and command integrity.
Internal MISP references
UUID d7d2b6ad-ce92-4588-b896-c145ca82ca4c which can be used as unique global reference for Secure PKI implementation in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2040 |
Secure Safe Mode
Maintain secure fallback keys and re-enable security functions upon recovery.
Internal MISP references
UUID a4353dcc-3e6b-47ec-8f72-ea6d34f1f36d which can be used as unique global reference for Secure Safe Mode in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2029 |
Supply chain confidence
Mitigate risks from supply chain insertion of malicious components.
Internal MISP references
UUID d529765b-c66a-47e0-9acc-7a23bcb53d03 which can be used as unique global reference for Supply chain confidence in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2024 |
Supply chain protections
Enforce strong controls over supplier verification, integrity checking, and tamper resistance.
Internal MISP references
UUID 684cd22f-afc7-41a6-984d-beb46824b278 which can be used as unique global reference for Supply chain protections in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2077 |
Supply from trustworthy sources only
Source only from certified and trusted suppliers.
Internal MISP references
UUID e7f9c10e-a327-4b3d-b40d-19d363053f29 which can be used as unique global reference for Supply from trustworthy sources only in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2050 |
User Training
Educate personnel to resist phishing, social engineering, and operational security lapses.
Internal MISP references
UUID d02da809-76c4-4e6c-9ad4-bf1a2b6f8e99 which can be used as unique global reference for User Training in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M1017 |
Zero Trust Architecture
Adopt a zero trust model to continuously verify users, devices, and communications.
Internal MISP references
UUID 3a55c0d7-4af9-46c0-a1b7-aa6226fb3e3d which can be used as unique global reference for Zero Trust Architecture in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| id | M2043 |