The first step in defending space is securing a ground system of vast computer networks that receive and route critical communications and flight instructions from Earth to satellites. These systems, which run on everything from old DOS-based computers to the cloud, need specialized cybersecurity solutions that scale to meet mission requirements.
Eirene Sceptre Integrates COTS and Customized Solutions
An Aerospace team is at the forefront of these solutions with Eirene Sceptre, a cyber defense prototype that integrates commercial off-the-shelf (COTS) security programs with custom-built solutions specific to space data. Named for Eirene, the Greek goddess of peace, the project originated as a proof-of-concept for Air Force cloud computing security but has grown to include machine learning and space-focused intrusion detection components funded by Aerospace’s technical investment program.
When applications show signs of possible intrusions, Eirene Sceptre funnels all warnings into a single system information and event management (SIEM) tool called Splunk, which analyzes and prioritizes the alerts so that operators can respond to credible threats. The integration of COTS and space-specific programs into one system represents a new and highly streamlined approach to satellite cyber defense.
Eirene Sceptre Prototype Resists Hacking
While Eirene Sceptre currently exists as a prototype, the program held its own during a simulated hacking of a live, operational space system. Pitted against an Air Force team acting as “hackers,” Aerospace was able to integrate Eirene Sceptre onto the satellite system in an extremely compressed timeline of three weeks and detect 90 percent of malicious activity over the weeklong hacking phase of the simulation.
The results of the experiment helped the team determine the direction for future developments. “The simulation led to a lot of lessons learned,” said Evan Glick, a senior engineer on the project. “If you have a cyber defender on the operations floor, what are they looking for? How do they intelligently communicate what’s happening to the mission director? And what are their options for responding to the threat?”
Because Eirene Sceptre will operate in delicately configured space systems, the team must find ways to counter malicious activity without harming the network in the process. “Our customers are very risk-averse,” Glick said. “A lot of the future work we’re doing involves detecting intrusions and taking safe action as quickly as possible to mitigate the risk of causing more damage while making repairs.”
Air Force Uses Eirene Sceptre for Cyber Defense
Moving forward, Aerospace will continue to leverage its deep expertise in machine learning and extensive experience monitoring space data to supplement Eirene Sceptre’s existing suite of tools and prove their viability. “We’re working on developing a catalog of machine learning algorithms and techniques to demonstrate when they could be useful for cyber detection in space,” said Nicholas Cohen, Eirene Sceptre’s technical lead. “People throw out the term "machine learning" a lot, but we want to show specific use-cases where we can maximize its benefits.”
Ultimately, Eirene Sceptre will help identify any vulnerabilities of satellite networks. The Air Force has recently asked Aerospace to contribute the Eirene Septre space system enhancements, including cyber intrusion detection and machine learning, to both current and under-development cyber monitoring tools.
“There are a lot of commercial tools out there, but we realized that they don’t adequately address cyber needs for space systems,” Cohen said. “With Eirene Sceptre, Aerospace bridges that gap.”