Date

17 August 2023

Category

Blog, Media Updates, Security, Space

No comments

The latest developments in the space sector and the emerging security threats to space systems, such as cyberattacks, are presenting new challenges for the Security Accreditation Board (SAB) of the European Union Agency for the Space Programme (EUSPA).

Securing the European Union’s Space Assets – The EU Space Programme Security Accreditation Board’s Vision

Today, the European Union (EU) operates more than 30 satellites for Earth observation (EO) and global navigation satellite system (GNSS) applications that provide the best performing space-based services in the world. These are part of the EU Space Programme, which consists of six flagship components: Copernicus, Galileo, EGNOS, Space Situational Awareness, GOVSATCOM and IRIS². During 2021-2027, EU investment in space will reach almost €15 billion to support the Space Programme in order to guarantee the EU’s strategic autonomy and global competitiveness in the space sector.

Ensuring the security of the Space Programme is crucial to enable it to continue providing essential services to EU governments, industry and society, which all increasingly rely on space-based technologies. It is vital that levels of accuracy, performance, reliability and accessibility are as high as possible for each component.

How does SAB take decisions?

“The SAB takes decisions by consensus of the Member States on the security accreditation strategy for each of the Space Programme’s components, on the approval of satellite launches, on the authorization to operate the systems in their different configurations and for the various services they provide. They also give authorization to operate the ground stations.”

The SAB decisions are taken by professionals in a strictly independent manner regarding the European Commission and other bodies such as EUSPA or ESA [European Space Agency] that are responsible for implementing the EU Space Programme’s components and provision of service.

“The SAB is supported by an Agency security accreditation department and an effective organizational segregation is established within the Agency between our staff and the other staff of the Agency. Under the supervision of the SAB, it is the SAB chairperson’s responsibility to manage the security accreditation activities and to ensure that they are carried out independently.

“The SAB prepares its major decisions well in advance to ensure adequate and needed coordination of the Programme. This proactive approach allows the Programme to optimize its timetable and sequencing of activities while maintaining the necessary security accreditation process, ensuring that security considerations are integrated from the early stages. This proactive and coordinated approach strengthens the overall security posture of the EU Space Programme.”

ESA image showing artist's view of Europe's space rocket launcher family
Artist’s impression of Europe’s launcher family comprising Ariane and Vega rockets © ESA – D. Ducros

What cybersecurity challenges is the digitalization of space systems presenting?

“The specific features of space infrastructure – both in orbit and on the ground – make it particularly vulnerable to cyberattacks.

“Concerned by the multiplication of cyber threats, this year the SAB updated its general approach to cybersecurity audits applicable to all EU Space Programme components. The approach defines the various cyber audits that the SAB will perform on the different Programme components and for the numerous sites on the ground. It includes systematic cyber audits on architecture, configuration, operations, penetration tests and maintenance because it is essential that the security assurance of the services is maintained for decades. Those audits are performed by cyber experts of the Security Accreditation Department, by Member States or by contractors. The audit outcomes are further evaluated by the SAB.

“Major cyber audits are currently ongoing in preparation for the Galileo Public Related Services Initial Operational Capability – an encrypted navigation service that is designed to be more resistant to jamming, involuntary interference and spoofing – and the Open Service Navigation Message Authentication (OSNMA) service declarations. The same approach will be maintained for other components of the Space Programme and cyber audits are in preparation for EGNOS versions 2 and 3.”

Investing in cybersecurity expertise and resources at industrial, governmental and institutional levels is vital to effectively and efficiently tackle the evolving cyber threats.

How strategic is the protection of space assets for the EU?

“In 2022, EU leaders identified space as a strategic domain in the Strategic Compass and called for an EU Space Strategy for Security and Defence. Building on this political momentum, the first-ever EU Space Strategy for Security and Defence was developed and released at the beginning of March 2023.”

In the current geopolitical context of increasing power, competition and intensification of threats, it is essential to protect EU space assets, defend EU interests, deter hostile activities in space and strengthen the EU’s strategic posture and autonomy.

Main image ©  ESA–Manuel Pedoussaut, 2015