Space ISAC White Papers

Machine Learning Security Operations – MLSecOps
Abstract
The growing space industry relies increasingly on AI solutions, valued at around $2 billion, for operational security and strategic advantages. However, the unique space environment poses cybersecurity challenges, leading to vulnerabilities in AI-enabled technologies. To address this, the Space ISAC AI/ML Community of Interest proposes Machine Learning Security Operations (MLSecOps) as a framework for securing and maintaining trustworthy AI technologies in space. MLSecOps draws inspiration from DevSecOps and MLOps methodologies, integrating security and data-centric practices into AI development and deployment. By implementing MLSecOps, the space community can ensure the resilience and performance of AI systems while countering evolving cyber threats, enhancing space superiority. Further research and collaborative efforts will promote the adoption of MLSecOps, establishing best practices for AI/ML in space operations.

Developing a Sustainable Space Domain
Abstract
The Space Information Sharing and Analysis Center (Space ISAC) advocates for the responsible use of space and associated space-related activities. In alignment with the United States Space Priorities Framework, December 2021, the Space ISAC will focus on and advocate in the near-term for work-force development and the continued emphasis on science, technology, engineering, and mathematics (STEM) education to support space activities; the enhanced use of space in support of climate change; and the establishment of norms, which should include a discussion leading to the end of destructive anti-satellite (ASAT) testing in outer space. The Space ISAC also supports responsible behavior in space for all actors, and as such, developed three key pillars around developing norms and behavior for collective security, adopting space evolutions, and ensuring access to universal public-private sharing of threats. At such a key inflection point where space infrastructure is nearly indivisible from a functioning society, it is imperative to ensure the preservation of the space domain.
Information Sharing Working Group Current and Future Capabilities FAQ
Recent Webinars




Presentations & Resources
CMMC Resources

Cybersecurity matrices have become an industry standard approach for providing a knowledge base of adversary behaviors and serve as a taxonomy for adversarial actions across the attack lifecycle. The Aerospace Corporation created the Space Attack Research and Tactic Analysis (SPARTA) matrix to address the information and communication barriers that hinder the identification and sharing of space-cyber Tactic, Techniques, and Procedures (TTP).
SPARTA is intended to provide unclassified information to space professionals about how spacecraft may be compromised via cyber means. The matrix defines and categorizes commonly identified activities that contribute to spacecraft compromises.
The Aerospace Corporation Papers
- Establishing Space Cybersecurity Policy, Standards, and Risk Management Practices by Brandon Bailey
- Global Communications Infrastructure: Undersea and Beyond by Karen Jones & Lori Gordon
- Defending Spacecraft in the Cyber Domain by Brandon Bailey, Ryan Speelman, Prashant Doshi, Nicholas Cohen, & Wayne Wheeler
- Assessing Commercial Solutions for Government Space Missions by Ronald Birk
- Building Normentum: A Framework for Space Norm Development by Robin Dickey
- Assuring Operations of Autonomous Systems by Ronald Birk
- Leveraging Digital Engineering for Space Guardians and Space Explorers by Angie Bukley & Ronald Birk
- Cybersecurity Protections for Spacecraft: A Threat Based Approach by Brandon Bailey
Additional Resources
- Center for Strategic and International Studies (CSIS) Space Threat Assessment 2022
- USAF, NASIC Releases Unclassified ‘Competing in Space’ Assessment
- Defence Intelligence Agency 2022 Challenges to Security in Space
- Colorado Information Analysis Center (CIAC)
- Department of Homeland Security Cybersecurity & Infrastructure Security Agency (DHS CISA) Tools & Resources
- National Supply Chain Integrity Month
- Industrial Control Systems Joint Working Group
- Using CHIRP to Detect Post-Compromise Threat Activity in On-Premises Environments
- US CERT CISA
- TTP Table for Detecting APT Activity Related to SolarWinds
- Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise
- SOLARWINDS AND AD-M365 COMPROMISE RISK DECISIONS FOR LEADERS
- Center for Internet Security Benchmarks
- FDD | Cyber Hygiene 101 for Small- and Medium-Sized Businesses
- Secure World Foundation: Handbook for New Actors in Space
