Inside Orbital Watch: USSF’s Neighborhood Watch For Space

The launch last month of Orbital Watch, the new Space Force program to share declassified U.S. government threat intelligence with private sector satellite operators and other commercial space companies, comes amid increasing concern about Chinese and Russian development of anti-satellite weapons. 

Officials said the program will eventually become a sort of Neighborhood Watch for space—a clearing and distribution house for orbital threat data from both the government and private sector.    

Experts welcome the idea of Orbital Watch. But they also told Air & Space Forces Magazine that it will likely highlight a dearth of information about objects in space and how they are maneuvering—known as space domain awareness data—available to commercial space operators, and foreground the highly siloed nature of current U.S. government efforts to collect SDA data and other threat information. 

“There is a highly distributed ecosystem of people looking at space threat issues right now” in the U.S. government, said Gregory Falco, an assistant professor at Cornell who has worked with DARPA on the topic. He said different agencies or offices in different parts of the government are looking at different threats like:

  • orbital collisions—called “conjunctions”—both accidental and otherwise
  • cyber attacks on satellites and ground stations
  • jamming or electronic warfare

Those efforts are not always connected, complicating efforts to share threat data even within the government, let alone outside it, he told Air & Space Forces Magazine.   

He added there was a need to “integrate these data streams and figure out how to begin to engage with other partners more holistically.” Right now, he said, “the relationships between the different parties who are looking at these problems are very one-to-one, and it doesn’t really help. There’s very poor visibility across the full ecosystem.” 

Eventually, Falco said, Orbital Watch could become a very powerful tool, but he described the “initial operating capacity” Space Force announced of a quarterly threat briefing as more of a goodwill gesture to show the government’s commitment to the principle of threat information sharing, rather than a practical exercise, since the information in a briefing every three months is likely to be too outdated to be useful. 

“The quarterly briefing is definitely more of a public relations slash goodwill exercise for [foreign and private sector partners], I believe, rather than for intelligence or real-time analysis,” he said. 

Orbital Watch is run by Space Systems Command, the element of Space Force that buys and builds the service’s satellites, through its Front Door office, which aims to simplify and streamline the relationship with the private sector.  

Within weeks of its launch, news broke that a classified Russian satellite, thought to be part of Moscow’s efforts to develop a counter-satellite nuclear weapon, was tumbling in its orbit, apparently out of control, illustrating the growing need for such a warning service.  

The aim for Orbital Watch is to build a system to disseminate declassified or unclassified all-hazards threat information as broadly as possible, Front Door Director Victor Vigliotti told Air & Space Forces Magazine. 

“If it’s a threat to a commercial vendor operating in the space domain, we want to be able to communicate the unclassified information where and when available,” he said. 

“I’d imagine that future notifications might include things like potential conjunctions, kinetic threats, cyber security threats, business intelligence and supply chain threats, as well as new and emerging adversarial development,” he added. 

But he acknowledged that Front Door was still working with other agencies to figure out exactly what kind of data Orbital Watch would be able to share and with whom.  

“We’re not in the process of developing and creating intelligence reports. We’re in the process of rapid communication from the original information owner and sending that out to who they determine necessary,” he said.  

And he said those partner organizations fully control what information is released. They will have to decide what needs to be shared with the private sector and do the declassification work. 

“Any organization that has information that’s releasable [about something that] could be a threat to a non-government system out there, we’re hoping to gather that, consolidate it, and disseminate it,” he said. 

He said as the Orbital Watch program develops capability, the cadence of threat briefings will increase, although there is no specific target: “It is unknown as of now whether it’s going to be hourly, daily, weekly, or monthly. But we can be sure it’s going to increase well beyond that current quarterly tempo, especially in times of crisis and contingency.” 

By the end of the year, Vigliotti said, Orbital Watch should reach “full operational capacity,” which would include a portal where “commercial vendors deemed critical to space warfighting, especially those participating in the Commercial Augmentation Space Reserve,” could share their own threat information to the U.S. government for anonymous dissemination across the sector. 

This model, pioneered by the cybersecurity industry, could help Orbital Watch get over the barriers to sharing government threat information presented by classification issues, he said. “We could potentially leverage commercial [threat] data to share with other vendors and international partners, when we’re unable to sanitize U.S. government information in a timely manner.” 

Although access to the portal to submit threat information would be limited, Vigliotti said, any space sector company, including foreign ones, would be able to sign up to receive Orbital Watch threat warnings.  

“If you’re a space vendor, we want you in the Front Door,” he said. 

Dissemination protocols are up to the agency that supplied the information, he said, but he noted that anything cleared for public release—as he envisaged most Orbital Watch threat data—is by definition shareable even with companies based in adversary nations. 

“I would say, if there’s a Russian or Chinese company that wants to submit to the Front Door, please share your data with us,” he said. 

A similar effort, called the Space Information Sharing and Analysis Center, or Space ISAC, shares cyber and other threat information with the commercial space sector, and leaders of the public-private partnership organization say Orbital Watch will help build on their efforts.

Space ISAC is developing a 24-hour, real-time, all-hazards threat warning center for commercial space companies, using a paid membership model. But they don’t see Orbital Watch as a competitor, because their own capabilities are much more mature and growing quickly, said Executive Director Erin Miller. 

“My view of any government-led information sharing program is that it’s going to be a collaborative opportunity with the Space ISAC, because Space ISAC is a multidecade approach from industry, and industry has already invested millions of dollars into the Space ISAC, and we’ve created a incredibly unique source of information for the global space community that really can’t be replicated.” 

For now, Space ISAC is working closely with Orbital Watch and has Memoranda of Understanding (MoUs) in place with the Space Force and several other government agencies, she said.   

The organization was already sharing cyber threat intelligence on a real-time, machine-to-machine basis, she said, employing the STIX (Structured Threat Information eXpression) standard—a template which ISACs and other cybersecurity information sharing organizations can use to provide cyber threat reporting in a form that can be automatically ingested by cyber defense software like firewalls and endpoint protection programs.  

STIX eliminates the need for human operators to cut and paste or retype technical indicators of attack from cyber threat warnings into firewall rules or other automated defensive measures. 

Space ISAC is working on a special extension for STIX specifically designed for all-hazards reporting in the space sector, Miller said. 

“We’ve been doing this work for about six years now, and I’m still of the strong opinion that the commercial sector resources to identify, detect, and monitor these threats and attacks significantly outnumber any government resources to do that. So we have to do it together,” she said.