Space Force Looks to Boost Cyber Defenses of Satellites with Acquisition Reorganization

The ongoing restructuring of Space Force acquisition authorities is designed in part to ensure proper cybersecurity testing and monitoring of new programs as they are developed and deployed, a senior Space Force procurement official said May 10.

The stand-up of Space Systems Command, and its absorption of the Space and Missile Systems Center, details of which were unveiled last month, was advertised as an effort to increase the speed and agility of Space Force acquisitions.

But in a lunchtime keynote at the CyberSatDigital event on May 10, Cordell A. DeLaPena Jr., program executive officer for Space Production at the Space and Missile Systems Center, stressed that it was also intended to improve the resilience of Space Force overhead architecture against new kinetic and cyber threats.

“The reason why we’ve stood up … a separate Space Systems Command for acquisition, and launch, and architecting is to make that shift from today’s peacetime architecture, … an architecture which was never envisioned to conduct offensive or defensive operations,” he said. In its place, Space Force plans a new architecture that could survive kinetic and cyberattacks by near-peer adversaries. “To make that pivot,” DeLaPena added, “We integrate all of those responses to those threats to our satellites into an integrated architecture, which will achieve space superiority.”

The new architecture, DeLaPena said, would rely on digital twinning technology, more properly called model-based systems engineering, in which a detailed virtual model of a satellite or other complex system is built so that it can be attacked and its cyber defenses tested.

DeLaPena said that cyber threats to U.S. satellite systems would be addressed in detail in a classified session later in the week, but outlined a series of “potential threats” in the cyber domain, which he said the newly reorganized acquisition elements in the Space Force would be “testing against” before turning new products over to operational commanders.

“The types of threats we are looking for [are] things like insertion of rogue components—that’s more on the supply side—malicious software, electronic warfare attack—that’s jamming, spoofing—and then denying our sensor access. And those threats, the results of those threats, could result in our satellites being degraded, or an outage, or spillage [of sensitive data], or a temporary loss of command control of our satellites. So these are the things that we are worried about.”

As part of the Space Force’s commitment to becoming an entirely digital military service, DeLaPena said, this testing would be conducted virtually, using digital twinning. Under a program called SPEED—for “satellite penetration test, environment, evaluation, and demonstration,” DeLaPena said, Space Force acquisition officials were creating “digital environments” that could test, at first, prototype satellites being developed by Space Force itself, and later “a space vehicle simulation testbed, which we will use for testing all of our satellites, from commercial and other sources.”

Finally, DeLaPena said, the service would build “within our operations and sustainment infrastructure, [a] prototype solution, which will allow us to constantly monitor and look for any kind of abnormal behavior” or internal traffic on satellites in orbit. But that kind of testing and monitoring would likely not be carried out by Space Systems Command, he suggested.

Once the command is launched in the summer, DeLaPena said, its commander “will have the prioritization responsibility in terms of the command’s risk assessments and the funding we will put across all of those risks, to include the cyber engineering efforts to ensure that every system being delivered to Space Systems Command is resilient.”

But once those systems are deployed and operational, “it’s going to be up to Space Delta Six to do the monitoring and the defending of those systems, both our space systems and our cyberspace systems,” he said.