Space Systems Command’s 2,000-Mile Range Cyber Screwdriver

Space Force Space Systems Command takes zero trust to its final limit.

The goal is to protect every element of the system, from the satellites orbiting the Earth to the ground stations controlling data flows, using these concepts.

The challenge, of course, is that Space Systems Command can’t touch the satellites to upload software or change settings, said Col. Craig Frank, Space Systems Command’s chief information officer.

Col. Craig Frank is the chief information officer for Space Systems Command, Space Force. (Photo courtesy of Space Systems Command)

“We’re just trying to keep them under control from a distance, what we’d like to call the IT world, the 2,000-mile screwdriver, where you might have a ground station in Nevada, but the person who’s doing all the work on it is in Florida, we have to make sure that connection is secure,” Frank told Ask the CIO. “It’s good to have a system that can help us do what I like to call wrapping it in a zero-trust envelope. A lot of the challenges we face are that we’re going to be putting this on birds that have been in the sky for decades. We can’t just send someone in there with a screwdriver and put a zero-trust module in it. Instead, we have to take the ground segment and secure it by lining up devices that provide that zero-trust envelope without disrupting the usability of the system.”

An example of this challenge is global positioning satellite systems (GPS). Frank said GPS has been around for several decades and is now something that is part of everyone’s everyday life.

“At the same time, we have to address security, not just the consumer version of the system, which is the ability to track yourself as you move around the world or around the neighborhood, but also the actual command and control of the satellites themselves,” he said. “Some of these birds are only a few years old, but the system itself is decades old. So we have to try to figure out how to make this system more modern and more secure without breaking things that have been working for decades.”

Space Systems Command Legacy IT Challenge

Geoffrey Mattson, CEO of Xage Security, a company that is working with Space Systems Command to implement zero trust, said the challenges the organization faces are similar to those faced by other remote customers.

He added that the zero trust approach has two components: a policy engine that can authenticate users or devices, and distributed ledger technology that allows for the secure storage of credentials associated with those users.

“The problem of integrating zero trust with legacy hardware means you have to have a clear enforcement point that sits right in front of that component and is able to enforce that policy,” Mattson said. “Our framework provides an extension to that 2,000-mile screwdriver. It’s built on the core technologies of software-defined networking, which is that instead of the network following the hardware map of the network itself, we create a virtual network on top of the actual network and use that to actually control and secure the connections. The other key piece is this distributed key store that allows us to store keys in such a way that if one of the devices is compromised, the attacker can’t extract the credentials. They would have to be able to compromise a certain number of those devices, and the chances of them being able to do that are incalculable.”

Frank said Space Systems Command faces an additional challenge because many satellites and related support systems do not use the same standard protocols. He said 99 percent of all communications today are based on the TCP-IP format, but because some systems are decades old, they may use a protocol developed by a specific company or something that doesn’t mesh well with TCP-IP.

“We need to have this software-defined system that can do this translation and basically take these packets and wrap them in a good packet wrapper and then send them out without corrupting the original data and allowing them to be transmitted clearly,” he said. “We’re looking for a way to integrate these existing zero trust capabilities with systems that aren’t Windows-based or something like that. So I think that’s where (Xage Security) comes in, because it creates a connection between the two. The other thing is what you don’t want, because one part of zero trust is that every single user, every single machine is verified every time they try to access a website, a file, data, a data repository, everything really. But you don’t want every time a user opens an email or opens something else, they have to re-authenticate, so a big push for DoD is obviously having a single sign-on capability where the user’s certificate is verified through an Active Directory domain controller. Once the connection is established, the system may continually re-verify in the backend since the user has already logged in to it.”

Mattson said implementing a Zero Trust approach using operational technology in conjunction with traditional IT has become more important than ever as organizations have seen an increase in attacks over the past few years.

Mattson said Space Systems Command, like many other government institutions, continues to face threats from criminal ransomware and massive state-level campaigns aimed at infiltrating infrastructure.

“This concept of a zero trust envelope that can sit in front of any type of hardware. We have a rugged hardware device that we can deploy transparently in front of any of those devices, and then a distributed fabric that enables access control with secure credential storage,” Mattson said. “That way, we’re able to protect operational technology assets in the private sector as well as the public sector. We’re also securing standard IT applications, and we’re applying the same principles and solutions.”