Slashdot Mirror

← Back to Stories (view on slashdot.org)

Satellite Command Security?

Posted by Cliff on from the preventing-orbital-hacking dept.

teridon asks: "I work in the satellite control industry, and I've been asked to present mission safety with regards to command security. In other words, how do we ensure that 'unknowns' don't command the satellite. Military and commerical birds often employ encryption on both the uplink and the downlink. However, it seems that none of the science-oriented satellites my company operates do this. We rely on physical security (access to the control center), network security (we use closed networks), technology (most crackers don't have access to a huge radio antenna with which to transmit), and obscurity (each satellite has its own command structure, not publicly documented). Many satellites use CCSDS frames to uplink commands; only the command data is obscured by lack of public info." A common mantra heard from Slashdot is "obscurity is not security", and this is a lesson that teridon wants his company to learn, in addition to other steps they can take to improve the security of their system. What suggestions might you have when it comes to improving security on satellite systems, especially if you have experience from some of the mistakes that you may have seen in production?

"Three major issues concern me (I'm going to assume that our network security works (grin!):

  1. Can someone effectively execute a DOS attack by uplinking to the satellite with a powerful signal (the frequency would be easy to 'snoop' from our transmitting antenna), thus preventing us from commanding it? In general, how do receivers handle multiple command carriers (would there be too much noise to command)?
  2. How many of you think that you could decipher the structure of the command (given the motivation)?
  3. Standards being developed (like SCPS) intend to make satellites 'just another node on the Internet.' Take a look at the security protocol (which is based on IPSEC, et. al) and tell me if you think it is secure, or whether you'd want to crack it.
I'm not looking for the Slashdot population to do my research -- I mostly want opinions on whether cracking a science satellite would be worth the time."

3 of 426 comments (clear)

  1. Given enough motivation by Tim+Ward · · Score: 5, Insightful

    How many of you think that you could decipher the structure of the command (given the motivation)?

    Anything can be hacked given enough motivation. That's why different levels of security are applied to different perceived threats - you guess how much motivation the opposition are likely to muster and decide how much to invest in security accordingly.

    1. Re:Given enough motivation by Shanep · · Score: 5, Insightful

      Anything can be hacked given enough motivation.

      The key is practicality.

      I think this opinion is based on ego. The hackers think they can hack anything, they just "don't have the motivation" to hack the really hard stuff. The system designers feel that they need to believe and portray this because they fear thier systems will some day be hacked or perhaps keep an open mind about it.

      I also think it is silly to beleive that an unhackable system cannot be designed.

      Although, I agree with the parent poster regarding practicality. I had an MCSE teacher tell the class I was in, that encryption was'nt good because any crypto algorithm could be cracked if the design is known. I wanted to challenge him on the practicalities of it (but I hate always being the arsehole in classes who corrects the teacher). I mean sure, learn the algorithm and brute force the output, but what about the practicality? What if it is an algorithm that is strong enough to realise the full range of a 4096 bit key? How many hundreds of years is it going to take to brute force crack it with the combined effort of all the computers that will ever exist on Earth? Will we (human race) be history by then? Do people in the year 8002 really give a crap about what people in 2002 were trying to hide? Do any humans still live on Earth, having terraformed and populated Mars and some other planets in other galaxies?

      Or how about a cipher text done with a One Time Pad, which could be decrypted with loads of different keys to come out as loads of *different* and *incorrect* yet completely inteligible plain texts!

      The rest of the class justs nods (duh!). It was the same teacher that told me that to boot an NT server off a SCSI disk, on a system that has NO SCSI BIOS, you just had to load an NT SCSI driver. Yeah, OK teach, good one. MCSE's, poor bastards, are given the inflated belief that they are computer experts once they have passed MS's "computer science". It's almost as pathetic as Scientology.

      --
      War crimes, torture, lies, illegal spying... Would someone give Bush a blowjob, already, so he can be impeached?
  2. Forget reverse engineering -- who's quit lately? by pointym5 · · Score: 5, Insightful

    Definitely assume that anybody you really don't want knowing your command structures will know them. Do you keep the documentation (or source code) in a locked vault with genuine security (not just "don't tell anybody where the vault is")? Do you have strong entry/exit security (can you take an 8mm tape home with nobody noticing)? Are your internal machines firewalled completely from the public Internet? Most importantly, how much do you trust the people who know how it works? Are you sure none of them wouldn't sell information for a few tens of thousands of dollars (or sex)?