If these kinds of services fail, otherwise become unavailable, or are not safeguarded to achieve the security objectives of signal integrity, authenticity and confidentiality, this can have severe consequences in areas such as traffic safety or the work performed by emergency teams. Satellite systems must therefore meet stringent security requirements throughout their entire lifecycle. Aspects relevant to cyber security are explicitly addressed early on in the design and development phases of control centres, receivers, connections and satellites. While established terrestrial standards and recommendations can be applied for the ground and operator segment, the space segment presents new challenges.

• The quite long lifetime of satellites as well as the extreme environmental conditions in space require a special IT security architecture.
• Only limited adjustments and adaptations to the IT security architecture can be made once it is operational because physical access is then impossible.
• The possibility of (hostile) physical access to satellites should be included in the consideration of protective measures.

BSI Objectives and Fields of Action

In the publication "Cyber Security for Space Infrastructures - Positioning of the Federal Office for Information Security”, the BSI defines the objectives and fields of action that form the basis for the BSI's design of cyber security for space applications.

Key Objective on Cyber Security for Space Infrastructures

Strengthening cyber security for space infrastructure with relevance for government, the economy and civil society in order to safeguard the availability of services via secure and trusted communication.
Based on the key objective on cyber security for space infrastructures, the BSI derives concrete action goals and develops measures for their realisation. Initial measures have already been implemented, such as the provision of minimum requirements for manufacturers, developers, operators and suppliers of satellite systems and their components as part of the IT-Grundschutz Profile for Space Infrastructures, which was developed jointly with industry and the German Space Agency.

• In order to realise further measures, it is currently planned to establish a focal unit on information security for space infrastructures at the BSI in 2023. As the central, coordinating body for cyber security in civil and military aerospace applications and systems, this unit will work towards the following targets in the years to come:
• Identification of minimum requirements for cyber security in space. In addition to the already published IT-Grundschutz Profile and the Technical Guideline on Information Security for Space Systems, an IT Grundschutz Profile for ground infrastructures of satellite systems will be made available in 2023.
• Development of criteria and recommendations; advisory services to support development work in early project phases. The IT security architectures for satellites eligible for licensing must reflect the current state of technical development and include future-proof cryptosystems. Consulting and other services related to cyber security with regard to minimum requirements and licensing. The unit on information security for space infrastructures provides information and can also be contacted with enquiries about national and international cyber security standards, licensed products, the current threat landscape and development trends in aerospace.
• Active participation in or hosting of events; publication of articles with technical relevance to aerospace systems. Through this press and public relations work, the BSI promotes awareness with regard to cyber threats and creates security consciousness.

Satellite systems for use in matters of national security

The BSI’s duties also include the licensing and provision of IT security products for the electronic processing of classified information. Military intelligence and communication operations, as well as the Public Regulated Service (PRS) of the European civilian satellite navigation system Galileo, must be capable of processing information at the classified level of ‘Secret’. This requires licensing of the cryptography devices to be integrated. Here, the BSI bases its work on a secure, internationally recognised standard and provides support to manufacturers and developers throughout the development and licensing process.

The BSI is designing the key and security management systems for the PRS. The starting point for this work was the delegation edict included in the interdepartmental agreement dated 28 February 2014, which concerns the establishment of a national PRS agency pursuant to Decision No. 1104/2011/EU2 of the European Parliament and Council. The tasks thereby delegated to the BSI include:

• Setup and operation of the PRS key management system
• Support for the development of models and procedures to safeguard the security management system
• Participation in national and international bodies in the field of PRS key management
• Cooperation with other Member States and EU institutions and agencies in relation to the harmonisation, standardisation and compatibility of national key management infrastructures
• Provision of support to the national Galileo PRS agency and departments in terms of the cyber/IT security of satellite systems