U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

NISTIR 8270 (Draft)

Introduction to Cybersecurity for Commercial Satellite Operations

Date Published: June 2021
Comments Due: October 13, 2021 (public comment period is CLOSED)
Email Questions to: DraftIR8270Comments@nist.gov


Matthew Scholl (NIST)


Space operations are vital to advancing the security, economic prosperity, and scientific knowledge of the Nation. However, cyber-related threats to space assets and supporting infrastructure pose increasing risks to the economic promise of emerging markets in space.

This draft report describes cybersecurity concepts with regard to crewless, commercial space operations. The document is an information reference for managing cybersecurity risks and considering how cybersecurity requirements might coexist within space vehicle system requirements. NIST is specifically interested in feedback on the document’s overall approach, the example use case, and the identified controls for the use case. (Note that the use case is only notional for illustrative purposes and is not intended to be a set of specific cybersecurity recommendations.)

Based on feedback from this publication, NIST will also consider the utility of publishing similar reports discussing other areas of space operations as needed. 

NOTE: A call for patent claims is included on page iii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.




commercial space satellite operations; cybersecurity; cybersecurity risk management; risk management
Control Families

None selected


NISTIR 8270 (Draft) (DOI)
Local Download

Supplemental Material:
None available

Document History:
06/29/21: NISTIR 8270 (Draft)
02/25/22: NISTIR 8270 (Draft)


Security and Privacy
risk management

positioning navigation & timing