Date Published: June 6, 2023
Comments Due:
Email Questions to:
Author(s)
James McCarthy (NIST), Dan Mamula (MITRE), Joseph Brule (MITRE), Karri Meldorf (MITRE), Rory Jennings (MITRE), John Wiltberger (MITRE), Chris Thorpe (MITRE), John Dombrowski (MITRE), O'Ryan Lattin (MITRE)
Announcement
The HSN Cybersecurity Framework (CSF) Profile, informed by an active community of interested stakeholders, provides a practical tool for organizations engaged in the design, acquisition, and operation of satellite buses or payloads involving HSN. Its primary intent is to help those organizations better understand the attack surface, incorporate security, and achieve greater resilience for space systems that may be leveraged by critical infrastructure owners and operators, the DoD, or other government missions, in a manner that is consistent with the sponsor organization’s risk tolerance.
The HSN Profile will help organizations:
- Identify systems, assets, data, and risks from the CSF that pertain to HSN.
- Protect HSN services by utilizing cybersecurity principles and self-assessment.
- Detect cybersecurity-related disturbances or corruption of HSN services and data.
- Respond to HSN service or data anomalies in a timely, effective, and resilient manner.
- Recover the HSN to proper working order at the conclusion of a cybersecurity incident.
As the space sector is transitioning away from traditional vertically integrated entities and towards an aggregation of independently-owned and operated segments, it is becoming more critical for all stakeholders to share a common understanding of the risks and how they can be mitigated. We appreciate your help. If you have expertise in Commercial Space capabilities, please help shape this important Profile.
We encourage you to use this comment template when preparing/providing your comments.
NOTE: A call for patent claims is included on page ii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.
The space sector is transitioning away from traditional vertically-integrated entities and towards Hybrid Satellite Networks (HSN) which is an aggregation of independently owned and operated terminals, antennas, satellites, payloads, or other components that comprise a satellite system. The elements of an HSN may have varying levels of assurance.
HSNs may interact with government systems and critical infrastructure (as defined by the Department of Homeland Security). A framework is required to assess the security posture of the individual components while still enabling the HSN to provide its function. This report applies the NIST Cybersecurity Framework to HSNs with an emphasis on the interfaces between the participants of the HSN.
In collaboration with subject matter experts including satellite builders, consultants, acquisition authorities, operators (commercial and government), academia, and other interested parties, the National Institute of Standards and Technology (NIST) has developed the HSN Cybersecurity Framework CSF Profile (HSN Profile) to guide space stakeholders. The resulting profile provides a starting point for stakeholders who are assessing the cybersecurity posture of their HSN.
The space sector is transitioning away from traditional vertically-integrated entities and towards Hybrid Satellite Networks (HSN) which is an aggregation of independently owned and operated terminals, antennas, satellites, payloads, or other components that comprise a satellite system. The elements...
See full abstract
The space sector is transitioning away from traditional vertically-integrated entities and towards Hybrid Satellite Networks (HSN) which is an aggregation of independently owned and operated terminals, antennas, satellites, payloads, or other components that comprise a satellite system. The elements of an HSN may have varying levels of assurance.
HSNs may interact with government systems and critical infrastructure (as defined by the Department of Homeland Security). A framework is required to assess the security posture of the individual components while still enabling the HSN to provide its function. This report applies the NIST Cybersecurity Framework to HSNs with an emphasis on the interfaces between the participants of the HSN.
In collaboration with subject matter experts including satellite builders, consultants, acquisition authorities, operators (commercial and government), academia, and other interested parties, the National Institute of Standards and Technology (NIST) has developed the HSN Cybersecurity Framework CSF Profile (HSN Profile) to guide space stakeholders. The resulting profile provides a starting point for stakeholders who are assessing the cybersecurity posture of their HSN.
Hide full abstract
Keywords
Cybersecurity Framework; Hybrid satellite networks; HSN; payload; shared services; hosted payload; virtual payload command center; PCC
Control Families
None selected
