Systematically Integrating Cyber Threat Intelligence into Resilient Space-Cyber Architectures

Abstract

Space systems are undergoing unprecedented commercialisation, increased autonomy and expanded connectivity, bringing both operational efficiency and heightened exposure to evolving cyber threats. These systems underpin critical services such as communication, navigation and Earth observation, yet their cybersecurity practices remain inconsistent across the global space ecosystem. Although frameworks such as NIST SP 800‑160, NASA‑STD‑1006, ECSS‑Q‑ST‑80C and MITRE’s Cyber Resiliency Engineering Framework (CREF) provide guidance for secure engineering, they lack mechanisms for the systematic integration of Cyber Threat Intelligence (CTI). This paper examines current CTI integration practices and the organisational, technical, and regulatory barriers that hinder CTI‑informed resilience in space-cyber architectures. Drawing upon an extensive review of academic and industry literature, the study maps how CTI is currently applied across space-system lifecycles and identifies critical impediments to broader adoption. The findings reveal that CTI is primarily leveraged in an ad hoc, reactive manner for patching and advisory processes, with minimal integration into design or operations. Identified barriers include fragmented standards, limited automation in threat-intelligence consumption, cultural resistance to information sharing and divergent regulatory frameworks across jurisdictions. The paper concludes with analytical insights into how these findings can inform future policy and research directions aimed at improving intelligence-driven resilience within the space sector.