Satellite Cyber Security Assurance Framework – Assured Unified SPARTA-COSMOS2 Assessment Notation (AUSCAN)

Abstract

Satellite systems present unique cyber security challenges that distinguish them from conventional IT infrastructure. Once deployed, physical intervention is virtually impossible, leaving operators unable to patch, repair, or replace compromised hardware in orbit. These systems operate under severe constraints in power, processing capability, and bandwidth, limiting the complexity of onboard security measures. Furthermore, the growing integration of commercial off-the-shelf components and IP-based networking has significantly expanded the attack surface, while the increasing dependence of critical sectors on space-based assets has elevated the consequences of a successful attack. Despite these unique risk characteristics, current assessment approaches often treat space systems as standard IT networks, failing to account for the architectural context in which threats occur. Existing cyber security frameworks address either threat identification or architectural classification, but not both simultaneously. SPARTA provides a comprehensive taxonomy of space-specific Tactics, Techniques, and Procedures (TTPs), while COSMOS2 defines the architectural segments of space missions. However, no standardised method currently exists to quantify risk at the intersection of these two frameworks. To address this gap, this paper proposes AUSCAN (Assured Unified SPARTA-COSMOS2 Assessment Notation), a quantitative, segment-aware risk assessment framework. AUSCAN synthesises SPARTA's threat intelligence with COSMOS2's architectural segmentation and applies NIST FIPS 199 impact standards to assign criticality weights to each mission segment. The resulting risk scores are aligned with NASA NPR 8000.4C governance directives to enable actionable decision-making. A hypothetical Ground Segment command injection scenario is used to validate the framework. The results demonstrate that AUSCAN effectively quantifies the impact of security control maturity on risk, reducing the score from 38.4 (Medium/Yellow) to 9.6 (Low/Green) when verified mitigations are applied. This research makes three contributions to space cyber security. First, it establishes a quantitative methodology that integrates SPARTA threat intelligence with COSMOS2 architectural segmentation, grounded in NIST FIPS 199 impact standards. Second, it introduces segment-aware risk scoring, ensuring that identical threats are assessed differently depending on whether they target a recoverable ground station or an irrecoverable satellite. Third, through the inclusion of dynamic vulnerability factors, the framework is adaptable to missions with varying criticality profiles and risk appetites.