Beyond Obscurity: Developing CubeSat Cybersecurity

Abstract

As modern space systems, particularly CubeSat constellations, are increasingly embedded in defence, industrial, and civilian operations, fulfilling an increasingly vital role in telecommunications, earth observation, and national security, their vulnerabilities to cyberattacks continue to grow. Despite the advantages of CubeSats; cost-effectiveness, scalability, and enhanced coverage; as satellite providers attempt to maximise payload capabilities, these systems are fundamentally constrained by Size, Weight, and Power (SWaP), imposing significant design trade-offs that limit onboard security. This has contributed to emerging U.S. national security requirements for commercial satellites supporting defence missions to implement real-time on-board intrusion detection and prevention systems forcing cybersecurity for satellite vendors to no longer merely be a desirable design feature, but an explicit mission-assurance and acquisition requirement for space systems used to support national security. This paper examines the growing cybersecurity risks faced by CubeSat constellations, focusing primarily on multi-stage attacks—complex sequences of interrelated behaviours that may appear individually benign but are collectively malicious. Where existing terrestrial intrusion detection systems have succeeded, they lack the distinctive dynamics of satellite networks, and publicly available satellite-oriented datasets to achieve the same success in the space domain. This necessitates the development of bespoke, packet-level datasets for effective cybersecurity modelling. To address the immediate need for enhanced resilience while bespoke datasets are developed, Through the review of existing cybersecurity measures and the integration of machine learning-based solutions, we propose a preliminary cybersecurity framework based on self-supervised learning. This approach uses contrastive learning to produce a nominal operational profile of the satellite’s systems. This profile serves as a baseline for an onboard anomaly detection system, aiming to identify deviations that could indicate a cyberattack. By developing adaptive intrusion detection systems (IDS) that prioritise resource conservation, we aim to enhance CubeSat security in future space missions, ensuring both operational integrity and data confidentiality. Furthermore, we propose the development of a minimum cyber resilience capability checklist, accompanied by a standardised testbench. This testbench would provide analogous testing to vacuum and vibration tests common in satellite engineering, covering core, low-cost, high-reward attack vectors such as authentication and encryption vulnerabilities, fuzzing, replay attacks, and Denial of Service (DoS). The results would be delivered to the satellite owner or producer in a simple pass/fail format, identifying which tests failed and recommending standard methods to mitigate the identified vulnerabilities. This framework aims to establish a foundational and verifiable level of cyber resilience for CubeSat missions.