Software-defined satellites aim to enhance cyber situational awareness

New software-defined satellite architecture from Lockheed Martin aims to support military operators at a time of growing cybersecurity threats to space-based platforms, the company has told Shephard. 

SmartSat architecture has been integrated onto a number of Lockheed Martin nano-satellite payloads, including Pony Express and Linus. It allows satellites to change their missions in orbit as required, allowing for greater military flexibility. 

Software now defines the bulk of mission-critical capabilities on satellites, and is under constant attack, said Adam Johnson, SmartSat director at Lockheed Martin. He added that against a backdrop of increased investment in AI and software development by potential adversaries, the ability of the US to track, defend against and fight such threats depends on having the best software and hardware. 

‘Cyber situational awareness is a critical capability we need now - the tactical advantage is shifting to actors who can deliver new digital tools to warfighters the fastest,’ Johnson remarked. 

‘The speed at which the adversary evolves outpaces the ability of an individual or organisation to analyse and make effective decisions. Warfighters need faster tools.’

This was part of the thinking behind SmartSat. Satellites embedded with the technology can reset quickly and back each other up as needed, enhancing resiliency, said Johnson, and they can also better detect and defend against cyber threats autonomously.

Because it is ‘designed to have significant on-orbit re-programmability and autonomy, the flexibility built-in also allows for more responsive security needs as they evolve,’ he added.

SmartSat is designed using a “zero-trust” or “threat-first” approach. To design and build such software-defined systems, it is important to understand the threats against them, noting that security is not static and evolves constantly. 

Lockheed Martin uses a variety of techniques through SmartSat to ensure satellites are cyber-hardened, including software and hardware-based intrusion detection, secure coding, encryption and identity management.

‘There are a range of attacks meant to exploit weaknesses to obtain critical data, disrupt service, modify plans or designs, and/or perform any other type of malicious activity. So, with threat-first cyber security, you develop defences around the possible threats,’ Johnson said.