All Issue

2025 Vol.2, Issue 1 Preview Page

Research Article

Multi-tiered space cyber TARA: Quantification of risk and mitigation with SPARTA TTP
Sang Seo1
,
Dohoon Kim2*
1Software Laboratory, NSHC Co., Ltd., Seoul 08502, South Korea
2Department of Computer Science, Kyonggi University, Suwon 16227, South Korea
*Corresponding Author
30 June 2025. pp. 36-50
PDF XML Citation
Abstract

As space cybersecurity undergoes profound transformation within the increasingly intelligent and networked environment, a standardized methodology for risk assessment and defense validation becomes imperative for mitigating attack surfaces through threat intelligence and Indicators of Compromise (IoCs). However, existing frameworks such as SPARTA (Space Attack Research & Tactic Analysis) lack a structured Model-Based Systems Engineering (MBSE) methodology to quantify the propagation of damage from Advanced Persistent Threats (APTs) targeting intrinsically vulnerable space infrastructure and to formulate optimal countermeasures. This study addresses this critical gap by proposing a multi-tiered Space Cyber Threat Analysis and Risk Assessment (TARA) framework, which integrates Space Risk (SR) and Space Mitigation (SM) metrics to achieve Defense-in-Depth (DiD) and Secure Space-by-Design (S2bD) within the space ecosystem. The framework further ensures interoperability with SPARTA’s risk matrix and Minimum Notional Baseline (MNB) through standardized normalization. To valid ate its effectiveness, a comprehensive best-practice assessment is conducted on the space supply chain. This TARA-based approach enables more granular quantification of threat impact metrics and mitigation response metrics—domains that have received limited attention in prior research. Furthermore, a sensitivity analysis is performed to evaluate its practical effectiveness. Future work will focus on the full-scale implementation of Space Penetration Testing as a Service (Space-PTaaS) and Space Enterprise Mission Assurance Support Service (Space-eMASS).

Keywords
Space cybersecurity
Threat modeling
Threat analysis and risk assessment
SPARTA
References
1

White House (n.d.) Memorandum on space policy directive-5: cybersecurity principles for space systems. Available at https://trumpwhitehouse.archives.gov/presidential-actions/memorandum-space-policy-directive-5-cybersecurity-principles-space-systems/. Accessed 6 February 2025

2

Aerospace Corporation (n.d.) Space attack research & tactic analysis (SPARTA). Available at https://aerospace.org/sparta/. Accessed 6 February 2025

3

European Space Agency (n.d.) "Space attacks and countermeasures engineering shield (SPACE-SHIELD). Available at https://spaceshield.esa.int/. Accessed 6 February 2025

4

MITRE (n.d.) Adversarial tactics, techniques, and common knowledge (ATT&CK). Available at https://attack.mitre.org/. Accessed 6 February 2025

5

MITRE (n.d.) Detection, denial, and disruption framework empowering network defense (D3FEND). Available at https://d3fend.mitre.org/. Accessed 6 February 2025

6

CCSDS (n.d.) Consultative committee for space data systems. Available at https://public.ccsds.org/default.aspx/. Accessed 6 February 2025

7

Department of Defense (n.d.) Trusted systems and networks (TSN) analysis. Available at https://rt.cto.mil/wp-content/uploads/2019/06/Trusted-Systems-and-Networks-TSN-Analysis.pdf/. Accessed 6 February 2025

8

NASA (n.d.) IVV 09-1: independent verification and validation technical framework. Available at https://www.nasa.gov/wp-content/uploads/2015/09/ivv_09-1_independent_verification_and_validation_technical_framework_-_ver_p_-_10-25-2017.pdf/. Accessed 6 February 2025

9

MITRE (n.d.) Knowledge management at The MITRE corporation. Available at https://www.researchgate.net/profile/Mark-Maybury-2/publication/228858770_Knowledge_Management_at_The_MITRE_Corporation/links/00b495295de7574a29000000/Knowledge-Management-at-The-MITRE-Corporation.pdf/. Accessed 6 February 2025

10

MITRE (n.d.) Threat assessment & remediation analysis (TARA). Available at https://www.mitre.org/sites/default/files/2021-10/pr-11-4982-tara-methodology-and-description.pdf/. Accessed 6 February 2025

11

Hasan K, Shetty S, Hassanzadeh A, Ullah S (2019) Towards optimal cyber defense remediation in cyber physical systems by balancing operational resilience and strategic risk. MILCOM 2019. Norfolk, VA, USA, pp 1-8. doi:10.1109/MILCOM47813.2019.9021076/

10.1109/MILCOM47813.2019.9021076
12

NIST (n.d.) NIST IR 8270 - Introduction to cybersecurity for commercial satellite operations. Available at https://nvlpubs.nist.gov/nistpubs/ir/2023/NIST.IR.8270.pdf/. Accessed 6 February 2025

13

NIST (n.d.) NIST IR 8323 Rev. 1 - Foundational PNT Profile: applying the cybersecurity framework for the responsible use of positioning, navigation, and timing (PNT) services. Available at https://nvlpubs.nist.gov/nistpubs/ir/2023/NIST.IR.8323r1.pdf/. Accessed 6 February 2025

14

NIST (n.d.) NIST IR 8401 - Satellite ground segment: applying the cybersecurity framework to satellite command and control. Available at https://nvlpubs.nist.gov/nistpubs/ir/2022/NIST.IR.8401.pdf/. Accessed 6 February 2025

15

NIST (n.d.) NIST IR 8441 - Cybersecurity framework profile for hybrid satellite networks (HSN). Available at https://nvlpubs.nist.gov/nistpubs/ir/2023/NIST.IR.8441.pdf/. Accessed 6 February 2025

16

NASA (n.d.) Space security: best practices guide (BPG) Rev. B. Available at https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/external/space-security-best-practices-guide-bpg-rev-1.pdf/. Accessed 6 February 2025

17

NASA (n.d.) NASA-STD-1006A: space system protection standard. Available at https://standards.nasa.gov/standard/NASA/NASA-STD-1006/. Accessed 6 February 2025

18

Space-ISAC (n.d.) Space information sharing and analysis center. Available at https://spaceisac.org/. Accessed 6 February 2025

19

Aerospace Corporation (n.d.) STIX-Based threat detection: observables and IOCs for space systems. Available at https://cwe.ccsds.org/sea/_layouts/15/WopiFrame.aspx?sourcedoc=%7BD292C2AE-170C-4805-A8B3-6A4ACA9A8313%7D&file=DRAFT_OTR-2025-00042%20-%20STIX-Based%20Threat%20Detection_Observables%20and%20IOCs%20for%20Space%20Systems.pdf&action=default/. Accessed 6 February 2025

20

OASIS (n.d.) Introduction to TAXII. Available at https://oasis-open.github.io/cti-documentation/taxii/intro.html/. Accessed 6 February 2025

21

Aerospace Corporation (n.d.) MoonLighter. Available at https://aerospace.org/sites/default/files/2023-04/AK23_114_Fact%20Sheet_Moonlighter_REVB.pdf/. Accessed 6 February 2025

22

Werremeyer M, Williams J, Wood S, Walker M, Ameen J, Kerley B (2024) Hack-A-Sat: four years from the cromulence tech team. 2024 IEEE Aerospace Conference, Big Sky, MT, USA, pp 1-17. doi:10.1109/AERO58975.2024.10521107/. Accessed 6 February 2025

10.1109/AERO58975.2024.10521107
23

ESA (n.d.) ARTES-4S: safety & security. Available at https://connectivity.esa.int/space-systems-safety-and-security-4s/. Accessed 6 February 2025

24

ESA (n.d.) Space cyber range (SCR). Available at https://connectivity.esa.int/projects/scr/. Accessed 6 February 2025

25

ESA (n.d.) 4S system and services testbed (4SSTB). Available at https://connectivity.esa.int/projects/4sstb/. Accessed 6 February 2025

26

CCSDS (n.d.) CCSDS 355.0-B-2: space data link security protocol. Available at https://public.ccsds.org/Pubs/355x0b2.pdf/. Accessed 6 February 2025

27

ESA (n.d.) International use cases for operational QKD applications and services (INT-UQKD). Available at https://connectivity.esa.int/projects/intuqkd/. Accessed 6 February 2025

28

ESA (n.d.) GEO QKD hosted payload (caramuel). Available at https://connectivity.esa.int/projects/caramuel/. Accessed 6 February 2025

29

NASA (n.d.) GSFC-STD-8012: bulk security standard for spacecraft communication. Available at https://standards.nasa.gov/standard/GSFC/GSFC-STD-8012/. Accessed 6 February 2025

30

IETF (n.d.) RFC 9172: bundle protocol security (BPSec). Available at https://www.rfc-editor.org/rfc/rfc9172.pdf/. Accessed 6 February 2025

31

EUSPA (n.d.) GOVSATCOM. Available at https://www.euspa.europa.eu/eu-space-programme/secure-satcom/govsatcom/. Accessed 6 February 2025

32

EUSPA (n.d.) IRIS2: infrastructure for resilience, interconnectivity and security by satellite. Available at https://www.euspa.europa.eu/sites/default/files/2024-03/IRIS2.pdf/. Accessed 6 February 2025

33

EUSPA (n.d.) CASSINI challenge. Available at https://www.euspa.europa.eu/cassinichallenges/. Accessed 6 February 2025

34

EUSPA (n.d.) EU space-ISAC. Available at https://www.euspa.europa. eu/newsroom-events/news/eu-space-isac/. Accessed 6 February 2025

35

ESA (n.d.) OPS-SAT. Available at https://www.esa.int/Enabling_Support/Operations/OPS-SAT/. Accessed 6 February 2025

36

ESA (n.d.) The ESA CyberCube mission. CYSAT 2024. Available at https://www.youtube.com/watch?v=IzOVRHfQHZQ/. Accessed 6 February 2025

37

NCSC (n.d.) Cyber assessment framework. Available at https://www.ncsc.gov.uk/collection/cyber-assessment-framework/. Accessed 6 February 2025

38

UKSA (n.d.) Cyber security toolkit. Available at https://assets.publishing.service.gov.uk/media/5ec298a3e90e071e2f955ebc/Space_cyber_toolkit_final_v4.pdf/. Accessed 6 February 2025

39

BSI (n.d.) IT-Grundschutz profile for space infrastructures - minimum protection for satellites covering their entire life cycle. Available at https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Grundschutz/profiles/Profile_Space-Infrastructures.pdf?__blob=publicationFile&v=2/. Accessed 6 February 2025

40

BSI (n.d.) Technical guideline BSI TR-03184 information security for space systems - Part 1: space segment. Available at https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03184/BSI-TR-03184_part1.pdf?__blob=publicationFile&v=3/. Accessed 6 February 2025

41

METI (n.d.) Cybersecurity guidelines for commercial space systems ver. 2.0. Available at https://www.meti.go.jp/shingikai/mono_info_service/sangyo_cyber/wg_seido/wg_uchu_sangyo/pdf/20240327_1.pdf/. Accessed 6 February 2025

42

Cabinet Secretariat of Japan (n.d.) Space security initiative 2023. Available at https://www8.cao.go.jp/space/anpo/kaitei_fy05/enganpo_fy05.pdf/. Accessed 6 February 2025

43

NIST (n.d.) NIST CSWP 20 - The NIST cybersecurity framework (CSF) 2.0. Available at https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.29.pdf/. Accessed 6 February 2025

10.6028/NIST.CSWP.29.nor
44

NIST (n.d.) NIST SP 800-37 Rev. 2 - risk management framework for information systems and organizations: a system life cycle approach for security and privacy. Available at https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf/. Accessed 6 February 2025

45

NIST (n.d.) NIST SP 800-161 Rev. 1 - C-SCRM: cybersecurity supply chain risk management practices for systems and organizations. Available at https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1.pdf/. Accessed 6 February 2025

46

CyberAB (n.d.) Cybersecurity maturity model certification (CMMC) assessment process ver 2.0. Available at https://cyberab.org/Portals/0/CMMC%20Assessment%20Process%20v2.0.pdf?ver=fEk1pUK1Fg26fVtopxv_DA%3D%3D/. Accessed 6 February 2025

47

ISO (n.d.) ISO/IEC 27001:2022 - information security, cybersecurity and privacy protection - information security management systems - Requirements. Available at https://www.iso.org/standard/27001/. Accessed 6 February 2025

Information
  • Publisher :Korean Academy of Space Security
  • Publisher(Ko) :한국우주안보학회
  • Journal Title :JOURNAL OF SPACE SECURITY
  • Journal Title(Ko) :한국우주안보학회지
  • Volume : 2
  • No :1
  • Pages :36-50
  • Received Date : 2025-02-10
  • Revised Date : 2025-05-02
  • Accepted Date : 2025-06-09
  • DOI :https://doi.org/10.23386/joss.2025.2.1.004
Journal Informaiton JOURNAL OF SPACE SECURITY JOURNAL OF SPACE SECURITY
Online Submission
  • KISTI Current Status
  • KISTI Cited-by
  • KCI 문헌 유사도 검사
  • orcid
  • open access
  • ccl
Journal Informaiton Journal Informaiton - close