← 返回 Community

Gregory Falco

Mechanical Engineering · Cornell University  high

研究方向

方向提炼待补(distill 阶段生成)。

该校申请信息 · Cornell University

ME deadline(legacy)
申请费

近三年论文 · 64 篇 (点击展开摘要,时间倒序)

Security of Emerging Satellite Mega-Constellations
IEEE RESOURCE CENTERS · 2026 · cited 0 · doi.org/10.17023/9k20-ax35
Situational Awareness for Proactive Rerouting: Enhancing Resilience in Submarine Communication Cables
Open MIND · 2026 · cited 0 · doi.org/10.57767/jobs_2026_003
Cyber Resilient Attitude Determination and Control for Space Vehicles
· 2026 · cited 0 · doi.org/10.2514/6.2026-1083
Attitude determination and control systems (ADCS) represent critical single points of failure for spacecraft, yet their resilience against cyberattacks remains underexplored. This paper evaluates five attitude control architectures including PD, LQR+KF, neural surrogate, median ensemble, and hybrid, under post-compromise conditions using simulations on a genuine spaceflight computer. Through Monte Carlo simulations with sensor corruption, actuator tampering, timing delays, and model mismatch attacks, we demonstrate that learning-based controllers exhibit severe instability with crash rates of 70-100\%, while model-based controllers degrade predictably and maintain attitude authority. These results indicate that cyber-resilient ADCS for contested environments should prioritize model-based designs with stability guarantees, using learning-based methods only as auxiliary components with validated fallback strategies.
When to Compute in Space
· 2026 · cited 0 · doi.org/10.2514/6.2026-2663
Spacecraft increasingly rely on heterogeneous computing resources spanning onboard flight computers, orbital data centers, ground station edge nodes, and terrestrial cloud infrastructure. Selecting where a workload should execute is a nontrivial multi objective problem driven by latency, reliability, power, communication constraints, cost, and regulatory feasibility. This paper introduces a quantitative optimization framework that formalizes compute‐location selection through empirically measurable metrics, normalized scoring, feasibility constraints, and a unified utility function designed to operate under incomplete information. We evaluate the model on two representative workloads demonstrating how the framework compares compute tiers and identifies preferred deployment locations. The approach provides a structured, extensible method for mission designers to reason about compute placement in emerging space architectures.
Adversarial Pursuits in Cislunar Space
· 2026 · cited 0 · doi.org/10.2514/6.2026-2495
Cislunar space is becoming a critical domain for future lunar and interplanetary missions, yet its remoteness, sparse infrastructure, and unstable dynamics create single points of failure. Adversaries in cislunar orbits can exploit these vulnerabilities to pursue and jam co-located communication relays, potentially severing communications between lunar missions and the Earth. We study a pursuit-evasion scenario between two spacecraft in a cislunar orbit, where the evader must avoid a pursuer-jammer while remaining close to its nominal trajectory. We model the evader-pursuer interaction as a zero-sum adversarial differential game cast in the circular restricted three-body problem. This formulation incorporates critical aspects of cislunar orbital dynamics, including autonomous adjustment of the reference orbit phasing to enable aggressive evading maneuvers, and shaping of the evader’s cost with the orbit’s stable and unstable manifolds. We solve the resulting nonlinear game locally using a continuous-time differential dynamic programming variant, which iteratively applies linear-quadratic approximations to the Hamilton-Jacobi-Isaacs equation. We simulate the evader’s behavior against both a worst-case and a linear-quadratic pursuer. Our results pave the way for securing future missions in cislunar space against emerging cyber threats.
Out-of-Band Power Side-Channel Detection for Semiconductor Supply Chain Integrity at Scale
arXiv (Cornell University) · 2026 · cited 0 · doi.org/10.48550/arxiv.2601.01054
Out-of-band screening of microcontrollers is a major gap in semiconductor supply chain security. High-assurance techniques such as X-ray and destructive reverse engineering are accurate but slow and expensive, hindering comprehensive detection for hardware Trojans or firmware tampering. Consequently, there has been increased interest in applying machine learning techniques to automate forensic examination, enabling rapid, large-scale inspection of components without manual oversight. We introduce a non-destructive screening method that uses power side-channel measurements and generative modeling to detect tampering in commodity microcontrollers without trusted hardware. As a proof-of-concept, differential power analysis (DPA) traces are collected from the ChipWhisperer and a generative adversarial network (GAN) is trained only on benign measurements to learn nominal power behavior. The trained discriminator then serves as a one-class anomaly detector. We report detection performance on multiple tampering scenarios and discuss how this technique can serve as an intermediate screening tier between basic functional tests and high-cost forensic analysis. The proposed method is evaluated in the context of semiconductor supply chain practice and policy to assess its suitability as an intermediate assurance mechanism.
Out-of-Band Power Side-Channel Detection for Semiconductor Supply Chain Integrity at Scale
arXiv (Cornell University) · 2026 · cited 0
Out-of-band screening of microcontrollers is a major gap in semiconductor supply chain security. High-assurance techniques such as X-ray and destructive reverse engineering are accurate but slow and expensive, hindering comprehensive detection for hardware Trojans or firmware tampering. Consequently, there has been increased interest in applying machine learning techniques to automate forensic examination, enabling rapid, large-scale inspection of components without manual oversight. We introduce a non-destructive screening method that uses power side-channel measurements and generative modeling to detect tampering in commodity microcontrollers without trusted hardware. As a proof-of-concept, differential power analysis (DPA) traces are collected from the ChipWhisperer and a generative adversarial network (GAN) is trained only on benign measurements to learn nominal power behavior. The trained discriminator then serves as a one-class anomaly detector. We report detection performance on multiple tampering scenarios and discuss how this technique can serve as an intermediate screening tier between basic functional tests and high-cost forensic analysis. The proposed method is evaluated in the context of semiconductor supply chain practice and policy to assess its suitability as an intermediate assurance mechanism.
When to compute in space
arXiv (Cornell University) · 2025 · cited 0 · doi.org/10.48550/arxiv.2512.17054
Spacecraft increasingly rely on heterogeneous computing resources spanning onboard flight computers, orbital data centers, ground station edge nodes, and terrestrial cloud infrastructure. Selecting where a workload should execute is a nontrivial multi objective problem driven by latency, reliability, power, communication constraints, cost, and regulatory feasibility. This paper introduces a quantitative optimization framework that formalizes compute location selection through empirically measurable metrics, normalized scoring, feasibility constraints, and a unified utility function designed to operate under incomplete information. We evaluate the model on two representative workloads demonstrating how the framework compares compute tiers and identifies preferred deployment locations. The approach provides a structured, extensible method for mission designers to reason about compute placement in emerging space architectures.
When to compute in space
arXiv (Cornell University) · 2025 · cited 0
Spacecraft increasingly rely on heterogeneous computing resources spanning onboard flight computers, orbital data centers, ground station edge nodes, and terrestrial cloud infrastructure. Selecting where a workload should execute is a nontrivial multi objective problem driven by latency, reliability, power, communication constraints, cost, and regulatory feasibility. This paper introduces a quantitative optimization framework that formalizes compute location selection through empirically measurable metrics, normalized scoring, feasibility constraints, and a unified utility function designed to operate under incomplete information. We evaluate the model on two representative workloads demonstrating how the framework compares compute tiers and identifies preferred deployment locations. The approach provides a structured, extensible method for mission designers to reason about compute placement in emerging space architectures.
Space-Based Fog Computing Across LEO and MEO Constellations for On-Orbit Hypersonic Detection and Space Domain Awareness
Low Earth Orbit (LEO) mega-constellations have catalyzed interest in on-orbit computing, but an exclusive focus on LEO risks architectural bottlenecks in custody duration and end-to-end latency. We introduce a multi-orbit, space-based fog architecture that couples Medium Earth Orbit (MEO) and LEO constellations to share sensing, communication, and on-orbit processing. Unlike relay-centric designs, the proposed cumulonimbus-like fog computing (CLFC) framework assigns MEO nodes active roles in segmentation, intermediate inference, and fusion while leveraging dense LEO meshes for parallel CNN execution. Using access geometry and image-processing models grounded in prior onboard benchmarks, we show (i) an order-of-magnitude increase in chain-of-custody duration relative to an LEO-only baseline and (ii) up to a 94% reduction in processing latency via inter-orbital parallelism. A preliminary trade study further indicates that CLFC can reproduce Starlink-like network presence with only <tex xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">$\mathbf{1 3}-\mathbf{7 3} \boldsymbol{\%}$</tex> of the LEO satellite count, highlighting efficiency gains for sparsely populated constellations. These results position multi-orbit fog computing as a practical path to real-time hypersonic detection and space domain awareness without dependence on terrestrial cloud resources.
Adversarial Pursuits in Cislunar Space
arXiv (Cornell University) · 2025 · cited 0 · doi.org/10.48550/arxiv.2509.20330
Cislunar space is becoming a critical domain for future lunar and interplanetary missions, yet its remoteness, sparse infrastructure, and unstable dynamics create single points of failure. Adversaries in cislunar orbits can exploit these vulnerabilities to pursue and jam co-located communication relays, potentially severing communications between lunar missions and the Earth. We study a pursuit-evasion scenario between two spacecraft in a cislunar orbit, where the evader must avoid a pursuer-jammer while remaining close to its nominal trajectory. We model the evader-pursuer interaction as a zero-sum adversarial differential game cast in the circular restricted three-body problem. This formulation incorporates critical aspects of cislunar orbital dynamics, including autonomous adjustment of the reference orbit phasing to enable aggressive evading maneuvers, and shaping of the evader's cost with the orbit's stable and unstable manifolds. We solve the resulting nonlinear game locally using a continuous-time differential dynamic programming variant, which iteratively applies linear-quadratic approximations to the Hamilton-Jacobi-Isaacs equation. We simulate the evader's behavior against both a worst-case and a linear-quadratic pursuer. Our results pave the way for securing future missions in cislunar space against emerging cyber threats.
Satellite Chasers: Divergent Adversarial Reinforcement Learning to Engage Intelligent Adversaries on Orbit
Journal of Aerospace Information Systems · 2025 · cited 0 · doi.org/10.2514/1.i011632
As space becomes increasingly crowded and contested, robust autonomous capabilities for multi-agent environments are gaining critical importance. Current autonomous systems in space primarily rely on optimization-based path planning or long-range orbital maneuvers, which have not yet proven effective in adversarial scenarios where one satellite is actively pursuing another. The authors introduce Divergent Adversarial Reinforcement Learning (DARL), a two-stage Multi-Agent Reinforcement Learning (MARL) approach designed to train autonomous evasion strategies for satellites engaged with multiple adversarial spacecraft. This method enhances exploration during training by promoting diverse adversarial strategies, leading to more robust and adaptable evader models. The authors validate DARL through a cat-and-mouse satellite scenario, modeled as a partially observable multi-agent capture-the-flag game, where two adversarial ‘“cat’” spacecraft pursue a single ‘“mouse’” evader. DARL’s performance is compared against several benchmarks, including an optimization-based satellite-path planner, demonstrating its ability to produce highly robust models for adversarial multi-agent space environments.
Operationalisation of industry best practices in SSE standardisation for space mission systems
Journal of Space Safety Engineering · 2025 · cited 0 · doi.org/10.1016/j.jsse.2025.08.009
On the Role of Communications for Space Domain Awareness
Journal of Aerospace Information Systems · 2025 · cited 3 · doi.org/10.2514/1.i011629
Space domain awareness (SDA) has become increasingly important due to the rapid growth of commercial space activities and the expansion of New Space. This paper examines the need for transitioning from centralized to distributed SDA architectures, highlighting the limitations of traditional centralized systems in scaling with increasing satellite nodes. The analysis demonstrates that centralized architectures, which rely on individual downhaul, struggle to maintain efficiency as the number of satellites grows. In contrast, distributed architectures offer enhanced scalability, coverage, and resilience by processing data on orbit. Specifically, a low Earth orbit constellation capable of performing data analysis and response formulation on orbit can reduce routing times from 60 to 9 ms, providing an order-of-magnitude improvement in performance. The study applies this analysis to Starlink, OneWeb, Planet Labs, and Jilin constellations, demonstrating the advantages of distributed approaches across diverse satellite systems. This paper also discusses the tradeoffs between centralized and distributed architectures and provides key considerations for selecting the most appropriate approach for scalable and resilient SDA systems.
Ad-Hoc Satcom Mega-Constellations through Heterogeneous Network Smart Contracting
This paper introduces the Hybrid Submarine/Space Architecture to Ensure the Information Security of Telecommunications (HEIST), a system leveraging distributed ledger technology to securely reroute disrupted undersea cable communications to satellite networks. HEIST’s components enable the integration of ground and satellite heterogeneous networks into an ad-hoc and on-demand broadband mega-constellation, maximizing the non-terrestrial rerouting bandwidth to reduce the impact of failures on service quality and availability in submarine fiber optic networks.
High-Altitude Platform Station Systems Cybersecurity Analysis
Journal of Aerospace Information Systems · 2025 · cited 1 · doi.org/10.2514/1.i011583
This paper examines cybersecurity threats in high-altitude platform station (HAPS) systems through reference architecture and attack tree methods. Given the rising commercial and military interest in these systems to enable next-generation 6G and hybrid telecommunication architectures, the threat of cyber and electronic attacks is increasing. The study focuses on providing the complete reference architecture of an aerostatic HAPS system equipped with a hybrid free-space optical and radio frequency transponder payload to be employed as a node of a nonterrestrial network. This study investigates potential attack vectors across various subsystems by coupling the attack tree methodology with the attack surface mapping derived from the reference architecture. Recommendations for mitigating cyberthreats and a secure-by-design approach are proposed to enhance the safety of future HAPS systems.
I Can Hear You Coming: RF Sensing for Uncooperative Satellite Evasion
arXiv (Cornell University) · 2025 · cited 0 · doi.org/10.48550/arxiv.2504.03983
This work presents a novel method for leveraging intercepted Radio Frequency (RF) signals to inform a constrained Reinforcement Learning (RL) policy for robust control of a satellite operating in contested environments. Uncooperative satellite engagements with nation-state actors prompts the need for enhanced maneuverability and agility on-orbit. However, robust, autonomous and rapid adversary avoidance capabilities for the space environment is seldom studied. Further, the capability constrained nature of many space vehicles does not afford robust space situational awareness capabilities that can be used for well informed maneuvering. We present a "Cat &amp; Mouse" system for training optimal adversary avoidance algorithms using RL. We propose the novel approach of utilizing intercepted radio frequency communication and dynamic spacecraft state as multi-modal input that could inform paths for a mouse to outmaneuver the cat satellite. Given the current ubiquitous use of RF communications, our proposed system can be applicable to a diverse array of satellites. In addition to providing a comprehensive framework for training and implementing a constrained RL policy capable of providing control for robust adversary avoidance, we also explore several optimization based methods for adversarial avoidance. These methods were then tested on real-world data obtained from the Space Surveillance Network (SSN) to analyze the benefits and limitations of different avoidance methods.
Space Cybersecurity Incident Response Framework: A Viasat Case Study
The restoration of space systems following failures has historically been precipitated by natural phenomena such as geomagnetic storms or unintentional software malfunctions and hardware issues. However, the advent of intentional cyber-attacks targeting space systems heralds a new era of incident response. This paper presents a first-hand account of the incident response to the February 2022 cyberattack on Viasat's KA-SAT network, which coincided with the Russian invasion of Ukraine. Lessons learned are highlighted and integrated into a proposed incident response framework for space system service providers.
Testable Cyber Requirements for Space Flight Software
As space missions grow in complexity, the cybersecurity threat landscape expands, necessitating a shift toward secure-by-design flight software (FSW). Traditional development prioritizes functionality over security, leaving systems vulnerable to attack. This paper introduces a novel methodology for developing cyber-resilient FSW with a secure-by-component architecture. By incorporating key resilience principles—segmentation, adaptive response, redundancy, and substantiated integrity—our approach addresses critical security needs early in development, minimizing attack surfaces without sacrificing performance. Leveraging NIST systems security guidelines and tailored cyber resilience techniques, we apply this methodology to a notional spacecraft's Command and Data Handling (C&DH) subsystem. Through attack surface analysis and threat modeling, we derive specific cybersecurity requirements to enhance resilience. Key mechanisms, such as real-time monitoring, cryptographic enforcement, memory-safe programming, and zero-trust communication, are embedded to mitigate vulnerabilities from external threats and internal faults. This work advances space cybersecurity by offering a scalable, secure-by-design approach to FSW. Future efforts will extend this methodology to formal verification and autonomous systems, ensuring space operations remain secure against evolving adversarial tactics.
Adaptive Detection of On-Orbit Jamming for Securing GEO Satellite Links
This paper introduces a scenario where a maneuverable satellite in geostationary orbit (GEO) conducts on-orbit attacks, targeting communication between a GEO satellite and a ground station, with the ability to switch between stationary and time-variant jamming modes. We propose a machine learning-based detection approach, employing the random forest algorithm with principal component analysis (PCA) to enhance detection accuracy in the stationary model. At the same time, an adaptive threshold-based technique is implemented for the time-variant model to detect dynamic jamming events effectively. Our methodology emphasizes the need for the use of orbital dynamics in integrating physical constraints from satellite dynamics to improve model robustness and detection accuracy. Simulation results highlight the effectiveness of PCA in enhancing the performance of the stationary model, while the adaptive thresholding method achieves high accuracy in detecting jamming in the time-variant scenario. This approach provides a robust solution for mitigating the evolving threats to satellite communication in GEO environments.
Correction: A Meta-Analysis of Radio Frequency Interactions in the Ionosphere and Near-Earth Space
· 2025 · cited 0 · doi.org/10.2514/6.2025-1604.c1
Star Tracker Attacks and Defenses
· 2025 · cited 0 · doi.org/10.2514/6.2025-2721
Spacecraft attitude determination and control systems depend heavily on star trackers for precise navigation. While these systems are designed to withstand natural disruptions such as cosmic radiation and stray light, they are poorly equipped to defend against deliberate adversarial interference. This paper examines how malware can compromise the accuracy of star trackers by analyzing potential attack vectors and the implications for spacecraft resilience. By highlighting the need for robust security measures in star tracker design and deployment, this study provides a critical foundation for addressing these challenges and informs future experimental investigations into this emerging threat.
VHF Reconfigurable Intelligent Surfaces for Meteor Burst Communication
· 2025 · cited 0 · doi.org/10.2514/6.2025-2719
Meteor Burst Communication (MBC) utilizes the transient ionized trails left by meteors to reflect Very High Frequency (VHF) signals, enabling long-range, beyond-line-of-sight communication without reliance on terrestrial or satellite infrastructure. Despite its resilience in austere and contested environments, MBC is limited by brief communication windows, low signal-to-noise ratio (SNR), and inconsistent channel availability. Recent advancements in Reconfigurable Intelligent Surfaces (RIS) offer a transformative solution by enabling dynamic control over signal propagation through programmable reflective elements. This paper proposes a novel system architecture that integrates RIS into MBC networks, incorporating real-time adaptive control, optimized deployment strategies, and Monte Carlo simulations to refine RIS placement and operational parameters. Using Systems Tool Kit (STK) modeling, we analyze the impact of RIS on communication reliability, window duration, and data throughput. The findings demonstrate that RIS-augmented MBC can enhance system performance, expanding its applicability for tactical, scientific, and emergency communication in hostile environments.
A Meta-Analysis of Radio Frequency Interactions in the Ionosphere and Near-Earth Space
· 2025 · cited 0 · doi.org/10.2514/6.2025-1604
The ionosphere plays a pivotal role in radio frequency (RF) signal propagation, influencing critical infrastructure and services. This paper presents a comprehensive taxonomy of RF ionospheric and near-Earth space interactions, categorizing them into two primary domains: interactions with natural phenomena and artificial objects. By synthesizing findings from literature, we present a consolidation of key mechanisms, technological implications, and research gaps to serve as a compendium of RF interactions in the ionosphere and near-Earth space.
Withdrawn: QuickSAT/SHERLOCK, an AI Architecture for Vehicle Health Management, Fault Detection and Fault Management
· 2025 · cited 0 · doi.org/10.2514/6.2025-2271
Underwater Cyber Warfare: Submarine Communications Cables Architecture and Cybersecurity Analysis
Proceedings of the ... Annual Hawaii International Conference on System Sciences/Proceedings of the Annual Hawaii International Conference on System Sciences · 2025 · cited 2 · doi.org/10.24251/hicss.2025.233
The fiber-optic submarine communications cables (SCCs) are a critical infrastructure (CI) forming the cyber backbone of governments, economies, and security organizations. These networks are prone to cyber attacks that can compromise the availability, confidentiality, and integrity of civilian and military networks across the globe. This paper analyzes the cyber attack surface of SCCs, identifying vulnerabilities and single points of failure. Using the Svalbard Undersea Cable System as a case study, this study provides an attack analysis for several network nodes and shows the repercussions on interconnected CIs. Finally, it provides technical and policy recommendations to address current vulnerabilities in the SCC sector and SCC-dependent CIs.
An On-Orbit Data Marketplace for Distributed Space Domain Awareness
IEEE Access · 2025 · cited 2 · doi.org/10.1109/access.2025.3547271
Modern space vehicles capture a wealth of sensor data that is in high-demand by a wide range of commercial and nation-state beneficiaries. This data can be used to monitor our planet, monitor space traffic and manage collision avoidance, among other use cases. While there is ongoing investment into cross-linking satellite constellations and building an ‘on-orbit internet’, it remains unclear how the integral requesting and delivery of this data will be facilitated. We propose a distributed marketplace for space domain awareness that engages smart contracts and a distributed ledger to manage the engagement of satellites across an untrusted ecosystem. Furthermore, this work implements a simulated on-orbit marketplace consisting of independent nodes able to efficiently and securely exchange data and services under a series of representative scenarios. The marketplace software payload was designed to conform to the power and compute constraints of a modern space vehicle while implementing secure smart contracting and format-preserving validation techniques, demonstrating the practical viability of the on-orbit marketplace as a concept.
Securing Heterogeneous Network (HetNet) Communications for Wildfire Management: Mitigating the Effects of Adversarial and Environmental Threats
IEEE Journal of Radio Frequency Identification · 2025 · cited 1 · doi.org/10.1109/jrfid.2025.3601843
In the face of adverse environmental conditions and cyber threats, robust communication systems for critical applications such as wildfire management and detection demand secure and resilient architectures. This paper presents a novel framework that considers both adversarial factors, building resilience into a heterogeneous network (HetNet) integrating Low Earth Orbit (LEO) satellite constellation with High-Altitude Platform Ground Stations (HAPGS) and Low-Altitude Platforms (LAPS), tailored to support wildfire management operations. Building upon our previous work on secure-by-component approach for link segment security, we extend protection to the communication layer by securing both Radio Frequency (RF)/Free Space Optics (FSO) management and different links. Through a case study, we quantify how environmental stressors impact secrecy capacity and expose the system to passive adversaries. Key findings demonstrate that atmospheric attenuation and beam misalignment can notably degrade secrecy capacity across both short-and long-range communication links, while high-altitude eavesdroppers face less signal degradation, increasing their interception capability. Moreover, increasing transmit power to counter environmental losses can inadvertently improve eavesdropper reception, thereby reducing overall link confidentiality. Our work not only highlights the importance of protecting networks from these dual threats but also aligns with the IEEE P3536 Standard for Space System Cybersecurity Design, ensuring resilience and the prevention of mission failures.
Hybrid Space and Submarine Architecture to Ensure Information Security of Telecommunications (HEIST)
IEEE Access · 2025 · cited 1 · doi.org/10.1109/access.2025.3631359
Undersea communication cables (UCCs) are critical for global connectivity but remain vulnerable to physical and cyber threats. This paper presents insights from the NATO Science for Peace and Security Project: Hybrid Space and Submarine Architecture to Ensure Information Security of Telecommunications (HEIST) , a system designed to enhance the redundancy and resilience of UCCs. The proposed architecture aims to efficiently reroute data from submarine cables to satellite networks upon detection of threats via enhanced subsea sensing and monitoring. We discuss the components, including secure communication links, real-time situational awareness, and smart contracting for automated routing of compromised UCC communications. We demonstrate the operational capabilities of HEIST in mitigating disruptions through a simulation environment. The architecture indicates improved robustness to accidental or malicious attacks against submarine cables, reinforcing the strategic importance of hybrid multi-domain networks for resilient telecommunications. As such, the HEIST provides a blueprint for a future robust and resilient backbone for the internet.
The MAGPIE: Satellite Autonomy for Uncooperative Environments
Proceedings of the ... Annual Hawaii International Conference on System Sciences/Proceedings of the Annual Hawaii International Conference on System Sciences · 2025 · cited 0 · doi.org/10.24251/hicss.2025.870
As the space industry continues to grow, satellites are increasingly encountering non-cooperative environments. Such scenarios require edge-based autonomy to react to adversarial spacecraft in the complex 6 degree of freedom (DOF) environment. We present the MAGPIE (Multi Agent Generative Path planning for Intelligent Evasion), an autonomous system designed to be run on the edge specifically for satellites performing in non-cooperative 6DOF environments. In this paper, we describe the edge-based system architecture which entails a sensing suite, on-board computer, and custom software for planning and data fusion. We also discuss the constraints of satellite systems and how they are accounted for in the design of the architecture. In addition, we provide a framework for implementing the system on a quadcopter as a hardware test-bed, and present our results gathered from initial testing.
A Software Defined Networking Architecture for Time Triggered Ethernet in Space Systems
This paper examines the integration of Software-Defined Networking (SDN) with Time-Triggered Ethernet (TTE) for spacecraft bus networks, focusing on addressing the challenges and limitations of current network architectures. TTE, widely used in aerospace for its deterministic traffic handling, is complemented by SDN’s flexibility in dynamic network reconfiguration and real-time control. This integration has the potential to significantly reduce network complexity and improve modularity, fault tolerance, and real-time monitoring. However, challenges such as increased attack surfaces, the need for hardware updates, and the risks to system reliability from SDN’s centralized control introduce trade-offs that must be carefully managed. We review current research on SDN in real-time networks and propose approaches to effectively integrate SDN with TTE, enhancing spacecraft network security and adaptability while preserving its deterministic performance.
Securing Satellite Link Segment: A Secure-by-Component Design
The rapid evolution of communication technologies, compounded by recent geopolitical events such as the Viasat cyberattack in February 2022, has highlighted the urgent need for fast and reliable satellite missions for military and civil security operations. Consequently, this paper examines two Earth observation (EO) missions: one utilizing a single low Earth orbit (LEO) satellite and another through a network of LEO satellites, employing a secure-by-component design strategy. This approach begins by defining the scope of technical security engineering, decomposing the system into components and data flows, and enumerating attack surfaces. Then it proceeds by identifying threats to low-level components, applying secure-by-design principles, redesigning components into secure blocks in alignment with the Space Attack Research & Tactic Analysis (SPARTA) framework, and crafting SHALL statements to refactor the system design, with a particular focus on improving the security of the link segment.
Adaptive Detection of On-Orbit Jamming for Securing GEO Satellite Links
arXiv (Cornell University) · 2024 · cited 0 · doi.org/10.48550/arxiv.2411.16588
This paper introduces a scenario where a maneuverable satellite in geostationary orbit (GEO) conducts on-orbit attacks, targeting communication between a GEO satellite and a ground station, with the ability to switch between stationary and time-variant jamming modes. We propose a machine learning-based detection approach, employing the random forest algorithm with principal component analysis (PCA) to enhance detection accuracy in the stationary model. At the same time, an adaptive threshold-based technique is implemented for the time-variant model to detect dynamic jamming events effectively. Our methodology emphasizes the need for the use of orbital dynamics in integrating physical constraints from satellite dynamics to improve model robustness and detection accuracy. Simulation results highlight the effectiveness of PCA in enhancing the performance of the stationary model, while the adaptive thresholding method achieves high accuracy in detecting jamming in the time-variant scenario. This approach provides a robust solution for mitigating the evolving threats to satellite communication in GEO environments.
Securing Satellite Link Segment: A Secure-by-Component Design
arXiv (Cornell University) · 2024 · cited 0 · doi.org/10.48550/arxiv.2411.12632
The rapid evolution of communication technologies, compounded by recent geopolitical events such as the Viasat cyberattack in February 2022, has highlighted the urgent need for fast and reliable satellite missions for military and civil security operations. Consequently, this paper examines two Earth observation (EO) missions: one utilizing a single low Earth orbit (LEO) satellite and another through a network of LEO satellites, employing a secure-by-component design strategy. This approach begins by defining the scope of technical security engineering, decomposing the system into components and data flows, and enumerating attack surfaces. Then it proceeds by identifying threats to low-level components, applying secure-by-design principles, redesigning components into secure blocks in alignment with the Space Attack Research &amp; Tactic Analysis (SPARTA) framework, and crafting shall statements to refactor the system design, with a particular focus on improving the security of the link segment.
Reinforcement Learning for Cognitive Detection and Characterization of Advanced Aerospace Vehicles
· 2024 · cited 0 · doi.org/10.2514/6.2024-3734
The detection and characterization of advanced aerospace vehicles (AAVs) that exhibit novel signatures and deviate from conventional profiles pose significant challenges for traditional air domain awareness systems, which rely on static detection and classification methods. Reinforcement learning (RL) has shown promise in developing cognitive air domain awareness systems capable of adapting to novel aircraft attempting to evade detection. By applying RL, radar systems can potentially learn optimal strategies for detecting and characterizing anomalous AAVs, continually optimizing their approach with each engagement and potentially discovering new detection and characterization methods. This paper examines the application of RL and generative adversarial networks (GANs) to facilitate adaptive, intelligent detection and characterization of AAVs, independent of pre-defined signatures or pre-existing training sets. We propose an RL-based framework that leverages adaptive detection and tracking, feature learning, sensor fusion, and transfer learning techniques to iteratively learn to detect and track AAVs from sensor data, even when their signatures deviate from known profiles.
Minimum Requirements for Space System Cybersecurity - Ensuring Cyber Access to Space
Space systems are continuously under cyber attack. Minimum cybersecurity design requirements are necessary to preserve our access to space. This paper proposes a scalable, extensible method for developing minimum cyber design principles and subsequent requirements for a space system based on any given mission priority. To test our methodology, we selected the fundamental mission priority of preserving access to space by preventing the permanent loss of control of a satellite. We then generate the minimum number of secure-by-design principles that can collectively prevent the permanent loss of control of a satellite and translate these into example minimum requirement ‘shall’ statements. Our proposed minimum requirements methodology and example can serve as a starting point for policymakers aiming to establish security requirements for the sector. Further, our methodology for establishing minimum requirements will be engaged for prioritizing the efforts of the emergent IEEE International Technical Standard for Space Cybersecurity (Working Group P3349).
Attack Surface Analysis for Spacecraft Flight Software
We propose a method for enhancing cybersecurity in spacecraft operations by analyzing and reducing the attack surface of flight software. We advocate for reducing complexity in the software architecture and adopting more secure architectural principles to mitigate vulnerabilities and make spacecraft more resilient against cyber attacks. By utilizing a systematic approach, we scrutinize key areas, such as the real-time operating system (RTOS) and operating system abstraction layer (OSAL), and develop mitigations for issues we find. This study's findings suggest strategies for simplifying abstractions to make them more secure, addressing implementation issues, and providing supporting evidence for moving to a more resilient architectural approach.
Emerging Threats of AI-Integration in Space User Segment: A Reference Architecture and Attack Tree Analysis
As the space sector expands with new types of satellites, orbital systems and services, the user segment faces escalating security threats. This segment delivers crucial services for enabling interactions between users and space systems, highlighting the need for strong security mechanisms as attack surfaces widen and become more sophisticated. In particular, the adoption of artificial intelligence (AI) in the space domain brings new attack vectors that traditional methods cannot address. To systematically analyse this emerging threat landscape, this paper develops a reference architecture to model the user segment's components, communications and processes. We specifically assess the AI-impact on attack surface by constructing attack trees for Earth Observation scenarios with and without AI integration, using dedicated space and AI threat modeling frameworks (i.e., SPARTA and ATLAS). By comparing threats and impacts between these attack trees, we determine the unique security challenges introduced by exploiting AI. These insights contribute priorities for security strategies to defend against evolving AI-driven threats, as well as specify the caveats of AI-integration in the space user segment.
An Autonomous Satellite Collision Avoidance and Adversary Evasion Path Planning Algorithm for the Space Environment
There have been numerous different proposed path planning algorithms capable of computing obstacle avoidance paths for autonomous vehicles. However, methods often fall short for path planning in six degrees of freedom (6dof) and dynamic environments such as those encountered by spacecraft in orbit. This article proposes the novel Enumerated Vectors for Autonomy in Dynamic Environments (EVADE) method - strongly influenced by the Vector Field Histogram (VFH) algorithm - which generates a desired path in 6dof environments for autonomous obstacle or adversary avoidance for space vehicles. EVADE's method of state representation converts large point cloud data sets obtained from LiDAR sensors into a series of Gaussian distributions which are stored in a 3D polar grid. EVADE's representation allows for a seamless analysis of the surrounding state in 3 dimensions, as well as propagation of obstacle states in environments with dynamic obstacles. EVADE is also performant in scenarios with intelligent dynamic obstacles that intentionally and continuously interfere with the planned path. In result, EVADE is capable of providing complex 3D spline paths to inform a space vehicle's guidance, navigation and control system while using minimal compute to enable edge-based avoidance maneuvers.
On the Role of Communications for Space Domain Awareness
arXiv (Cornell University) · 2024 · cited 1 · doi.org/10.48550/arxiv.2406.05582
Space Domain Awareness (SDA) has become increasingly vital with the rapid growth of commercial space activities and the expansion of New Space. This paper stresses the necessity of transitioning from centralized to distributed SDA architectures. The current architecture predominantly relies on individual downhaul, which we propose to transition to on-orbit distribution. Our results demonstrate that the individual downhaul architecture does not scale efficiently with the increasing number of nodes, while on-orbit distribution offers significant improvements. By comparing the centralized architecture with the proposed distributed architecture, we highlight the advantages of enhanced coverage and resilience. Our findings show that on-orbit distribution greatly outperforms individual downhaul in terms of latency and scalability. Specifically, the latency results for on-orbit distribution are substantially lower and more consistent, even as the number of satellites increases. In addition, we address the inherent challenges associated with on-orbit distribution architecture, particularly cybersecurity concerns. We focus on link security to ensure the availability and integrity of data transmission in these advanced SDA systems. Future expectations include further refinement of on-orbit distribution strategies and the development of robust cybersecurity measures to support the scalability and resilience of SDA systems.