Abstract The rapid advancement of satellite technologies driven by miniaturization, automation, and cost-effective manufacturing has a significant impact on the role of satellite systems in critical infrastructure and global communications. However, this expansion accompanies a growing array of security threats, particularly at the application layer of satellite communication protocols such as the CCSDS (Consultative Committee for Space Data Systems) File Delivery Protocol (CFDP). This paper proposes a novel security architecture that integrates a hybrid cryptographic framework combining Advanced Encryption Standard and Elliptic Curve Cryptography within CFDP. This integration ensures end-to-end confidentiality, integrity, and authentication of file transfers between satellites and ground stations. In doing so, the paper addresses emerging vulnerabilities in current security architectures. The proposed design further enhances system resilience through GPS-based time synchronization and a dual-band UHF/S-band communication strategy. A comprehensive threat modeling analysis using the STRIDE framework systematically identifies and mitigates risks such as spoofing, tampering, repudiation, information disclosure, and elevation of privileges. Comparative evaluations demonstrate the robustness of the proposed architecture in countering cyber intrusions and safeguarding application-layer data integrity, while also highlighting persistent challenges related to physical-layer attacks such as jamming. The results establish a robust, multi-layered security framework adapted to the specific operational constraints of modern satellite systems, offering valuable insights for future research aimed at strengthening the cybersecurity posture of space-based networks.
Belali et al. (Thu,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: