Protecting assets and operations of the European Space Agency’s (ESA) and other ESA member states’ space stakeholders from emerging cyber threats in the space domain, monitoring and managing the vulnerabilities, reinforcing the cyber protection of ground and space assets, and enhancing the security of ESA member states and partners: these are the goals of ESA’s Cyber-Security Operations Centre (C-SOC), which sees Leonardo as prime contractor leading a team of nineteen European companies to build the centre, a key infrastructure for Europe’s economy and security.

Providing security for a country today means expanding the traditional Defence concept towards a global security approach, which also includes the production and use of data, cyber security, Space control, and the security of critical infrastructures.

The C-SOC, the first centre in Europe that enables the identification and analysis of attacks aimed at the IT components of ESA’s digital infrastructure and OT assets within missions, on the Ground and Space segments, operates in this context.

The C-SOC employs advanced functions to ensure prevention, protection, deception and analysis of cyber-attacks of Space assets, enabled by Leonardo’s Cyber Threat Intelligence platform and other state-of-the-art components integrated into the system, including automated capabilities and prepared for the possible extensive use of artificial intelligence.

The centre operates in a complex scenario, which may involve malicious actors with different criminal objectives, for-profit or geared to attack the critical infrastructure of an adversary country in a conflict scenario. Criminal actions may involve direct attacks, with attempts to target space assets directly, or exploit vulnerabilities in systems and networks outside them.

Active since May 2, the C-SOC was presented on May 24 to EU and NATO representatives visiting the ESA/ESEC (European Space Security and Education Centre) headquarters in Redu (Belgium). During the event, the C-SOC’s distinctive elements in the cyber threat scenario were described, for the different segments of the Space sector.

In particular, three operational scenarios were demonstrated that highlighted the C-SOC’s capability to identify illicit actions and activate the appropriate response and mitigation activities, guaranteeing the adoption of the most correct and effective management procedure for each type of incident: an attack on the ground segment, with the attempt of hijacking a satellite by compromising a supply chain device; an attack on the Space Segment, where a satellite is directly targeted by a malicious actor, through a malicious action launched from one of its “Rogue” Ground Stations; the capabilities of the C-SOC Portable Operational Platform (C-POP), which make the services and functionalities of the C-SOC available to stakeholders, guaranteeing secure operations and data confidentiality.

A distinctive feature of the C-SOC is its resilience, which ensures the ability to continue providing the service, and thus the protection of monitored elements, even in the event of a complete unavailability of the primary system in ESA/ESEC.
Subscribe to the FINN weekly newsletter

You may also be interested in

Eurocontrol invests to tackle threat of cyber attacks

Hughes unveils revolutionary commercial aviation LEO ESA at AIX

Airbus awarded next stage of ESA’s TRUTHS mission