Nexova identifies critical cybersecurity risks in space manufacturing

• Nexova publishes report on spacecraft manufacturing, identifying potential critical risks from cyber threats and vulnerabilities

• The Protect and Allow Exchange of Manufacturing Data (PAEMD) report highlights key risks and provides guidelines for industry to improve its security posture

• The PAEMD project has also developed a demonstrator that can be used to provide training on cyber risks and awareness of security solutions.

A report published today as part of the PAEMD project, undertaken by Nexova for the European Space Agency - ESA, has helped expose critical cybersecurity risks in spacecraft manufacturing, assembly, integration and testing (MAIT). These risks arise from the digital transformation being undertaken to reduce MAIT costs and time, due to sensitive data being sent over greater distances, within and across national and organisational boundaries, and the growing number of sensors and Internet of Things devices being used within MAIT processes. Increasingly complex digital supply chains are adding to the overall risk.

The 18-month study, which was part of the PAEMD project, carried out risk assessments of a selection of space MAIT processes. The team, led by Nexova, with partners SABCA and Laborelec, then designed and developed a demonstrator to simulate selected infrastructures, processes, attacker behaviours and control measures.

Changes in MAIT, such as moves to the cloud and distributed manufacturing, are happening in parallel with an evolving cyber threat landscape, posing operational risks to aspects such as product integrity, intellectual property and operational safety. The space sector is becoming a focus for threat actors seeking to gain commercial advantage, destabilise organisations or nations, or steal data. In response, the report identifies key cyber risks and provides guidance for industry, including measures such as applying a risk-based approach to security, information handling and classification, and signposts established security frameworks and relevant standards.

The report also provides analysis of the potential offered by innovative security measures including zero-knowledge protocols, secure multi-party computations and fully homomorphic encryption.

Haim Mahlev, PhD, Operations Director at Nexova, said: “Changes in spacecraft manufacturing are necessary to match the positioning of space as a strategic domain for Europe. However, this PAEMD report identifies that there are critical cybersecurity risks associated with the evolution in MAIT for space. Data shows that attacks on industrial infrastructures have increased significantly, so the guidance provided by this report is timely and deserves special attention by all those in spacecraft manufacturing supply chains.”

After the conclusion of the project, Nexova will use the demonstrator to provide industry awareness training, leveraging the company’s heritage in cybersecurity risk assessment and management, and training.

Further information

To receive a copy of the PAEMD summary report ‘Cybersecurity to Protect and Allow Exchange of Manufacturing Data’, pleas email [email protected].

PAEMD is an 18-month project funded by ESA’s Directorate of Technology, Engineering and Quality under the General Support Technology Programme (GSTP).