Workshop on the Security of Space and Satellite Systems (SpaceSec) 2026 Program

Machine learning (ML) is increasingly embedded in satellite systems, supporting both operational tasks and payload services. While ML provides greater efficiency and autonomy, it also exposes satellite systems to a new class of vulnerabilities known as adversarial ML (AML). Although AML threats have been studied extensively in other domains, their impact on satellite systems, which operate with limited power and computing resources and under latency-critical conditions, remains unexplored. This paper presents a structured risk assessment of AML threats to satellite ML applications. We review common types of cyber threats and AML techniques, providing clear definitions of AML categories and their relevance to satellite ML applications. We then map these threats to satellite operations and payloads, constructing a domain-specific framework that categorizes how adversarial attacks manifest under space conditions. Leveraging this framework, we apply a risk assessment methodology to evaluate the feasibility of attacks and their potential impact on missions. Our findings show that tasks such as anti-jamming control and telemetry-based fault detection are especially vulnerable, with integrity-focused attacks posing the most significant risk to the evaluated applications. In contrast, privacy-focused threats such as membership inference pose less risk in practice. We also suggest mitigation strategies tailored to space, including adversarial training, resilient data pipelines, and runtime monitoring. The results of our risk assessment highlight the need for further research aimed at strengthening ML security in aerospace environments and provide a foundation for the deployment of trustworthy ML in space missions.

Ransomware has yet to reach orbit, but the conditions for such an attack already exist. This paper presents the first game-theoretic framework for modeling ransomware against satellites: the orbital escalation game. In this model, the attacker escalates ransom demands across orbital passes, while the defender chooses their best strategy, e.g., attempt a restore procedure. Using dynamic programming, we solve the defender’s optimal strategy and the attacker’s expected payoff under real orbital constraints. Additionally, we provide a GPS III satellite case study that demonstrates how our orbital escalation game can be applied in the context of a fictional but feasible ransomware attack to derive the best strategies at every step. In conclusion, this foundational model offers satellite owners, policy makers and researchers, a formal framework to better prepare their responses when a spacecraft is held for ransom.

Satellite systems enable many capabilities for their users, such as high-speed, low-latency communications, weather forecasting, geographic imaging, and defense applications. As customers increase their reliance on this critical infrastructure, the risk of attack only increases, particularly from highly-resourced adversaries. However, in this work, we demonstrate that common existing space system software platforms are poorly equipped to handle malicious satellite peripherals. Using NASA’s popular open source core Flight System software (cFS), we show that with current satellite software and industry-standard reliability techniques, a system designer will inevitably confront a dilemma: Either the system deploys countermeasures against malicious components and suffers degraded nominal performance, or the system cannot survive malicious components. We conclude by proposing challenges and considerations towards resolving this dilemma.

Satellite systems provide crucial services for the modern world, including global position, navigation, and timing as well as world-wide communication, earth imaging for weather forecasting, and a host of other functions. Due to the critical nature of these services and their increasing importance, satellites are increasingly targeted by attackers, including both criminals and nation-state actors. Unfortunately, the software controlling these satellites has not been designed with security in mind due to the assumption that access is difficult. With the increasing commodification of space, that assumption no longer holds, leaving these systems exposed and vulnerable.

In this paper, we share our experience attempting to combine real flight software with a key security technology developed by the security community. In particular, our goal is to run NASA’s core Flight System (cFS) on top of the formally verified seL4 microkernel to eliminate vulnerabilities related to the operating system and provide a strong foundation for satellite software systems. While we were successful at doing so, it required more than a year of effort and the development of a significant set of operating system services beyond the seL4 microkernel. Along the way, we learned some key lessons about flight software and security technologies like seL4.

Satellites’ stable operation relies on anomaly detection (AD), which is used to identify abnormal behavior in onboard systems. However, traditional AD methods struggle to function effectively in the resource-constrained environment of satellites, where energy, memory, and computation are severely limited. This challenge is especially evident in CubeSats, the most widely deployed class of small satellites, where such constraints limit the applicability of conventional AD methods and lead to a degradation in overall performance. We introduce LighTellite, a reinforcement learning-based dual-agent framework that aims to balance AD performance and energy efficiency, in which one agent determines energy budgets, and the other dynamically selects the optimal model among a pretrained pool of AD models (each with different performance and energy characteristics). LighTellite’s dynamic AD model selection enables context-aware adaptation in response to both onboard satellite data and available resources, resulting in an improvement in AD performance while maintaining low energy consumption. Experiments conducted on AegisSat, a state-of-the-art CubeSat testbed, show that our proposed framework improved attack detection rate by 10% while reducing inference energy consumption by 21.8% compared to the best static AD models (in which the same model is used throughout the entire orbit). The code and additional materials are available in the GitHub repository.

Low Earth Orbit (LEO) satellite networks operate under strict latency and reliability constraints, yet require Post-Quantum Cryptography (PQC) to secure them from future threats. The large signature sizes of most PQC algorithms, however, conflict with these network-level constraints. Through comprehensive ns-3 simulations (modeling fragmentation, packet loss, and handovers), this paper demonstrates that network performance, not raw CPU computation, is the dominant factor for PQC in LEO.

We find that PQC certificates exceeding the 1500-byte MTU, like Dilithium (2,588 B), incur IP fragmentation. While aggressive TCP congestion windows might mask the initial latency in ideal conditions, we demonstrate that this multi-packet nature induces a severe reliability penalty regardless of window size. Specifically, fragmentation doubles the exposure to packet loss, increasing the probability of a catastrophic TCP RTO (1,000 ms+) during ‘Rain Fade’ events to 51%, compared to just 30% for the single-packet Falcon (858 B). This results in a massive 100-500% latency penalty in lossy conditions, rendering Dilithium’s 18 μs CPU advantage negligible. Finally, we prove a Full-PQC data verification model is infeasible, creating a 345 ms CPU bottleneck and confirming the necessity of a Hybrid-PQC approach.

We conclude that the Falcon-based hybrid protocol is the only solution that simultaneously avoids both network-level (fragmentation, RTO) and CPU-level (bottleneck) penalties, establishing it as the most practical and robust quantum-resistant solution for future LEO satellite networks.