New Space Partnerships and Cybersecurity Implications


The New Space Economy is an exciting yet challenging place to establish success and momentum as a new startup. One of the toolkits that startups may employ is to partner with other startups, in order to accomplish a variety of strategic objectives. These objectives could include sharing R&D costs or positioning as a combined customer solution. I read an article this week that relates to the latter option for strategic partnerships, which I think has some important cybersecurity implications.

The article discusses the strategic partnership established between a collision avoidance software startup and a pay-as-you-go propulsion hardware startup. The idea is that a customer could install a low-mass and cheap propulsion hardware onto their host satellite, and only pay for the fuel used in actual maneuvers. The collision avoidance software would detect and trigger a maneuver on the hardware side, in cases where the host satellite may be facing a potential collision. All in all, the customer gets an integrated complete hardware and software solution.

The partnership makes strategic sense. However, if not managed carefully, there could be some cybersecurity implications for the host satellite and customer. By adding separate software and hardware layers onto the satellite, the host could face at least two additional vulnerable points for attack. For example, an attacker could take command on the software side to trigger false maneuvers. Or, an attacker could implement a supply chain attack on the hardware side, planting a future option for exploitation. As discussed in class, a space system already has multiple entry points for attacks, including the spacecraft, the link, and the ground station. These strategic partnerships could add multiple entry points, especially when partnerships are formed by individual entities.