SpiderOak, an industry leader in zero-trust space cybersecurity solutions, announced this week that it has successfully demonstrated its next generation OrbitSecure software module on the International Space Station (ISS). OrbitSecure is SpiderOak’s zero trust software-only solution that was designed to demonstrate key modern cybersecurity requirements called for by the White House Office of the National Cyber Director in a report published last February. Designed to operate in extreme edge environments such as space, OrbitSecure is able to secure information flow across disconnected, low-bandwidth, insecure network conditions beyond the frontier of traditional cloud services.
The key to SpiderOak’s successful test is that its OrbitSecure software module was re-written in the programming language Rust. Rust is a modern, memory-safe programming language that features runtime and performance characteristics well-suited to the domains of spaceflight control systems. In addition to Rust, OrbitSecure applies additional protocol validation techniques that ensures OrbitSecure’s protocol perform exactly as designed, eliminating entire categories of vulnerabilities.
Memory safe programming languages, like Rust, were identified in the Biden administration’s national cybersecurity strategy as a key building block in creating software systems that are secure by design. As illustrated by last week’s CrowdStrike outage, one of the largest IT outages in history, it is estimated that memory safety bugs are responsible for up to 70% of the security issues identified in code that is written in memory unsafe languages. Migrating large code bases to memory safe languages has the potential to nearly eliminate all of the prevalent memory safety vulnerabilities.
SpiderOak’s July validation test marks the first formally verified Rust-enabled data security software module operating on a manned space asset. The successful demonstration will hopefully allow low-level cybersecurity design and assurance, once the sole domain of complex service engagements or custom software, to be available to the masses in a commercially available software package.