Charter Space, a software startup founded in 2021, has begun beta testing its software platform Ubik, which is a space systems program management platform. Ubik’s purpose is to help engineering teams manage the development of space missions efficiently throughout a program’s lifecycle. Several organizations, including select teams at NASA’s Jet Propulsion Laboratory, are currently testing the platform. Co-founder and CEO Yuk Chi Chan stated that Charter has been in design pilots with the organizations for several months, and they have each recently been given the ability to import real-world data and support real-world missions using Ubik. The central benefit of the tool is for organizations to warehouse all their data in a single environment so that everyone is “looking at the same screen.” Charter is targeting potential partners who have near-term, fast-paced missions in order to provide Charter with the forward pressure needed to gather useful user feedback and accelerate their full delivery to market. They plan to expand their beta testing program later this year. Current users are reporting a significant increase mission design and management capabilities, seeing Ubik as an excellent product with the potential to enable innovative projects.
From a cybersecurity perspective, while Ubik appears to be a promising tool for space systems engineering and mission management, there are risks involved not only to future space missions, but also to the organizations themselves. The nature of it being a collaborative platform increases the potential threats to the confidentiality, integrity, and availability of an organization’s data. Charter has advertised Ubik as being web-based and capable of supporting commercial cloud and on-prem deployment. Centralizing all of a mission’s data increases the impact of an intrusion because anyone who obtains privileged access can retrieve all the data they want. This can result in data leaks where sensitive mission details are exposed or used maliciously. Insider threats would be a significant concern given that everyone in the organization is “looking at the same screen” as they stated, so it is implied that there is a lack of zero-trust user access management. Data pertaining to any aspect of the mission can also be manipulated, damaging the integrity of the systems development lifecycle and potentially operations. Data manipulation could also impact customer relationships if a space systems manufacturer loses a space mission organization’s data. A breach or targeted attack may also result in a denial of service where the organization temporarily loses access to their data, potentially impacting mission timelines. Additionally, mission-critical information could potentially be exfiltrated and leveraged for future attacks against an active mission or satellite. This could lead to an adversary disrupting satellite operations post-deployment. Charter and their customers will need to follow best practices in ensuring the platform remains updated and that user access is tightly controlled. This is critical especially that Charter’s partners are now able to manage real-world data and missions even during the beta test. System monitoring and audits are important detective controls to determine whether centrally stored data is compromised. Network security controls would be needed to prevent interception, eavesdropping, and even session hijacking and phishing, given that Ubik is web-based.
Werner, Debra. “Charter Begins Beta Testing Software Platform.” SpaceNews, 4 Oct. 2024, https://spacenews.com/charter-begins-beta-testing-software-platform/.