EMSEC

Satellites are the backbone of mission-critical services that enable our modern society to function, for example, GPS. For years, satellites were assumed to be secure because of their indecipherable architectures and the reliance on security by obscurity. However, technological advancements have made these assumptions obsolete, paving the way for potential attacks. Unfortunately, there is no way to collect data on satellite adversarial techniques, hindering the generation of intelligence that leads to the development of countermeasures. In this paper, we present HoneySat, the first high-interaction satellite honeypot framework, capable of convincingly simulating a real-world CubeSat, a type of Small Satellite (SmallSat). To provide evidence of HoneySat’s effectiveness, we surveyed SmallSat operators and deployed HoneySat over the Internet. Our results show that 90% of satellite operators agreed that HoneySat provides a realistic simulation. Additionally, HoneySat successfully deceived adversaries in the wild and collected 22 real-world adversarial interactions. Finally, we performed a hardware-in-the-loop operation where HoneySat successfully communicated with an in-orbit, operational SmallSat mission.

Over-the-Air (OTA) software updates are essential for satellite security and reliability, yet limited uplink bandwidth and communication windows make them challenging. This work performs the first comparative analysis of bsdiff4, bsdiff6, bsdiff-ra, and HDiffPatch on a dataset representative of satellite software stacks, reconstructing a bsdiff6 implementation to enable bandwidth-efficient OTA updates.