U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST IR 8270 (2nd Public Draft)

Introduction to Cybersecurity for Commercial Satellite Operations

Date Published: February 25, 2022
Comments Due: April 8, 2022 (public comment period is CLOSED)
Email Questions to: DraftIR8270Comments@nist.gov

Author(s)

Matthew Scholl (NIST), Theresa Suloway (MITRE)

Announcement

Space operations are vital to advancing the security, economic prosperity, and scientific knowledge of the Nation. However, cyber-related threats to space assets and their supporting infrastructure pose increasing risks to the economic promise of emerging markets in space. This second draft of NISTIR 8270, Introduction to Cybersecurity for Commercial Satellite Operations, presents a specific method for applying the Cybersecurity Framework (CSF) to commercial space business and describes an abstracted set of cybersecurity outcomes, requirements, and suggested controls.

The draft also:

  • Clarifies scope with an emphasis on the satellite itself,
  • Updates examples for clarity,
  • Adds more detailed steps for developing a current and target profile and risk analysis, and
  • Provides references for relevant regulations around commercial space.

Reviewers are asked to provide feedback on additional threat models that might help in the development of organization profiles, informative references on the application of security controls to satellites, and standards or informative references that might benefit all readers.

NOTE: A call for patent claims is included on page iii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

Abstract

Keywords

commercial space satellite operations; cybersecurity; cybersecurity risk management; risk management
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.IR.8270-draft2
Download URL

Supplemental Material:
None available

Document History:
06/29/21: IR 8270 (Draft)
02/25/22: IR 8270 (Draft)

Topics

Security and Privacy

risk management

Applications

positioning navigation & timing

Sectors

telecommunications