Spotlight: Closing the security gap in space systems – with Terma | satsearch blog

Log in<br>Cancel

forgot password

Log in

Productsproducts<br>suppliers<br>missions

Spotlight: Closing the security gap in space systems – with Terma<br>SpotlightKartik on Jun 9, 2026<br>Last updated Jun 9, 2026

Kartik Kumar on Jun 9, 2026<br>Last updated Jun 9, 2026<br>Spotlight

This article was developed in collaboration with Terma, a paying participant in the satsearch trusted supplier program. It captures expert insights provided by Andy Armitage, Director of Space Technology & Innovation at Terma, into the critical role of (cyber)security in modern space missions and explores how adopting practical security measures can protect space assets.

Jump to

The ground reality of space cybersecurity

The myth of “Zero Trust” and the danger of complexity

Wearing two hats for space mission design

Hardware constraints and the real physical threat

The “lock-out” threat and embracing standards

Pushing boundaries with end-to-end encryption

Navigating the post-quantum era

AI as the systems engineer’s companion

Recommendations for NewSpace teams

Terma’s solutions for NewSpace

References

Additional resources

The ground reality of space cybersecurity

Historically, legacy system architectures implied a non-ideal baseline for space engineering teams, scattering tens or hundreds of configuration parameters containing passwords and credentials across largely dispersed subsystems. Combined with heavy timeline constraints, these inherently complex system environments pressure space operators to focus on immediate functional viability, leaving comprehensive security hardening as a deferred task.

In a widespread, rapidly-changing threat environment (Fig. 1), legacy models that rely on static boundaries and isolated networks are no longer sufficient. Space systems need to move towards adopting new strategies to meet mission security requirements in a rapidly evolving landscape, a shift recently emphasized by the US Cybersecurity and Infrastructure Security Agency (CISA) [1]. However, translating these concepts into actual engineering practices requires moving past industry buzzwords and confronting the operational realities of space.

Figure 1: Landscape of typical threats encountered by the space community (source).

The financial stakes of ignoring systems vulnerabilities can be massive. Across enterprise environments, the average cost to recover from a disruptive cyber incident has reached $2.5 million [2]. In the space sector, where single hardware assets cost millions of dollars, the financial exposure is significant [3]. A single successful attack on a satellite network, such as the 2022 Viasat KA-SAT incident, can disable tens of thousands of modems and inflict widespread collateral damage on economically linked critical infrastructure [4].

While costs of breach are significant, the true stakes in the space sector are measured in critical functional and operational losses. A successful intrusion does not just threaten a line-item budget; it risks the entire functionality of a constellation or mission. For example, if a sovereign system like Europe’s Galileo navigation network were compromised, the consequence would be a loss of strategic autonomy, which could have much deeper consequences than financial losses.

The myth of “Zero Trust” and the danger of complexity

The cybersecurity industry frequently uses the term “Zero Trust” as a goal for system hardening efforts. From an engineering standpoint, this phrase can be misleading. A complex system can never achieve absolute zero trust because operators must inevitably place trust in certain people, software, and hardware. The real goal is to minimize implicit trust and limit the damage a bad actor or a configuration mistake can cause.

A significant trap during this transition is over-engineering access controls. Take the debate between traditional Role-Based Access Control and the more dynamic Attribute-Based Access Control. While dynamic controls promise condition-based security, an architecture relying on a highly complex set of real-time conditions requires engineers to perfectly analyze every single input and output state, and catalog a vast number of failure modes. If they fail to do so, the complexity itself becomes the source of security vulnerabilities. Foundational literature, such as the National Institute of Standards and Technology’s (NIST) Special Publication on Zero Trust Architecture, highlights that it’s actually the action of minimizing complexity that is critical to a successful implementation [5].

Beyond technology, it’s important to understand that organizations change rapidly. If offboarding an engineer requires navigating convoluted manual processes to revoke access across dozens of distinct subsystems, small administrative errors will accumulate over time. Eventually, an unpatched administrative hole becomes an active exploit.

True security is found in...