by Libre Space Foundation (LSF)
For the needs of the REWIRE project, the Libre Space Foundation (LSF) has undertaken the Smart Satellites Use Case. This article will examine the applicability of the REWIRE infrastructure services to the open-source space tech field utilising LSF’s expertise. We will do this by walking the readers through four different scenarios to demonstrate how REWIRE can help facilitate secure software updates for spacecraft applications and services.
Scenario 1: Over-The-Air Update
In the first scenario, the REWIRE infrastructure can securely deliver an Over-The-Air Update of satellite and spacecraft software using SatNOGS-COMMS. SatNOGS-COMMS is a versatile telecommunications solution suitable for nano-satellites and CubeSats. It is a communications board designed and developed by LSF, operating in UHF and S-band. Its scope is wide, spanning from the space segment transceiver to the ground segment station.
So, for the purpose of the REWIRE initiative and utilising SatNOGS-COMMS, we have already performed a software update successfully using an emulated network of ground stations (able to test its behaviour in a lab environment). The Over-The-Air delivery of the updates enables them to be applied at large scale and at a reduced cost, allowing for a higheradoption rate. In fact,this can benefit various niches within the satellite industry.
Scenario 2: Zero-Trust-Onboarding (ZTO)
The second scenario is about adopting the REWIRE infrastructure to the SatNOGS Network. But let us first take a look at what this network is about. SatNOGS Network is the world’s biggest open-source network of satellite ground stations, boasting over 400 stations in 50 countries around the world.
Its scope is to create a full stack of open technologies based on open standards. This stack is modular and scalable for Satellite Ground Station implementation, and it provides interoperability with existing or future subsystems. The SatNOGS Network has expanded and now connects multiple observers with multiple ground stations, enabling tracking and monitoring of satellites. The data gathered are publicly accessible through the network website. So, the REWIRE protocol can be applied to the SatNOGS Network, enhancing its security. By applying a Zero-Trust-Onboarding process for all the Ground Stations that are part of the network and those that will be joining in the future. But what does Zero-Trust Onboarding mean?
In general, a Zero-Trust architecture is an approach that eliminates implicit trust between all the entities and resources (users, projects and devices) that are within the same network. It requires the continuous validation of each of the resources at every stage of an interaction. It applies zero inherent trust to the resources within a network, and this approach can also be used for the Ground Stations that are part of the SatNOGS Network, requiring strict identity and trust-aware verification for every user or device. This approach increases the security of a network, minimises the chances for an compromised or ill-motivated entity to join the network, and even when this happens, the surface of the attack is reduced and withheld within limits, restricting the impact of the breach.
Scenario 3: AI misbehaviour detection
The third scenario where REWIRE could be applied is satellite misbehaviour detection. More specifically, thousands of telemetry frames are received and decoded by the SatNOGS Network every day. These data frames are stored in the SatNOGS DB and used to populate the dashboards created for the satellites. The dashboards offer a visualisation of the data that are soaring in.
This way, satellite teams can have a clearer view of their satellite status. Access to the SatNOGS DB can be gained via the open REST API. Pinpointing the misbehaviours of the satellites requires a lot of work as the misbehaviours need to be cross-validated. The plethora of telemetry frames can be fed into AI models that detect satellite anomalies. Thus utilising space diagnostics to point out the behaviours of satellites that need to be flagged and ultimately handled.
Scenario 4: Fallback mechanism
In the last scenario, REWIRE can be used to facilitate a fallback mechanism on satellite software. The LSF team has been working on this scenario by implementing all the REWIRE key components on two telecommunications boards on a satellite so that if the firmware on the satellite starts to misbehave or becomes unbootable, the bootloader can use a previous working firmware image. This allows for failures to be overcome without any human interaction.
Especially during testing and when severe problems are encountered, these can be resolved by rebooting and backing out the new release. Similarly, during the update of satellite software, having a fallback mechanism allows for failures to be overcome, solutions to be explored and satellite missions to continue their journey to space successfully.
As the testing and evaluation of the Smart Satellites Use Case is still under active development, more updates will be coming soon. So, stay tuned…