Working Group G

Ontologies for Space and Ground System Cybersecurity
♦ Preview Video
(Recording not available)

Description

Ensuring the protection of U.S. space assets requires a complete and accurate understanding of the space operational picture (SOP). Maintaining an accurate SOP is difficult due to the sheer volume of objects as well as the dynamic nature of the space environment. Further complicating realization of the SOP are the large quantities of multi-INT data relating to multiple facets of the SOP. Historically, many of these data sources have existed in isolation, but new efforts including the newly formed Combined Space Operations Center (CSpOC) have sought to fuse? a multitude of disparate multi-INT data sources which give analysts and decision makers more information to comprehend and assess the SOP.

One of the most challenging aspects in assessing the SOP is that it is difficult for a human to effectively interface to the plethora of available multi-INT data in order to make decisions in a timely manner. To that end, effective technologies for supporting protection of U.S. space assets must necessarily provide for clear and effective dissemination of complex information to the end users. This is especially vital for space cybersecurity. This domain is growing increasingly important for not only defense satellites but commercial ones as well. For example, SpaceX’s Starlink satellites will need to be reliably cyber-hard to protect data both from the user and in-space perspective.  “A new Trump Administration policy on space cybersecurity does not mandate any regulatory changes but does put pressure on commercial operators eyeing 5G communications to beef up their satellite networks against jamming and spoofing.[i]” Although no mandates are in place, clearly cybersecurity is a vital aspect of the SOP.

Current trends on space cybersecurity focus on making sure that satellites are built to mitigate cyberattacks, i.e. cyber-resilient satellites.[ii] In essence current cybersecurity treats a satellite computer just like any other computer. But, the space domain requires other aspects that are traditionally not considered in cybersecurity measures. For example, for low-Earth orbiting satellites, interactions with ground stations are limited to a few minutes at a time because of the high speeds of the satellites, which yields a limited time-window of opportunities for an attack. Alternatively, high-Earth orbiting satellites, such as those found in geostationary orbits, are seen all the time from Earth but can only be visible from a limited number of ground station due to their locations. Therefore, the space domain presents both temporal and spatial obstacles to cybersecurity. Ground stations, too, must be secure from cyberattacks. The ever-growing number of ground stations for individual missions, including university-based ground station facilities, causes a further level of complexity to the SOP. Yet another concern is the type of satellite targeted. For example, targeting a specific NASA science mission may cause damage to only one asset. But, targeting specific satellites such as the Tracking and Data Relay Satellites, which are used to provide near-constant communication links between the ground and orbiting satellites, such as Hubble and the International Space Station, may cause much wider damage. These are important domain-boundary issues that need to be clearly defined and specified.  It can be argued that there is a need to take a topographical approach – one that identifies the features of the objects or entities and their structural relationships (the “digital cyberspace topography”[iii])– to enable both effective cybersecurity and operational system designs.

The age of Big Data and cybersecurity is here. Recent trends in data management architectures seem to have made the traditional data warehouse obsolete. While these announcements of the demise of the data warehouse idea may be premature, the rise of Big Data and of data science does challenge the warehouse methodology in a manner that continues to be difficult to meet. The data warehouse uses a “schema at write” data model, that is, a model created to organize a subset of enterprise data sources so as to meet the reporting and analysis needs of the majority of users within the enterprise at a given point in time. This model purposefully excludes data deemed to be unimportant to those reporting and analysis needs and, once made, the choice is difficult to reverse as modifications to the model and subsequent reclassification of modeled data require significant resources. The data warehouse strategy thus seems unable to deliver on the promise of Big Data, which rests on the idea that any type of data may prove to be valuable to someone or some algorithm at some point in time.

Ontologies Space cybersecurity needs to be tackled from a holistic approach, which will clearly encompass Big Data aspects. This is bolstered by the fact that there over currently 2,500 active satellites in orbit today. The goal of this workshop will be to demonstrate the need for interoperable data systems, and the role played by ontologies in the creation of such systems. Ontologies that include basic concepts, intricate relations and main ideas specifically for the space domain. With the creation of a proper and cohesive space cybersecurity ontology, members of the space cybersecurity community across the globe can efficiently communicate and develop a shared understanding regarding the prominent ideas within the field. The approach is exemplified in the development of the Common Core Ontologies (CCO), a suite of modular ontologies based upon Basic Formal Ontology (BFO) (Arp 2015) which has unanimously passed the voting phase of the ISO standards process.[iv] We will describe the features of current space ontologies[v] useful for space cybersecurity, and future needs to integrate aspects of the space ontologies into the SOP for cybersecurity applications.

[i] https://breakingdefense.com/2020/09/trump-directive-wakeup-call-for-5g-satellite-cybersecurity/
[ii] https://aerospace.org/sites/default/files/2019-11/Bailey_DefendingSpacecraft_11052019.pdf
[iii] Bigelow, B., The Topography of Cyberspace and Its Consequences for Operations, 10th International Conference on Cyber Conflict, 2018.
[iv] ISO/IEC:21838 Top-Level Ontologies, Part: 1 Requirements, Part 2 Basic Formal Ontology https://www.iso.org/standard/71954.html and https://www.iso.org/standard/74572.html.
[v] Cox, A.P., Nebelecky, C.K., Rudnicki, R., Tagliaferri, W.A., Crassidis, J.L., and Smith, B., “The Space Object Ontology,” International Conference on Information Fusion, Heidelberg, Germany, 2016, pp. 146–153.

Biographies

Barry Smith is one of the world’s foremost authorities in the field of ontology. He is lead developer of Basic Formal Ontology (BFO), a top-level ontology that has been approved for release as ISO standard 21833-2. BFO is the most widely used resource in the entire ontology field. and forms the basis of the pilot Cyber Ontology currently under development as part of an INCITS mid-level ontology suite. Since 2004, BFO has been used as backplane for an open systems modular approach to ontologies applied in over 300 domain ontology initiatives, including on-going efforts to create suites of interoperable ontologies for use in intelligence analysis and in model-based systems engineering.

Presentations