Spacecraft clusters require platform support for applications with different security requirements while maintaining mission-critical resilience. This work is innovative because it provides concrete architectural solutions for enforcing security policies and resilience mechanisms through lower-level platform abstractions. The approach enables secure shared platforms for multi-organizational missions.
This paper addresses design and implementation of resilient and secure software platforms for distributed spacecraft. The work describes a distributed architecture supporting applications with different security classifications while maintaining resilience through autonomous management. The platform implements secure information flows and resource constraints through operating system and middleware mechanisms.
The distributed platform successfully enforces security policies preventing information leakage between applications with different classifications. Implementation demonstrates feasibility of secure spacecraft architectures supporting autonomous fault tolerance. Results support deployment of multi-organizational missions on shared platforms.
@inproceedings{Otte2014,
author = {Otte, William R. and Dubey, Abhishek and Karsai, Gabor},
booktitle = {Sensors and Systems for Space Applications VII},
title = {A resilient and secure software platform and architecture for distributed spacecraft},
year = {2014},
editor = {Pham, Khanh D. and Cox, Joseph L.},
organization = {International Society for Optics and Photonics},
pages = {121 -- 130},
publisher = {SPIE},
volume = {9085},
abstract = {A distributed spacecraft is a cluster of independent satellite modules flying in formation that communicate via ad-hoc wireless networks. This system in space is a cloud platform that facilitates sharing sensors and other computing and communication resources across multiple applications, potentially developed and maintained by different organizations. Effectively, such architecture can realize the functions of monolithic satellites at a reduced cost and with improved adaptivity and robustness. Openness of these architectures pose special challenges because the distributed software platform has to support applications from different security domains and organizations, and where information flows have to be carefully managed and compartmentalized. If the platform is used as a robust shared resource its management, configuration, and resilience becomes a challenge in itself. We have designed and prototyped a distributed software platform for such architectures. The core element of the platform is a new operating system whose services were designed to restrict access to the network and the file system, and to enforce resource management constraints for all non-privileged processes Mixed-criticality applications operating at different security labels are deployed and controlled by a privileged management process that is also pre-configuring all information flows. This paper describes the design and objective of this layer.},
category = {conference},
contribution = {lead},
doi = {10.1117/12.2054055},
file = {:Otte2014-A_resilient_and_secure_software_platform_and_architecture_for_distributed_spacecraft.pdf:PDF},
keywords = {distributed systems, security, resilience, spacecraft, secure information flows, platform architecture},
tag = {platform},
url = {https://doi.org/10.1117/12.2054055}
}