BY: CPT Robert A. Hale, U.S. Army
Space Based Assets the new Critical Infrastructure? CPT Robert A. Hale, U.S. Army Project Officer, Mission Command Battle Lab If you look to the night sky you may get a glimpse of an object passing overhead; was it a meteor, a falling star? Most likely, the object was one of the thousands of satellites or space assets that touch almost every facet of our lives. These Space Based Assets (SBAs) provide support and functionality to global telecommunications, military operations, financial industries, weather surveillance and research efforts. Anyone would be hard pressed to prove that they are not touched in some way by SBAs.
The nearly instantaneous access to data on which the Department of Defense and civil society alike rely is the result of the exponential expansion of SBAs since the 1980s. Following the passage of the Commercial Space Launch act of 1984, commercial companies became able to launch space assets with the use of expendable launch vehicles. This expansion helped create the modern global telecommunications infrastructure on which millions rely every day. In terms of national security, however, this expansion creates more ways for adversaries to endanger critical capabilities.
The level of risk to SBAs is vast and often unpredictable, ranging from radiation to small debris. Importantly, the implications of risks to these assets involve the security of the economy and other national interests. In 2009, the Department of Homeland Security wrote the National Infrastructure Protection Plan (NIPP) that outlined 16 categories of critical infrastructures (CI) and determined the governmental agency to oversee the security of each category . The risk to SBAs and the support provided to the 16 CIs makes the security of these assets vital to national security. In the remainder of this essay I will outline the risks SBAs face. I will then argue that they should be included as one of the critical infrastructures outlined in the NIPP and that the Department of Defense (DOD) should lead the security efforts for SBAs.
Space-Based Assets are critical because they are integral to many different applications that affect both national security and civil society. For national defense, the Space Based Infrared System (SBIRS) provides missile warning, and for civil (and global) society, the SpaceX Starlink satellite constellation will provide high speed internet without the use of ground structures. The millions of Americans who enjoy DirecTV are dependent on satellites. Moreover, SBAs are not just used for imagery or missile warning or even high speed communications. The GPS that cars and planes use daily is triangulated through the use of Position, Navigation and Timing (PNT) satellites that are managed by the Department of Transportation. With each type SBA there is a component that affects the functionality of one of the 16 CIs.
There is no one-size-fits-all risk management approach for the each of the CIs, because each CI’s security is managed by the government agency that provides its oversight. For the purpose of this essay, the Army’s Deliberate Risk Management model (DRM) will be used to identify and assess the hazards or risk to the SBAs. The DRM process allows an organization to identify and assess hazards, develop and implement controls, make decisions, and evaluate outcomes. It blends tactical, threat-based risks with accidental, hazard-based risks .
As a hypothetical risk analysis, I will use only the first three steps of the DRM: identify the risk; assess the risk; and develop controls. Future analysis based on simulation should study the effectiveness of those controls based on different scenarios. The DRM as outlined in Army Training Pamphlet (ATP) 5-19 labels risks as hazards with the potential to cause injury, illness, or death of personnel; damage to or loss of equipment or property; or mission degradation. The assessment phase determines the probability and severity of a hazard. Probability is defined as frequent, likely, occasional, seldom, or unlikely; the severity is categorized as catastrophic, critical, moderate, or negligible. The development of controls will serve as a recommendation to the decision makers, in this case the DOD, to mitigate the risk.
I only focus on risk to the assets themselves, which includes manned and unmanned space assets. I will not include the risk to the ground facilities or delivery vehicles, each of which would warrant their own individual studies and analysis. I will also limit the level of complexity by grouping the risks into two major categories: environmental risk and manmade risk. The initial risk is for the category as a whole and not for each example provided.
Environmental risks or hazards are any that come from operating outside of the Earth’s atmosphere. These types of risk also include the risk to operational requirements of the SBA since the potential for the SBA to not be able to perform its mission could have consequences for other CIs. Environmental risks include but are not limited to: terrestrial weather, atmospheric scintillation, radiation, solar flares and wind, cosmic rays, gravity, debris and other flying objects.
The environmental risks to a SBAs are substantial; every type of SBA faces risks from operating in the harsh environment of space. Two examples of environmental risks to the Space-Based Infrared System (SBIRS), for instance, include: the inability to detect a missile launch because of terrestrial weather and the deterioration of SBIRS’ life span from increased solar radiation. These types of hazards can not only affect the personnel and equipment in space but can also cause risk to other CIs. For example, the loss of PNT would render a ship operating in the Atlantic Ocean unable to determine its position. While there is no way to stop environmental hazards from affecting SBAs, it is possible to mitigate the effects these hazards on the SBA and thus mitigate the risk to other infrastructures that utilize SBAs.
Within the framework of the DRM, environmental hazards are frequent risks because no one can control how or when the space or terrestrial environment will affect the SBA. In contrast to the frequency of the environmental risk, the severity of the risk can vary from moderate to catastrophic given there is generally more than one of any given type of satellite in orbit at a time. Contrast, for instance, the severity of the loss of a smallsat with that of the International Space Station. Utilizing Table 1-1 in ATP 5-19 we could assess the initial risk to the SBAs as ranging from high risk to extremely high risk depending on the SBA that is being affected. Through the development and implementation of controls, the initial risk can be mitigated to an acceptable risk.
Environmental risk controls include the concept of increasing “stand-off” distance. Stand-off distance refers to keeping the effect of an environmental hazard away from the critical components of the asset. The increase in stand-off distance can be achieved through shielding of critical components during the construction of the SBA. Nevertheless, there is a trade-off to increasing the shielding because the added weight means that the delivery vehicle is not able to carry as much. Another means of control similar to the mitigation of physical risk is to “push out the perimeter,” by identifying locations or orbits where environmental risk may occur or have a greater chance of affecting the asset. This control is generally determined during the operational planning process and can then be monitored from the ground station.
Many environmental risks are similar to physical risks and can be mitigated by increasing stand-off distance from the effects of environmental risk. One way this is being accomplished is through the implementation of the CO-NETIC AA alloy that helps shield satellites from gamma-ray bursts. Another way to create is by using EMI tape on the opening of the Faraday Cages that protect sensitive components from electromagnetic interference. These controls are some examples of measures that can be used to mitigate the effects of environmental risk.
The mitigation of environmental risk is the responsibility of multiple people over the course of development and operations. At the start of the life-cycle process, risk management falls to the designers, engineers, and builders to ensure that the appropriate controls are implemented to mitigate the potential of environmental risk affecting critical components and systems. Following an SBA’s launch into space, the responsibility of risk management falls to the ground station crew from organizations like the U.S. Space Force that control the SBA in orbit. Given the large roles that the Air Force and Space Force play in the mitigation of risk to SBAs, the ultimate responsibility for the security of SBAs should fall to the DOD for oversight.
Manmade risks are risk and hazards that are produced by adversaries looking to exploit the critical nature of SBAs. Examples include cyber-attacks launched as part of international conflicts. In 2008, during the brief Georgia-Russia War over South Ossetia, Russia engaged Georgia in the cyber domain. These types of attacks can be transmitted via satellite uplink and transferred somewhere else via the downlink, potentially affecting other infrastructure. Manmade risks can also involve a direct physical attack on an SBA. This was seen with China’s destruction of a weather satellite using a ground based missile. Other forms of manmade hazards include: the creation of debris clouds, the shining of directed energy into the satellite’s optics, or the “gassing” of a satellite by expelling gasses from another satellite into it.
Computer viruses, nuclear detonations, and electronic jamming all constitute manmade hazards to SBAs. A sophisticated computer worm such as Stuxnet, which was used against the Iranian nuclear program, could certainly be used to damage SBAs. The 1962 detonation of a nuclear device about 240 miles in the air caused electrical problems across the Pacific to New Zealand. A similar detonation today would have catastrophic effects on SBAs. Electronic jamming constitutes the cheapest and most wide spread risk. Jammers can degrade the signal needed for communications and navigation. All of these risks can carry significant consequences, from a delay in operations, to the potential loss of human life.
Using the DRM model we can determine that the manmade risk probability of attack can be assessed at “occasionally” simply because adversaries are limited by the cost of actually attacking an SBA. Differing from environmental risk, the severity of a manmade risk is “catastrophic” because of the second and third-level effects that come from destroying or damaging an SBA. The destruction of just one satellite can create a debris field of thousands of various sized objects which can potentially lead to the destruction of other SBAs. Furthermore, objects of sufficient size can return back to Earth and crash. Utilizing Table 1-1 in ATP 5-19 as we did in the environmental risk section, the risk of manmade hazards is a high risk. In comparison to environmental risk, manmade risk is not as easily mitigated because adversaries possess a preponderance of destructive capability against fragile SBAs; no amount of shielding is going to stop a missile targeting a satellite. The mitigation of risk from manmade threats resides with the ground station that monitors the SBA from specific regions around the world. The ground station controller like those in the U.S. Space Force and other space units across the DOD have the capability to maneuver the SBA utilizing system commands. Nevertheless, this process is not in real time and can actually cause more damage if done incorrectly. The U.S. Air Force Silent Sentry program allows the ground station to determine if a satellite signal is being jammed and the location of the jammer, mitigating the effects of jamming. Though private companies have some responsibility in mitigating risk to the SBAs they control, ultimately the security of these assets resides with the DOD, as it possesses the preponderance of space assets and units. Conclusion Risk is inherent in all things relating to space, from building the asset to launching it into orbit. The amount of risk only increases once it enters into orbit and all SBAsd are at a high risk for environmental and manmade hazards. Because of their support to the other 16 critical infrastructures, SBAs need to be included as a CI in the NIPP under the oversight of the DOD. Though environmental risks to SBAs cannot be controlled, these types of hazards can be mitigated through methods similar to preventing physical risk, such as extending the stand-off distance through shielding or expanding the perimeter through the analysis of the orbit and forecasting of the space environment. These mitigation methods begin with the developers, builders, and engineers. They continue with the ground station crew and reside ultimately with the DOD as the holder of the preponderance of interests in space. Manmade hazards potentially pose a risk as devastating as those caused by the environment because they are new and have a greater second and third-order consequences. A manmade hazard to an SBA can cause widespread destruction; just one destroyed satellite can scatter thousands of various-sized objects in orbit. Manmade risks are managed by ground station crews who monitor system statuses and provide commands to respond to risks or external hazards. Space Based Assets affect all 16 CIs and thus impact the lives of most American citizens. Therefore, the risk associated with any type of SBA can be – and should be -- mitigated by utilizing the U.S. Army Deliberate Risk Management process. The support SBAs provide to critical infrastructures defines a need for SBAs to be counted among the CIs outlined in the NIPP and receive the requisite DOD security oversight.
1. Legislative History of Commercial Space Launch Act P.L. 98-575. Washington, Arnold and Porter.
2. See DHS, National Infrastructure Protection Plan (2009) https://www.dhs.gov/xlibrary/assets/NIPP_Plan.pdf
3. Dept. of Transportation. Positioning, Navigation and Timing (PNT) & Spectrum Management. https://www.transportation.gov/pnt
4. U.S Army, (2017 February 24). AR 385-10: The Army Safety Program, Headquarters, Department of the Army
5. U.S Army, (2017 April). ATP 5-19: Risk Management, Headquarters, Department of the Army
6. See ATP 5-19
7. Sauter, M., Holshouser, K., & Doane, J. (2004). A pound of prevention. Security Management, 48(3), 91-102. https://search-proquest.com.ezproxy2.apus.edu/docview/231195215?accountid=8289
8. Shielding material helps satellite explore gamma-ray bursts. (2002). NASA Tech Briefs, 26(7), 22. https://search-proquest-com.ezproxy1.apus.edu/docview/223377405?accountid=828
9. Solin, J. (2018). Shielding effectiveness of satellite faraday cages with EMI taped seams and closeouts. IEEE Electromagnetic Compatibility Magazine, 7(2), 40–46. https://doi.org/10.1109/MEMC.2018.8410660
10. O'Connell, M. (2012). Cyber security without cyber war. Journal of Conflict and Security Law, 17(2), 187-210.
11. Marc Kaufman and Dafna Linzer, T. (2007, January 19). China missile destroys satellite ; Test raises fears of arms race in space: Chicago Final Edition. Chicago Tribune (1963).
12. See “Cyber Security”
13. The Engineer (2015). In 1962, United States Detonated A Nuclear Bomb In Space. Here Is Why They Did It. Wonderful Engineering. https://wonderfulengineering.com/in-1962-united-states-detonated-a-nuclear-bomb-in-space-here-is-why-they-did-it/
14. See ATP 5-19
15. Tech Sgt, M. A. (2013, Mar 24). Combat ops space cell: Defending critical satellite links. UPI Space Daily Retrieved from https://search-proquest-com.ezproxy2.apus.edu/docview/1319073486?accountid=8289