The European Space Agency (ESA) has introduced its Cyber-Security Operations Centre (C-SOC) recently, aimed at safeguarding the assets and operations of ESA and other ESA Member States’ Space stakeholders from emerging cyber threats in the Space Domain.
The program, presented on May 24 at the ESA/ESEC headquarters in Redu, Belgium, outlines key objectives including monitoring and managing vulnerabilities, reinforcing cyber protection of Ground and Space assets, and enhancing security for ESA member states and partners.
Leonardo, serving as the prime contractor, leads a consortium of nineteen European companies tasked with building the center. This initiative is deemed crucial for Europe's economy and security, especially in light of the expanding notion of security which now encompasses data production and usage, cyber security, Space control, and safeguarding critical infrastructures.
The C-SOC, the first of its kind in Europe, is designed to identify and analyze attacks aimed at ESA's digital infrastructure and operational technology assets within missions, across Ground and Space segments.
Employing advanced functions, including prevention, protection, deception, and analysis of cyber-attacks on Space assets, the center is enabled by Leonardo's Cyber Threat Intelligence platform and other cutting-edge components integrated into the system.
Operational since May 2, the C-SOC was unveiled to EU and NATO representatives during the presentation event. Notably, the center operates in a complex scenario, capable of countering various malicious actors with diverse criminal objectives, whether for profit or directed towards attacking critical infrastructure in conflict scenarios.
During the presentation, three operational scenarios were demonstrated, showcasing the C-SOC's ability to identify illicit actions and activate appropriate response and mitigation activities. These scenarios included attacks on the Ground Segment, attempts to hijack a satellite by compromising a supply chain device, attacks on the Space Segment targeting satellites directly, and the capabilities of the C-SOC Portable Operational Platform (C-POP) which extends services securely to stakeholders while ensuring data confidentiality.
One of the distinctive features of the C-SOC is its resilience, ensuring the ability to continue providing services and protecting monitored elements even in the event of complete unavailability of the primary system in ESA/ESEC. This resilience underscores the center's commitment to maintaining operational effectiveness in the face of evolving cyber threats, thus bolstering Europe's space security infrastructure.