Earth remote sensing data generated by high grade Earth Observations Systems (EOS) is made progressively available for worldwide civilian commercialization. These data have a grade of quality, which was previously produced only by classified military and intelligence service satellites and that was used exclusively in closely defined environments. The distribution of these high value or high grade earth remote sensing data may endanger foreign or security policy interests.
It is therefore of vital interest to establish efficient means to secure the control of these satellites and the distribution of their data products.
The German Satellite Data Security Act (Satellitendatensicherheitsgesetz, SatDSiG) became necessary since highly capable space-based earth remote sensing satellites are constructed in Germany with the intention of the worldwide commercial marketing of the acquired images/data. The act provides legal certainty, establishes binding rules, and ensures their enforcement.
This technical guideline (Technische Richtlinie, TR) gives guidance for conformity evaluation facilities to perform assessments of IT-security measures of high grade EOS.
According to SatDSiG, BSI has to assess certain IT security measures of high grade EOS, their operators and data providers.
An operator or dissemination license for these satellites and the data acquired can only be granted by German Federal Office of Economics and Export Control (Bundesamt für Wirtschaft und Ausfuhrkontrolle, BAFA), if BSI declares these IT security measures as suitable.
This technical guideline describes all necessary steps to obtain the BSI statement: