Space-based services have become an essential part of modern society. If these services fail or are not properly secured, it can have serious consequences for areas like traffic safety or emergency services. Space systems including the ground, the space, the communication, and the launch segment must meet strict security standards throughout their lifecycle i.e. from design, manufacturing, operations until de-orbiting. While terrestrial standards apply to ground operations, space systems face unique challenges, such as:

• The long lifespan of satellites and harsh space conditions require a specialised IT security.
• Once operational, satellites are difficult to adjust due to the lack of physical access.
• Hostile physical access to satellites must be considered in protective measures.

BSI Objectives and Fields of Action

The positioning of the Federal Office for Information Security (BSI) focuses on the key objective “Strengthening cyber security for space infrastructure with relevance for government, the economy and civil society in order to safeguard the availability of services via secure and trusted communication.”

Concrete actions include:

• Continuously establishing IT security requirements and recommendations for satellite manufacturers, developers, operators, and suppliers; in addition to the already published IT Grundschutz Profile for Space Systems Part 1: Space Segment and Part 2: Ground Segment and the Technical Guideline Part 1: Space Segment
• Engaging in a constructive dialog with commercial players, research organisations and other authorities ACS Cybersecurity in Space helps to share information on current trends and developments and to discuss solutions among all stakeholders. 
• Active contribution in international standardisation initiatives via selected channels/members.
• Identifying and monitoring new developments and technologies (New Space) and assessing risks and challenges with regard to information security.
• Developing a standardised multi-level security requirement scheme.
• Presentation of work and participation in public events and media to raise awareness of cyber threats in space systems.

Satellite systems for use in matters of national security

The BSI also handles IT security for classified information in military and civilian satellite systems such as the Public Regulated Service (PRS) of the European Galileo system.

Responsibilities include:

• accrediting cryptography devices for processing classified information.
• Designing and operation of key and security management systems for the PRS
• Cooperation with other Member States and EU institutions and agencies in relation to the harmonisation, standardisation and compatibility of national key management infrastructures