5. Presentation Purpose
• In the past year we heard a lot about hostile takeover
attempt of satellites, especially US satellites.
• The presentation will explain what are the building blocks
of satellites command channel, identifying the weak links
in the chain.
Since Satellites are very (very) far away, the only way to get
hold of one is via the remote command channel
• The presentation will address only command and control
channels and not hostile takeover of payload such as pirate
transmissions.
8. What does a satellite Command System do ?
Very specific and predefined things!
• Reconfigures satellite or subsystems in response to radio
signals from the ground.
• Different Command timing
– Immediate
– Delayed
– Priority driven (ASAP)
• Batched (sequenced) Commands
9. Command Functions
• Power on/off subsystems
• Change subsystem operating modes
• Control spacecraft guidance and
attitude control
• Deploy booms, antennas, solar cell
arrays, protective covers
• Upload computer programs
10. Command System RF Performance
You need professional equipment!
• Frequencies
– S-band (1.6 – 2.2 GHz)
– C-band (5.9 – 6.5 GHz)
– Ku-band (14.0 – 14.5 GHz)
• BER = 10-6
• Typical transmission power: 50-100 Watt (based on
large diameter antennas)
• Typical transmission rate: up to 8 Kbit/sec
High speed tracking antennas are required
11. Command System Block Diagram - Ground
Very specific and predefined actions (in the SW)
• GSE operator selects command mnemonic
• Software creates command message in appropriate format
and encodes it
• Sequence (Batch) commands/macros
• Signal Modulation: Pulse code modulation (PCM), Phase
shift keying (PSK), Frequency shift keying (FSK)
12. Command System Block Diagram - Space
Not “launch and forget” simple system
• Decoders reproduce command
messages and produce lock/enable
and clock signals.
• Command logic validates the
command
– Default is to reject if any uncertainty of
validity
– Drives appropriate interface circuitry
13. Data checked and packaged in “envelopes”
Overall structure of a command
14. Command Messages Fields
• Spacecraft address (unique identifier)
• Source ID
• Command type
–
–
–
–
–
Relay commands
Pulse commands
Level commands
Data commands
Command select
• Error detection and correction
• Multiple commands
MBT GCS
AMOS-3 Satellite, 4ºW
Geostationary Belt
15. Command Logic Verification Process
• Receiver level Validation
– Encryption (commercial such as CARIBOU)
– Authentication
– Command destination
• Software level Validation
–
–
–
–
–
Correct address
EDAC
Valid command
Valid timing/Numbering
Authenticated
Several Data check Levels
16.
17. Prerequisites
•
•
•
•
•
•
•
RF Transmission equipment
Knowledge of command frequencies.
Knowledge of Encryption key(s)
Knowledge of Authentication key(s)
Knowledge of Satellite ID
Knowledge of source (Ground Facility) ID
Knowledge of commands dictionary
18. Is that it ? Not yet…
• RF receiving equipment
• Decoded Telemetry
– To generate correct addressing (destination) of the fake
command
– To generate correct timing (numbering) of the fake command
– To generate correct context of the fake command
21. Few Observations
• Is it hard to jam or block a command channel ? Not really
– Simple hardware, relevantly low power
• Commercial Encryption is not good enough
– Is it ? What do banks use for transactions ? What do 7.5 Million
PayPal transaction every evening use ?
• It will be no problem to hack into GCS computers
– If you’re a smart operator, the GCS network is an isolated one
without connections to the outside world
• Easiest Method is……
Inside job !!