E2EQSS

Secure Satcom for Safety & Security (4S)

Status

Ongoing
Status date

2025-04-23
Activity Code

3D.012

Objectives

The activity aims to produce a qualified commercial space system composed of space and ground components that offers end-to-end quantum-safe security for all satellite data. The final system provides two different setups that target two use cases:

Low-rate point-to-point communication links (<5Mbps) for low-power devices: This configuration targets primarily satellite monitoring and control links, typically in the UHF, S- and X-bands. The same setup can secure any point-to-point data link between two low-power devices. It is noted that in this setup, the key management and storage are purely software-based. This contrasts with the common practices in satellite systems that use ASICs.
High-rate point-to-point communication links (<10Gbps) for high-power devices: This configuration targets high-rate links for payload data transfer/downlink, typically in the X, K and optical bands.

The proposed system uses Post-Quantum Cryptography (PQC) and is built only on existing technology. It also does not require specialised hardware and optical communications. In addition to being post-quantum safe, the proposed solution departs from traditional approaches to secure space data links in another critical aspect: it uses asymmetric public-key cryptography.

Challenges

The main challenges include ensuring quantum-safe security using post-quantum cryptography while maintaining compatibility with existing technology and avoiding specialised hardware.

Balancing low-power requirements for control links with high-power for payload data links adds complexity. Using asymmetric cryptography for key exchange, unconventional for satellite links, poses computational efficiency, latency, and resilience challenges in space environments.

Integrating these elements to provide secure, end-to-end satellite communications without traditional hardware-based key management further complicates the implementation and testing processes, requiring innovative software solutions and rigorous validation.

Benefits

E2EQSS offers a significant advantage over competitor systems by providing quantum-safe end-to-end security for satellite data, addressing the growing threat of quantum computing to traditional encryption. Unlike most current solutions that rely on hardware-based key management, the system uses software-based key management, allowing greater flexibility, more accessible updates, and lower costs. This software-centric approach reduces dependency on custom ASICs, making it adaptable for different types of satellites, from small CubeSats to large commercial systems.

Another key value is using post-quantum Public-Key Infrastructure (PKI) for key exchange. This offers robust security against quantum attacks without requiring specialised hardware like optical communication systems, differentiating the product from competitors using symmetric cryptography or dedicated quantum key distribution technologies.

Furthermore, the product supports low-rate, low-power device communication links and high-rate payload data links, enabling it to meet diverse use cases in satellite monitoring, control, and high-bandwidth data downlink. The versatility across frequency bands and the ability to secure both control and data links provide a comprehensive, scalable solution that exceeds the capabilities of existing systems, offering secure communications for future-proof satellite operations.

Features

Through its integrated features, the product provides advanced secure satellite communication capabilities. It utilises PKI to manage digital certificates, providing secure authentication, key issuance, validation, and revocation, ensuring robust system identity management. A Quantum Random Number Generator (QRNG) is used in the PKI to enhance the cryptographic process by generating true random numbers, improving security for key generation. The MCS handles encryption settings, integrates PQC, and facilitates secure key and certificate exchanges between the ground segment and satellites. This setup guarantees quantum-resilient encryption, protecting against future quantum computing threats.

The ground stations are the interface for secure communication between MCS and satellites, ensuring end-to-end data confidentiality. The space segment features an Onboard Computer (OBC) with PQC integration and a radiation-hardened QRNG to ensure high-quality random numbers for key generation while employing CCSDS protocols to secure satellite-to-ground and satellite-to-satellite communications. These components support the product's primary benefit of ensuring the integrity and confidentiality of mission-critical data through quantum-safe encryption.

The integrated use of PQC, PKI, and secure ground and satellite components establishes a secure communication architecture, offering enhanced resilience against evolving threats, ensuring satellites' safe and secure operation, and protecting data transmissions in space and ground networks.

System Architecture

The E2EQSS system architecture comprises multiple integrated components within a secure operational environment. The PKI manages the digital certificate lifecycle, including certificate authentication, issuance, validation, and revocation, while incorporating QRNGs to enhance the cryptographic strength of key generation.

The Mission Control System (MCS) enables spacecraft operations, integrates PQC for secure data management, configures encryption parameters and interfaces between the PKI and the satellite network. Ground stations provide the communication link between MCS and satellites, securing the bidirectional flow of telemetry, command, and control data. Satellites are equipped with an On-Board Computer (OBC) embedded with PQC capabilities and a QRNG, employing CCSDS protocols to secure inter-satellite and satellite-to-ground communication channels.

The architecture facilitates critical data exchanges, including secure data transmission to maintain satellite communication integrity and confidentiality, robust key management and certificate exchange governed by PKI, and MCS coordination to ensure authenticated and encrypted command and telemetry. This design provides the operational environment to maintain high security throughout all mission phases, adhering to cutting-edge post-quantum cryptographic standards and preparing for future challenges.

Plan

The project has two phases, each with important milestones.

Phase 1 starts with the Kick-Off and System Requirements Review (SRR), followed by the Preliminary Design Review (PDR).

Phase 2 includes the Critical Design Review (CDR) and progress assessments to ensure development stays on track.

The project concludes with the Qualification Review (QR), marking the final evaluation of the system's readiness.

Each phase ensures systematic progress, while intermediate reviews provide checkpoints for aligning the project with its objectives and validating critical designs.

Current status

The project has completed the Systems Requirements Review (SRR) milestone and is progressing toward the Preliminary Design Review (PDR). Key achievements include finalising a trade-off analysis and the key exchange protocol specifications integrating PQC and QRNGs into the PKI and OBC.

Currently, the team is working on the detailed design documentation and conducting de-risking activities. Upcoming tasks involve prototype development and testing to lay the groundwork for transitioning from the demonstration phase to functional readiness.