An essential element of successful space operations is assured and secure communications between Earth and spacecraft and between spacecraft themselves. Equally important is the resilience of the space industry supply chain. A high level of cyber awareness and robust and resilient cyber security are essential elements within this complex and extended ecosystem.
The goal is to achieve a defensible baseline of the cyber maturity of individual elements within the Australian space ecosystem and their criticality to the system overall.
The Australian Space Cyber Framework (SCF) has been developed to create a common framework for different elements of the space ecosystem to assess their security practices against established standards and to assist the Australia Space ecosystem as a whole to strengthen its cyber security posture.
Compliance levels against the framework can be used by organisations for activities such as applying for licences from the Australian Space Agency or as part of Australian Defence supply chain engagements. The framework is also applicable for space companies that are selling product or services to Australian critical infrastructure providers.
The SCF is a two stage assessment process:
- Firstly a Criticality Assessment (CA) is a short questionnaire to determines the impact of a participating organisation on the wider space industry ecosystem. This assists in determining the minimum target state security posture an organisation should attain.
- Secondly a Space Cybersecurity Maturity Assessment (MA) is a detailed assessment that determines an organisation’s cyber security maturity measured across eight different categories. The assessment determines the current security posture of an organisation and identifies areas for improvement. The number of questions and compliance demands increase as organisations seek to obtain higher security postures in line with their prior CA results.
Currently the SCF is targeted at specific segments of the wider space industry, though the content is still valid for a range of corporate environments including the Defence supply chain. The CA can be carried out via an online CA Survey. Smaller organisations can conduct their own MA online. Larger or more critical organisations, when conducting their MA, are recommended to enlist the help of trained security professionals.
Determine whether your organisation fits within the scope of the SCF by completing a short survey (5 yes/no answers). The questionnaire is here.
The questionnaire qualifies your organisation to participate in the SCA process. Once qualified, within 48 hours, you will be invited to complete the Criticality Assessment (CA) which is another short on-line survey .
To participate in the full Space Cyber Framework processes (CA and MA combined) a token is required. Please contact SCF@cyberops.com.au to organise access to the online tools. Alternatively a reportool account is required.
