Matrices
Tactics
Techniques
Mitigations
Contribute
Search
This is an
European Space Agency
Space instance of the MITRE ATT&CK Website.
MITIGATIONS
Space
Access control
Accountability of actions
Anti-replay protection mechanisms
Application of Least Privilege principle
Audit
Authenticated encryption
Authentication
Authentication combined with means to ensure the identity of the other party using certificates or pre-shared keys
Authentication mechanisms using approved cryptographic means
Authorization
Autonomy
Boot Integrity
Bulk data link encryption
CCSDS Coding & Synchronization sublayer
CCSDS SDLS Sequence numbers
Code signing
Credential Access Protection
Cryptographic DSSS sequence
Data integrity schemes
Defense-in-depth measures
Detection of abnormal behaviour at avionics bus / Prevention mechanisms
Detection techniques of exploitation attempts
Digital certificates
Digital signing of software components
Diversity
Dynamic Routing
Encrypt Sensitive Information
Encryption of communications
End-to-End Security Measures for Space Systems
Establish processes, procedures, and security measures to protect cryptographic keys / key management
Filter Network Traffic
Frequency Hopping
Fuzzing / testing
High-power up-link
Implementation on Trusted Execution Environments for critical parts of procedures
Internal segregation and /or authentication
Log integrity protection
MMU and MPU
Monitoring
Multi-factor authentication
Navigation Message Authentication (NMA)
Network Intrusion Prevention
Network Segmentation
Non-repudiation mechanisms
On Board Authentication for executing critical commands
Opaque spacecraft design
Operating Systems partitioning
Overloading / flooding detection mechanisms
Padding
Partitioning/Separation
Patching to the latest available software version
Payload specific countermeasures
Physical and network protection of key management systems
Physical protection and isolation of root keys
Physical security
Platform protection
Pre-compromise
Proper Information Classification and Flow-Down Guidelines
Protect OTAR Key Management Service
Protect/isolate Key Mangement Facility
Recovery to a known good state
Redundancy
Remote attestation
Resilience
Revoke keys and replace with new ones (including master keys, if needed)
Role Based Access Control
Secure Design and Implementation of Ground Segment for Space Systems
Secure PKI implementation
Secure Safe Mode
Separate authentication for critical commands
Software segregation / isolation
Source code review
Space Link Extension
Spread Spectrum
Star tracker
Strong authentication of Telecommands
Supply chain confidence
Supply chain protections
Supply from trustworthy sources only
Timestamp
Track debris and space vehicles
Usage of directive transmit antenna
Use keys of sufficient length
User Training
Vulnerability/malware scanning
Zero Trust Architecture
MITIGATIONS
Space
A-C
Access control
Accountability of actions
Anti-replay protection mechanisms
Application of Least Privilege principle
Audit
Authenticated encryption
Authentication
Authentication combined with means to ensure the identity of the other party using certificates or pre-shared keys
Authentication mechanisms using approved cryptographic means
Authorization
Autonomy
Boot Integrity
Bulk data link encryption
CCSDS Coding & Synchronization sublayer
CCSDS SDLS Sequence numbers
Code signing
Credential Access Protection
Cryptographic DSSS sequence
D-F
Data integrity schemes
Defense-in-depth measures
Detection of abnormal behaviour at avionics bus / Prevention mechanisms
Detection techniques of exploitation attempts
Digital certificates
Digital signing of software components
Diversity
Dynamic Routing
Encrypt Sensitive Information
Encryption of communications
End-to-End Security Measures for Space Systems
Establish processes, procedures, and security measures to protect cryptographic keys / key management
Filter Network Traffic
Frequency Hopping
Fuzzing / testing
G-I
High-power up-link
Implementation on Trusted Execution Environments for critical parts of procedures
Internal segregation and /or authentication
J-L
Log integrity protection
M-O
MMU and MPU
Monitoring
Multi-factor authentication
Navigation Message Authentication (NMA)
Network Intrusion Prevention
Network Segmentation
Non-repudiation mechanisms
On Board Authentication for executing critical commands
Opaque spacecraft design
Operating Systems partitioning
Overloading / flooding detection mechanisms
P-R
Padding
Partitioning/Separation
Patching to the latest available software version
Payload specific countermeasures
Physical and network protection of key management systems
Physical protection and isolation of root keys
Physical security
Platform protection
Pre-compromise
Proper Information Classification and Flow-Down Guidelines
Protect OTAR Key Management Service
Protect/isolate Key Mangement Facility
Recovery to a known good state
Redundancy
Remote attestation
Resilience
Revoke keys and replace with new ones (including master keys, if needed)
Role Based Access Control
S-U
Secure Design and Implementation of Ground Segment for Space Systems
Secure PKI implementation
Secure Safe Mode
Separate authentication for critical commands
Software segregation / isolation
Source code review
Space Link Extension
Spread Spectrum
Star tracker
Strong authentication of Telecommands
Supply chain confidence
Supply chain protections
Supply from trustworthy sources only
Timestamp
Track debris and space vehicles
Usage of directive transmit antenna
Use keys of sufficient length
User Training
V-X
Vulnerability/malware scanning
Y-Z
Zero Trust Architecture
Home
Mitigations
Supply chain protections
Supply chain protections
TBD
ID:
M2077
Version:
1.0
Created:
21 April 2023
Last Modified:
24 April 2023
Techniques Addressed by Mitigation
Domain
ID
Name
Use
T2028
Resource damage
×
load more results