Modification of On Board Control Procedures modification

An On-Board Control Procedure (OBCP) is a software program designed to be executed by an OBCP engine, which can be loaded, executed, and also replaced, onā€board the spacecraft. An attacker can attempt to modify them to execute her own commands and control the spacecraft.The attacker can attempt to modify OBCP to gain access to the interface of the On-Board Computer (OBC) and interact with it. In New Space mission, and in general missions using CubeSats, Execution can include exploitation of Micropython flaws or vulnerabilities or using Shell commands for various purposes (further reconnaissance, privilege escalation, launching attacks like Denial of Service, take full control of spacecraft, etc.).

Standard/references: [1]

ID: T2010
Sub-techniques:  No sub-techniques
Tactic: Execution
Platforms: Space Segment
Version: 2.0
Created: 25 August 2022
Last Modified: 21 April 2023

Mitigations

ID Mitigation Description
M2019 Data integrity schemes
M2054 Implementation on Trusted Execution Environments for critical parts of procedures
M2051 On Board Authentication for executing critical commands
M2055 Operating Systems partitioning
M2053 Role Based Access Control
M2052 Software segregation / isolation

References