Eerie Glow:Unveiling Security Vulnerabilities in Open-Source Satellite Communication Protocols
September 26, 2024 (GMT +8)
13:30
Ballroom 1 & 2
Historically, the high costs associated with satellite manufacturing, design, and launch limited satellite production to government agencies or research institutions. However, in recent years, the development and widespread use of small satellites have emerged due to the significant reduction in launch costs associated with their smaller size. Consequently, projects developing satellite protocols and DIY cub satellites have proliferated. This study shares insights into classic vulnerabilities identified in past satellite attack research, along with new security issues we have discovered. We focus on a recent open-source satellite project, SPACECAN, and the decade-old open-source satellite communication protocol, libcsp, which is already in use by satellites. Our research identifies three vulnerabilities in the SPACECAN project related to CAN bus message transmission and highlights a flaw in message verification within the libcsp project. By revealing these vulnerabilities, we aim to raise awareness about the security of satellite communication systems, advocate for secure implementations in open-source satellite projects, and provide actionable recommendations to mitigate these risks
Speaker
Vic Huang Vic is interested in Web / Mobile / ICS Security and privacy issues. He has shared his research at CODE BLUE, Ekoparty, HITB, RedxBlue Pill,HITCON, CYBERSEC, DEFCON village.
« Back