Securing Space Based Solar Power as Critical National Infrastructure

In 2017, Gerard Butler found himself fighting a new kind of threat in the Hollywood blockbuster Geostorm.

Butler, a dependable Scot who's built a career on beating the bad guys, wasn't facing up against Greek invaders, middle eastern terrorists, medieval lunatics or rogue killer drones this time. He was fighting a malfunctioning climate control satellite that had morphed into a giant space laser destroying cities on earth.

Getting Power from Space

As the new space race heats up, scientists are proposing to tackle our current energy/climate crisis by building and launching space-based solar power (SBSP) systems designed to harness energy from the sun and beam it back down to earth.

It's thought that space-based power assets could deliver ample, cheap energy with fewer emissions whilst helping to build the space economy.

NASA describes the concept as "cost prohibitive and technically infeasible today" but a new report from the British firm Frazer-Nash Consultancy has already considered the potential threats and risks connected with building power stations in orbit.

Securing Space Based Solar Power as Critical National Infrastructure is a fascinating read for anyone working in the power generation sector today, space hobbyists and Gerard Butler fans too.

As with any strategic energy asset, it is likely that an SBSP system will become a target for groups that would seek to damage, degrade or deny the system’s ability to deliver power to its customers, either for financial gain, or for political/strategic advantage.

Defending Critical Infrastructure

The energy sector has for years operated critical infrastructure on the ground, designing and building defensible systems and networks, reducing the attack surface and hardening company facilities.

But how does that approach need to change when we're operating assets and generating power in orbit?

Frazer-Nash propose a comprehensive security model for SBSP that must address supply chain, ground, network, and in-space threats through a system-of-systems approach and make a number of recommendations:

1. Adopt Cyber Informed Engineering (CIE): Integrate CIE principles into the design, build, and operation of SBSP systems.
2. International standards: Use internationally recognised standards like IEC 62443 for cybersecurity.
3. Risk assessment: Conduct comprehensive risk assessments and integrate appropriate mitigations.
4. Regulatory engagement: Engage with regulators early and comply with frameworks like NCSC’s CAF or NIST CSF.
5. International collaboration: Build multinational partnerships and agreements to share energy and enhance security.
6. Public engagement: Learn from past infrastructure projects to minimise activist harm and build public support.
7. Supply chain security: Ensure supply chains demonstrate robust cybersecurity arrangements.
8. Post-quantum encryption: Plan for the transition to post-quantum cryptography.
9. Insider threat management: Foster a security culture that reduces insider vulnerabilities.
10. Continuous threat monitoring: Maintain awareness of the evolving threat landscape

Surprisingly, the approach remains consistent with current terrestrial thinking - AI, quantum and hacktivist threats get a mention. And orbital power assets are compared with attacks on the Nord Stream pipeline.

There's the added complexity of communications security and protecting uplink and downlink connections between ground and orbit - we don't want that Geostorm space laser becoming real just yet.

Overall, the report provides a highly detailed look at 'Cyber Informed Engineering' for a new kind of power asset and is well worth a read.