Joonhyuk Park (School of Cybersecurity, Korea University), Jiwon Kwak (School of Cybersecurity, Korea University), Geunwoo Baek (School of Cybersecurity, Korea University), Dohee Kang (School of Cybersecurity, Korea University), Seungjoo Kim (School of Cybersecurity, Korea University)
The increasing significance of space-system cybersecurity in the space industry underscores the necessity of moving beyond development paradigms based on security by obscurity. Consequently, international standards such as ISO 20517 recommend the use of threat modeling to ensure security when developing space systems. Because manual threat modeling is time-consuming, it has motivated substantial research into the development of automated tools. Despite this interest, automated threat modeling tools specialized for the space domain remain scarce. Therefore, this paper proposes an automated threat modeling tool for the space domain by enhancing the Microsoft Threat Modeling Tool (MS-TMT). The tool was developed by integrating the Aerospace SPARTA matrix and the D3FEND knowledge base into MS-TMT. To evaluate its effectiveness, we conducted a case study involving four space-system security incidents, including the Viasat hacking. In the absence of existing satellite-specific threat modeling tools, we selected SecOpsTM as a comparative baseline because it is an automated threat modeling tool that identifies threats in a manner conceptually similar to our approach, enabling a fair and meaningful comparison. The quantitative evaluation demonstrated that our tool achieved an accuracy of 100%, whereas SecOpsTM achieved an average accuracy of 54%.