[CESG] Interoperability testing

Shames, Peter M (313B) peter.m.shames at jpl.nasa.gov
Tue Dec 11 13:14:58 EST 2012

I thing that Gippo has stated it quite correctly, with some minor adjustments.

  1.  The assumption in SDLS is that the user is provided with the means to secure (authenticate, encrypt, or both) the CONTENTS of the space data link frames.  The frame headers are in the clear and most of the features of the service are "managed", which means that the frame structures remain essentially untouched.
  2.  This security mechanisms is to be appliced by the user in the MOC and verified / removed by the user in their spacecraft, it is opaque to the ground station which just treats these as normal frame transfers (a feature of this approach).
  3.  The SLE / CSTS interfaces used to transfer data from the MOC to the ground station are separatekly secured, only authorizaed users (typically at known locations) are permited to establish SLE conections and send data.
  4.  There is no additional network layer encryption for the terrestrial portion of the SLE / CSTS link, but this could be applied if needed.  One effect of this is that traffic analysis can be performed, but the data contents is still secured.
  5.  Our usual rules are that the interoperability testing only has to be performed at the affected layer.  In this case that means to me that we need to demonstrate that secured data frame contents can be encrypted / authenticated , inserted in a frame, transferred over a (simulated) link and then extracted from the frame and de-crypted / authenticated.  I do not believe that we need to demonstrate that this can be transmitted via SLE, but adding that would be an additional level of verification.

Regards, Peter

From: Gian Paolo Calzolari <Gian.Paolo.Calzolari at esa.int<mailto:Gian.Paolo.Calzolari at esa.int>>
Date: Tuesday, December 11, 2012 8:20 AM
To: Adrian Hooke <Adrian.J.Hooke at jpl.nasa.gov<mailto:Adrian.J.Hooke at jpl.nasa.gov>>
Cc: Chris Taylor <Chris.Taylor at esa.int<mailto:Chris.Taylor at esa.int>>, "cesg-bounces at mailman.ccsds.org<mailto:cesg-bounces at mailman.ccsds.org>" <cesg-bounces at mailman.ccsds.org<mailto:cesg-bounces at mailman.ccsds.org>>, CCSDS Engineering Steering Group - CESG Exec <cesg at mailman.ccsds.org<mailto:cesg at mailman.ccsds.org>>
Subject: Re: [CESG] Interoperability testing

        I cannot speak for SOIS but for the terrestrial path I think that the end-to-end considerations are limited to the assumption that
a) a Ground Station is "intrinsically" secure
b) SLE-CSTS protocols are used for transferring data from a Ground Station to a Control Center and vice versa
c) security implication on SLE-CSTS services are out of the SLS area
d) frames travels terrestrially still encrypted/authenticated and decrypt/validation would be in Control Center

Gilles may comment better than me, of course.


Gian Paolo

From:   "Hooke, Adrian J (9000)" <adrian.j.hooke at jpl.nasa.gov<mailto:adrian.j.hooke at jpl.nasa.gov>>
To:     "Chris.Taylor at esa.int<mailto:Chris.Taylor at esa.int>" <Chris.Taylor at esa.int<mailto:Chris.Taylor at esa.int>>
Cc:     CESG <cesg at mailman.ccsds.org<mailto:cesg at mailman.ccsds.org>>
Date:   11/12/2012 16:58
Subject:        [CESG] Interoperability testing
Sent by:        cesg-bounces at mailman.ccsds.org<mailto:cesg-bounces at mailman.ccsds.org>


Chris: the CMC asking questions about interoperability testing for the  new Space Data Link Security book, where the end-end path must be validated -- and that path includes the SOIS systems. CNES has allocated resources to end-end testing but no other Agency has signed up, which means that CNES may lose those resources. Has the ASS-WG discussed this issue?

This same issue appears to be endemic in several other ongoing CCSDS books that are under development.

CESG mailing list
CESG at mailman.ccsds.org<mailto:CESG at mailman.ccsds.org>

This message and any attachments are intended for the use of the addressee or addressees only. The unauthorised disclosure, use, dissemination or copying (either in whole or in part) of its content is not permitted. If you received this message in error, please notify the sender and delete it from your system. Emails can be altered and their integrity cannot be guaranteed by the sender.

Please consider the environment before printing this email.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ccsds.org/pipermail/cesg/attachments/20121211/679528e1/attachment.html

More information about the CESG mailing list