ECSS-E-ST-80C – Space engineering – Security in space systems lifecycles (1 July 2024)

Scope

This standard provides requirements on the implementation of security in space systems, and requirements on the processes implemented during their lifecycle. This means ensuring the correct implementation of required security functionality in the system (e.g., implementation of an Information Security Management System in the ground segment); and also ensuring reasonable security of the lifecycle itself (e.g., ensuring reasonable management of design information). Space systems include manned and unmanned spacecraft, launchers, payloads, experiments and their associated ground equipment and facilities. Specifically, in the scope of this document are the Space Segment, Ground Segment, Launch Segment, and Support Segment, as defined in ECSS-S-ST-00-01, during their whole lifecycle (from definition, design, development, to operation and decommission).

This standard considers the wide variety of security aspects that must be examined during the lifetime of a space system, including potential certification needs, allowing a tailoring to adapt to specific missions and services. It also considers the interaction between security of the system and its lifecycle, and the corporate security of the organisations involved. This standard is applicable to unclassified missions and projects, and used or tailored, as needed, abiding by national and inter-governmental rules for classified governmental security projects that often require additional processes and controls (such as formal System Security Accreditation); however, System Security Accreditation process is out of scope of this standard. Corporate security is usually specific to each organisation and may be constrained by national regulations or standards. Therefore, this standard avoids imposing unnecessary constraints that conflict with corporate security of the organisations involved in the lifecycle.

A security risk assessment should support the identification of sensitive information as well as the corresponding required protective security marking and measures.
This standard interfaces with space engineering and management, which are addressed in the Engineering (-E) and Management (-M) branches of the ECSS System.

This standard may be tailored for the specific characteristics and constraints of a space project in conformance with ECSS-S-ST-00.

 


Attachments:

Md5 checksum .pdf file = E428B928417F31F8DB178DF630AEBCD2
Md5 checksum .doxx file = 7D3731B2BC98833E30A03AB93FF73113