Skip to main content
Phase I/II STTR - Space Communications Security

Quantum-resistant cyber security for C6ISR of CubeSats and On-Orbit Robots (Orbots), Space COMSEC product

E
Written by Eric Adolphe
Updated over 4 months ago

January 01, 2024

Rogue Space Systems' Barry 2 Orbital Robot

Much of the world’s critical infrastructure – such as communications, air transport, maritime trade, financial and other business services, weather and environmental monitoring intelligence, and defense systems – depend on the space infrastructure, including satellites, ground stations and data links at national, regional, and international levels.

The economic and data security risks associated with the greatly expanded aperture of vulnerability created by the dramatically increased dependency on cyber-based space infrastructure pose serious risks for ground-based critical infrastructure. Cyberattacks can include targeting mission packages, and attacks on the ground infrastructure.

Attacking the baseband radio interface that CubeSats rely upon has been well documented for some time. Any wireless infrastructure on an orbital platform is a large attack surface and because of its size, presents a perennial source of zero-day bugs that can lead to a malicious actor gaining complete control of a CubeSat without requiring physical access.

Current cryptographic systems require too much processing power and bandwidth, both of which are at a premium in CubeSats that weigh a little over 1kg. Meanwhile, a CubeSat can now be put into space for $100k, and Space Communications Security (COMSEC) devices can range in costs from $40k to $2M. As a result, CubeSat developers haven’t seen the need to secure their systems.

Of greater concern is the fact that the crypto-graphic certifications of US government-owned and operated COMSEC devices will expire over the next two years, and with many devices nearing the end of their useful lives, the US government is faced with an urgent and very expensive national security problem.

Designed to be both deployable and disposable, Isidore Quantum™ (IO0001-ETH/USB/WIF) provides security for data in transit and the smallest, lightest and lowest power configuration of any competing quantum-ready device available today. Isidore Quantum™ (IO5000-ETH) is also available with the latest neuromorphic processors to provide high assurance protection of voice, video and data classified TS/SCI and below at 500 Gb/s aggregate throughput and is MIL-STD-810D ruggedized to withstand the rigors of most tactical mobile environment.

Isidore works as a pair of inline network encryptors that form a routable link layer tunnel across any black fabric. The INEs are agnostic to both the red and black networks. The red namespace is invisible to the black namespace and vice versa. The trust boundary inside each INE is easy to define and evaluate. Isidore provides hardware isolation between red and black zones. The cryptography uses 2 layers of 256-bit encryption (AES GCM) with authentication, integrity checking, anti-replay, forward secrecy. The INE pair autonomously manages the session and key with periodic rekey, key recovery and zeroization.

An Isidore pair provides confidentiality, authentication and isolation for an enterprise that must traverse an untrusted network. Isidore is more than just DIT. Isidore is not IPSEC and does not need or use PKI. Isidore is quantum-ready today.

Isidore was developed using commodity/Commercial-Off-The-Shelf (COTS) hardware and software, and a unique/patented architecture. Isidore also incorporates a patent pending Artificial Intelligence (AI)-based auto immune response system for cyber events that follows the human immune system to learn the patterns of life, detects anomalies, and mimic operator real-time analysis and problem solving.

Important Information About Isidore Quantum's Keying Methodology:

  • Physical and logical trust boundary with no cryptographic bypass

  • Commercial National Security Algorithm Suite 2.0 (CNSA2.0) compliant framework that leverages Crystals Kyber for key management, a PSK for authentication, and AES-256 (symmetric) encryption. Solution includes Galois/Counter Mode (GCM) with authentication (inner tunnel), and cipher feedback mode (outer tunnel)

  • Final key store is ephemeral, unique to the channel pair (loss of one is not the loss of another channel)

  • Key and channel management is autonomous to the pair (rekeying, key recovery, forward secrecy, anti-replay, dead peer detection)

  • Protocol, device and network agnostic

  • Isidore Quantum is Zero Trust by default

Isidore will enhance cyber-resiliency and autonomy of space infrastructure and introduce anti-fragility in the face of an adversarial attack (enable the platform to recover from an attack in a better state, because it has learned), trust/authenticity, confidentiality, integrity, and availability of the information lifecycle processes to secure global strategic and tactical communications in contested environments, and in all domains.

Isidore's first mission is Barry-2. Barry-2 is Rogue Space Systems' inaugural space flight using their advanced compute hardware, algorithms, sensor aggregation and in situ data processing.

Barry-1, is a demonstration vehicle, launching on SpaceX’s Falcon 9. Once deployed to Lower Earth Orbit (LEO), Orbot, Orbital Robot, Barry-1 will test Rogue’s Scalable Compute Platform (SCP) and its ability to aggregate data from multiple sensors and process that data in real time. Additionally, Rogue will be on-orbit testing Isidore Quantum.

See below for NORAD tracking Barry-2 launch operations:

Stakeholders

Award a Phase III Sole Source Contract

A Federal Agency may enter into a Phase III SBIR/STTR agreement at any time with a Phase I OR II Awardee. A subcontract to a Federally funded prime contract may be a Phase III award.

Space Products Include:

  • Quantum-Resistant Encryptor for Space COMSEC

  • Machine Learning (M/L) Algorithms to Detect and Respond to Cyber-intrusions

  1. Step 1 Requirements Document: Prepare a Statement of Work (SOW), Statement of Objectives (SOO), or Performance Work Statement (PWS), or use our automated tool to generate a document

  2. Step 2 Market Research: Use this page as your market research, or view a list of other eligible projects, then request a Rough Order Magnitude (ROM) from Forward Edge-AI

  3. Step 3 Funding: Performed by the government

  4. Step 4 Sole Source Justification: A Memorandum for the Record is required in lieu of a J&A or SSJ

  5. Step 5 Provide Requirements Package to Contracting Officer: Performed by the government

  6. Step 6 Solicitation: Performed by the government

  7. Step 7 Pre-Negotiation Memorandum: Use GSA CALC as a benchmark to determine fair and reasonableness of our ROM

  8. Step 8: Contract Award: Performed by the government

Language for Step 4 (Determination and Finding):

  • Artificial Intelligence (Anomaly Detector, Deep Reinforcement Learning Agent), Counter Adversarial AI, Encryption, cybersecurity, neuromorphic processor, physics-based models, quantum resistant, Radio Frequency, SATCOM, Zero Trust

  • Autonomy, Command, Control, Communications (C3), CubeSat, Space COMSEC, Contested, Denied Operationally Limited (CDO-L), Telecommunications

List of Phase III contracts awarded so far

  • Come back soon

SBIR DATA RIGHTS:

Awarding Agency: US Air Force

Contract Numbers: FA864923P0397, FA864923P1259

Contractor Name: Forward Edge-AI, Inc.

Contractor Address: 10108 Carter Canyon, San Antonio, TX 78255

Expiration of SBIR Data: 13 September 2043

Protection Period: 20 years from award of contract on 13 September 2023

The Government's rights to use, modify, reproduce, release, perform, display, or disclose technical data or computer software marked with this legend are restricted during the period shown as provided in paragraph (b)(5) of the Rights In Other Than Commercial Technical Data and Computer Software–Small Business Innovation Research (SBIR) Program clause contained in the above identified contract. After the expiration date shown above, the Government has perpetual government purpose rights as provided in paragraph (b)(5) of that clause. Any reproduction of technical data, computer software, or portions thereof marked with this legend must also reproduce the markings.

© 2024 Forward Edge-AI, Inc. All rights reserved.

Did this answer your question?