ARCA SATLINK
End-to-end protection of TMTC and payload data
ARCA SATLINK
acf domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/clients/ca41257fcf98cbb8e4fce45a4027d3fe/sites/staging.cysec.com/wp-includes/functions.php on line 6121ga-google-analytics domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/clients/ca41257fcf98cbb8e4fce45a4027d3fe/sites/staging.cysec.com/wp-includes/functions.php on line 6121tinymce-custom-styles domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/clients/ca41257fcf98cbb8e4fce45a4027d3fe/sites/staging.cysec.com/wp-includes/functions.php on line 6121wp-table-builder domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/clients/ca41257fcf98cbb8e4fce45a4027d3fe/sites/staging.cysec.com/wp-includes/functions.php on line 6121insert-headers-and-footers domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/clients/ca41257fcf98cbb8e4fce45a4027d3fe/sites/staging.cysec.com/wp-includes/functions.php on line 6121google-analytics-for-wordpress domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/clients/ca41257fcf98cbb8e4fce45a4027d3fe/sites/staging.cysec.com/wp-includes/functions.php on line 6121rocket domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/clients/ca41257fcf98cbb8e4fce45a4027d3fe/sites/staging.cysec.com/wp-includes/functions.php on line 6121wpforms-lite domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/clients/ca41257fcf98cbb8e4fce45a4027d3fe/sites/staging.cysec.com/wp-includes/functions.php on line 6121simple-history domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/clients/ca41257fcf98cbb8e4fce45a4027d3fe/sites/staging.cysec.com/wp-includes/functions.php on line 6121wp-table-builder domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/clients/ca41257fcf98cbb8e4fce45a4027d3fe/sites/staging.cysec.com/wp-includes/functions.php on line 6121
End-to-end protection of TMTC and payload data
ARCA SATLINK provides all procedures to encrypt, decrypt, authenticate and verify, frames, to manage key lifecycle and virtual channel configuration. It can be applied to satellite communications using CCSDS Space Data Link frames.
Today satellite operators of institutional, commercial, and even sometimes governmental missions are still communicating with their spacecraft “in clear”, i.e. without implementing any security on the communication links. Unprotected communications for telemetry and telecommand (TMTC) data as well as payload data are making spacecrafts vulnerable to eavesdropping sensitive data all the way to an attacker taking control of the spacecraft.
As a step forward in securing space assets and data, several agencies have added to the CCSDS standards a security extension called the “Space Data Link Security” (SDLS) protocol. SDLS is a protocol to secure communications whose security is applied at the frame level of one or multiple virtual channels, equivalent to a L2 VPN (point-to-point).
To grow the adoption of SDLS-based security on space comms, CYSEC developed ARCA SATLINK, a software product providing end-to-end protection of TMTC and payload data.
Ground segment and flight software engineers can now integrate ARCA SATLINK cryptographic APIs in their architectures to instantly benefit from SDLS-based security
End-to-end security with ground and space software components
Basic cryptographic functions as well as advanced key management functions defined from public SDSL standards
Independent of communications protocol, CCSDS, CSP or others
“Dummy-proof” APIs designed for space engineers with no expertise in cryptography
Include Over-The-Air-Rekeying (OTAR) and key lifecycle management
Cryptographic and key management functions completed with security associations, anti-reply mitigations, monitoring and control of the datalink
ARCA SATLINK core library contains all 22 functions as described in SDLS standards
ApplySecurity and ProcessSecurity are the two main functions enabling authenticated encryption, e.g. using AES-GCM 256
Designed for minimum footprint on CPU on board
Developed based on ECSS standards
Key generation and key management functions compatible with certified hardware on ground
