Cybersecurity for Space & Satellite Technology

Satellite-based services have long become part of critical supply: navigation, Earth observation, and communication increasingly depend on space infrastructure, which in turn depends on ground stations, control centres, and antenna facilities on Earth. This dependency chain makes the sector strategically significant — and therefore a target for espionage and sabotage.

Concrete new infrastructure is emerging in the Cologne/Bonn region: with the GOVSATCOM Hub at the DLR site, the EU is building a highly secure network node for interception-resistant satellite communication for government agencies and disaster response. SpaceHub Cologne and the relocation of an ESA directorate to Cologne are additionally attracting companies and start-ups that are often engaging with European cybersecurity regulation for the first time.

Technically, the ground segment is following a development similar to that seen earlier in the energy sector: systems that used to operate in isolation are increasingly networked — for remote maintenance, monitoring, and data processing. This convergence creates attack surfaces that have long played no role in classical space architectures.

The NIS2 Directive explicitly names the space sector as highly critical in Annex I — introduced via the supplementary CER Directive. This covers operators of ground infrastructure such as satellite control centres and ground stations, as well as providers of space-based services. Depending on company size, the classification applies as an essential or important entity, supplemented by the KRITIS-Dachgesetz with physical resilience obligations. One important exception: infrastructure operated by the EU under its own space programme does not automatically fall under this classification according to several assessments — this needs to be checked on a case-by-case basis.

The technical guideline TR-03184 "Information Security for Space Systems" is not an isolated document but the latest link in a multi-year BSI series: in 2021 the BSI launched a working group with experts from BSI, OHB Digital Connect, Airbus Defence and Space, and the German Space Agency at DLR. This produced the IT-Grundschutz profile for space infrastructure on 30 June 2022, Part 1 of TR-03184 for the space segment (the satellite itself) on 31 May 2023, the IT-Grundschutz profile for space systems, Part 2: ground segment on 22 April 2024, and finally Part 2 of TR-03184 on 14 May 2025, which deepens that profile with an extensive threat/mitigation-measure table. For ground stations and control centres, this Part 2 is the relevant reference.

Methodologically, TR-03184 covers business processes across seven lifecycle phases — conception/design, manufacturing, testing, transport, commissioning, operations, and decommissioning. The focus is on systems with high or very high protection needs, though the recommendations can also be usefully applied to lower protection requirements. The guideline is compliant with ISO 27001/27002 — using the IT-Grundschutz methodology is not mandatory for this; other ISO-27001/27002-compliant approaches are equally permitted.

Measure BM18 "Define/Implement Configuration Management" shows how concrete this gets: it requires monitoring device configurations and configuration changes, for example via lifetime datasheets and version control. This addresses threats including exploitation of software vulnerabilities, information disclosure, sabotage via hardware or software, data falsification, device failure, and unauthorised parameter changes. The core message mirrors comparable international configuration-management standards: continuous monitoring rather than one-time hardening at commissioning.

Formally, TR-03184 is a recommendation, not a law. Practical weight comes from three channels: it is increasingly becoming part of tender specifications and contracts between clients and suppliers, the BSI offers its own certification scheme with an inspection specification to verify conformance at system and component level, and it sits within the regulatory context of NIS2 classifying the space sector as highly critical.

Methodologically, TR-03184 is not a new discipline but the application of established IT-Grundschutz logic to a new asset class: structural analysis, mapping threats to measures, and module-based thinking are exactly what IT-Grundschutz has delivered for years. Anyone with a working ISO 27001 or IT-Grundschutz practice transfers existing methodology to the ground segment instead of building an entirely new discipline.

We bring this methodology from direct experience: Our consultants have worked for years as external information security officers and CISOs for regulated organizations — covering mandates in DORA, NIS2, TKG, ISO 27001, and BSI IT-Grundschutz across sectors including energy, finance, insurance, and critical infrastructure. This hands-on experience is the foundation on which we translate BSI TR-03184 requirements into concrete ISMS structures.

This is complemented by our PKI specialisation: key and certificate management for uplink and downlink encryption is a central technical building block of the TR-03184 requirements. With Blackfort Certificate Intelligence, we have our own tool for inventorying and managing these certificate and PKI dependencies — instead of a manufacturer black box.

Our engagements begin with an applicability assessment: does your own facility, service, or supplier role fall under NIS2 Annex I? This is followed by a structural analysis per IT-Grundschutz methodology — a complete asset inventory of the ground segment covering gateways, antennas, certificates, key material, and firmware versions.

This inventory forms the basis for mapping against the TR-03184 threat/mitigation-measure table — including concrete measures such as the configuration management defined in BM18. Gaps are prioritised by how critical the affected mission or service actually is, not by checklist logic.

From gap analysis to audit-ready documentation, we support the build-out of continuous configuration monitoring, preparation for BSI certification per the inspection specification, and the alignment of incident processes with NIS2 reporting deadlines — practical and technically grounded rather than a pure documentation exercise.