Nebula Public Library

The knowledge bank of ESA’s R&D programmes

Cybersecurity by design for mixed criticality embedded systems

Programme
GSTP
Programme Reference
GT1Y-303ES
Prime Contractor
SYSGO GmbH
Start Date
End Date
Status
Closed
Country
Germany
Objectives
The objective of the activity is to design and develop a real-time operating system for spacecraft microprocessor platforms with demanding security and safety requirements, capable to safely and securely execute applications with different assurance levels (mixed criticality) concurrently.
 
Description
Given the unstoppable trend towards more software-driven (defined) system components as well as system safety and security awareness, dependence on on-board SW platform for mission safety and security will become critical.
 
A new development to enhance the security of low-cost software platform solutions is considered essential. Requirements like dependability, scalability, obsolescence and re-usability shall be taken into account as well.
 
The intended work includes the following tasks:
  • This new development will build on microprocessor platforms (System-on-Chip or SoC) as developed by the EU DAHLIA (Deep sub micron microprocessor for space rad-Hard application ASIC) programme that will be integrated in the NG-ULTRA SoC FPGA (Field Programmable Gate Array).
  • Separation of applications will be ensured by means of time and space partitioning. A partition is a logical container created and maintained by the operating system. Resources will be allocated according to partition configuration (e.g. memory, CPU time, I/O access rights).
  • Key drivers are re-usability and ability to support the Space Avionics Open Interface Architecture (SAVOIR).
  • Validation of this new operating system with respect to security.
 
Application Domain
Generic Technologies
Technology Domain
1 - On-board Data Subsystems
2 - Space System Software
Competence Domain
3-Avionic Systems
Keywords
48-Cybersecurity
Initial TRL
TRL 4
Target TRL
TRL 6
Achieved TRL
TRL 6
Public Document
Executive Summary