De-risk assessment: Secure Operations as a Service

The proposed de-risk activity will result in a demonstrator showing the capability to provide the services in a secure way for ESOC’s operational environment and for commercial services. It will not demonstrate a complete operational system.  It addresses: •Operations Preparation and Automation (Including secure operations data management) •Secure exchange and execution of operational data (e.g. procedures) •Secure Mission Control System with distributed teams

Background and justification: •To de-risk (mitigate the risks of) the deployment and provision of space operations services •To pave the way for a larger activity to deliver secure operations services to ESA and commercial customers   Achievements and status: •Risk assessment •Secure architecture design for preparation and operational scenarios •Secure system deployed on Azure VMs •Integration of Apache Guacamole (secure Windows RDP), NGINX (reverse proxy) and Keycloak (Identity and Access Management) •Penetration test report and recommendations. •Reusable deployable system