Skip to Main Content
ESA is developing, deploying, and operating a wide variety of mission data systems. These are mainly used for the command & control of spacecraft and the exploitation and dissemination of space-based services to end users. A new ESA activity, the European Space Situational Awareness (SSA) Initiative, requires a novel generation of mission data systems to be developed. These systems are based on a service-oriented architecture (SOA) and capable of supporting a large system-of-systems environment. At the same time, information security is an area of growing concern in the space business and among space agencies. Especially in the area of SOA-based environments, where interconnectivity of components is a core principle, an efficient and robust security concept needs to be put in place to ensure secure mission operations. In this paper, we describe an application security framework for SOA-based mission data systems. This framework increases significantly the robustness and security of web services and web applications through use of a Secure Software Development Lifecycle (SSDLC) and provision of tools & templates for SSA mission data system developers. We are confident that the application security framework will drastically improve the security and robustness of SOA-based mission data systems that will be used in the European SSA Initiative and other ESA projects, while at the same time keeping the related additional effort minimal.
Date of Conference: 2-4 Aug. 2011