CSSSP Level 1: Specialist

CSSSP – Certified Space Systems Security Professional (Level 1)

The CSSSP Level 1 certification provides a foundational, practitioner-oriented introduction to securing space information systems and space mission architectures across the full lifecycle—from design and development to launch, operation, and sustainment.

Participants learn how cybersecurity applies uniquely to space systems, including satellites, ground segments, launch systems, space networks, and space-enabled services. The course integrates Risk Management Framework (RMF) / Cybersecurity Risk Management Construct (CSRMC), space DevSecOps, independent verification & validation (IV&V), security testing, and threat-driven analysis for software, firmware, and hardware.

This Level-1 course emphasizes conceptual understanding, applied analysis, and structured security thinking, preparing participants for advanced CSSSP levels.

Foundations of Space Systems Cybersecurity. CSSSP Level 1 domains are:

• SPACE INFORMATION SYSTEMS SECURITY
• SECURITY TESTING AND EVALUATION, IV&V, A&A, SDLC AND THE
• RISK MANAGEMENT FRAMEWORK (RMF) or Cybersecurity Risk Management Construct (CSRMC),
• SPACE DEVOPS AND SECURITY
• SPACE SECURITY ASSESSMENT, ARCHITECTURE, ENGINEERING, TESTING AND OPERATION
• SPACE SYSTEMS, SOFTWARE, FIRMWARE AND HARDWARE SECURITY
• SPACE THREAT AND VULNERABILITY ANALYSIS AND ASSESSMENT

Outcome

Participants who pass the exam earn:

Certified Space Systems Security Professional (CSSSP) – Level 1

This certification establishes a baseline credential for professionals entering the space cybersecurity domain and prepares them for CSSSP Level 2 (Advanced Analysis & Engineering).

Learning Objectives

By the end of this course, participants will be able to:

• Understand the space systems security landscape and mission-driven risk.
• Explain space information systems architectures and their cyber dependencies.
• Apply RMF / CSRMC concepts to space missions and programs.
• Identify security considerations across the space system SDLC.
• Understand IV&V, security testing, and A&A in space programs.
• Analyze software, firmware, and hardware security risks in space systems.
• Perform basic space threat and vulnerability analysis.
• Understand Space DevSecOps concepts and constraints.
• Assess space system security from architecture through operations.

Target Audience

• Space systems engineers
• Cybersecurity engineers and analysts
• Satellite operators and mission planners
• Defense, government, and aerospace professionals
• Systems, software, and hardware engineers entering space security
• Program managers and technical leads (foundational level)

Prerequisites

• Basic understanding of systems engineering or cybersecurity concepts
• No prior space security experience required

DAY 1 – Foundations of Space Systems Security

Module 1: Introduction to Space Information Systems Security

Topics

• What makes space systems different from terrestrial IT
• Space mission lifecycle and cyber dependencies
• Space segments:
  • Space segment
  • Ground segment
  • Link/communication segment
  • User and mission segment
• Confidentiality, Integrity, Availability, and Mission Assurance in space

Workshop 1 – Space Mission Decomposition

• Identify cyber-relevant components of a sample satellite mission
• Map mission objectives to information assets

Module 2: Space Systems, Software, Firmware, and Hardware Security

Topics

• Space system attack surface overview
• Software security:
  • Flight software
  • Ground software
  • Update mechanisms
• Firmware security:
  • Bootloaders
  • FPGA bitstreams
  • Trusted boot
• Hardware security:
  • Radiation impacts on security
  • Supply chain risks
  • Hardware Trojans
• Differences between space-grade and COTS components

Workshop 2 – System and Component Security Mapping

• Identify security concerns across system of systems (SoS), systems, subsystems, software, firmware, and hardware layers
• Classify risks by mission impact

Module 3: Space Secure SDLC and RMF / CSRMC Foundations

Topics

• Space system development lifecycles
• Secure SDLC for space missions
• RMF / CSRMC overview:
  • Categorize
  • Select
  • Implement
  • Assess
  • Authorize
  • Monitor
• Tailoring RMF for space constraints
• Mission impact vs. traditional IT risk

Workshop 3 – Risk Managment Scoping Exercise

• Define system boundaries for a space mission
• Identify security categorization and mission impacts

Module 4: Security Testing, IV&V, and A&A in Space Programs

Topics

• Independent Verification & Validation (IV&V) in space systems
• Security testing vs. functional testing
• Penetration testing constraints in space
• Verification of security controls
• Authority to Operate (ATO) vs. mission acceptance
• Continuous monitoring for space assets

Workshop 4 – Security Test Planning

• Identify feasible security tests for a space system
• Determine what can and cannot be tested pre-launch vs. on-orbit

DAY 2 – Space DevSecOps, Threats, and Security Assessment

Module 5: Space DevSecOps and Secure Operations

Topics

• DevSecOps principles applied to space
• CI/CD constraints for space systems
• Secure software updates for on-orbit systems
• Configuration management in space missions
• Telemetry, command authentication, and integrity
• Incident response in space environments

Workshop 5 – Space DevSecOps Pipeline Design

• Design a conceptual secure pipeline for flight and ground software
• Identify security gates and failure points

Module 6: Space Security Architecture and Engineering

Topics

• Security-by-design for space architectures
• Defense-in-depth for space missions
• Zero Trust concepts in space systems
• Secure communication architectures
• Resilience, redundancy, and graceful degradation
• Engineering tradeoffs between security, cost, mass, and power

Workshop 6 – Secure Architecture Review

• Review a simplified space system architecture
• Identify architectural security gaps and improvements

Module 7: Space Threat and Vulnerability Analysis

Topics

• Space threat landscape:
  • Nation-state threats
  • Cyber-physical threats
  • EW and cyber convergence
• Common space vulnerabilities:
  • Command uplink
  • Telemetry downlink
  • Ground station compromise
  • Supply chain attacks
• Threat modeling for space systems
• Mission impact analysis

Workshop 7 – Threat Modeling Exercise

• Conduct a basic threat model for a space mission
• Identify threats, vulnerabilities, and mission consequences
• Frameworks used: MITRE ATTACK, OWASP, STRIDE, PASTA and TONEX SAP-E Framework

Tonex’s S-APE Cybersecurity Threat Framework

 A structured framework the S-APE Cybersecurity Threat Framework, organized by segment (Space, Ground, User) and by libraries:

1. Threat Agents
2. Attack Vectors
3. Security Weaknesses
4. Security Controls
5. Technical Impacts
6. Business & Operational Impacts

This format is intentionally modular and reusable for training, threat modeling, risk registers, red/blue teaming, and compliance mapping (e.g., NIST, ISO 27001, CCSDS, IEC 62443).

S-APE Cybersecurity Threat Framework

S-APE is:

• A Tonex-created, space-native threat modeling model
• Designed specifically for space, ground, and user segments
• Intended to be used as the threat modeling engine inside CSRMC

Formally:

S-APE = Tonex proprietary threat modeling methodology

CSRMC™ (Cybersecurity Risk Management Construct) is a framework for managing cybersecurity risk across systems.

S-APE™ (Space–Attack–Platform–Exploitation) is the Tonex proprietary threat modeling methodology used using CSRMC.

Module 8: Space Security Assessment and Operational Risk

Topics

• End-to-end security assessment process
• Pre-launch vs. on-orbit risk
• Continuous risk monitoring
• Operational decision-making under cyber risk
• Preparing for higher CSSSP levels

Capstone Exercise – Space Security Assessment

• Perform a high-level security assessment of a space system
• Present risks, mitigations, and recommendations

Examination Description

CSSSP Level 1 Certification Exam

• Format: Multiple-choice
• Number of Questions: 40
• Duration: 90 minutes
• Passing Score: 70%

Exam Domains

1. Space Information Systems Security
2. Space SDLC and RMF / CSRMC
3. Software, Firmware, and Hardware Security
4. Security Testing, IV&V, and A&A
5. Space DevSecOps and Operations
6. Space Threat and Vulnerability Analysis

CSSSP Level I Exam Domains & Weighting

Domain 1: Space Information Systems Security (20%)

• Space mission and system security concepts
• Space, ground, link, and user segments
• Mission assurance vs. traditional IT security
• CIA + mission resilience in space
• Space-specific cyber constraints

Domain 2: Space Systems, Software, Firmware & Hardware Security (18%)

• Flight software and ground software security
• Firmware security (boot, FPGA, configuration)
• Hardware security risks and supply chain threats
• Radiation and fault impacts on security
• COTS vs. space-grade component risks

Domain 3: Secure Space SDLC & RMF / CSRMC (20%)

• Secure SDLC for space programs
• RMF / CSRMC phases applied to space missions
• System boundary definition
• Security categorization and control selection
• Risk acceptance and mission impact

Domain 4: Security Testing, IV&V & A&A (15%)

• Security testing vs. functional testing
• IV&V concepts in space systems
• Authority to Operate (ATO) vs. mission acceptance
• Verification of security controls
• Continuous monitoring considerations

Domain 5: Space DevSecOps & Secure Operations (12%)

• DevSecOps principles for space systems
• CI/CD constraints for flight software
• Secure update and configuration management
• Telemetry and command security
• Operational risk management

Domain 6: Space Threat & Vulnerability Analysis (15%)

• Space cyber threat landscape
• Common attack vectors and vulnerabilities
• Threat modeling fundamentals
• Mission impact analysis
• Introduction to adversary capabilities

Scoring & Certification Policy

• Candidates must achieve 70% or higher to pass
• Results are reported as Pass / Fail
• Unsuccessful candidates may retake the exam after a defined waiting period
• Certification is valid as part of the CSSSP credential ladder

Certification Awarded

Upon passing the exam, candidates earn:

• Certified Space Systems Security Professional (CSSSP) – Level I (Foundation)
• ink CSSSP L1 badge downloadable to Linkedin

CSSSP Credential Progression