7.22 - Space Security: Best Practices Guide

1. Introduction

This topic guides mission security implementation in the form of principles coupled with applicable controls that cover both the space vehicle and the ground segment.The Space Security: Best Practices Guide (BPG) provides guidance on mission security implementation in the form of principles coupled with applicable controls that cover both the space vehicle and the ground segment. The BPG leverages security controls as defined in the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 088  and serves as a translation guide between NIST verbiage and NASA flight project parlance. The principles are meant to be easily achievable regardless of mission, program, or project size, scope, or whether international, corporate, or university. The principles selected focus on a risk-based approach to mitigating vulnerabilities, that are impediments to mission success. Principles were identified as an initial starting point of critical implementations for missions to consider. The underlying security principles and associated controls were identified through an iterative process to address today’s cyber actors Tactics, Techniques, and Procedures (TTPs) were used in attempts to compromise mission capabilities. The guide is to be used as an initial starting point to mitigate against any efforts to deny, degrade, disrupt, deceive, or destroy information and technology used to accomplish NASA's mission success. Click here for a full copy of the Space Security Best Practices Guide (attached to this page.)

See also SWE-156 - Evaluate Systems for Security Risks and SWE-154 - Identify Security Risks

1.1 Additional Guidance

Links to Additional Guidance materials for this subject have been compiled in the Relevant Links table. Click here to see the Additional Guidance in the Resources tab.

2. Resources

2.1 References

2.2 Tools

Tools to aid in compliance with this SWE, if any, may be found in the Tools Library in the NASA Engineering Network (NEN). 

NASA users find this in the Tools Library in the Software Processes Across NASA (SPAN) site of the Software Engineering Community in NEN. 

The list is informational only and does not represent an “approved tool list”, nor does it represent an endorsement of any particular tool.  The purpose is to provide examples of tools being used across the Agency and to help projects and centers decide what tools to consider.

2.3 Additional Guidance

Additional guidance related to this requirement may be found in the following materials in this Handbook:

2.4 Center Process Asset Libraries

SPAN - Software Processes Across NASA
SPAN contains links to Center managed Process Asset Libraries. Consult these Process Asset Libraries (PALs) for Center-specific guidance including processes, forms, checklists, training, and templates related to Software Development. See SPAN in the Software Engineering Community of NEN. Available to NASA only.  197

See the following link(s) in SPAN for process assets from contributing Centers (NASA Only). 

SPAN Links

  • No labels