DESCRIPTION
The SANCTUARY Zero-Trust Platform (ZTP) is a security architecture developed for
embedded systems that is designed and built for security and safety. The ZTP allows the
independent execution of different software components on a single hardware platform
preventing any interference between them. E.g. a mission-critical software, like the flight
control software, can operate with real-time execution guarantees even in the presence of a
malicious or compromised software component on the platform.
When considering a specific spacecraft, such as ESAs OPS-SAT CubeSat, the isolation of
software components is especially important for separating the space experiments developed
by potentially untrusted third parties from the flight control software. With the ZTP, the
space experiments can be executed as part of a satellite software framework running on
Linux, such as ESA’s Nanosat MO, whereas the flight control software is executed, in
parallel but isolated, on a real-time operating system that fulfills the special safety
requirements of the flight control software.
Together with ESA, SANCTUARY already presented an early research project on how the
Zero-Trust Platform can enable secure multitenancy on spacecraft at SpaceOps 2023,
underlining the interest in this topic at ESA.
