One of the cheapest experiments ever flown in orbit has finished operating after 22 months on the International Space Station. Running on a Raspberry Pi Zero costing just a few Euros, ESA’s CryptIC payload was exploring cryptography techniques running on off-the-shelf hardware, to ensure cybersecurity for future low-cost space missions.
Satellites might be physically far from Earth, but they are still vulnerable to being hacked. The solution is the same kind of encryption-based secure communication that has become commonplace on our planet – but operating in space makes that difficult to do.
“The standard method is that both sides of the communication share the same encryption key,” explains ESA software product assurance engineer Emmanuel Lesser. “But space is riddled with charged particles that can randomly ‘bit-flip’ computer memories – disrupting the communication link because the keys down on Earth and in space no longer match.
“Traditional full-size spacecraft get around this problem by using ‘rad-hard’ components, but typically this is not an option for smaller missions. Such rad-hardened parts can cost as much as a CubeSat in their own right, and might take a year to procure – at a point when development cycles for small missions are shrinking down to 18 months or less.
“So our CryptIC payload looked into alternative options, using commercial off the shelf parts, to demonstrate a cheap but reliable cybersecurity method for this class of missions.”
The ‘Cryptography ICE Cube’ was a low-cost development, developed in-house by ESA’s Software Product Assurance section using a basic Raspberry Pi Zero. Covered with a plastic ‘conformal’ coating for safety purposes but otherwise unchanged, it was flown on the ISS through the International Commercial Experiments service – ICE Cubes for short. ICE Cubes offer fast, simple and affordable access for research and technology experiments in microgravity using compact cubes. CryptIC measures just 10x10x10 cm.
CryptIC evaluated dual approaches to non-rad-hard encryption. The first was to automatically re-exchange the key if it gets corrupted, to minimise interruptions to communications. The second was to rely on redundant copies of the encryption key, stored within multiple ‘tiles’ within reconfigurable, field-programmable gate arrays (FPGAs) rather than fixed computer chips. If one fails then another copy can take its place while the faulty section of FPGA repairs itself.
“We experienced radiation events practically every orbit, but encryption-disrupting events took place only every three months or so,” adds Emmanuel.
“CryptIC also carried a floating gate dosimeter provided by CERN, the European Organisation for Nuclear Research, as part of a broader cooperation agreement, to correlate these events with the background radiation environment. Our results are still being analysed, but are in line with expectations – we saw heightened events over the ‘South Atlantic Anomaly’ for instance, which is a weak point in Earth’s magnetic field.”
A third experiment was also squeezed into the CryptIC box, contributed by ESA’s On-Board Computer and Data Handling section. Known as CHIMERA, it evaluated the performance of off-the-shelf computer memories in the space environment.
“We planned for a minimum of six months’ operation, but ended up with 22 months, a very good return on investment – thanks partly to COVID-19-related delays on deliveries to the ISS, but also because our hardware and software held up well,” says Emmanuel.
“Control of CryptIC was routed through Space Applications Services in Brussels, the company providing the ICE Cubes service. We had some sporadic service interruptions, but overall operations went well. The payload could be overseen from anywhere, nearly anytime, using a laptop with a VPN.”
The CryptIC hardware will remain aboard Columbus: because its performance remains stable, SAS plan to adopt it as a diagnostic tool, to evaluate the performance of their ICE Cube Facility.
Raspberry Pi in orbit
This is not the first time a Rasbperry Pi flew to the International Space Station. ESA and the Raspberry Pi Foundation run yearly educational challenges for children to get their code running on two ‘Astro Pi’s‘.