‘…fortunately for us, your knowledge of us is deeply flawed. That’s the prime reason why you’ve been losing every other battle. It is not that you don’t understand our decision-making processes… What you don’t begin to understand is how we see the world. To summarise your problem in a sentence: you don’t give us credit for having what you have, which is vision’ – Kramer, 2007.

Space systems frequently employ the concept of a digital twin, to test engineering concepts in a simulated environment that replicates the functionality of the system in question. Digital twins can have different fidelity levels and be designed for different purposes. This report introduces the concept of an ‘evil twin’ as a counterpart to the standard engineering perspective of a digital twin. Anticipation of threats is critical to understanding the potential attacks delivered through cyber capabilities. Understanding reduces risk and increases the ability for engineers and operators to anticipate likely cyber-events. This, in turn, increases the cyber-resiliency and response capabilities of systems when under attack. Knowledge informs the development of effective countermeasures.

The ‘evil twin’ models and tests potential attacks by adversaries, to improve cyber-security outcomes. This approach builds upon the practice of threat modelling and red teaming, with the goal of enhancing the resilience of space systems and improving their survivability under cyberattack. The evil twin is more than just a penetration test or a red-team exercise; it is intended to be a comprehensive methodology that matches the utility of a traditional digital twin in the reduction of risk to space missions.
This report is the first of two parts commissioned by SmartSat CRC through the University of South Australia, seeking to enhance the state of the art in cyber-security solutions for Low Earth Orbit (LEO) space systems. The aim of this two-part series is to establish a Cyber-Jeopardy and Response Concept (CY-JAR) for ongoing development and subsequent deployment into the space operational environment. The evil twin is a first step in developing an advanced CY-JAR capability.

This report discusses a variety of frameworks, models and approaches pertaining to cybersecurity. Here, Part One provides an overview and analysis of the body of knowledge pertaining to concepts including mission assurance, resilience, risk and cyber-worthiness, as a means of enhancing the security posture of LEO systems. Principles and specific tools for the application of cyber-security to the LEO space system environment are considered with the intention of informing long-term sovereign Australian satellite cyber-security, digital twin modelling and simulation capability. Part Two will build upon this report and provide a fully worked example of a cybersecurity solution, using a generic model of a LEO space system, as a precursor to the Cyber-Jeopardy and Response concept. Part Two will be published separately.