Basic knowledge related to satellite security research

Many people think satellite hackers are cool. The media will report some things about rockets and satellites, and in our impression, satellites belong to human high technology. From the perspective of hackers, infiltrating satellites has become a dream and even a position of admiration and worship for many people, which is understandable. But the security issues of satellites are not as easy as some people boast. This field is still relatively blank in our country. I have published some articles related to satellite security before, but there are very few people who can really understand and learn something from them. The comments section is also awkward, as if people are focusing on those insincere things. In fact, the knowledge related to satellites is extensive and complex, and many aspects need to be involved.

Previous content review:

Exploring the security issues related to satellites

This article today, I will introduce some basic knowledge about satellites to everyone. Because if you want to understand something about this field, basic knowledge is indispensable. Most people feel that hacking a satellite only requires their own powerful technology and can be done through the network, but in reality, it is far from that. However, there are many technologies related to satellites, and I can't cover all of them in one article. I will only briefly introduce the basics and try not to use mathematical formulas, hoping that everyone can understand.

It may be known that satellites are expensive, but many people have not truly understood how expensive a satellite actually is. The process of a satellite project begins to be expensive from the moment it is approved. Research and development requires many professional technical experts to form a team for system architecture design and argumentation. Once the technology is completed, expensive hardware needs to be purchased, which is indeed expensive, as those involved in hardware should understand this, including chips such as FPGA, which are very important. Satellites, being outside the Earth's atmosphere, cannot be protected by the atmosphere, resulting in very large temperature differences. The side facing the sun can reach over 100 degrees Celsius, while the side facing away from the sun can reach minus 100 degrees Celsius, with a temperature difference of over 200 degrees. There are also many factors such as electromagnetic radiation from outer space, which cause many ordinary electronic components to fail to work normally on satellites. Electronic components need to be of aerospace grade, which are the most demanding devices in terms of usage environment. The overall architecture of the satellite needs to protect the internal components and provide a comfortable temperature environment for normal operation. Therefore, a temperature control system needs to be designed to ensure the normal operation of the satellite's electronic equipment. The射频 chains of satellites use materials with less loss and less interference, and subsequent operations such as frequency leasing, transmission, operation, and ground stations are also very costly. The cost is very high.

Satellites in space rely solely on solar energy for power supply, as we can see, satellites are all equipped with solar panels. Currently, solar power generation technology has entered our daily lives, but the solar panels on satellites are quite different from those we use in our daily lives. Due to the high costs of space launches, such as rockets, it costs several tens of millions of yuan to launch a ton of weight into space, which leads to a very high cost per unit of weight. Therefore, when designing satellites, we need to consider factors such as weight and performance to come up with a compromise solution. Solar panels are just like this; the power directly limits the overall performance of the satellite. To generate the maximum electricity from solar cells per unit weight, we need solar panels with higher power generation efficiency. The power generation efficiency of the monocrystalline silicon and polycrystalline silicon solar panels we commonly see is generally around 20%, most of which is below 20%. The efficiency of gallium arsenide is much higher, with the theoretical conversion efficiency of single-junction gallium arsenide reaching nearly 30%, and the efficiency of multi-junction gallium arsenide, such as triple-junction gallium arsenide, can exceed 40% under the focusing lens. Therefore, using triple-junction gallium arsenide solar panels in solar cells per unit area will provide more electricity. This is necessary to provide sufficient power for the various payloads of the satellite. Of course, this is accompanied by increased costs, as triple-junction gallium arsenide batteries are constrained by complex manufacturing processes and are difficult to mass produce on a large scale. Currently, they are only used in high-end fields such as aerospace. The price of a 1-watt solar panel is nearly 10,000 yuan, so you can imagine the solar power generation cost of large satellites with a power generation capacity of 1kW or more.

Let's talk about the attitude control system again, which involves celestial mechanics. Satellites are sent into space by rockets, and once the speed generated by the rocket reaches the first cosmic velocity (7.9 km/s), the satellite can be separated from the Earth,

Due to the gravitational influence of the Earth, the operating altitude of the satellite will decrease at a speed of about 100 meters per day. In outer space, it is affected by various factors such as cosmic radiation. The orbit is constantly changing, which is known as orbital perturbation. At this time, it is necessary to install an orbital attitude control system on the satellite, which can also be understood as the onboard jet system. In the relatively vacuum environment (due to the thin atmosphere layer when close to the Earth), the satellite, as part of the system, receives the centripetal force from the Earth's gravity and moves in a circular motion. According to the law of conservation of momentum, when the satellite喷射a certain mass of matter in one direction, it will obtain an acceleration in the opposite direction. This is used to adjust the satellite's orbit and prevent it from deviating from the orbit. Therefore, medium and large satellites need to be equipped with an orbital attitude control system simultaneously. Small satellites, due to volume constraints, often use magnetic torque devices to adjust their attitude. This is based on the principle of using the interaction between the electromagnetic force and the Earth's magnetic field to produce torque. Large satellites need to carry a lot of fuel, so the amount of fuel is also an important factor limiting the satellite's lifespan. After the fuel is used up, the satellite can only gradually脱离轨道. Currently, there are ion thrusters, which are still in the development stage of technology and cannot provide significant thrust, so they can only be used as auxiliary. In the future, with the development of technology, such problems will be gradually solved.

On-board computer

The on-board computer is limited by power supply and usage conditions, thus its performance is also restricted, but it requires high reliability. Its main tasks include satellite attitude control, payload processing, and data handling for various sensors, making it the core of the entire satellite platform. Currently, only two types of processor architectures are used in the mainstream on-board computer systems worldwide: one is the POWERPC architecture used by the United States, and the other is the SPARC architecture led by Europe. China mostly adopts SPARC architecture processors, while ARM and X86 architectures do not have absolute advantages in this field, to say the least. SPARC was born from the SUN Microsystems laboratory company and was developed by researchers at the University of California, Berkeley on the RISC technology. The satellite's bus generally uses the 1553B bus commonly used in aircraft and fighter jets. The International Space Station even uses a distributed layout composed of more than 100 1553B buses for various controls such as commands, telemetry, and payload.

As for the satellite's operating system, it is mostly a real-time operating system. The previous article has mentioned it, so there is no need to elaborate here. The control link of the satellite is often separated from the data link, receiving remote commands separately, and the general method is Pulse Code Modulation (PCM) remote control system. Due to the closedness and singularity of the satellite, many technologies are not universal and cannot be shared.

Payload

The payload is the core of the satellite's work and is also very expensive, often accounting for two-thirds of the satellite's budget. If the previous ones can be built by the satellite's overall mature platform to reduce costs, there is no such advantage for the payload. Payloads are diverse, such as microwave radiometers and lightning imaging instruments for meteorological satellites, transponders for communication satellites, radar for military satellites, etc., which are the most advanced instruments and technologies. The performance of the payload directly determines the performance of the satellite, most of which are customized according to the objectives and tasks. For example, the design of the transponder payload takes into account various performance such as robustness under interference from many unknown signals, which are not on the same level as common ones. Due to these core and expensive devices, the satellite often fails to launch after a launch failure, and it may take many years before it can be launched again, leading to a blank in a certain field. One reason is the project budget issue, and the other is that it is too expensive to build two for backup.

Telemetry, Tracking and Control System

The satellite in space needs to establish real-time communication with the ground, during which the ground station needs continuous operation and management. This system is called the Telemetry, Tracking and Control System (TT&C), abbreviated as TT&C system, which is one of the important core systems of the satellite. The main work of this system is as the name implies, telemetry and tracking, which means transferring all the operational information of the satellite through the TT&C link to the ground TT&C station, such as the satellite's position, attitude, power status, battery power, various sensor states, CPU status, remaining fuel, and other information. These data allow the ground station to monitor the satellite in real time, understand all the status of the satellite, know where the satellite is, and whether the orbit operation is normal. Lower-orbit satellites can determine their own position by obtaining the position of navigation satellites, while higher-orbit satellites can determine their position in the universe by star sensors. Knowing these states facilitates the ground station's control, where the ground station issues core commands to the satellite such as adjusting the orbit, shutting down transponders and payloads, etc. After receiving the corresponding instructions, the satellite can make corresponding actions. Therefore, the Tracking and Telemetry System, abbreviated as TT&C system, is one of the core systems of the satellite, and this link is the core control link of the satellite.

Communication system

The communication system is also one of the core systems of the satellite, mainly responsible for the communication between the satellite and the ground station, including transmitters, modulators, power amplifiers, antennas,射频馈线, duplexer, and other radio frequency devices. All communication data of the satellite must pass through the communication system to convert digital signals into radio frequency signals and transmit them out. The signals are then distributed to the ground station through the radiation angle of the antenna.

Temperature control system

As mentioned before, satellites, as they are not protected by the atmosphere in space, can experience severe temperature differences. These temperature differences can cause abnormal operation of electronic equipment. This is when the temperature control system comes into play, providing a comfortable operating environment inside the satellite. For example, the side exposed to sunlight absorbs heat and transfers it to the side not exposed to sunlight. When the entire satellite is not exposed to sunlight, it relies on the satellite's battery for heating. The design of this system is very complex, akin to an 'air conditioning system on a satellite' because there is no air in the space environment, and heat cannot be dispersed. It can only rely on the system to maintain the overall operation of the satellite through various technical means.

Satellite monitoring and control station

The launch of satellites and rockets into space is not the end of the mission; it is just the first step of success. Subsequent monitoring and control tasks are required, at which point monitoring stations are needed. Currently, there are nearly 10 monitoring and control stations in China's inland areas, including Beijing, Xi'an, Weinan, Qingdao, Xiamen, Kashgar, Hetian, launch sites, and landing sites. In addition, there are 4 overseas deep space monitoring stations in Pakistan Karachi, Namibia Swakopmund, Kenya Malindi, and Chile Santiago. The maritime monitoring stations are distributed among 5 far-reaching ocean survey ships in the three major oceans. In order to capture rockets and conduct command control and remote sensing, our far-reaching aviation monitoring ships need to carry out command relay missions at sea. Just now, the Far-view No. 2 retired, having contributed her 41 years of youth to our country's aerospace industry and made significant contributions.

Satellite orbit

The six elements of a satellite's orbit are as follows:Orbital inclination (i), ascending node right ascension (Ω), perigee argument (w), eccentricity(e) semi-major axis length (a), perigee moment (τ)

Here I borrow the figure 1 from Baidu Encyclopedia:

Satellites are roughly divided into the following types according to the type of orbit: LEO low orbit, MEO medium orbit, GEO high orbit, SSO sun-synchronous orbit, IGSO Earth-synchronous inclined orbit, GTO synchronous transfer orbit, etc. In order to better display them, I have made an orbit simulation, so that everyone can better see the differences between these orbits.

Each orbit has its own advantages. Polar orbit satellites belong to the LEO orbit series, which are close to the Earth and can better provide observation tasks and communication tasks. Therefore, meteorological satellites and communication satellites often use this orbit. Due to the lower orbit, the observation time at a location is only about ten or twenty minutes, so it requires a constellation composed of many satellites to complete the uninterrupted communication task. For example, the famous Iridium system, and many more internet satellite constellations being prepared for construction in the future.

SSO sun-synchronous orbit satellites, due to their unique running trajectory, have an inclination of about 98°, which is very suitable for military reconnaissance satellites, resource satellites, and so on, and play a very important role in military strategy. GEO, due to its wide communication coverage area, is occupied by various satellites such as military satellites and communication satellites. GEO satellites are far from the Earth, and the Earth rotates once in 23 hours 56 minutes and 4 seconds. Therefore, when the distance from the Earth is 35786.034km, the satellite revolves around the Earth once exactly the same as the Earth's rotation period. This means that for points on the Earth, the satellite appears to be stationary. Common examples include satellite TV, where the antenna is installed only once and can continuously receive signals. This orbit is very crowded, and the orbital resources are very valuable. The circle composed of many satellites in the figure below is this orbit.

So knowing the satellite's orbit, let's discuss another important knowledge of the satellite:Ephemeris .

FENGYUN 4A              
1 41882U 16077A   19120.87976429 -.00000334  00000-0  00000+0 0  9999
2 41882   0.1619 288.3461 0004834 221.6056 129.9847  1.00273480  8862

Above is the ephemeris of the Fengyun 4A meteorological satellite. Every satellite or object in space, including rocket bodies and waste, has a fixed NORAD number. NORAD calculates a two-line orbital data based on the measurement data, which is the common ephemeris--TLE data. TLE data is the data publicly released after measurement by NORAD (North American Air Defense Command). This department is a cooperative establishment between the United States and Canada for monitoring objects in outer space to prevent alien dan and other space invasions. In the United States...ColoradoThe Cheyenne Mountain area, a mountain has been hollowed out, where nearly a thousand people work. It has its own reserve supplies and can defend against nuclear attacks. The coordinates are: 38.7435N 104.8465W. Those who are interested can go and see it on Google Earth, and this isNORADAt the entrance of important bases, there are many communication antenna towers on the summit to establish contact with the outside world.

We can calculate the position of a satellite at a certain moment based on TLE data and satellite disturbance models such as SGP4, SDP4, SGP8, SDP8, etc. SGP4 is suitable for satellites with an orbital period less than 225 minutes. I will not go into detail about the relevant information of celestial mechanics algorithms and the basic knowledge of TLE here.

With TLE data, satellite tracking is carried out according to algorithms and the current standard time (which needs to be converted into the astronomical Julian Day), which is why some satellite antennas can be moved. Due to the very fast flight speed of LEO satellites (about 7 km/s), there are very high requirements for the time of the tracking system, and often it is necessary to complete tasks such as GPS timing. Satellite tracking also involves a lot of knowledge, involving a lot of technology, and the commercial products are very expensive for ordinary people, which is why OpenATS was created before.

We all know about our country's Queqiao satellite before, its position is at the Lagrange 2 point. There are currently 5 Lagrange points calculated, to put it simply, at these points, the satellite can reach a state of relative equilibrium in the gravitational force from the celestial body, which can save a lot of fuel and maintain the orbit unchanged. Those who are interested can go and check relevant knowledge. Below is the diagram of the 5 Lagrange points, the Queqiao satellite is in the circular motion of the L2 point orbit, which can be used to relay signals on the back of the moon.

Transfer orbit

The common transfer orbits are divided into three types: Hohmann transfer orbit, bi-elliptical transfer orbit, and Earth synchronous transfer orbit.

Many people think that launching a satellite in a more distant direction is just a straight flight, of course, it is not like that, here you need to transfer the satellite's orbit.

The following is a schematic diagram of the Hohmann transfer orbit. When a satellite in the low orbit No. 1 generates an acceleration ΔV at the bottom of the orbit, the satellite will enter the No. 2 yellow elliptical orbit for operation. If the satellite does not take any action at this time, it will orbit the Earth continuously along the elliptical orbit. When an acceleration ΔV' is generated at the apogee of the elliptical orbit, the satellite will enter the No. 3 red Earth synchronous orbit. The positions, acceleration times, and thrust sizes of the two accelerations must be strictly calculated; otherwise, the orbit will deviate. Conversely, satellites in the synchronous orbit can also lower their orbits through two opposite decelerations.

According toKepler's Third LawThe time taken for the Hohmann transfer is:

The double-ellipse orbit is also an important transfer orbit, and compared to the Hohmann transfer orbit, the elliptical transfer orbit saves some fuel but takes more time.

The following is a double-ellipse transfer orbit diagram. When a satellite is in a low orbit state, passing through point 1 will cause a significant acceleration, allowing the satellite to enter a large elliptical orbit (green). When the satellite enters the apogee point 2, another acceleration will stretch the radius of the elliptical orbit (orange). When entering point 3, the satellite will undergo a reverse deceleration, and at this point, the satellite will orbit the red geostationary orbit continuously. Therefore, the height difference between the two elliptical orbits is the height difference between the transfer orbit before and after, which also requires precise calculation, thus showing the importance of mathematics.

The synchronous transfer orbit is actually a type of Hohmann transfer orbit, and I will not go into detail here.

Satellite Communication

There is too much knowledge here; the satellite communication system is a very important system, the only way to establish contact with the satellite ground station, and it is indispensable for data transmission and remote control and telemetry. The wireless communication of satellites, according to different application objects and data volume, determines the frequency and bandwidth of the signal to be used. It is necessary to apply to the FCC (Federal Communications Commission) in advance, and after the application is approved and rented, it can be used. Since there are many satellites in the sky, communication frequencies cannot be used arbitrarily, otherwise, they may interfere with other satellite services. Therefore, if there is a frequency conflict before launch, negotiations must be conducted, and only after the negotiations are approved can it be used. It is best to avoid using frequencies close to those of surrounding satellites to avoid in-band and out-of-band interference.

Common satellite communication bands include L-band, S-band, C-band, X-band, Ku-band, Ka-band, and so on. The L-band has very little attenuation and excellent communication effects, and is commonly used in important satellite services such as satellite phones, satellite navigation, and meteorological data distribution. The S-band is also very important; I won't tell you that the satellite control and measurement frequencies are mostly in this band. The C-band is often used for stable communication satellites due to less rain attenuation, and this band is characterized by larger antennas. According to the parabolic antenna gain formula: G(dBi) = 10lg{4.5×(D/λ0)^2}, we can simply see that the gain of the parabolic antenna is inversely proportional to the wavelength, that is, the higher the frequency, the higher the gain. It is directly proportional to the diameter of the antenna, the larger the antenna diameter, the higher the gain. Since the C-band has a lower frequency than the X-band and Ku-band, the antenna diameter is larger. The X-band is mostly used for military satellites and radar because the X-band can detect the content of water molecules in the air better, and meteorological radar also operates in this band. Ku and Ka bands, due to their higher frequencies and larger bandwidths, are used in high-throughput satellites and broadband satellites, and higher frequencies are not discussed here.

Parabolic antennas are divided into Gregory antennas, Cassegrain antennas, feedforward parabolic antennas, annular focusing antennas, and other types. For example, the C-band reception usually adopts a positive feed antenna, while the Ku-band often adopts a skew feed antenna. The transmitting antenna generally adopts the Cassegrain type. Wireless communication will introduce noise and produce error codes. Since the satellite is far from the ground station, good coding and strong error correction methods must be adopted in communication. At the same time, due to the distance, there is a very large free space loss. The strong signal becomes very weak after traveling a long distance, so most satellite antennas are large parabolic antennas. The antenna amplifies and focuses the weak signal and then passes it through LNA or LNB for high gain amplification and down conversion to send it to the demodulator for processing. If the frequency is not high, it can be directly collected and processed without down conversion. There are many kinds of modulation methods, such as BPSK, QPSK, 8-PSK, QAM, etc., and various error correction methods, including Viterbi, Turbo, BCH, RS, LDPC, convolutional codes and concatenated codes. The specific selection should be based on the satellite link and service.

Other satellites outside the geostationary orbit will produce a relative displacement relative to the ground when they are operating, so there will be a Doppler effect in frequency. In order to receive the signals of these satellites, frequency Doppler correction is required.

Satellite broadband technology is an application of high-throughput satellite. Due to the long distance of geostationary satellites, the data back and forth requires more than 500ms of time, so the traditional IP technology application is limited. Therefore, IP broadband technology suitable for satellites has appeared in communication protocols, such as the increased data sliding window protocol and TCP spoofing technology. There are too many things in communication, so I won't go into detail.

Finally, let's put up a picture of the data received from the Blockstram satellite (TELSTAR 18V 138°E).

Temporarily write these, the article is too long and easy to tire people out. If you like this kind of knowledge or want to learn more, you can search for it. If you have any questions, please feel free to contact me to discuss and learn together. My personal website has satellite online tracking and ephemeris data, which can also be downloaded and used. Personal website:www.chnsatcom.comwww.rasiel.cn

*Author: OpenATS, this article is an original work of FreeBuf, reproduction is prohibited without permission.