SpaceX’s Starlink satellite system could play a role in 5G’s future. (SpaceX)

As the US and its partners try to exploit the benefits of 5G networks for future national security uses, the focus has largely been on security terrestrial networks. But in this analysis, Melissa K. Griffith of the Woodrow Wilson International Center for Scholars argues that those worried about 5G security need to aim higher.

What does the security, resilience, and defensibility of satellite systems have to do with the fifth generation of mobile (5G) networks? Far more than you may think.

Much of our collective national security focus in the United States has been on the security concerns stemming from the terrestrial components of 5G networks (e.g. the radio access network, the Internet of Things, undersea cables, etc.). Comparatively little attention has been paid to national security concerns associated with the evolving role of satellite communication systems within this “network of networks.”

The result is a potentially overlooked gap in our approach to 5G to date. Importantly, this gap also represents a critical opportunity for the United States. If we chose to seize it, we can significantly bolster the security, resilience, and defensibility of our communications networks now and in the future.

With this goal in mind, my and Lt. Col. Christopher Hocking’s recent Wilson Center report, “Seizing Opportunities: Four National Security Questions to Ask About the Use of Satellites in 5G Networks,” (a) delves into the evolution of terrestrial and space-based communications networks, (b) lays out the range of national security risks associated with the use of satellites in 5G networks, and (c) identifies opportunities for government to begin to assess and address these risks in practice. Space, in many ways, represents a largely familiar critical infrastructure challenge.

We can and must lean on those hard learned lessons, while adjusting our efforts to the realities of space.

Why now? Historically, satellite and terrestrial communications networks developed separately and, while they exchanged data, were largely independent from each other. Today, the role of satellites in telecommunications are changing, fueled by exponential demand for bandwidth and connectivity, and enabled by “commodity” satellite system technology and business models.

To realize the potential of ubiquitous, instantaneous connectivity for large numbers of devices globally, terrestrial telecommunications systems, which heavily rely on buried fiber optic cables, will not be enough. Satellites will need to play a far greater role, with terrestrial and space-based components working in tandem to carry out a wider diversity of functions.

Given the evolution of the underpinning technology (primarily satellite and launch technology) and the business models of satellite companies (including satellite systems as a service), that greater role is now increasingly possible. This shift can be seen today with the emergence of companies like SpaceX, OneWeb, AST SpaceMobile, and Project Kupier, who seek to create disruptive business models in low earth orbit (LEO), as well as more traditional geosynchronous (GSO) providers like Telesat and ViaSat who are adapting their infrastructure and satellite capabilities to compete for market share with the proliferated LEO providers. Notably, just earlier this year, Lockheed Martin’s space division announced a strategic partnership with satellite start-up Omnispace to jointly build out a space-based 5G network, while Microsoft began provisioning remote datacenters leveraging SpaceX’s Starlink network.

Why worry? Communications networks have long been the target of malicious actors. This is a trend that is only likely to continue in 5G and be exacerbated by concerns stemming from both technical foundations and, potentially, the vendors building out these increasingly software defined and decentralized networks. Moreover, despite America’s competitors increasingly viewing space as a domain of conflict, legacy satellite systems are notoriously insecure. Even in newer satellite systems, security is all too often an afterthought, rather than integral to the design, deployment, and maintenance of these systems.

What’s next? The rigors and inaccessibility of space creates challenges for maintenance and durability unlike almost anywhere else we operate. However, when it comes to questions of national security, many of the same concerns that emerge from terrestrial critical infrastructure efforts readily apply. Stakeholders of all sorts, including the policy community, should avoid the impulse to needlessly remake the wheel.

Those (not so novel) problems fall into two broad buckets: defending the systems themselves and ensuring the security of the data traversing these systems. In practice, these efforts boil down to three categories of concern:

  • the physical infrastructure or architecture, or physical security
  • the digital systems operating on and the data traversing that infrastructure, known as cybersecurity
  • the supply chains (both hardware and software) that comprise these systems, aka supply chain security.

There is also a first-order question that precedes these three concerns: the criticality of the use-cases these networks support.

Wherever you sit in the policy landscape, there are important opportunities available to you across these categories of concern — ranging from standards to the government as a customer (e.g. DoD acquisitions) — to bolster our collective 5G future. Avoiding proscriptive requirements documents which lack flexibility and utility over time, our report provides the policy and acquisition community with a series of guiding questions, and an in-depth explanation of why the answers to these questions matter.

Satellites will play a key role in determining our collective 5G future.  We cannot adequately assess or address national security concerns associated with 5G networks without also considering the space-based components of these networks.

Dr. Melissa K. Griffith is a Senior Program Associate with the Science and Technology Innovation Program (STIP) at the Woodrow Wilson International Center for Scholars and a Non-Resident Research Fellow at the University of California, Berkeley’s Center for Long-Term Cybersecurity (CLTC).