Research
Threat models and assessments, in the open
Full reference artifacts anyone can read, use and cite. This is our method on display, with sources named and dated.
Threat Model for Satellite Systems Security
A public reference threat model across the space, link, ground and user segments and the mission lifecycle. Twenty-four named threats, eight threat actor classes, STRIDE mapping, a kill chain modelled on the 2022 Viasat KA-SAT incident, defence-in-depth diagrams and a target-state architecture.
Read the threat model →Threat Risk Assessment for Satellite Systems
The companion assessment to the satellite threat model, with full risk scoring, a risk matrix and a prioritised remediation roadmap.
Reading a risk matrix
How likelihood and impact combine into a score, and why the same cell can carry a different meaning in a different context.
Inherent and residual risk
Why scoring risk twice, before and after controls, is the part most assessments get wrong, and how we keep it honest.
On your systems
Want this rigour applied to your own environment?
The method we publish in the open is the same method we run for clients.