SpiderOak and Axiom Space demonstrate OrbitSecure Platform on International Space Station
SpiderOak is thrilled to announce the successful demonstration of our next generation OrbitSecure software module re-written in the memory safe programming language Rust with protocol design formally proven via the Alloy specification language on the International Space Station (ISS). This demonstrates key modern cybersecurity requirements called for by the White House Office of the National Cyber Director in a report published last February.
SpiderOak is one of the first commercial software companies to successfully demonstrate a formally verified and Rust enabled security capability on a crewed space station. OrbitSecure is SpiderOak's zero trust software-only solution designed to operate in extreme edge environments such as space securing information flow across disconnected, low-bandwidth, unsecure network conditions beyond the frontier of traditional cloud services.
Working through strategic partner Axiom Space, SpiderOak executed validation testing on July 1, proving efficacy and formally verifying Rust enabled data security capabilities in orbit. This latest test comes less than a year after the successful demonstration of OrbitSecure done in partnership with Axiom Space on the ISS in 2023.
Memory safe programming languages, like Rust, have been identified in President Biden's National Cybersecurity Strategy as a key security building block in creating software systems that are secure by design. It is estimated that memory safety bugs are responsible for up to 70% of security issues in code written in memory unsafe languages, and evidence shows memory safety vulnerabilities are nearly eliminated when large code bases are migrated to a memory safe language. Rust is a modern, memory-safe system featuring runtime and performance characteristics well-suited to the demands of spaceflight control systems.
In addition to Rust, OrbitSecure employs formal protocol validation written in the Alloy specification language to provide vastly greater assurance that OrbitSecure's protocol performs exactly as designed across the network, eliminating entire categories of vulnerabilities.
"This successful demonstration positions SpiderOak at the forefront of the coming cyber-safe tidal wave of products and services that will provide the backbone to the burgeoning space economy," said SpiderOak CEO Dave Pearah. "We are excited by both the successful demonstration of our next generation memory safe OrbitSecure software on the ISS, and that our security philosophy is aligned with how our nation's leadership thinks about 21st century space cybersecurity."
"SpiderOak is a great example of a company stepping up to rebalance the responsibility for cybersecurity from users to developers. When we spoke with the White House about their plan to increase developer use of memory safe programming languages, we couldn't think of a better test than to put it into orbit," said Tom Patterson, Quantum and Space Security lead at Accenture. "After investing in SpiderOak in 2023, we continue to collaborate, using critical secure-by-design principles in order to launch cyber into space for our clients."
This next level cyber secure design and assurance, once the sole domain of complex service engagements or custom software, is available to the mass market in a commercially available software package.