Outages to satellite services can have a major impact – not just on customers and providers, but also on critical national infrastructure. The AcidRain attack in 2022, for example, significantly affected Ukraine’s military operations, and impacted thousands of wind turbines across Germany for over two weeks.
Kaze Consulting recognised the Digital Security by Design (DSbD) Technology Access Programme (TAP) as an opportunity to explore a security by design solution to improve the resilience of its space communications ecosystem. The innovation programme gives UK-based companies access to the Arm Morello board with capability hardware-enhanced RISC instructions (CHERI). A technology developed jointly by the University of Cambridge and SRI International enables users to dramatically improve system security, strengthening their own application code against unsafe memory access.
“The Technology Access Programme is a true example of successfully bridging academia and industry, supporting the best minds and practitioners to collaborate on some of the world’s most challenging topics. The programme has afforded us the opportunity to create knowledge and develop usable insights and practice for sectors that need them most. We are hugely proud of what this collaboration has enabled us to achieve.”
The cybersecurity innovation programme has enabled startups and larger companies to scale pioneering new solutions, accelerating the practical application of deep tech across different sectors including defence, transport, and energy. Delivered on behalf of UKRI, Digital Catapult has convened capabilities, offering pioneers innovation and technology consultancy as well as opportunities to learn from qualified technologists and industry experts. 
Using CHERI-enabled hardware to tackle part of the threat spectrum faced by space sector service providers
Kaze hypothesised that by incorporating the CHERI architecture into the design of satellites and connecting ground stations, it would reduce the number of exploitative vulnerabilities and bolster digital resilience. As well as helping to maintain essential services, it was hoped that this would offer substantial returns on investment from risk reduction to lower maintenance costs.
Through the innovation programme, the Kaze team conducted a feasibility study on operating satellite ground station software within the CheriBSD Morello architecture. Over six months the team:
- Tested experimental library-based compartmentalisation features for a satellite parsing library – a tool that processes and translates satellite data streams so ground station applications can read and interact with them
- Incorporated CHERI into cyber risk quantification models
- Built significant working relationships with leading academics and other SMEs.
CHERI delivers persistent resilience against over 70% of known vulnerabilities
The Kaze team found that operating ground station software using the CheriBSD Morello technology delivered increased and persistent digital resilience against over 70% of known vulnerabilities. The team recognised that this could be made even more effective using fine-grained compartmentalisation techniques, and testing for a satellite parsing library showed that it offered a strong solution with only a limited performance overhead. This meant that while there was a slight reduction in system speed due to the security architecture, the impact was minimal and an acceptable trade-off for the enhanced security benefits.
These findings show that a benefit of using CheriBSD and Morello is a significant reduction in the attack surface of a system. The elimination of inherent vulnerabilities tangibly reduces cyber risk and potential costs associated with a successful attack. This is a strategic advantage for organisations who want to protect their revenues, reduce the unwanted burden of costs to remediate their systems, and protects the investment in long term digitally enabled assets. As a strategic consultancy working in the defence, central government, space, and energy sectors, Kaze Consulting will be advocating the strategic value of the technology. By connecting with unique organisations like Kaze Consulting, Digital Catapult has helped unlock value that comes through the adoption of deep technologies, with the Kaze team now considering new opportunities for pilot studies using CHERI in domain-specific applications globally.
“Designing an inherently secure system… and then further increasing that security with other controls is key to building digital resilience. This benefits the global clients of satellite services and protects critical international infrastructure that underpins our digitally enabled world.”
Delivering technical, practical and collaborative benefits
The hands-on experience of debugging and implementing software within a CHERI environment enabled the Kaze Consulting team to improve their understanding of the technology and enhance their capability in building and debugging the key building blocks of software. The team now practises library fuzzing techniques to test for vulnerabilities and awareness of new security compartmentalisation methods, which will play an important part in cyber resilience testing for client business cases.
The access to facilities, workshops, and expertise offered during the programme has accelerated the Kaze team’s ability to develop, scale, and succeed in competitive markets. As well as ensuring that Kaze had the resources and technical assistance needed to progress efficiently, Digital Catapult connected the R&D team with academics at the University of Cambridge, bridging the gap between academic research and real-world applications of deep tech. Together, both teams collaborated on the science of quantification modelling and how it can be applied effectively to CHERI. The new connections established through the programme have put Kaze in a stronger position to deliver this technology to forward-thinking clients and unlock market opportunities in new sectors.
“Not only did the Digital Catapult team facilitate us, but they were also enormously supportive. They were genuinely excited to see what would unfold as part of this programme and celebrated successes with us as they occurred. This collaborative, research-embracing and meaningful programme has benefitted us in every way imaginable.”
About Kaze Consulting
Kaze Consulting explores the boundaries of cyber security innovation and research in AI and data-driven vulnerability management. Their services empower leaders to make critical decisions with confidence: navigating pivotal moments securely and effectively to deliver strategy and technology solutions that make the difference when it matters most.
