Workshops Space Cryptographic Resilience for Space Systems
Space Full Day or Half Day Workshop

Cryptographic Resilience for Space System Mission Architecture

This workshop equips space system architects and mission security engineers with practical strategies to design quantum-resilient cryptographic architectures across the full mission stack.

Full day (6 hours) or half day
In person or online
Max 30 delegates
Commission This Workshop View Agenda

Proud to recommend our expert members

Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside
Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside

Workshop Description

Addresses the end-to-end cryptographic architecture of space systems: spacecraft on-board processors, inter-satellite links, ground segment TT&C infrastructure, and mission control networks. Covers the CCSDS Space Data Link Security (SDLS) protocol, CCSDS Space Link Extension (SLE) services, ESA ECSS standards for space system security, and the export control implications of deploying PQC algorithms in space hardware under EAR, ITAR, and UK Export Control regimes.

Space missions present unique cryptographic challenges that terrestrial PQC migration guides do not address. Satellites carry radiation-hardened processors with constrained compute budgets. Mission lifetimes of 15 to 25 years mean that cryptographic algorithms selected at launch must withstand threats that do not yet exist. On-orbit software updates are possible but carry risk; hardware crypto modules cannot be replaced. The CCSDS SDLS protocol stack was designed around AES-256 and HMAC-SHA-256, and integrating ML-KEM or ML-DSA key exchange into the existing frame structure requires careful analysis of bandwidth overhead, latency constraints, and cross-support interoperability between agencies. This workshop maps those constraints against the current NIST PQC standards (FIPS 203, 204, 205) and provides a structured methodology for building quantum-resilient mission architectures from pre-launch design through on-orbit lifecycle management.

What participants cover

  • CCSDS SDLS protocol analysis: encryption modes, authentication mechanisms, and key management limitations in the current standard
  • Spacecraft cryptographic partitioning: bus versus payload boundaries, where PQC migration can be applied independently and where coupling exists
  • Ground segment attack surface: TT&C stations, mission control centres, SLE cross-support, and key distribution infrastructure
  • Export control impact assessment: how ML-KEM and ML-DSA algorithm selection affects EAR Category 5 Part 2 and ITAR Category XI classification
  • ESA ECSS and national standards alignment: ECSS-E-ST-50C, ANSSI, BSI, and NCSC guidance for European and international missions
  • Migration sequencing for on-orbit assets: crypto-agility retrofits, ground-segment-first strategies, and hybrid classical-PQC transition schemes

Preliminary Agenda

Full-day session structure with scheduled breaks. Content is configurable to your mission type, orbit regime, and ground segment architecture.

# Session Topics
1 Space System Cryptographic Landscape Where cryptography lives in modern mission architectures
2 CCSDS Security Standards and PQC Readiness SDLS, SLE, and the path to quantum-resilient space protocols
  • CCSDS 355.0-B-2 Space Data Link Security (SDLS): encryption modes, authentication, key management limitations
  • CCSDS Space Link Extension (SLE) cryptographic dependencies and cross-support interoperability
  • NIST FIPS 203 (ML-KEM) and FIPS 204 (ML-DSA) applicability to CCSDS protocol stacks
Break, after 50 min
3 Spacecraft Bus, Payload, and Ground Segment Partitioning Mapping cryptographic boundaries across the mission architecture
  • Bus-to-payload cryptographic isolation: where PQC migration can and cannot be applied independently
  • Ground segment attack surface: TT&C stations, mission control centres, key distribution infrastructure
  • Inter-satellite link (ISL) security for constellation architectures: optical and RF link encryption
4 Interactive Demonstration: Cryptographic Inventory for a Reference Mission Full-day format only
  • Building a cryptographic inventory across a reference LEO mission: TC uplink, TM downlink, payload data, ISL
  • Classifying algorithms by quantum vulnerability and mapping to CCSDS protocol layers
  • Prioritising migration: which links face harvest-now-decrypt-later risk versus real-time command integrity risk
Break, after 60 min
5 Export Control and Regulatory Compliance EAR, ITAR, UK Export Control, and ESA ECSS alignment
  • EAR Category 5 Part 2 and ITAR Category XI: how PQC algorithm selection affects export classification
  • ESA ECSS-E-ST-50C and ECSS-Q-ST-60C: standards alignment for European missions
  • National cryptographic approval processes: ANSSI, BSI, NCSC guidance for space-grade PQC implementations
6 Migration Roadmap: On-Orbit and Pre-Launch Strategies Practical sequencing for missions at different lifecycle stages
  • Pre-launch missions: designing PQC-native cryptographic architectures from ground up
  • On-orbit assets: crypto-agility retrofits, ground segment first migration, hybrid classical-PQC schemes
  • Long-duration missions (15-25 year lifetimes): future-proofing key management for post-fault-tolerant era
7 Q&A and Action Planning

Designed and Delivered By

Workshops are designed and delivered by QSECDEF in collaboration with sector specialists. All facilitators have direct experience in both quantum technologies and space systems.

QD

Quantum Security Defence

Workshop design and delivery

QSECDEF brings world-leading expertise in post-quantum cryptography, quantum computing strategy, and defence-grade security assessment. Our advisory membership spans 600+ organisations and 1,200+ professionals working at the intersection of quantum technologies and critical infrastructure security.

SP

Space Sector Partners

Domain expertise and operational validation

Space workshops are co-delivered with sector specialists who bring direct operational experience in space organisations. This ensures workshop content is grounded in regulatory, operational, and technical realities specific to the sector.

Commission This Workshop

Sessions are configured around your mission type, orbit regime, ground segment architecture, and export control jurisdiction. Get in touch to discuss requirements and schedule a date.

Contact Us
Space Workshops All Consulting Services All Workshops