Workshops Space PQC for Ground-to-Satellite C2
Space Full Day or Half Day Workshop

PQC for Ground-to-Satellite Command and Control Links

This workshop equips satellite systems engineers with practical strategies to migrate command, telemetry, and control links to post-quantum cryptography within the constraints of space-qualified hardware and long mission lifetimes.

Full day (6 hours) or half day
In person or online
Max 30 delegates
Commission This Workshop View Agenda

Proud to recommend our expert members

Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside
Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside

Workshop Description

Covers PQC migration for satellite telecommand (TC), telemetry (TM), and control protocols within the CCSDS Space Data Link Security (SDLS) framework. Addresses the specific hardware constraints of space-qualified processors (LEON3/4 GR740, RAD750, ARM Cortex-R5 radiation-hardened variants) and their measured PQC algorithm performance, SDLS frame-level integration of ML-KEM and ML-DSA, and mission cryptographic lifecycle planning for satellites with 15 to 25 year operational lifetimes.

Ground-to-satellite command links are the highest-priority PQC migration target in any space system. A compromised TC uplink allows an adversary to issue spacecraft commands. Unlike terrestrial systems where cryptographic modules can be physically replaced, on-orbit hardware is fixed at launch. The CCSDS SDLS protocol provides the framework, but the standard was designed around ECDSA and AES. Integrating lattice-based algorithms introduces larger key sizes and ciphertext expansion that directly impacts link budgets at S-band and X-band data rates. Radiation-hardened processors have clock speeds and memory constraints that make PQC performance analysis non-trivial. Published benchmarks from ESA and academic groups show ML-KEM-768 key generation on a GR740 at approximately 0.8ms, but real mission constraints include power budgets, thermal profiles, and the need to maintain deterministic timing for safety-critical command windows. This workshop works through those constraints with real data.

What participants cover

  • CCSDS SDLS protocol analysis: frame-level integration points for ML-KEM key encapsulation and ML-DSA command authentication
  • Radiation-hardened processor benchmarks: ML-KEM and ML-DSA performance on LEON3/4, RAD750, and ARM Cortex-R5 rad-hard variants
  • Link budget impact: PQC ciphertext expansion analysis at S-band and X-band data rates for typical LEO and GEO missions
  • On-orbit key management: pre-provisioned versus on-orbit key agreement, crypto-agility design for algorithm replacement
  • Cross-support interoperability: how PQC migration affects CCSDS SLE services between ESA, NASA, and JAXA ground networks
  • Mission lifecycle planning: cryptographic requirements at LEOP, nominal operations, and end-of-life phases

Preliminary Agenda

Full-day session structure with scheduled breaks. Content is configurable to your orbit regime, processor platform, and ground segment architecture.

# Session Topics
1 Satellite Command Link Cryptographic Architecture How TC/TM protocols depend on classical cryptography today
2 CCSDS SDLS Protocol Stack and PQC Integration Where ML-KEM and ML-DSA fit in the space data link security framework
  • CCSDS 355.0-B-2 SDLS frame structure: authentication, encryption, and the key management gap
  • TC uplink command authentication: replacing ECDSA with ML-DSA (FIPS 204) for command integrity
  • TM downlink encryption: AES-256 bulk encryption retention versus PQC key encapsulation with ML-KEM (FIPS 203)
Break, after 50 min
3 Radiation-Hardened Processor PQC Performance Benchmarks and constraints for space-qualified compute platforms
  • LEON3/4 (GR740), RAD750, ARM Cortex-R5 rad-hard variants: ML-KEM and ML-DSA performance benchmarks
  • Memory footprint constraints: ML-KEM-768 key sizes (1,184 bytes public key) versus ECDH on constrained OBCs
  • FPGA-based PQC acceleration: Microsemi RTG4, Xilinx XQRKU060 for lattice-based operations in flight hardware
4 Interactive Demonstration: SDLS PQC Migration Analysis Full-day format only
  • Modelling ML-KEM key exchange overhead on a reference LEO mission TC/TM link budget
  • Bandwidth impact analysis: PQC ciphertext expansion on CCSDS transfer frames at typical S-band and X-band data rates
  • Comparing hybrid ECDH+ML-KEM versus pure ML-KEM approaches for backward compatibility with legacy ground stations
Break, after 60 min
5 On-Orbit Key Management and Crypto-Agility Managing cryptographic lifecycle across 15-25 year mission durations
  • Key pre-provisioning versus on-orbit key agreement: trade-offs for missions with no return link key exchange capability
  • Crypto-agility design patterns: software-defined cryptographic modules for algorithm replacement without hardware change
  • Mission phase transitions: launch, LEOP, nominal operations, end-of-life: different key management requirements at each stage
6 Cross-Support Interoperability and Standards Roadmap Multi-agency missions and the CCSDS PQC timeline
  • CCSDS SLE cross-support: how PQC migration affects interoperability between ESA, NASA, JAXA ground networks
  • ESA ECSS-E-ST-50C alignment and the European Space Security Information Framework
  • CCSDS PQC standardisation timeline: when updated SDLS and SLE specifications are expected
7 Q&A and Mission-Specific Planning

Designed and Delivered By

Workshops are designed and delivered by QSECDEF in collaboration with sector specialists. All facilitators have direct experience in both quantum technologies and space systems.

QD

Quantum Security Defence

Workshop design and delivery

QSECDEF brings world-leading expertise in post-quantum cryptography, quantum computing strategy, and defence-grade security assessment. Our advisory membership spans 600+ organisations and 1,200+ professionals working at the intersection of quantum technologies and critical infrastructure security.

SP

Space Sector Partners

Domain expertise and operational validation

Space workshops are co-delivered with sector specialists who bring direct operational experience in space organisations. This ensures workshop content is grounded in regulatory, operational, and technical realities specific to the sector.

Commission This Workshop

Sessions are configured around your satellite platform, orbit regime, processor architecture, and ground segment infrastructure. Get in touch to discuss requirements and schedule a date.

Contact Us
Space Workshops All Consulting Services All Workshops