{"id":"https://openalex.org/W7148390692","doi":"https://doi.org/10.48550/arxiv.2604.00303","title":"Cybersecurity Risk Assessment for CubeSat Missions: Adapting Established Frameworks for Resource-Constrained Environments","display_name":"Cybersecurity Risk Assessment for CubeSat Missions: Adapting Established Frameworks for Resource-Constrained Environments","publication_year":2026,"publication_date":"2026-03-31","ids":{"openalex":"https://openalex.org/W7148390692","doi":"https://doi.org/10.48550/arxiv.2604.00303"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2604.00303","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.00303","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2604.00303","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5132789877","display_name":"Jonathan Shelby","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Shelby, Jonathan","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5132789877"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12449","display_name":"Spacecraft Design and Technology","score":0.58160001039505,"subfield":{"id":"https://openalex.org/subfields/2202","display_name":"Aerospace Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12449","display_name":"Spacecraft Design and Technology","score":0.58160001039505,"subfield":{"id":"https://openalex.org/subfields/2202","display_name":"Aerospace Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12042","display_name":"Satellite Communication Systems","score":0.30730000138282776,"subfield":{"id":"https://openalex.org/subfields/2202","display_name":"Aerospace Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11701","display_name":"Space Satellite Systems and Control","score":0.02160000056028366,"subfield":{"id":"https://openalex.org/subfields/2202","display_name":"Aerospace Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cubesat","display_name":"CubeSat","score":0.8590999841690063},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5446000099182129},{"id":"https://openalex.org/keywords/function","display_name":"Function (biology)","score":0.5293999910354614},{"id":"https://openalex.org/keywords/nist","display_name":"NIST","score":0.48019999265670776},{"id":"https://openalex.org/keywords/risk-assessment","display_name":"Risk assessment","score":0.4763000011444092},{"id":"https://openalex.org/keywords/reachability","display_name":"Reachability","score":0.38199999928474426},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.36480000615119934},{"id":"https://openalex.org/keywords/corporate-governance","display_name":"Corporate governance","score":0.352400004863739},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.32269999384880066}],"concepts":[{"id":"https://openalex.org/C2775936636","wikidata":"https://www.wikidata.org/wiki/Q1142930","display_name":"CubeSat","level":3,"score":0.8590999841690063},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.650600016117096},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5932999849319458},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5446000099182129},{"id":"https://openalex.org/C14036430","wikidata":"https://www.wikidata.org/wiki/Q3736076","display_name":"Function (biology)","level":2,"score":0.5293999910354614},{"id":"https://openalex.org/C111219384","wikidata":"https://www.wikidata.org/wiki/Q6954384","display_name":"NIST","level":2,"score":0.48019999265670776},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.4763000011444092},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.44620001316070557},{"id":"https://openalex.org/C136643341","wikidata":"https://www.wikidata.org/wiki/Q1361526","display_name":"Reachability","level":2,"score":0.38199999928474426},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.36480000615119934},{"id":"https://openalex.org/C39389867","wikidata":"https://www.wikidata.org/wiki/Q380767","display_name":"Corporate governance","level":2,"score":0.352400004863739},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.32269999384880066},{"id":"https://openalex.org/C2778572836","wikidata":"https://www.wikidata.org/wiki/Q380933","display_name":"Space (punctuation)","level":2,"score":0.3192000091075897},{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.3100999891757965},{"id":"https://openalex.org/C178148461","wikidata":"https://www.wikidata.org/wiki/Q1632136","display_name":"Security controls","level":3,"score":0.3077999949455261},{"id":"https://openalex.org/C169468491","wikidata":"https://www.wikidata.org/wiki/Q146923","display_name":"Middleware (distributed applications)","level":2,"score":0.3059999942779541},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.3021000027656555},{"id":"https://openalex.org/C173801870","wikidata":"https://www.wikidata.org/wiki/Q201413","display_name":"Heuristic","level":2,"score":0.3000999987125397},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.2948000133037567},{"id":"https://openalex.org/C163258240","wikidata":"https://www.wikidata.org/wiki/Q25342","display_name":"Power (physics)","level":2,"score":0.2858999967575073},{"id":"https://openalex.org/C66098623","wikidata":"https://www.wikidata.org/wiki/Q2162595","display_name":"Inflatable","level":2,"score":0.2815000116825104},{"id":"https://openalex.org/C122637931","wikidata":"https://www.wikidata.org/wiki/Q118084","display_name":"Unit (ring theory)","level":2,"score":0.2702000141143799},{"id":"https://openalex.org/C2985105721","wikidata":"https://www.wikidata.org/wiki/Q13479512","display_name":"Incident response","level":2,"score":0.25290000438690186},{"id":"https://openalex.org/C47431972","wikidata":"https://www.wikidata.org/wiki/Q3045948","display_name":"ELECTRE","level":3,"score":0.25220000743865967}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2604.00303","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.00303","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2604.00303","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.00303","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"display_name":"Partnerships for the goals","score":0.44697287678718567,"id":"https://metadata.un.org/sdg/17"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"CubeSats":[0],"have":[1],"democratised":[2],"access":[3],"to":[4,77,167,218],"space":[5,11],"for":[6,61,171,178,189,213],"universities,":[7],"start-ups":[8],"and":[9,21,39,53,93,105,133,160,174,193,202,208],"emerging":[10],"nations,":[12],"but":[13],"the":[14],"same":[15],"design":[16],"decisions":[17],"that":[18,57,100,126,139,157],"reduce":[19],"cost":[20],"complexity":[22],"introduce":[23],"distinctive":[24],"cybersecurity":[25],"risks.":[26],"Existing":[27],"risk":[28,73],"assessment":[29,74],"frameworksNIST":[30],"SP":[31,45],"800-37/53":[32],"[1,":[33],"2],":[34],"ISO/IEC":[35],"27001/27005":[36],"[3,":[37],"4]":[38],"supply-chain":[40],"guidance":[41],"such":[42],"as":[43,143],"NIST":[44],"800-161":[46],"[5]assume":[47],"abundant":[48],"computational":[49],"resources,":[50],"centralised":[51],"monitoring":[52],"mature":[54],"governance":[55,194],"structures":[56],"do":[58],"not":[59],"hold":[60],"power-limited,":[62],"intermittently":[63],"connected":[64],"CubeSat":[65,78,191],"missions.":[66],"This":[67],"paper":[68],"develops":[69],"a":[70,82,122,134,150,210],"contextually":[71],"appropriate":[72],"framework":[75,118],"tailored":[76],"environments,":[79],"grounded":[80],"in":[81,103],"42-entry":[83],"vulnerability":[84],"register":[85,98],"coded":[86],"using":[87],"STRIDE":[88],"[6],":[89],"MITRE":[90],"ATT&amp;CK":[91],"[7]":[92],"CVSS":[94,109],"v3.1":[95],"[8].":[96],"The":[97,117,196],"reveals":[99],"risks":[101],"concentrate":[102],"communication":[104],"ground":[106],"segments":[107],"(mean":[108],"8.08.2)":[110],"rather":[111,148],"than":[112,149],"distributing":[113],"uniformly":[114],"across":[115],"subsystems.":[116],"introduces":[119],"two":[120],"constructs:":[121],"Security-per-Watt":[123],"(SpW)":[124],"heuristic":[125],"quantities":[127],"security":[128,216],"benefit":[129],"per":[130],"unit":[131],"power,":[132],"Distributed":[135],"Security":[136],"Paradigm":[137],"(DSP)":[138],"reconceptualises":[140],"incident":[141,162],"response":[142],"an":[144],"autonomous,":[145],"constellation-level":[146],"function":[147],"purely":[151],"ground-centric":[152],"process.":[153],"Scenario-based":[154],"analysis":[155],"demonstrates":[156],"adapted":[158],"controls":[159],"distributed":[161],"handling":[163],"can":[164],"achieve":[165],"up":[166],"2.7X":[168],"higher":[169,176],"SpW":[170,177],"cryptographic":[172],"choices":[173],"1.98X":[175],"incident-response":[179],"strategies":[180],"compared":[181],"with":[182,204],"naive":[183],"terrestrial":[184],"transpositions,":[185],"while":[186],"remaining":[187],"feasible":[188],"typical":[190],"power":[192],"constraints.":[195],"approach":[197],"provides":[198],"mission":[199],"designers,":[200],"operators":[201],"regulators":[203],"proportionate,":[205],"auditable":[206],"guidance,":[207],"offers":[209],"reusable":[211],"pattern":[212],"adapting":[214],"enterprise":[215],"frameworks":[217],"other":[219],"severely":[220],"constrained":[221],"cyber-physical":[222],"systems.":[223]},"counts_by_year":[],"updated_date":"2026-04-03T16:44:17.987007","created_date":"2026-04-03T00:00:00"}