Certified Space Security Specialist Professional (CSSSP)

Certified Space Security Specialist Professional (CSSSP) Certification Course

• Public Training with Exam: April 14-15, 2026 (Level 1) Washington DC
• Public Training with Exam: April 16-17, 2026 (Level 2) Washington DC
• Public Training with Exam: April 30- May 1, 2026 (Level 3) Washington DC

There’s never been a greater demand for Certified Space Security Specialist Professionals (CSSSP).

Space security has garnered much attention this past year as exemplified by NASA’s December 2023 release of its Space Security Best Practices Guide to bolster mission cybersecurity efforts for both public sector and private sector space activities.

This guide represents a collective effort to establish a set of principles that will enable the space sector to identify and mitigate risks and ensure continued success of space missions, both in Earth’s orbit and beyond.

According to NASA, in terms of both information systems and operational technologies, space systems are becoming more integrated and interconnected. These developments carry benefits – NASA and other organizations have unprecedented new possibilities for working, communicating, and gathering data in space.

However, on the flip side, complex systems can also have vulnerabilities. Through its new guide, NASA aims to provide best practices for adapting to these new challenges and implementing safety and security measures.

Cognizant of this demand, International Society of Space Security Specialists (IS4.org) has become the authority for certified space security specialist providing the information, tools and insights to help you grow and excel in your career as a Certified Space Security Specialist Professional (CSSSP).

Analysts contend IS4.org’s CSSSP and other IS4 certification programs are impactful for participants as well as the future of nations that increasingly rely on the space industry for everything from communications to national security.

Certified Space Security Specialist Professional (CSSSP): Cybersecurity is mission assurance in space—protecting command & control links, payload data, and ground segments from compromise.

Strong controls prevent hostile takeovers, data exfiltration, and unsafe maneuvers while preserving spectrum, timing, and service availability across constellations.

Embedding zero-trust, secure-by-design practices, and resilient operations reduces geopolitical and supply-chain risk and keeps critical space services trustworthy.

CSSSP Level 1 (Specialist):

The CSSSP® (Certified Space Systems Security Professional) qualification is one of the most qualified certifications in the space security industry, demonstrating an advanced knowledge of space cybersecurity.

Additionally, a CSSSP certification carries more weight every day as organizations and agencies look to hire professionals in space security to protect their interests from continual advance of cybercrime.

In coordination with ISSSS (International Society of Space and Security Specialists) or is4.org, Tonex has created the Certified Space Security Specialist Professional certification in order to train current and Space and Intelligence personnel in how to more effectively manage space security issues.

IS4 has become the world’s only space cybersecurity certification authority. ISSSS is an international membership association for space and security professionals offering Certified Space Security Specialist Professional  (CSSSP) and other space cybersecurity certifications.

CSSSP certification offers several benefits for anyone hoping to break into the space security field. These benefits include:

• Top-notch instruction
• Professional instructors
• Up-to-date, relevant content
• Innovative ways to learn
• Comprehensive exam prep

Overall, a CSSSP certification provides the information, tools and insights to help participants grow and excel as a certified space security specialist.

is4.org (International Society of Space and Security Specialists/IS4) is an international membership association for space and security professionals committed to helping its members learn, grow, certify and thrive. We empower professionals who touch every aspect of space and security. Our CSSSP certification and other space cybersecurity path proves you have what it takes to effectively plan, architect, design, implement and manage a best-in-class space cybersecurity program.

---

CSSSP – Certified Space Systems Security Professional (Level 1)

The CSSSP Level 1 certification provides a foundational, practitioner-oriented introduction to securing space information systems and space mission architectures across the full lifecycle—from design and development to launch, operation, and sustainment.

Participants learn how cybersecurity applies uniquely to space systems, including satellites, ground segments, launch systems, space networks, and space-enabled services. The course integrates Risk Management Framework (RMF) / Cybersecurity Risk Management Construct (CSRMC), space DevSecOps, independent verification & validation (IV&V), security testing, and threat-driven analysis for software, firmware, and hardware.

This Level-1 course emphasizes conceptual understanding, applied analysis, and structured security thinking, preparing participants for advanced CSSSP levels.

Foundations of Space Systems Cybersecurity. CSSSP Level 1 domains are:

• SPACE INFORMATION SYSTEMS SECURITY
• SECURITY TESTING AND EVALUATION, IV&V, A&A, SDLC AND THE
• RISK MANAGEMENT FRAMEWORK (RMF) or Cybersecurity Risk Management Construct (CSRMC),
• SPACE DEVOPS AND SECURITY
• SPACE SECURITY ASSESSMENT, ARCHITECTURE, ENGINEERING, TESTING AND OPERATION
• SPACE SYSTEMS, SOFTWARE, FIRMWARE AND HARDWARE SECURITY
• SPACE THREAT AND VULNERABILITY ANALYSIS AND ASSESSMENT

Outcome

Participants who pass the exam earn:

Certified Space Systems Security Professional (CSSSP) – Level 1

This certification establishes a baseline credential for professionals entering the space cybersecurity domain and prepares them for CSSSP Level 2 (Advanced Analysis & Engineering).

Learning Objectives

By the end of this course, participants will be able to:

• Understand the space systems security landscape and mission-driven risk.
• Explain space information systems architectures and their cyber dependencies.
• Apply RMF / CSRMC concepts to space missions and programs.
• Identify security considerations across the space system SDLC.
• Understand IV&V, security testing, and A&A in space programs.
• Analyze software, firmware, and hardware security risks in space systems.
• Perform basic space threat and vulnerability analysis.
• Understand Space DevSecOps concepts and constraints.
• Assess space system security from architecture through operations.

Target Audience

• Space systems engineers
• Cybersecurity engineers and analysts
• Satellite operators and mission planners
• Defense, government, and aerospace professionals
• Systems, software, and hardware engineers entering space security
• Program managers and technical leads (foundational level)

Prerequisites

• Basic understanding of systems engineering or cybersecurity concepts
• No prior space security experience required

DAY 1 – Foundations of Space Systems Security

Module 1: Introduction to Space Information Systems Security

Topics

• What makes space systems different from terrestrial IT
• Space mission lifecycle and cyber dependencies
• Space segments:
  • Space segment
  • Ground segment
  • Link/communication segment
  • User and mission segment
• Confidentiality, Integrity, Availability, and Mission Assurance in space

Workshop 1 – Space Mission Decomposition

• Identify cyber-relevant components of a sample satellite mission
• Map mission objectives to information assets

Module 2: Space Systems, Software, Firmware, and Hardware Security

Topics

• Space system attack surface overview
• Software security:
  • Flight software
  • Ground software
  • Update mechanisms
• Firmware security:
  • Bootloaders
  • FPGA bitstreams
  • Trusted boot
• Hardware security:
  • Radiation impacts on security
  • Supply chain risks
  • Hardware Trojans
• Differences between space-grade and COTS components

Workshop 2 – System and Component Security Mapping

• Identify security concerns across system of systems (SoS), systems, subsystems, software, firmware, and hardware layers
• Classify risks by mission impact

Module 3: Space Secure SDLC and RMF / CSRMC Foundations

Topics

• Space system development lifecycles
• Secure SDLC for space missions
• RMF / CSRMC overview:
  • Categorize
  • Select
  • Implement
  • Assess
  • Authorize
  • Monitor
• Tailoring RMF for space constraints
• Mission impact vs. traditional IT risk

Workshop 3 – Risk Managment Scoping Exercise

• Define system boundaries for a space mission
• Identify security categorization and mission impacts

Module 4: Security Testing, IV&V, and A&A in Space Programs

Topics

• Independent Verification & Validation (IV&V) in space systems
• Security testing vs. functional testing
• Penetration testing constraints in space
• Verification of security controls
• Authority to Operate (ATO) vs. mission acceptance
• Continuous monitoring for space assets

Workshop 4 – Security Test Planning

• Identify feasible security tests for a space system
• Determine what can and cannot be tested pre-launch vs. on-orbit

DAY 2 – Space DevSecOps, Threats, and Security Assessment

Module 5: Space DevSecOps and Secure Operations

Topics

• DevSecOps principles applied to space
• CI/CD constraints for space systems
• Secure software updates for on-orbit systems
• Configuration management in space missions
• Telemetry, command authentication, and integrity
• Incident response in space environments

Workshop 5 – Space DevSecOps Pipeline Design

• Design a conceptual secure pipeline for flight and ground software
• Identify security gates and failure points

Module 6: Space Security Architecture and Engineering

Topics

• Security-by-design for space architectures
• Defense-in-depth for space missions
• Zero Trust concepts in space systems
• Secure communication architectures
• Resilience, redundancy, and graceful degradation
• Engineering tradeoffs between security, cost, mass, and power

Workshop 6 – Secure Architecture Review

• Review a simplified space system architecture
• Identify architectural security gaps and improvements

Module 7: Space Threat and Vulnerability Analysis

Topics

• Space threat landscape:
  • Nation-state threats
  • Cyber-physical threats
  • EW and cyber convergence
• Common space vulnerabilities:
  • Command uplink
  • Telemetry downlink
  • Ground station compromise
  • Supply chain attacks
• Threat modeling for space systems
• Mission impact analysis

Workshop 7 – Threat Modeling Exercise

• Conduct a basic threat model for a space mission
• Identify threats, vulnerabilities, and mission consequences
• Frameworks used: MITRE ATTACK, OWASP, STRIDE, PASTA and TONEX SAP-E Framework

Tonex’s S-APE Cybersecurity Threat Framework

A structured framework the S-APE Cybersecurity Threat Framework, organized by segment (Space, Ground, User) and by libraries:

1. Threat Agents
2. Attack Vectors
3. Security Weaknesses
4. Security Controls
5. Technical Impacts
6. Business & Operational Impacts

This format is intentionally modular and reusable for training, threat modeling, risk registers, red/blue teaming, and compliance mapping (e.g., NIST, ISO 27001, CCSDS, IEC 62443).

S-APE Cybersecurity Threat Framework

S-APE is:

• A Tonex-created, space-native threat modeling model
• Designed specifically for space, ground, and user segments
• Intended to be used as the threat modeling engine inside CSRMC

Formally:

S-APE = Tonex proprietary threat modeling methodology

CSRMC (Cybersecurity Risk Management Construct) is a framework for managing cybersecurity risk across systems.

S-APE (Space–Attack–Platform–Exploitation) is the Tonex proprietary threat modeling methodology used using CSRMC.

Module 8: Space Security Assessment and Operational Risk

Topics

• End-to-end security assessment process
• Pre-launch vs. on-orbit risk
• Continuous risk monitoring
• Operational decision-making under cyber risk
• Preparing for higher CSSSP levels

Capstone Exercise – Space Security Assessment

• Perform a high-level security assessment of a space system
• Present risks, mitigations, and recommendations

Examination Description

CSSSP Level 1 Certification Exam

• Format: Multiple-choice
• Number of Questions: 40
• Duration: 90 minutes
• Passing Score: 70%

Exam Domains

1. Space Information Systems Security
2. Space SDLC and RMF / CSRMC
3. Software, Firmware, and Hardware Security
4. Security Testing, IV&V, and A&A
5. Space DevSecOps and Operations
6. Space Threat and Vulnerability Analysis

CSSSP Level I Exam Domains & Weighting

Domain 1: Space Information Systems Security (20%)

• Space mission and system security concepts
• Space, ground, link, and user segments
• Mission assurance vs. traditional IT security
• CIA + mission resilience in space
• Space-specific cyber constraints

Domain 2: Space Systems, Software, Firmware & Hardware Security (18%)

• Flight software and ground software security
• Firmware security (boot, FPGA, configuration)
• Hardware security risks and supply chain threats
• Radiation and fault impacts on security
• COTS vs. space-grade component risks

Domain 3: Secure Space SDLC & RMF / CSRMC (20%)

• Secure SDLC for space programs
• RMF / CSRMC phases applied to space missions
• System boundary definition
• Security categorization and control selection
• Risk acceptance and mission impact

Domain 4: Security Testing, IV&V & A&A (15%)

• Security testing vs. functional testing
• IV&V concepts in space systems
• Authority to Operate (ATO) vs. mission acceptance
• Verification of security controls
• Continuous monitoring considerations

Domain 5: Space DevSecOps & Secure Operations (12%)

• DevSecOps principles for space systems
• CI/CD constraints for flight software
• Secure update and configuration management
• Telemetry and command security
• Operational risk management

Domain 6: Space Threat & Vulnerability Analysis (15%)

• Space cyber threat landscape
• Common attack vectors and vulnerabilities
• Threat modeling fundamentals
• Mission impact analysis
• Introduction to adversary capabilities

Scoring & Certification Policy

• Candidates must achieve 70% or higher to pass
• Results are reported as Pass / Fail
• Unsuccessful candidates may retake the exam after a defined waiting period
• Certification is valid as part of the CSSSP credential ladder

Certification Awarded

Upon passing the exam, candidates earn:

• Certified Space Systems Security Professional (CSSSP) – Level I (Foundation)
• ink CSSSP L1 badge downloadable to Linkedin

CSSSP Credential Progression

Level	Focus
CSSSP Level I	Foundations of Space Systems Security
CSSSP Level II	Professional Space Security Management & Operations
CSSSP Level III	Expert Blue / Red / Purple Team Space Cyber Operations

---

CSSSP – Certified Space Systems Security Professional (Level II)

CSSSP Level II is a professional-level certification focused on managing, leading, and executing space cybersecurity operations across government, defense, and commercial space environments.

This course moves beyond foundational concepts to address space security governance, operational leadership, vulnerability management, investigations, incident response, threat intelligence, and forensic operations—all within the unique constraints of space missions and space-enabled systems.

Participants gain the skills required to manage space security programs, lead technical teams, oversee compliance and risk frameworks, coordinate investigations, and respond to cyber incidents affecting space assets, networks, and mission operations.

Professional Space Security Management & Operations. Domains include:

Space Security Management

• Managing Technical Space Security Operations
• Space RMF/ Cybersecurity Risk Management Construct (CSRMC), and Critical Controls
• Space Planning, Policy, Leadership
• Space Vulnerability Management
• Leadership Essentials
• Space Project Management
• Space Audit & Legal
• Space Law & Investigations

Space Incident Response & Threat Hunting

• Space Network Forensics
• Forensics
• Space Threat Intel & Forensics
• Malware Analysis & Space Threat Intelligence
• Space Cyber Threat Intelligence
• Space Battlefield Forensics

Learning Objectives

By the end of this course, participants will be able to:

• Manage and oversee space cybersecurity operations across mission lifecycles.
• Apply Space RMF and critical security controls at program and enterprise levels.
• Lead space security planning, policy, and governance efforts.
• Conduct and manage space vulnerability management programs.
• Apply leadership principles to space cybersecurity teams and missions.
• Manage space projects with integrated security objectives.
• Understand space audit, legal, and regulatory obligations.
• Lead and coordinate space cyber investigations.
• Execute space incident response and threat hunting activities.
• Apply space network forensics and battlefield forensics techniques.
• Analyze malware and space cyber threat intelligence.

Target Audience

• Space cybersecurity managers and leads
• SOC managers supporting space missions
• Space operations and mission assurance managers
• Government and defense cybersecurity leaders
• Space program managers and technical directors
• Incident response and threat intelligence professionals

Prerequisites

• CSSSP Level I (or equivalent experience)
• Experience in cybersecurity, space systems, or mission operations

2-Day Professional Course Outline

DAY 1 – Space Security Management, Governance, and Leadership

Module 1: Space Security Management & Technical Operations

Topics

• Space security as a mission assurance function
• Managing technical space security operations
• Integrating cyber, EW, and mission operations
• Security operations centers (SOC) for space missions
• Metrics, KPIs, and operational readiness

Workshop 1 – Space Security Operations Planning

• Design an operational model for a space security program
• Define roles, escalation paths, and success metrics

Module 2: Space RMF and Critical Security Controls

Topics

• Advanced application of RMF / CSRMC for space systems
• Space-specific tailoring of security controls
• Critical controls for space missions
• Continuous authorization and monitoring
• Managing inherited and shared controls

Workshop 2 – Space RMF Decision Exercise

• Evaluate risk acceptance decisions for a space mission
• Balance mission objectives with cyber risk

Module 3: Space Planning, Policy, and Leadership Essentials

Topics

• Space cybersecurity policy development
• Governance models for space organizations
• Leadership essentials for space security leaders
• Decision-making under uncertainty
• Communicating risk to executive and mission leadership

Workshop 3 – Executive Briefing Simulation

• Prepare and deliver a space cyber risk briefing
• Translate technical risk into mission impact

Module 4: Space Vulnerability Management & Program Oversight

Topics

• Vulnerability management for space systems
• Vulnerability disclosure and coordination
• Patch and configuration management constraints
• Risk-based prioritization for space missions
• Supply chain and third-party risk

Workshop 4 – Vulnerability Management Strategy

• Develop a vulnerability management plan for a space program
• Prioritize vulnerabilities based on mission criticality

Module 5: Space Project Management & Compliance Oversight

Topics

• Integrating security into space project management
• Security milestones and deliverables
• Managing contractors and integrators
• Space audit readiness
• Compliance tracking and reporting

Workshop 5 – Secure Space Project Planning

• Identify security deliverables across a project lifecycle
• Align schedule, cost, and risk

DAY 2 – Investigations, Incident Response, and Threat Intelligence

Module 6: Space Audit, Legal, and Investigations

Topics

• Space cybersecurity audits
• Legal considerations in space cyber incidents
• Evidence handling and chain of custody
• Jurisdictional and international considerations
• Supporting investigations and inquiries

Workshop 6 – Audit & Investigation Scenario

• Respond to an audit finding or legal inquiry
• Identify required evidence and actions

Module 7: Space Incident Response & Threat Hunting

Topics

• Incident response in space environments
• Detecting anomalies in space telemetry and networks
• Threat hunting methodologies for space systems
• Coordinating IR across space and ground segments
• Post-incident lessons learned

Workshop 7 – Space Incident Response Tabletop

• Respond to a simulated space cyber incident
• Make operational decisions under pressure

Module 8: Space Network Forensics & Battlefield Forensics

Topics

• Space network architectures and data sources
• Telemetry and command forensic analysis
• Ground station and relay network forensics
• Battlefield forensics in contested space environments
• Attribution challenges

Workshop 8 – Network Forensics Exercise

• Analyze simulated space network logs
• Identify attack indicators and timelines

Module 9: Malware Analysis & Space Threat Intelligence

Topics

• Malware targeting space systems
• Malware analysis approaches (static and dynamic)
• Threat actor TTPs in space cyber operations
• Mapping malware activity to mission impact

Workshop 9 – Malware Intelligence Analysis

• Analyze a simulated malware report
• Extract indicators and assess mission risk

Module 10: Space Cyber Threat Intelligence & Fusion Analysis

Topics

• Space cyber threat intelligence lifecycle
• Intelligence sources and collection
• Fusing cyber, EW, and kinetic intelligence
• Space threat intelligence reporting

Workshop 10 – Threat Intelligence Fusion

• Produce a space cyber threat intelligence briefing
• Integrate multiple intelligence sources

Module 11: Space Battlefield Forensics & Strategic Attribution

Topics

• Battlefield forensics in space operations
• Attribution challenges in space cyber conflict
• Strategic, operational, and tactical analysis
• Supporting command-level decisions

Capstone Exercise – Space Incident & Intelligence Case

• Lead an end-to-end investigation:
  • Incident response
  • Forensics
  • Threat intelligence
  • Executive reporting

Examination Description

CSSSP Level II Certification Exam

• Format: Multiple-choice + scenario-based questions
• Number of Questions: 75
• Duration: 120 minutes
• Passing Score: 75%

Exam Domains

1. Space Security Management & Leadership
2. Space RMF/ Cybersecurity Risk Management Construct (CSRMC), and Critical Controls
3. Space Vulnerability & Risk Management
4. Incident Response & Threat Hunting
5. Space Forensics & Investigations
6. Malware Analysis & Threat Intelligence

Exam Emphasis

• Operational decision-making
• Management judgment
• Incident leadership
• Intelligence-informed defense

Certification Awarded

Certified Space Systems Security Professional (CSSSP) – Level II (Professional)

CSSSP Level II Examination Overview

The CSSSP Level II exam validates professional-level competence in managing, leading, and executing space cybersecurity operations.
It focuses on operational decision-making, governance, investigations, incident response, vulnerability management, and threat intelligence, rather than purely theoretical knowledge.

This exam assesses the candidate’s ability to apply security frameworks, manage teams, respond to incidents, oversee investigations, and integrate intelligence into space mission security operations.

Exam Format

• Exam Type: Proctored, closed book
• Question Format:
  • Multiple-choice (single best answer)
  • Scenario-based questions
• Number of Questions: 40
• Duration: 90 minutes
• Passing Score: 70%
• Difficulty Level: Professional / Operational

CSSSP Level II Exam Domains & Weighting

Domain 1: Space Security Management & Leadership (18%)

• Managing space cybersecurity operations
• Technical and operational leadership responsibilities
• SOC and mission security operations
• Metrics, KPIs, and readiness
• Communicating cyber risk to leadership

Domain 2: Space RMF, Critical Controls & Governance (17%)

• Advanced application of RMF / CSRMC
• Tailoring security controls for space missions
• Continuous authorization and monitoring
• Policy development and enforcement
• Governance models for space organizations

Domain 3: Space Vulnerability Management & Risk Oversight (15%)

• Vulnerability identification and prioritization
• Space patch and configuration management constraints
• Supply chain and third-party risk
• Risk acceptance and mitigation strategies
• Vulnerability disclosure coordination

Domain 4: Space Incident Response & Threat Hunting (17%)

• Incident response lifecycle for space systems
• Coordinating ground and space response activities
• Threat hunting methodologies
• Post-incident analysis and lessons learned
• Operational decision-making under attack

Domain 5: Space Forensics, Audit & Legal Considerations (16%)

• Space network and telemetry forensics
• Evidence handling and chain of custody
• Audit readiness and compliance
• Legal, regulatory, and jurisdictional considerations
• Supporting investigations and inquiries

Domain 6: Space Threat Intelligence & Malware Analysis (17%)

• Space cyber threat intelligence lifecycle
• Intelligence sources and fusion
• Malware targeting space systems
• Adversary TTPs and mission impact
• Intelligence reporting and briefing

Scoring & Certification Policy

• Minimum passing score: 75%
• Results reported as Pass / Fail
• Retakes allowed after defined waiting period
• Certification applies to the CSSSP professional tier

Certification Awarded

Upon successful completion, candidates earn:

Certified Space Systems Security Professional (CSSSP) – Level II (Professional)

CSSSP Level II Positioning

Level	Focus
CSSSP Level I	Foundations & Architecture
CSSSP Level II	Professional Management, Operations & Investigations
CSSSP Level III	Expert Blue / Red / Purple Team Operations

Exam Philosophy

The CSSSP Level II exam evaluates the candidate’s ability to:

• Make operational and leadership decisions
• Manage complex space security programs
• Lead incident response and investigations
• Apply threat intelligence to mission defense

It emphasizes judgment, prioritization, and mission impact over rote memorization.

---

CSSSP – Certified Space Systems Security Professional (Level III)

Expert Space Cyber Operations (Blue, Red & Purple Team) – CSSSP Level III represents the highest level of professional certification for space cybersecurity practitioners, validating elite expertise in defending and assessing space missions in contested cyber environments.

CSSSP Level III is an expert-level certification focused on advanced space cyber defense and offense operations. It prepares senior practitioners to detect, hunt, exploit, defend, assess, and validate cybersecurity in contested space environments.

This course integrates:

• Blue Team space monitoring, detection, response, and analytics
• Red Team space penetration testing, ethical hacking, and vulnerability exploitation
• Purple Team coordination and adversary emulation
• Space Cyber Test & Evaluation (T&E)

Participants operate across space, ground, network, and mission layers, applying tactical analytics, intelligence fusion, and hands-on adversary techniques.

Learning Objectives

By the end of this course, participants will be able to:

• Conduct advanced space cyber defense operations.
• Perform space monitoring, detection, and threat hunting.
• Execute space penetration testing and ethical hacking.
• Conduct space vulnerability assessment and exploitation.
• Lead incident response in contested space environments.
• Apply open-source space intelligence (OSINT).
• Execute Blue Team and Red Team Cyber T&E for space systems.
• Apply Purple Team tactics to improve mission resilience.
• Perform tactical analytics for space cyber operations.
• Support command-level decision-making during space cyber conflict.

Target Audience

• Senior space cybersecurity professionals
• Blue Team / Red Team / Purple Team leads
• Space SOC leaders
• Military, intelligence, and defense cyber operators
• Space cyber penetration testers
• Incident response and cyber warfare specialists

Prerequisites

• CSSSP Level II (Professional)
• Significant experience in cybersecurity operations, space systems, or cyber warfare

2-Day Expert Course Outline

DAY 1 – BLUE TEAM & DEFENSIVE SPACE CYBER OPERATIONS

Module 1: Advanced Space Security Essentials

Topics

• Contested and denied space environments
• Space cyber operations doctrine
• Cyber-EW-kinetic convergence
• Mission-level cyber defense objectives

Module 2: Space Monitoring and Detection

Topics

• Space telemetry-based detection
• Command and control anomaly detection
• Ground segment and relay monitoring
• Behavioral analytics for space missions
• Deception and honeypots for space systems

Workshop 1 – Space Detection Engineering

• Design detection logic for a satellite mission
• Identify indicators of compromise across segments

Module 3: Space Incident Response & Threat Hunting

Topics

• Advanced threat hunting methodologies
• Mission-impact-driven IR
• Live-orbit response constraints
• Coordinated ground/space response
• Recovery and reconstitution

Workshop 2 – Threat Hunt Execution

• Conduct a guided hunt using simulated space telemetry and logs

Module 4: Space Cyber Defense Operations

Topics

• Blue Team operational playbooks
• Defensive counter-measures
• Resilience, redundancy, and fail-safe design
• Cyber defense during active conflict

Workshop 3 – Blue Team Tabletop

• Defend a space mission under live attack conditions

Module 5: Open-Source Space Intelligence & Tactical Analytics

Topics

• OSINT sources for space cyber operations
• Satellite tracking, launches, and adversary behavior
• Tactical analytics for cyber-space fusion
• Intelligence-driven defense

Workshop 4 – Space OSINT Analysis

• Produce a threat intelligence profile using open-source data

Module 6: Space Cyber T&E – Blue Team

Topics

• Defensive T&E methodologies
• Detection coverage validation
• Control effectiveness testing
• Lessons learned and improvement loops

Exercise – Blue Team Cyber T&E

• Evaluate defensive coverage against known threat scenarios

DAY 2 – RED TEAM, PURPLE TEAM & OFFENSIVE SPACE CYBER

Module 7: Specialized Space Penetration Testing

Topics

• Space-specific attack vectors
• Satellite command and control attacks
• Ground station exploitation
• Supply chain and firmware attacks
• Constraints of ethical space hacking

Module 8: Space Vulnerability Assessment & Ethical Hacking

Topics

• Vulnerability discovery for space systems
• Risk-based exploitation
• Hardware, firmware, and protocol weaknesses
• Responsible disclosure in space missions

Workshop 5 – Space Vulnerability Analysis

• Analyze a space system for exploitable weaknesses

Module 9: In-Depth Network Coverage & Penetration Testing

Topics

• Deep network reconnaissance
• Space network pivoting
• Lateral movement across segments
• Persistence in space-enabled networks

Workshop 6 – Penetration Testing Simulation

• Execute a controlled space network attack path

Module 10: Space Cyber T&E – Red Team

Topics

• Offensive T&E objectives
• Attack scenario design
• Measuring mission impact
• Reporting and remediation guidance

Exercise – Red Team Cyber T&E

• Conduct a red team assessment of a space architecture

Module 11: Purple Team Tactics & Adversary Emulation

Topics

• Red-Blue collaboration models
• Adversary emulation for space threats
• Continuous improvement cycles
• Mission-focused resilience engineering

Workshop 7 – Purple Team Exercise

• Coordinate Red and Blue teams to improve defenses

Module 12: Capstone – Full-Spectrum Space Cyber Operation

Capstone Exercise
Participants execute an end-to-end space cyber operation:

• Red Team attack
• Blue Team detection and response
• Purple Team analysis and improvement
• Executive mission briefing

Examination Description

CSSSP Level III – Expert Exam

• Format:
  • Scenario-based questions
  • Analytical decision questions
  • Operational judgment cases
• Number of Questions: 80
• Duration: 150 minutes
• Passing Score: 80%

Exam Domains

1. Advanced Space Cyber Defense Operations
2. Space Monitoring, Detection & Threat Hunting
3. Space Penetration Testing & Ethical Hacking
4. Vulnerability Assessment & Exploitation
5. Space Cyber T&E (Blue & Red Team)
6. Purple Team Operations & Tactical Analytics

Certification Awarded

Certified Space Systems Security Professional (CSSSP) – Level III (Expert)

Program Positioning

• Level I: Foundations & Architecture
• Level II: Management, Operations & Investigations
• Level III: Expert Blue/Red/Purple Team Space Cyber Operations

CSSSP – Certified Space Systems Security Professional (Level III)

Examination Domains & Certification Information

CSSSP Level III Examination Overview

The CSSSP Level III exam validates expert-level capability in full-spectrum space cyber operations, including Blue Team defense, Red Team offense, Purple Team coordination, and Cyber Test & Evaluation (T&E) in contested and denied space environments.

This exam assesses the candidate’s ability to think tactically, operate adversary-informed defenses, conduct space penetration testing, execute advanced threat hunting, and make mission-critical decisions under active cyber conflict.

Level III is the capstone certification of the CSSSP framework.

Exam Format

• Exam Type: Proctored, closed book
• Question Format:
  • Advanced scenario-based questions
  • Analytical decision questions
  • Blue / Red / Purple Team operational cases
• Number of Questions: 40
• Duration: 90 minutes
• Passing Score: 70%
• Difficulty Level: Expert / Operational / Tactical

CSSSP Level III Exam Domains & Weighting

Domain 1: Advanced Space Cyber Defense Operations (18%)

• Space cyber defense doctrine
• Mission-level defensive strategy
• Cyber-EW-kinetic convergence
• Defensive countermeasures and resilience
• Space SOC operations in contested environments

Domain 2: Space Monitoring, Detection & Threat Hunting (17%)

• Telemetry-driven detection engineering
• Behavioral analytics for space systems
• Threat hunting methodologies
• Deception, honeypots, and anomaly detection
• Detection coverage and effectiveness

Domain 3: Space Penetration Testing & Ethical Hacking (17%)

• Space-specific attack vectors
• Satellite command and control exploitation
• Ground station and relay compromise
• Firmware, protocol, and supply-chain attacks
• Ethical hacking constraints in space missions

Domain 4: Space Vulnerability Assessment & Exploitation (15%)

• Vulnerability discovery and validation
• Risk-based exploitation planning
• Hardware, firmware, and software weaknesses
• Mission impact of exploited vulnerabilities
• Responsible disclosure and remediation

Domain 5: Space Cyber Test & Evaluation (Blue & Red Team) (16%)

• Cyber T&E objectives and methodologies
• Defensive coverage validation (Blue Team)
• Offensive capability assessment (Red Team)
• Measuring mission impact and resilience
• Reporting, lessons learned, and improvement cycles

Domain 6: Purple Team Operations, Tactical Analytics & Intelligence (17%)

• Red-Blue coordination models
• Adversary emulation for space threats
• Tactical analytics and intelligence fusion
• Open-source space intelligence (OSINT)
• Command-level decision support

Scoring & Certification Policy

• Minimum passing score: 80%
• Results reported as Pass / Fail
• Retakes allowed after a defined waiting period
• Certification represents expert-level operational competence

Certification Awarded

Upon successful completion, candidates earn:

Certified Space Systems Security Professional (CSSSP) – Level III (Expert)

CSSSP Credential Progression

Level	Focus
CSSSP Level I	Foundations of Space Systems Security
CSSSP Level II	Professional Space Security Management & Operations
CSSSP Level III	Expert Blue / Red / Purple Team Space Cyber Operations

Exam Philosophy

The CSSSP Level III exam is designed to evaluate:

• Operational judgment under adversarial conditions
• Ability to defend and attack space systems responsibly
• Expertise in tactical analytics and intelligence-driven operations
• Leadership during active space cyber conflict

This exam does not test basic concepts or introductory material.
It assumes mastery of Levels I and II and focuses on real-world operational decision-making.

---

CSSSP Level I, II and III

• CSSSP Level I: SPECIALIST
• CSSSP Level II: PROFESSIONAL
• CSSSP Level III: EXPERT

CSSSP Certification Domains

I. Space Cybersecurity Mission Management
II. Space Cyber Intelligence and Cyber Warfare
III. Space Cybersecurity Operations
IV. Space Cybersecurity Forensics Penetration Testing and Computer Network Defense
V. Space Information Assurance

CSSSP Certification by Job Function

• Basic Operator
• Infrastructure Support
• Analyst
• Policy Maker
• Auditor
• Incident Responder
• Forensic
• Defensive
• Offensive

Upcoming course: CSSSP Level 1 (Specialist)

• Length: 2 Days
• When: …. (Live Online or In-Person)
• Where: Washington D.C.

Learn more >>>

Next course: CSSSP Level 2 (Professional)

• Length: 2 Days
• When: …… (In-Person Class and Live Online with Teams)
• Where: Washington D.C.

Next course: CSSSP Level 3 (Expert)

• Length: 2 Days
• When: …… (In-Person Class and Live Online with Teams)
• Where:  Washington, DC.

Space security professionals will play a crucial role.

Space security is complex because as technology continues to develop, new space security issues also manifest.

Yet, space is increasingly important to modern life on Earth.

This is the essence of the challenges facing individuals who enter the field of certified space security specialist professionals.

The specific conflicts are considerable, ranging from what to do with space junk to military concerns.

An especially hot topic now for space security specialists involves the space around the moon. Cislunar space is the spherical volume that extends outward from Earth’s geosynchronous region to encapsulate the moon’s orbit and its Lagrange points, or “L points.”

L points have been the subject of much discussion among space scientists as well as space security specialists. L points are locations where the combined gravitational acceleration due to the Earth and moon allow a small object, such as a spacecraft, to orbit the Earth at the same rate as the moon.

Due to these unique features, L points are important for lunar development as locations where communications and monitoring equipment, refueling depots, and even space stations could be maintained at relatively low energy-output. Consequently, they are highly desirable pieces of celestial real estate.

While militaries have yet to make an appearance in cislunar space, there has been considerable non-military exploration. And that’s the security issue – total lack of situational awareness in cislunar space.

Due to the distances involved, Earth-based telescopes and radar are insufficient for monitoring spacecraft in cislunar space.

An important aspect for space security specialists to understands is that space is an evolving process and no single initiative can address all security issues related to outer space.

Truth is that more certified space security specialist professionals are essential because no one really knows how secure space will be in the coming years. This is why IS4 (International Society of Space and Security Specialists) has stepped up to become the world’s only space cybersecurity certification authority. IS4 is now an international membership association for space and security professionals offering Certified Space Security Specialist Professional  (CSSSP) and other space cybersecurity certifications.

In the cybersecurity industry, certifications show the cybersecurity skills you have and can be absolutely critical to your cybersecurity career trajectory.

In coordination with IS4, Tonex offers Certified Space Security Specialist Professional (CSSSP) in order to train current and future personnel in how to more effectively manage space security issues.

Certified Space Security Specialist Professional (CSSSP) Course by Tonex

Although some of these issues are no different from other industries, space systems are met with a unique confluence of cybersecurity risks that complicates the sector’s remediation capabilities.

Governments, critical infrastructure and economies rely on space-dependent services—for example, the Global Positioning System (GPS)—that are vulnerable to hostile cyber operations. However, few space-faring states and companies have paid sufficient attention to the cybersecurity of satellites in outer space, creating a number of risks.

Accelerate your space cybersecurity career with the CSSSP certification.

Certified Space Security Specialist Professional (CSSSP) certification is ideal for space and security practitioners, analysts, engineers, managers and executives interested in proving their knowledge across space security best practices and principles.

The CSSSP® (Certified Space Systems Security Professional) qualification is one of the most respected certifications in the space security industry, demonstrating an advanced knowledge of space cybersecurity.

Earning the CSSSP proves you have what it takes to effectively design, implement and manage a cybersecurity space program. With a CSSSP, you validate your expertise and become a Space Cyber member, unlocking a broad array of exclusive resources, educational tools, seminars, conferences and networking opportunities.

CSSSP certification also explores factors that led to the space sector’s poor cybersecurity posture, various cyberattacks against space systems, and existing mitigation techniques employed by the sector.

Analyzing the current state of the industry along with security practices across similar sectors, several security principles for satellites and space assets are proposed to help reorient the sector toward designing, developing, building and managing cyber secure systems. These security principles address both technical and policy issues in order to address all space system stakeholders.

Prove your skills, advance your career, and gain the support of a community of cybersecurity leaders here to support you throughout your career.

The CSSSP qualification has been developed and maintained jointly by Tonex. Space Cyber Org, International Society of Space and Security Specialists (ISSSS/IS4), and Society of Space Security Professionals (SOSSP) are future membership organizations supporting CSSSP and other related space cybersecurity certifications.

Program Objectives

• Space Information Assurance and Asset Management convers the information security defense in depth of space assets and supporting infrastructure throughout its entire SDLC lifecycle IAW with FISMA NIST, CNSS and industry standards.
• Space Cybersecurity Operations covers cybersecurity 24/7 365-day operational support meant to secure and maintain Confidentiality, Integrity and Availability of space based and terrestrial support asset’s computer systems, networks and data.
• Space Cybersecurity Forensics, Penetration Testing and Computer Network Defense covers forensics and incident response support for space based and terrestrial support asset’s computer systems, networks and data.
• Space Cybersecurity Mission Management covers the management of space cybersecurity mission program management and the management and infusion of new technologies into space programs and space cybersecurity operations.
• Space Cyber Intelligence, Cyber Warfare and Data Analytics covers space computer network operations (CNA, CNE, CND), threat intelligence and data analytics to support intelligence operations and cyber warfare.

---

---

CSSSP Level 1: Specialist

Offensive Space Operations

• Critical space assets and highly specialized usages, ensuring space operations are well-versed in essential space cybersecurity.

CSSSP Level I Skills Roadmap

• Space Mission Analysis
• Core Space Technologies and Baseline Skills
• Prevent, Defend, Maintain
• Space Security Essentials
• Space Asset Vulnerability Analysis

CSSSP Level I: Space Cybersecurity Operations Specialists

• Space Cybersecurity Mission Management
• Overview of Space Cyber Intelligence and Cyber Warfare
• Overview of Space Cybersecurity Operations
• Overview of Space Cybersecurity Forensics Penetration Testing and Computer Network Defense
• Overview of Space Information Assurance
• Sensor Fusion Integration with Space Cybersecurity
• Cybersecurity for Space Systems and System of Systems (SoS)
• Space Communications and Network Security

Learn more >>>

---

CSSSP Level II: Professional

Space Digital Forensics & Incident Response

• Space Digital Forensics and Incident Response certifications encompass abilities that professionals need to succeed, confirming that professionals can detect compromised space systems and identify how and when a breach occurred.

Management, Legal & Audit

• Space Management certifications confirm the practical skills to build and lead security teams, communicate with both technical teams and business leaders, and develop capabilities that strengthen your organization’s security posture.

CSSSP Level II Skills Roadmap

Space Security Management

• Managing Technical Space Security Operations
• Space RMF and Critical Controls
• Space Planning, Policy, Leadership
• Space Vulnerability Management
• Leadership Essentials
• Space Project Management
• Space Audit & Legal
• Space Law & Investigations

Space Incident Response & Threat Hunting

• Space Network Forensics
• Forensics
• Space Threat Intel & Forensics
• Malware Analysis & Space Threat Intelligence
• Space Cyber Threat Intelligence
• Space Battlefield Forensics

Learn more >>>

---

CSSSP Level III: Expert

Defensive Space Operations

• Spans the entire space defense spectrum and are focused in two areas: cyber defense essentials and blue teaming.

Offensive Space Operations

• Spans the entire space defense spectrum and are focused in two areas: cyber defense essentials and red teaming.

Blue Team:

• Space Monitoring and Detection
• Space Penetration Testing
• Space Incident Response and Threat Hunting
• Space Cyber Defense Operations
• Open-Source Space Intelligence
• Advanced Space Security Essentials
• Space with Tactical Analytics
• Space Cyber T&E: Blue Team

Red Team:

• Specialized Penetration Testing
• In-Depth Network Coverage
• Purple Team Tactics
• Penetration Testing
• Space Vulnerability Assessment and Analysis
• Space Ethical Hacking
• Space Vulnerability
• Space Cyber T&E: Red Team

Space Cyber Intelligence and Cyber Warfare:

• Computer Network Operations in Space (CNA, CNE, CND)
• Electronic and Cyber Warfare in Outer Space
• Remote Sensing Security with Satellite

Learn more >>>

---

Certified Space Security Specialist Professional (CSSSP), 2 Days

For anyone considering a career in space security, don’t overlook the importance of certification.

CSSSP Exam Topics:

1. Space Cybersecurity Foundation
2. Space Security Architecture and Engineering
3. Space Security Architecture and Operation
4. Space Embedded Systems Cybersecurity
5. Sensor Fusion Integration with Space Cybersecurity
6. Space Cybersecurity Test and Evaluation (T&E)
7. Space Cyber Threat & Vulnerability Analysis and Assessment
8. Space Security, Critical Controls and Risk Management Framework (RMF)
9. Space Security Assessment, Architecture, Engineering, Testing and Operation
10. Space Development Lifecycle and Information System Security Analysis
11. Protecting Security of Space Assets Space
12. Physical Security Requirements
13. Space Information Assurance and Asset Management Cybersecurity for Space Systems and System of Systems (SoS)
14. Space Communications and Network Security
15. MIL-STD-1553 and ARINC 429 Databus Cybersecurity
16. Space Systems, Software, Firmware and Hardware Security
17. Space Intrusion Detection Analysis
18. Space Secure Communications and Network Defense
19. Space Cyber–Domain Configuration Management
20. Space Network Forensics and Space Incident Response
21. Space Secure Communications and Network Attacks
22. Space Network and System Reverse Engineering
23. Space Network Penetration Testing and Ethical Hacking
24. Space Satellite Data Storage and Processing Forensic Analysis
25. Space Computer Network Defense Service Provider Operations
26. Space Ethical Hacking, Penetration Testing and Defenses
27. Space Security Planning, Laws, Regulation, Policy, Compliance and Leadership
28. Space Identity and Access Management (IAM)
29. Artificial Intelligence (AI), Machine Learning (ML), and Deep Learning (DL) Integration
30. Blockchain Integration with Space Projects
31. Software Designed Radio (SDR) with Space Cybersecurity (SDR Security)
32. Space Security Vulnerabilities, Threats and Countermeasures Analytics
33. Space computer network attack (CNA), computer network defense (CND) and computer network exploitation (CNE)
34. System Survivability, Electronic and Cyber Warfare in Outer Space
35. Remote Sensing Security with Satellite
36. Counter Communications Systems and Capabilities
37. Types of Counter-space Technology
38. Measures and effectiveness in Addressing Counter-space Capabilities.

CSSSP’s Space Cybersecurity Domains (Mapped to NIST and DOD 8750)

1. Space Information Assurance and Asset Management
2. Space Cybersecurity Operations
3. Space Cybersecurity Forensics Penetration Testing
4. Space Cybersecurity Mission Management
5. Space Cyber Intelligence and Cyber Warfare

Domain 1: Space Information Assurance and Asset Management (8 Subdomains)

1. Space Cybersecurity Foundation
2. Space Security Architecture and Engineering
3. Space Security Architecture and Operation
4. Space Embedded Systems Cybersecurity
5. Sensor Fusion Integration with Space Cybersecurity
6. Space Cybersecurity Test and Evaluation (T&E)
7. Space Cyber Threat & Vulnerability Analysis and Assessment
8. Space Security, Critical Controls and Risk Management Framework (RMF)
9. Space Security Assessment, Architecture, Engineering, Testing and Operation
10. Space Development Lifecycle and Information System Security Analysis

Domain 2: Space Cybersecurity Operations
(9 Subdomains)

1. Protecting Security of Space Assets Space
2. Physical Security Requirements
3. Space Information Assurance and Asset Management Cybersecurity for Space Systems and System of Systems (SoS)
4. Space Communications and Network Security
5. MIL-STD-1553 and ARINC 429 Databus Cybersecurity
6. Space Systems, Software, Firmware and Hardware Security
7. Space Intrusion Detection Analysis
8. Space Secure Communications and Network Defense
9. Space Cyber–Domain Configuration Management

Domain 3: Space Cybersecurity Forensics, Penetration Testing and Computer Network Defense
(7 Subdomains)

1. Space Network Forensics and Space Incident Response
2. Space Secure Communications and Network Attacks
3. Space Network and System Reverse Engineering
4. Space Network Penetration Testing and Ethical Hacking
5. Space Satellite Data Storage and Processing Forensic Analysis
6. Space Computer Network Defense Service Provider Operations
7. Space Ethical Hacking, Penetration Testing and Defenses

Domain 4: Space Cybersecurity Mission Management
(5 Subdomains)

1. Space Security Planning, Laws, Regulation, Policy, Compliance and Leadership
2. Space Identity and Access Management (IAM)
3. Artificial Intelligence (AI), Machine Learning (ML), and Deep Learning (DL) Integration
4. Blockchain Integration with Space Projects
5. Software Designed Radio (SDR) with Space Cybersecurity (SDR Security)

Domain 5: Space Cyber Intelligence, Cyber Warfare and Data Analytics
(7 Subdomains)

1. Space Security Vulnerabilities, Threats and Countermeasures Analytics
2. Space computer network attack (CNA), computer network defense (CND) and computer network exploitation (CNE)
3. System Survivability, Electronic and Cyber Warfare in Outer Space
4. Remote Sensing Security with Satellite
5. Counter Communications Systems and Capabilities
6. Types of Counter-space Technology
7. Measures and effectiveness in Addressing Counter-space Capabilities.

For more information, questions, comments, contact us.  For more information on CSSSP program visit us at ISSSS (is4.org). International Society of Space and Security Specialists (ISSSS),

Other related programs to Certified Space Security Specialist Professional (CSSSP) Certifications are:

• Space Cyber Infrastructure Specialist (SCIS)
• Space Cyber Engineering Specialist (SCES)
• Space Cyber Operations Specialist (SCOS)
• Space Cyber Technology Professional (SCTP)
• Space Cyber Operations Manager (SCOM)
• Space Cyber Infrastructure Expert (SCIE)
• Space Cyber Domain Expert (SCDE)
• Space Cyber Manager (SCM)
• Space Cyber Authority Expert (SCAE)
• Space Cyber Application Specialist (SCAS)
• Space Cyber Leadership Certificate (SCLC)

Certified Space Security Specialist Professional (CSSSP)