The Notional Risk Scores Approach to Space Cyber Risk Management Ekzhin Ear Department of Computer Science Uni. of Colorado Colorado Springs Brandon Bailey Cyber Assessments and Research The Aerospace Corporation Shouhuai Xu Department of Computer Science Uni. of Colorado Colorado Springs Abstract—Space is an emerging domain critical to humankind. Correspondingly, space cybersecurity is an emerging field with much research to be done. To help space cybersecurity practition- ers better manage cyber risks, The Aerospace Corporation pro- posed a space cyber risk management approach dubbed Notional Risk Scores (NRS) within their Space Attack Research and Tactic Analysis (SPARTA) framework, with the intent to help quantify the cyber risks associated with space infrastructures and systems. While intended for adoption by practitioners, NRS has not been analyzed with real-world scenarios, putting its effectiveness into question. In this paper we present an algorithmic description of NRS and characterize its use and effectiveness in a case study of space-related cyber incidents and its strengths, weaknesses, and applicability via 72 real-world cyber attack scenarios against space infrastructures and systems. Index Terms—Space cybersecurity, risk management, notional risk scores, cyber attack flow, SPARTA, ATT&CK I. I NTRODUCTION Real-world cyber attacks against space infrastructures and systems have been reported for over four decades [1], [2], [3]. However, space cybersecurity practitioners still lack tools to effectively understand and manage cyber risks associated with space infrastructures and systems, or space cyber risks in short. In a major effort to support space cybersecurity practitioners, Aerospace Corporation developed and incor- porated space cyber Notional Risk Scores (NRS) [4] into their Space Attack Research and Tactic Analysis (SPARTA) framework [5], by associating a notional evaluation of cyber risks to attack techniques. NRS and SPARTA are founded on a wealth of industry research and precedent, including traditional enterprise Information Technology (IT) cybersecurity (e.g., security controls [6], [7], [8]). The intention of NRS is to provide practitioners with a starting point for space cyber risk management, whereby they can tailor NRS to meet their specific space cyber risk management needs. However, the precise methodology for practitioners to apply NRS is scant. Further, NRS has not been analyzed with real-world scenarios, putting its effectiveness into question. This motivates us to characterize its strengths, weaknesses, and applicability. Our Contributions. In this paper we make three contributions. First, we present an algorithmic description of applying NRS as a space cyber risk management tool. This is both important and useful because the current description of NRS [4] does not thoroughly explain the required details for practitioners to correctly understand, adopt, and apply NRS. Second, we present a case study of two real-world cyber attack scenarios that demonstrate the use and validate the effectiveness of NRS, where we employ our algorithmic description. This serves as examples for practitioners to follow when adopting or adapting NRS to meet their real-world space cyber risk management requirements. Third, we objectively characterize the strengths, weaknesses, and applicability of NRS by applying it to 72 real-world cyber attacks against satellites and their associated systems. This provides further insights into the use of NRS in practice and for future improvements to NRS. Related Work. In a broader context, there are two major cyber risk management frameworks: (i) the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) [9], which provides an overarching structure with six cybersecurity functions; and, (ii) NIST Risk Management Framework (RMF) [10], which implements NIST CSF and contains a system lifecycle approach for security that uses security controls [6], [7], [8], [11]. These endeavors are leveraged by NRS to support the adaptation of IT security controls to secure space infrastructures and systems. Specific to the space context, NIST [12] provides guidance for creating NIST CSF profiles for space operations, and ap- plies it to (i) positioning, navigation, and timing (PNT) satellite services [13], (ii) satellite command and control systems in the ground segment [14], and (iii) hybrid satellite networks [15]. Moreover, NASA [16] establishes perhaps the first set of high-level security controls to maintain command authority, protect PNT, and assure interference reporting. These controls can be applied to reduce space cyber risks [17], [18], [19], and are also leveraged by NRS. The present study systematically characterizes NRS beyond other studies. Paper Organization. Section II describes NRS. Section III leverages a case study to characterize NRS. Section IV con- cludes the paper. II. A DESCRIPTION OF NRS Background. The MITRE ATT&CK framework [20] is geared towards terrestrial networks. To establish a similar frame- work for space infrastructures and systems, The Aerospace Corporation proposed the SPARTA framework [5]. The two frameworks are complementary to each other in terms of their application settings. In August 2023, The Aerospace Corpo- ration further proposed NRS [4] in an update to its SPARTA 180 2025 IEEE International Conference on Cyber Security and Resilience (CSR) 2025 IEEE International Conference on Cyber Security and Resilience (CSR) | 979-8-3315-3591-9/25/$31.00 ©2025 IEEE | DOI: 10.1109/CSR64739.2025.11130055 Authorized licensed use limited to: UNIV OF COLORADO COLORADO SPRINGS. Downloaded on September 22,2025 at 03:05:19 UTC from IEEE Xplore. Restrictions apply.