{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,28]],"date-time":"2025-08-28T12:52:30Z","timestamp":1756385550174,"version":"3.44.0"},"reference-count":37,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,8,4]],"date-time":"2025-08-04T00:00:00Z","timestamp":1754265600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,8,4]],"date-time":"2025-08-04T00:00:00Z","timestamp":1754265600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,8,4]]},"DOI":"10.1109\/csr64739.2025.11130055","type":"proceedings-article","created":{"date-parts":[[2025,8,26]],"date-time":"2025-08-26T19:04:27Z","timestamp":1756235067000},"page":"180-185","source":"Crossref","is-referenced-by-count":1,"title":["The Notional Risk Scores Approach to Space Cyber Risk Management"],"prefix":"10.1109","author":[{"given":"Ekzhin","family":"Ear","sequence":"first","affiliation":[{"name":"Uni. of Colorado,Department of Computer Science,Colorado Springs"}]},{"given":"Brandon","family":"Bailey","sequence":"additional","affiliation":[{"name":"Cyber Assessments and Research The Aerospace Corporation"}]},{"given":"Shouhuai","family":"Xu","sequence":"additional","affiliation":[{"name":"Uni. of Colorado,Department of Computer Science,Colorado Springs"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS59707.2023.10289045"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1093\/cybsec\/tyac008"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.2514\/6.2021-4241"},{"journal-title":"The Aerospace Corporation","article-title":"Notional risk scores","year":"2023","key":"ref4"},{"year":"2023","key":"ref5","article-title":"Space attack research & tactic analysis (SPARTA)"},{"key":"ref6","article-title":"Security and privacy controls for information systems and organizations","volume-title":"NIST, Tech. Rep","author":"Force","year":"2020"},{"key":"ref7","first-page":"53","article-title":"Assessing security and privacy controls in information systems and organizations","volume":"800","year":"2022","journal-title":"NIST Special Publication"},{"key":"ref8","first-page":"53","article-title":"Control baselines for information systems and organizations","volume":"800","year":"2020","journal-title":"NIST Special Publication"},{"journal-title":"The NIST Cybersecurity Framework, Version 2.0","year":"2024","key":"ref9"},{"article-title":"NIST SP 800-37r2: risk management framework for information systems and organizations: A system life cycle approach for security and privacy","year":"2018","author":"Force","key":"ref10"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.6028\/nist.sp.800-30r1"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.6028\/nist.ir.8270-draft2"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.6028\/nist.ir.8323"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.6028\/nist.ir.8401"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.IR.8441"},{"journal-title":"NASA","article-title":"NASA-STD-1006A: Space System Protection Standard","year":"2022","key":"ref16"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.2514\/6.2022-4300"},{"year":"2023","key":"ref18","article-title":"Space Security: Best Practices Guide"},{"article-title":"Cybersecurity protections for spacecraft: A threat based approach","year":"2021","author":"Bailey","key":"ref19"},{"journal-title":"The Aerospace Corporation","article-title":"Understanding space-cyber threats with the SPARTA matrix","year":"2022","key":"ref20"},{"article-title":"Establishing space cybersecurity policy, standards, and risk management practices","year":"2020","author":"Bailey","key":"ref21"},{"article-title":"NIST SP 800-53r4: security and privacy controls for federal information systems and organizations","year":"2015","author":"Transformation Initiative","key":"ref22"},{"article-title":"Defcon 2023: Aerospace Village building space attack chains using SPARTA","year":"2023","author":"Bailey","key":"ref23"},{"article-title":"A look into SPARTA countermeasures","year":"2023","author":"Bailey","key":"ref24"},{"issue":"1","key":"ref25","first-page":"5","article-title":"Characterizing advanced persistent threats through the lens of cyber attack flows","volume":"7","author":"Zeien","year":"2024","journal-title":"Military Cyber Affairs"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/SP61157.2025.00138"},{"journal-title":"The Aerospace Corporation","article-title":"Risk assessment of a space system","year":"2023","key":"ref27"},{"key":"ref28","article-title":"NASA-S3001: Guidance for Risk Management","author":"Fansler","year":"2022","journal-title":"NASA"},{"issue":"1","key":"ref29","first-page":"5906","article-title":"Satellite hacking: A guide for the perplexed","volume":"10","author":"Fritz","year":"2013","journal-title":"Culture Mandala"},{"year":"2023","key":"ref30","article-title":"Terra: The EOS flagship"},{"article-title":"Hackers interfered with 2 US government satellites","year":"2011","author":"Liebowitz","key":"ref31"},{"article-title":"China key suspect in U.S. satellite hacks","year":"2011","author":"Wolf","key":"ref32"},{"article-title":"Report to Congress of the US-China Economic and Security Review Commission: One Hundred Twelfth Congress, First Session","volume-title":"US Government Printing Office","author":"Economic","key":"ref33"},{"volume-title":"Satellite hacking and china\u2019s role","year":"2011","author":"Kurtin","key":"ref34"},{"article-title":"Satellite Turla: still alive and hiding in the sky","year":"2015","author":"Gorobets","key":"ref35"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/AERO.2016.7500812"},{"key":"ref37","doi-asserted-by":"crossref","DOI":"10.1109\/CSR64739.2025.11130042","article-title":"Space cyber risk management: Desired properties","author":"Ear","year":"2025"}],"event":{"name":"2025 IEEE International Conference on Cyber Security and Resilience (CSR)","start":{"date-parts":[[2025,8,4]]},"location":"Chania, Crete, Greece","end":{"date-parts":[[2025,8,6]]}},"container-title":["2025 IEEE International Conference on Cyber Security and Resilience (CSR)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/11129696\/11129957\/11130055.pdf?arnumber=11130055","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,27]],"date-time":"2025-08-27T04:53:45Z","timestamp":1756270425000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11130055\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,4]]},"references-count":37,"URL":"https:\/\/doi.org\/10.1109\/csr64739.2025.11130055","relation":{},"subject":[],"published":{"date-parts":[[2025,8,4]]}}}