Invalid license: Your evaluation license of Refined expired.
bannerd


Renew your license to continue

Your evaluation license of Visibility for Confluence expired. Please use the Buy button to purchase a new license.

Renew your license to continue

Your evaluation license has expired. Contact your administrator to renew your Scaffolding Forms & Templates license.

7.22 - Space Security: Best Practices Guide
This page contains macros or features from a plugin which requires a valid license.

You will need to contact your administrator.

1. Introduction

This topic guides mission security implementation in the form of principles coupled with applicable controls that cover both the space vehicle and the ground segment.The Space Security: Best Practices Guide (BPG) provides guidance on mission security implementation in the form of principles coupled with applicable controls that cover both the space vehicle and the ground segment. The BPG leverages security controls as defined in the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 088  and serves as a translation guide between NIST verbiage and NASA flight project parlance. The principles are meant to be easily achievable regardless of mission, program, or project size, scope, or whether international, corporate, or university. The principles selected focus on a risk-based approach to mitigating vulnerabilities, that are impediments to mission success. Principles were identified as an initial starting point of critical implementations for missions to consider. The underlying security principles and associated controls were identified through an iterative process to address today’s cyber actors Tactics, Techniques, and Procedures (TTPs) were used in attempts to compromise mission capabilities. The guide is to be used as an initial starting point to mitigate against any efforts to deny, degrade, disrupt, deceive, or destroy information and technology used to accomplish NASA's mission success. Click here for a full copy of the Space Security Best Practices Guide (attached to this page.)

See also SWE-156 - Evaluate Systems for Security Risks and SWE-154 - Identify Security Risks

1.1 Additional Guidance

Links to Additional Guidance materials for this subject have been compiled in the Relevant Links table. Click here to see the Additional Guidance in the Resources tab.

2. Resources

2.1 References

Renew your license to continue

Your evaluation license has expired. Contact your administrator to renew your Reporting for Confluence license.

Renew your license to continue

Your evaluation license of Visibility for Confluence expired. Please use the Buy button to purchase a new license.

2.2 Tools


Tools to aid in compliance with this SWE, if any, may be found in the Tools Library in the NASA Engineering Network (NEN). 

NASA users find this in the Tools Library in the Software Processes Across NASA (SPAN) site of the Software Engineering Community in NEN. 

The list is informational only and does not represent an “approved tool list”, nor does it represent an endorsement of any particular tool.  The purpose is to provide examples of tools being used across the Agency and to help projects and centers decide what tools to consider.

2.3 Additional Guidance

Additional guidance related to this requirement may be found in the following materials in this Handbook:

2.4 Center Process Asset Libraries

SPAN - Software Processes Across NASA
SPAN contains links to Center managed Process Asset Libraries. Consult these Process Asset Libraries (PALs) for Center-specific guidance including processes, forms, checklists, training, and templates related to Software Development. See SPAN in the Software Engineering Community of NEN. Available to NASA only. https://nen.nasa.gov/web/software/wiki  197

See the following link(s) in SPAN for process assets from contributing Centers (NASA Only). 

SPAN Links



Renew your license to continue

Your evaluation license of Visibility for Confluence expired. Please use the Buy button to purchase a new license.

  • No labels