The Critical Link

Recently Connectivity Business News ran an interesting story about the growing openness of government customers to the Satellite-as-a-Service model for space connectivity. The article predicts that the market for governments purchasing access rather than building their own satellite networks could reach $14.5B by 2032.

However, for that market growth to occur, government customer concerns regarding service priority and security must be addressed. Caleb Williams, Vice President of Platforms and Solutions for the research firm Quilty Space, was quoted in the article making this cautionary comment:

“Would the government prefer to rent capacity as needed on a pre-existing fleet of satellites they didn’t pay for? Absolutely,” he said. “Is the government willing to accept degraded performance capabilities as compared to a custom solution and cede control of information flow and asset positioning to a third-party commercial firm? Unlikely.”

We’re addressing such concerns head-on. We’re building Telesat Lightspeed, a global low earth orbit (LEO) constellation of broadband satellites to deliver high data rate enterprise-class communications. The initial constellation will consist of 198 Ka-band satellites with inclinations and orbital planes selected for low latency, high capacity, ubiquitous global coverage, and an unprecedented level of security.

While Telesat Lightspeed was designed for cost-effective and highly competitive enterprise applications, the system will also deliver several capabilities that governments require from their secure dedicated military systems. A number of these features have become critical requirements for commercial customers and were designed into Telesat Lightspeed as key functionality. Other security features are a direct result of the LEO system architecture – for example, the number of satellites in orbit, burst communications, a dynamic software-defined network topology, and satellite antennas with fast-hopping agile beams.

A Secure, Global Layer 2 Network

Telesat Lightspeed consists of a constellation of sophisticated, next-generation Ka-band satellites in LEO orbits and an integrated ground system with Landing Stations and Points of Presence (PoPs) around the world. The system focus will be delivering network services, supported by a full-service Network Operations Center (NOC) collocated with a Satellite Operations Center (SOC) and a Cybersecurity Operations Center (CSOC). The initial system will have multiple Tbps of total capacity and will deliver more than 1 Gbps to user terminals with antennas as small as 1 meter in diameter.

U.S. Government customers will be supported by a dedicated NOC through Telesat’s wholly-owned U.S. subsidiary, Telesat Government Solutions. The Telesat Lightspeed architecture includes redundant Data Centers and backup NOC/SOC/CSOC facilities to maintain full operational capabilities under the most extreme conditions. Telesat Lightspeed facilities will be interconnected with a global fiber network, including multiple and redundant routes, to support operations, monitoring, and control of the entire system from primary or backup facilities.

Each Telesat Lightspeed satellite has four 10 Gbps optical inter-satellite links (OISLs) that interconnect the constellation with laser communications, forming a global mesh network in space. The satellites have onboard digital signal processing with satellite-to-satellite and satellite-to-ground data routing that supports traffic flows from any user terminal to and from any destination on Earth. The service link antennas on the satellites are phased arrays with 24 highly agile user beams that hop from user location to user location, resulting in up to 1,536 “virtual beams” per satellite and nearly 300,000 beams across the network. The satellites also have four high-capacity RF feeder link antennas that allow each satellite to connect to as many as four Landing Stations simultaneously.

Secure connectivity entirely within the LEO network

Telesat Lightspeed can receive data from a user terminal at any point on earth, connect across OISLs from satellite to satellite, and downlink that data directly from a satellite to another user terminal anywhere on Earth. Or the customer can download data to their own Private Access Station (PAS). Unlike the “bent pipe” transport of legacy satellite networks, if required, a customer’s data can remain entirely within the Telesat Lightspeed constellation from source to destination, never transiting a public network, and therefore inaccessible to an adversary who wants to monitor or exploit the data stream. The system can accommodate any standard of encryption, and the customer can retain total control of the data encryption and decryption process if desired.

The Telesat Lightspeed constellation is highly dynamic, with millions of possible paths for routing customer data between any two points on earth.  User terminal links are handed off from satellite to satellite; the best path through the network changes continuously; and satellites serving source and destination terminals change every 5 to 10 minutes. These rapidly changing data paths make it extremely difficult, approaching impossible, for an adversary to identify and monitor a particular customer’s data.

Commercial companies are investing heavily to provide secure connectivity for their enterprise and government customers, which should assuage government concerns about network resiliency. Telesat Lightspeed is designed to protect customer data and provide assured communications in an environment with increasingly challenging and rapidly growing cybersecurity threats. U.S. Space Force military-grade cybersecurity requirements for commercial satcom, referred to as IA-Pre (Infrastructure Asset Pre-Approval), were integrated into the top-level Telesat Lightspeed system performance specification and incorporated into the system design from the earliest phases of development.

The Telesat Lightspeed Cybersecurity Management System (CYMS) includes a suite of cybersecurity services to protect the network, including security monitoring and alerting, key management and distribution, anti-malware, patch management, and confidentiality management. In addition, Telesat is developing corporate cybersecurity policies and standards based on NIST SP 800-171 and NIST SP 800-53 and expects to achieve CMMC 2.0 Level 3 certification.

Telesat Lightspeed will be a highly capable and extremely powerful satellite communications system, delivering unprecedented SATCOM-as-a-Service flexibility and security. Government customers can count on Telesat Lightspeed for assured Layer 2 space communications that, for the first time, approach the security of dedicated military satellite systems.

Watch for part two of this series in which we’ll detail additional security features that are being incorporated into the Telesat Lightspeed LEO constellation for government customers.