Fourteen AN-THR entries against the platform. Each entry’s TOE field names the services and assets it is directed against.
The Module 01 platform decomposition with all 14 AN-THR entries drawn as red ellipses, each connected via TOE to the services and assets it is directed against. Use to see threat coverage per segment at a glance.
Source: assets/mod02-decomposition-with-threats.dot · regenerate with dot -Tpng -o mod02-decomposition-with-threats.png mod02-decomposition-with-threats.dot
Each row is one AN-THR entry. The ID column carries the AN:THR:Threat:ORDINAL identifier. The ETEN column carries the full Description. The TOE column names the services and assets the threat is directed against. SOURCE for every entry: OSINT.
| ID | AN-THR ETEN | TOE · SVC + AST |
|---|---|---|
| AN-THR:00 | AN:THR:Threat:00:End-user application tampering: degrades operator’s trust in mission product by modifying the consuming application or the displayed data. | SVC: SVC-DP:02 AST: AST-SW:08, AST-DA:04 |
| AN-THR:01 | AN:THR:Threat:01:Operator console credential theft: steals operator or service-account credentials from the console workstation to impersonate the operator. | SVC: SVC-CP:13, SVC-CP:15 AST: AST-HW:04, AST-SW:04, AST-DA:03 |
| ID | AN-THR ETEN | TOE · SVC + AST |
|---|---|---|
| AN-THR:02 | AN:THR:Threat:02:Long-dwell network intrusion: nation-state intrusion set pursuing persistent access to ground-side crypto and ACA. | SVC: SVC-CP:08, SVC-CP:09 AST: AST-SW:02, AST-DA:01 |
| AN-THR:03 | AN:THR:Threat:03:Operator credential theft: criminal actor pursuing operator and ground-station service-account credentials. | SVC: SVC-CP:09, SVC-CP:13 AST: AST-DA:01 |
| AN-THR:04 | AN:THR:Threat:04:Privileged insider misuse: cleared operator with command authority misuses commanding workstations to issue unauthorized commands. | SVC: SVC-CP:09, SVC-CP:13 AST: AST-HW:04, AST-SW:04 |
| AN-THR:05 | AN:THR:Threat:05:Lateral movement into mission control: external actor pivots from the operator network onto mission-control hosts. | SVC: SVC-CP:13, SVC-CP:09 AST: AST-HW:04, AST-SW:04 |
| AN-THR:06 | AN:THR:Threat:06:Ransomware against launch infrastructure: criminal or politically-motivated actor encrypts launch-control and update-pipeline systems. | SVC: SVC-CP:10, SVC-CP:12 AST: AST-DA:02, AST-SW:03 |
| ID | AN-THR ETEN | TOE · SVC + AST |
|---|---|---|
| AN-THR:07 | AN:THR:Threat:07:Jamming campaign: RF actor sustains noise injection across uplink/downlink bands to deny communications. | SVC: SVC-CP:05, SVC-HY:01, SVC-HY:02 AST: AST-SI:00 |
| AN-THR:08 | AN:THR:Threat:08:Replay-and-spoof on uplink: RF actor captures and replays or forges command waveforms, bypassing authentication if keys are also compromised. | SVC: SVC-CP:05, SVC-CP:09 AST: AST-SI:00, AST-DA:00 |
| AN-THR:09 | AN:THR:Threat:09:Downlink interception: passive collector reads mission product and telemetry off the downlink waveform. | SVC: SVC-HY:02 AST: AST-SI:00, AST-SW:01 |
| ID | AN-THR ETEN | TOE · SVC + AST |
|---|---|---|
| AN-THR:10 | AN:THR:Threat:10:Destructive bus attack: state-linked actor targets attitude, power, and flight-termination to render the platform inoperable. | SVC: SVC-CP:00, SVC-CP:02, SVC-CP:03 AST: AST-HW:00, AST-SW:00, AST-HW:01, AST-HW:02, AST-FW:00 |
| AN-THR:11 | AN:THR:Threat:11:Command-path integrity attack: actor manipulates commands flowing through C&DH and space-side cryptography to trust unauthorized inputs. | SVC: SVC-HY:00, SVC-CP:01 AST: AST-HW:06, AST-FW:01, AST-SW:06 |
| AN-THR:12 | AN:THR:Threat:12:Pre-launch supply-chain firmware compromise: adversary embeds backdoors in firmware delivered through vendor supply paths before integration. | SVC: SVC-CP:03, SVC-CP:04, SVC-CP:02 AST: AST-FW:00, AST-FW:01, AST-FW:02 |
| AN-THR:13 | AN:THR:Threat:13:Payload-data tampering: on-board manipulation of mission data between the science instrument and the downlink encryptor. | SVC: SVC-DP:00, SVC-DP:01 AST: AST-HW:07, AST-FW:02 |