“Jamming and spoofing don't break a spacecraft, they break the operator's confidence in their telemetry.”
Operate through an active uplink-jamming and downlink-spoofing campaign while maintaining mission command-and-control through alternate links.
60 MINUTES · 10 min instruction · 40 min simulation · 10 min review
| LABS Component | Type | Statement |
|---|---|---|
| (L)EARN | Knowledge | Knowledge of multi-domain adversary campaign tactics combining Kinetic and Electronic Warfare exposure domains. |
| (L)EARN | Knowledge | Knowledge of cross-domain indicator correlation techniques for identifying coordinated adversary operations. |
| (A)PPLY | Skill | Skill in correlating indicators across two exposure domains to identify temporal and targeting patterns. |
| (A)PPLY | Skill | Skill in assessing co-orbital object proximity data and Electronic Warfare jamming timing to determine coordination. |
| (B)UILD | Ability | Ability to analyze two simultaneous threat indicators from different domains and determine whether they represent a coordinated campaign or independent events. |
| (S)IMULATE | Task | Correlate a co-orbital maneuvering event with concurrent Electronic Warfare jamming to attribute a coordinated campaign within the 40-minute exercise window. |
This is the first multi-domain exercise. Students face two concurrent events that individually look explainable but together reveal coordination. A co-orbital object begins maneuvering near constellation assets while Electronic Warfare jamming targets the primary command uplink. Students must assess each event independently, then connect them to identify a coordinated adversary campaign.
A co-orbital object maneuvers to within close proximity of constellation assets. Students must assess whether the maneuvering represents routine orbital maintenance, a commercial inspection service, or hostile intent. The proximity assessment requires evaluating relative velocity, approach geometry, and historical orbital behavior.
Coordinated jamming targets the primary uplink frequency during the scheduled command window while the co-orbital object is in proximity. Students must switch to backup frequency to restore command authority, then connect the timing of the jamming to the co-orbital positioning. The convergence of timing and targeting reveals deliberate coordination.
The critical analytical step in this exercise is connecting Event 1 (co-orbital maneuvering) with Event 2 (EW jamming). Individually, each event has a plausible innocent explanation. Together, the timing and targeting convergence reveals a coordinated campaign designed to deny command authority while placing a physical threat in proximity.
The following questions will help finalize this exercise design. We welcome any additional recommendations.
Instructors should guide students through the multi-domain analysis process, ensuring they assess each event independently before attempting correlation.
Students completing this exercise will have performed their first multi-domain threat analysis, correlating indicators across Kinetic and Electronic Warfare domains. Module 10 is the capstone: three concurrent domains (Kinetic + Cyber + EW) with a full incident response lifecycle.
| Event | Domain | Focus |
|---|---|---|
| Event 1 | Kinetic | Co-orbital inspector proximity assessment |
| Event 2 | Electronic Warfare | EW jamming during command window |
| Correlation | Cross-Domain | Timing and targeting convergence analysis |