Reference card. Use your browser's print dialog to save as PDF.

← Back to course
TLP:GREEN Limited Disclosure · SCORP² community members only
Exported by: verifying identity… Exported at:
Distribution notice. This document is for active SCORP² community members only. Unauthorized distribution will result in revocation of community membership.

METEORSTORM Element Taxonomy and Ontology · Layer 1 to Layer 4

Structural decomposition reference for the four-layer platform model

The four structural layers describe what the platform is. They are walked top-down (PCE to SEG to SVC to AST) so every smaller part names a parent and every analytic finding (Layer 5) attaches back to a real structural anchor. This reference covers Layers 1 through 4, the element enumeration process, and the annotation criteria every enumerated element must carry.

How to use this document

  1. Decomposition worksheet. Apply the process below to your own platform; the output is the structural model that the threat-modeling function layers threats onto.
  2. Architecture appendix. Attach to your system-design document so the architecture and the threat model share one vocabulary.
  3. Asset inventory mapping. Use the annotation criteria as the column set for any new asset inventory; existing inventories can be re-labeled to the framework directly.
  4. Analyst training. Use as the onboarding reference for the structural side of the framework, paired with the Layer 1 to Layer 5 data-model reference for the analytic side.

Decomposition process · PCE to SEG to SVC to AST

Walk the platform from the broadest layer down to the individual assets. Each step names the elements at that layer and links them to the layer above.

Step 01 · PCEEnumerate the environmentsIdentify every Primary Capability Environment your platform operates in: terrestrial, aquatic, aerial, orbital, deep space.
Step 02 · SEGEnumerate the segmentsWithin each environment, identify the operational segments: launch, link, ground, user, aquatic, low / high / near altitude, space, deep space.
Step 03 · SVCEnumerate the servicesWithin each segment, identify the services it delivers: control plane, data plane, hybrid. Mark services that span more than one segment as DISTRIBUTED.
Step 04 · ASTEnumerate the assetsWithin each service, identify the assets that implement it: hardware, firmware, software, data, signal, hybrid. Group assets with the optional SUBSYSTEM label.
You can start from existing artifacts. Architecture diagrams, system-design documents, mission CONOPS, asset inventories, configuration management databases (CMDB), all of these can be re-labeled with the framework taxonomy rather than rebuilt from a blank page. The decomposition process below tells you what to look for in those artifacts and how to name what you find.

Element identifier format

LAYER : TAG : LABEL : ORDINAL

All four fields are required, including the LABEL, written in full and exactly as published. Ordinals are scoped to the (LAYER, TAG) pair, so SEG : SP : Space : 00 and SEG : GR : Ground : 00 are not a collision: the tag codes differ.

Element enumeration process · annotation criteria

Every enumerated element carries the same set of annotation fields. Required fields are mandatory; layer-specific fields apply only at the layer noted; optional fields are recommended where they add clarity.

FieldRequired?Applies toWhat to capture
LAYERRequiredAllOne of PCE, SEG, SVC, AST.
TAGRequiredAllThe published tag code within the layer (for example OR, SP, CP, HW). Use the tables below as the source of truth.
LABELRequiredAllThe published human-readable label, written in full (for example Orbital, Space, Control Plane, Hardware). Do not abbreviate or paraphrase.
ORDINALRequiredAllNumeric instance counter starting at 00, scoped to the (LAYER, TAG) pair. New instances take the next ordinal; ordinals are never re-used.
DESCRIPTIONRequiredAllOne concise sentence describing this specific instance on your platform. Mission CONOPS language is fine; sales copy is not.
SOURCE / ARTIFACTRequiredAllThe artifact this element was derived from: architecture diagram name and revision, system-design document section, asset inventory row id, CMDB record id. Without a source, the element is not traceable and must not be enumerated.
PARENTRequiredSEG, SVC, ASTThe fully-qualified enumerated identifier of the parent element one layer above. Every SEG names its PCE, every SVC names its SEG, every AST names its SVC. No orphans.
DISTRIBUTEDOptionalSVCBoolean, recorded as T (true) or F (false). Set to T when the service spans more than one segment (for example, a control plane that crosses ground and space via the link segment).
SUBSYSTEMOptionalASTFree-text grouping label that ties multiple assets together logically (for example bus, payload, ground-ops-room). Helps with rollups when the count of assets grows.

L1Primary Capability Environment (PCE)

Five environments. Where the platform operates. PCE elements have no parent; they are the top of the tree.

CodeLabelDescriptionParent
PCE-TETerrestrialLand-based operating environment.(top)
PCE-AQAquaticSurface or sub-surface water environment.(top)
PCE-AEAerialAtmospheric environment, low altitude through near space.(top)
PCE-OROrbitalIn-orbit environment within the gravitational regime of the parent body.(top)
PCE-DSDeep SpaceBeyond the gravitational regime of the parent body.(top)

L2Segment (SEG)

Ten segments. Operational role within an environment. Every SEG names its PCE parent.

CodeLabelDescriptionParent
SEG-LALaunchLaunch operations, ending at vehicle separation.PCE-TE
SEG-LILinkCommunication path between segments. Signal asset is enumerated at L4.PCE-TE / OR
SEG-GRGroundGround stations, mission ops centres, control facilities.PCE-TE
SEG-USUserEnd-user equipment, terminals, identities.PCE-TE
SEG-AQAquaticMaritime operations segment.PCE-AQ
SEG-LOLow AltitudeLow-altitude aerial operations.PCE-AE
SEG-HIHigh AltitudeHigh-altitude aerial operations.PCE-AE
SEG-NENear SpaceNear-space, between high altitude and orbital.PCE-AE
SEG-SPSpaceOn-orbit space segment, the operational constellation.PCE-OR
SEG-DEDeep SpaceDeep-space mission segment.PCE-DS

L3Service (SVC)

Three services. Capability the segment delivers. Every SVC names its SEG parent. Mark a service DISTRIBUTED when it spans more than one segment.

CodeLabelDescriptionParent
SVC-CPControl PlaneCommand, control, configuration, and management of the platform.SEG-*
SVC-DPData PlaneMission product, payload data, and the data flows it produces.SEG-*
SVC-HYHybridService that spans both control and data plane responsibilities.SEG-*

L4Asset (AST)

Six asset classes. Concrete elements that implement a service. Every AST names its SVC parent and may carry an optional SUBSYSTEM grouping.

CodeLabelDescriptionParent
AST-HWHardwarePhysical components, boards, buses, mechanical assemblies.SVC-*
AST-FWFirmwareCode burned to non-volatile memory; operates close to hardware.SVC-*
AST-SWSoftwareOperating systems, runtimes, applications, flight-software images.SVC-*
AST-DADataMission data, telemetry, configuration, credentials.SVC-*
AST-SISignalRF or EM signal as an enumerated asset, distinct from the link segment that carries it.SVC-*
AST-HYHybridAsset that spans more than one of the five primary asset classes.SVC-*

Worked example · LEO platform with ground operations

One coherent decomposition across the four structural layers. Every element carries an annotation set; only the identifier and parent are shown for table compactness.

L1 PCE

IdentifierParentDescription (with source)
PCE : TE : Terrestrial : 00(top)Terrestrial environment for ground operations and launch. Source: mission CONOPS doc-arch-001 sec. 2.1.
PCE : OR : Orbital : 00(top)Low Earth Orbit environment for the operational constellation. Source: mission CONOPS doc-arch-001 sec. 2.2.

L2 SEG

IdentifierParentDescription (with source)
SEG : LA : Launch : 00PCE : TE : Terrestrial : 00Launch operations through vehicle separation. Source: launch ICD lic-101.
SEG : GR : Ground : 00PCE : TE : Terrestrial : 00Primary mission operations centre and tracking stations. Source: ground architecture doc-grd-002.
SEG : LI : Link : 00PCE : OR : Orbital : 00RF uplink/downlink between ground and constellation. Source: RF link budget doc-rf-003.
SEG : SP : Space : 00PCE : OR : Orbital : 00Operational LEO constellation, all on-orbit assets. Source: mission CONOPS doc-arch-001 sec. 3.
SEG : US : User : 00PCE : TE : Terrestrial : 00End-user mission terminals. Source: user terminal spec doc-usr-004.

L3 SVC

IdentifierParentDescription (with source)Distributed?
SVC : CP : Control Plane : 00SEG : GR : Ground : 00Ground-side TT&C control plane. Source: ops procedure ops-cp-010.F
SVC : CP : Control Plane : 01SEG : SP : Space : 00On-board command and configuration plane that ground commands traverse via the link. Source: flight-software spec doc-fsw-006.T
SVC : DP : Data Plane : 00SEG : SP : Space : 00Mission payload data plane on each spacecraft. Source: payload ICD doc-pyld-007.F

L4 AST

IdentifierParentDescription (with source)Subsystem
AST : HW : Hardware : 00SVC : CP : Control Plane : 00Mission ops console hardware. Source: CMDB asset id ast-hw-201.ops-room
AST : SW : Software : 00SVC : CP : Control Plane : 00Ground command and telemetry software suite. Source: sw-bom v4.2.ops-room
AST : SW : Software : 01SVC : CP : Control Plane : 01On-board flight-software image. Source: flight-software baseline fsw-3.7.bus
AST : HW : Hardware : 01SVC : DP : Data Plane : 00Spacecraft bus hardware. Source: CMDB asset id ast-hw-301.bus
AST : SI : Signal : 00SVC : CP : Control Plane : 01Uplink RF signal as an enumerated asset (the carrier of ground commands to space). Source: RF link budget doc-rf-003.link
AST : DA : Data : 00SVC : DP : Data Plane : 00Primary mission data store on each spacecraft. Source: payload ICD doc-pyld-007.payload
Validation rules. Before declaring the decomposition complete: every PCE has at least one SEG; every SEG names a real PCE; every SVC names a real SEG; every AST names a real SVC; every element has all required annotation fields, including a SOURCE that someone else can open and verify. No orphans, no missing labels, no unsourced entries.