Spoofing attacks are among the most destructive cyber threats to terrestrial systems, and they become even more dangerous in space, where satellites cannot be easily serviced, and operators depend on accurate telemetry to ensure mission success. When telemetry is compromised, entire spaceborne missions are placed at risk. Prior work on spoofing has largely focused on attacks from Earth, such as injecting falsified uplinks or overpowering downlinks with stronger radios. In contrast, onboard spoofing originating from within the satellite itself remains an underexplored and underanalyzed threat. This vector is particularly concerning given that modern satellites, especially small satellites, rely on modular architectures and globalized supply chains that reduce cost and accelerate development but also introduce hidden risks. This paper presents an end-to-end demonstration of an internal satellite spoofing attack delivered through a compromised vendor-supplied component implemented in NASA's NOS3 simulation environment. Our rogue Core Flight Software application passed integration and generated packets in the correct format and cadence that the COSMOS ground station accepted as legitimate. By undermining both onboard estimators and ground operator views, the attack directly threatens mission integrity and availability, as corrupted telemetry can bias navigation, conceal subsystem failures, and mislead operators into executing harmful maneuvers. These results expose component-level telemetry spoofing as an overlooked supply-chain vector distinct from jamming or external signal injection. We conclude by discussing practical countermeasures-including authenticated telemetry, component attestation, provenance tracking, and lightweight runtime monitoring-and highlight the trade-offs required to secure resource-constrained small satellites.

翻译：欺骗攻击是对地面系统最具破坏性的网络威胁之一，而在太空环境中，由于卫星难以维护且操作人员依赖精确遥测确保任务成功，此类攻击变得尤为危险。当遥测数据遭到破坏时，整个太空任务都将面临风险。现有关于欺骗攻击的研究主要集中于来自地球的攻击，例如注入伪造的上行链路或使用更强功率无线电压制下行链路。相比之下，源自卫星内部的机载欺骗攻击仍是一个尚未充分探索和分析的威胁。考虑到现代卫星（特别是小型卫星）依赖模块化架构和全球化供应链——这种模式虽能降低成本、加速开发，却也引入了隐蔽风险——此类攻击向量尤其值得关注。本文通过NASA的NOS3仿真环境，展示了通过供应商提供的受感染组件实施的卫星内部欺骗攻击的端到端验证。我们开发的恶意核心飞行软件应用程序通过系统集成测试，并以正确的格式和时序生成数据包，被COSMOS地面站接受为合法数据。该攻击通过破坏机载估计器与地面操作人员的监测视图，直接威胁任务完整性与可用性：被篡改的遥测数据可能导致导航偏差、掩盖子系统故障，并误导操作人员执行危险机动。这些结果揭示了组件级遥测欺骗作为一种独立于干扰或外部信号注入的、被忽视的供应链攻击向量。最后，我们讨论了实际防护措施——包括认证遥测、组件验证、来源追溯与轻量级运行时监控——并强调了在资源受限的小型卫星中实施安全方案需权衡的关键因素。