COSPAS-SARSAT is an International programme for "Search and Rescue" (SAR) missions based on the "Satellite Aided Tracking" system (SARSAT). It is designed to provide accurate, timely, and reliable distress alert and location data to help SAR authorities of participating countries to assist persons and vessels in distress. Two types of satellite constellations serve COSPAS-SARSAT, low earth orbit search and rescue (LEOSAR) and geostationary orbiting search and rescue (GEOSAR). Despite its nearly-global deployment and critical importance, unfortunately enough, we found that COSPAS-SARSAT protocols and standard 406 MHz transmissions lack essential means of cybersecurity. In this paper, we investigate the cybersecurity aspects of COSPAS-SARSAT space-/satellite-based systems. In particular, we practically and successfully implement and demonstrate the first (to our knowledge) attacks on COSPAS-SARSAT 406 MHz protocols, namely replay, spoofing, and protocol fuzzing on EPIRB protocols. We also identify a set of core research challenges preventing more effective cybersecurity research in the field and outline the main cybersecurity weaknesses and possible mitigations to increase the system's cybersecurity level.

翻译：COSPAS-SARSAT是一个基于“卫星辅助跟踪”系统（SARSAT）的国际“搜索与救援”（SAR）计划，旨在为参与国的SAR当局提供准确、及时且可靠的遇险警报与定位数据，以协助遇险人员及船只。两类卫星星座为该计划提供服务：低地球轨道搜索与救援卫星（LEOSAR）和地球静止轨道搜索与救援卫星（GEOSAR）。尽管该系统已实现近乎全球部署且具有关键重要性，但遗憾的是，我们发现COSPAS-SARSAT协议及标准406 MHz传输缺乏基本的网络安全手段。本文研究了COSPAS-SARSAT天基/卫星系统的网络安全问题，尤其首次（据我们所知）成功实践并演示了对COSPAS-SARSAT 406 MHz协议的攻击，包括EPIRB协议的重放攻击、欺骗攻击及协议模糊测试。我们还识别了阻碍该领域开展更有效网络安全研究的一系列核心挑战，并概述了主要网络安全弱点及可能的缓解措施，以提高系统的网络安全水平。