Satellite constellations equipped with Inter-Satellite Links and onboard packet switching enable real-time Operation and Management across globally distributed satellites, but also broaden the attack surface and introduce unprecedented cybersecurity threats. Existing efforts mainly focus on cryptography for single-satellite point-to-point links, without considering constellation-level security. To address this gap, this article extends security research in two directions: from individual satellites to constellation-wide architectures, and from isolated cryptography to system-level security incorporating efficiency, resilience, and reliability. These extensions raise three key questions: how to design efficient security mechanisms for dynamic constellation topologies with adaptive onboard routing; how a constellation O&M system can recover resiliently under worst-case failures of onboard security functions; and how to improve the reliability of onboard security functions under stringent resource constraints. To address these challenges, we first construct a constellation-wide hybrid security framework that protects semantically sensitive content fields using End-to-End encryption, while safeguarding routing-related fields through Moving Target Defense. Next, we introduce a ciphered-mode and safe-mode management mechanism with an M-delayed fallback that balances recovery timeliness and exploitability. Finally, we propose security-aware routers that manage plaintext/ciphered modes and coordinate access to a shared pool of onboard cipher modules, enabling redundancy sharing across multiple endpoints and extending secure operation duration in ciphered mode. These solutions comply with existing standards defined by organizations including DVB and the CCSDS, while translating conceptual security principles into practical system-level mechanisms.

翻译：配备星间链路与星载分组交换的卫星星座，虽能实现对全球分布卫星的实时运行与管理，但也扩大了攻击面并引入前所未有的网络安全威胁。现有研究主要聚焦于单卫星点对点链路的密码学机制，未考虑星座级安全。为填补该空白，本文从两个维度拓展安全研究：从单卫星架构扩展至星座级架构，从孤立密码学扩展至融合效率、韧性与可靠性的系统级安全。这些拓展引出三个关键问题：如何针对动态星座拓扑与自适应星载路由设计高效安全机制；星座运行管理系统如何在星载安全功能最坏故障下实现韧性恢复；如何在严苛资源约束下提升星载安全功能可靠性。针对这些挑战，本文首先构建星座级混合安全框架，通过端到端加密保护语义敏感载荷字段，同时采用移动目标防御保护路由相关字段。其次，引入密码模式与安全模式管理机制，并辅以M延迟回退策略，在恢复时效性与可利用性间取得平衡。最终提出安全感知路由器，该路由器管理明文/密码模式并协调星载密码模块共享池的访问，实现多端点冗余共享，延长密码模式下安全运行时长。上述解决方案符合DVB与CCSDS等组织定义的标准，将概念性安全原则转化为实用的系统级机制。