Securing Small Satellites: Integrating Cybersecurity into CubeSat Architecture through MBSE

The growing use of CubeSats across industry and student-led university projects has expanded the cyber threat surface of space systems, making cybersecurity a critical design consideration. Historically, satellites were expensive, state-owned assets, limiting access to space and reducing the number of potential threat actors. Today, CubeSats offer a low-cost, widely deployable alternative, enabling broader participation in space activities. However, many emerging actors lack the resources to implement robust security measures and often prioritize achieving orbit and mission functionality over cybersecurity. As a result, CubeSats are increasingly vulnerable to command spoofing, unauthorized access, data corruption, and communication jamming, which can lead to mission failure, loss of control, or interference with other space assets.

This research demonstrates how cybersecurity can be systematically embedded into CubeSat design from the earliest architectural stages using Model-Based Systems Engineering (MBSE). Specifically, it applies the Arcadia method implemented in Capella to model a 3U CubeSat. CubeSats rely on tightly interconnected subsystems — including onboard computing, attitude determination and control, and communications — creating complex interdependencies that require security considerations across every system level. Using Arcadia, mission objectives, operational scenarios, system functions, and subsystem architectures are modeled across operational, system, logical, and physical layers.

Baseline cybersecurity measures are captured as system-level constraints and traced throughout each layer: as mission-level security objectives, supporting system functions, secure data flows and component interactions, and ultimately as protections embedded in specific hardware and software components. This structured approach directly links cybersecurity requirements to mission goals and system architecture, enabling vulnerabilities to be identified and mitigated early rather than addressed post-deployment.

The expected outcome is a reusable MBSE-driven cybersecurity integration framework that supports student teams, small satellite manufacturers, and emerging space actors in improving mission resilience, system safety, and operational reliability in increasingly congested and contested space environments.