INDIVIDUALS
A cybersecurity challenge at Game of Code 2019!

GovSat/SES, in collaboration with SECURITYMADEIN.LU, are proud to announce that this year – and for the first time - there will be a challenge related to cybersecurity and space.

Call out to cybersecurity experts, coders, designers and even coaches/mentors!

Information security is of everybody’s concern and we bet yours too, so are you willing to take this challenge and try to revolutionize an industry of more than 150 Billion $ worldwide? Here is the plot:

For the 2019 edition of Game of Code, GovSat and SES have developed a fictive use case of an imaginary company called ACME Sat. ACME Sat is (a fictive) satcom provider that offers managed satcom services to customers worldwide and is committed to provide best in class secure satellite communications therefore cyber security is one of their top priorities. In their continuous effort to enhance information security, they have setup the following challenge to coders and cyber security enthusiasts.

Your role

You will act as strategic advisor and integrator for the information security department of ACME Sat.

Your mission

Assess today’s satellite communication principles, especially in the information security context, and design and implement a solution that brings improvements to this ecosystem. Focusing on all components of satellite delivered services: cyber security, access control in unmanned locations, social engineering etc. is what ACME Sat is mostly interested.

The environment

Consider a classical satellite communication ecosystem which includes end-users as systems but most importantly as humans, satellite terminals (antennas), radio-frequency links, satellite itself, access to public terrestrial infrastructure and so on.

Your tools

There are no restrictions on technologies, platforms, programming language. You are free to define the scenario, but keep in mind the quality of the proposed scenario will also be evaluated.

We understand is vast, but so are the space and cybersecurity businesses. ACME Sat is just a classical example of a satcom provider so don’t panic, our teams will work alongside with you to shape ideas and guide you through satcom service architecture. In fact, we have some samples/ideas already here, check them out:

Sample 1: Service integrity validation using blockchain

Managed satcom services are complex and during their lifetime go through many changes such as: component replacements, satellite capacity upgrades/downgrades, supporting personnel turnover or data hosting migration from local hosting to cloud, just to name a few.

The challenge is to build a software application that uses blockchain for validating the integrity of a managed service throughout its entire lifetime regardless of the changes it might suffer.

Why? ACME Sat wants to help its customers in many ways: raise awareness about service modifications, detect unauthorized changes, verify the sanity of the components replaced or get a history of their service evolution.

Sample 2: Social Engineering Awareness

How about building an application/program that displays the digital/internet footprint of an entry (person name, company name, domain name, email address, telephone number etc.) and matches to the other of another entry.

Why? We want to bring awareness on the digital noise we leave behind us while browsing, using apps, social media and try find the source of information for those nasty targeted social engineering activities (e.g. targeted emails, phone calls etc.). We are all annoyed by them, to say the least so let’s turn this pain in a creative business opportunity!!!

Sample 3: Access Control System

Build software application that simulates a two-factor authentication access control system. What the application is going to open is a world of opportunities, but for the moment the authentication itself is of interest.

Why? The goal is to raise awareness on authentication systems and build the enhanced security systems of the future. There are some limitations: factors must be different and usage of knowledge factor (memorized passwords, PINs etc.) is not allowed. Would be too mainstream, right? However, there is plenty left to use: possession factor (exp. Token), biometric factor (iris, fingerprint, face), location factor (geolocation during the authentication attempt) or time factor (time of the attempt).