Australian Space Cyber Framework

Our Architecture and Framework fits hand in glove to assess and grow Australia's space capability.

In 2019, Defence awarded CyberOps a capability development project to increase space cyber resilience in Australia.

CyberOps developed the Space Cyber Architecture (SCA) and Space Cyber Framework (SCF) which establishes common space industry security practices and standards.  The SCA provides guidance on developing or upgrading security infrastructure. The SCF assists participants in the Australian Space ecosystem to strengthen the cyber resilience of client enterprises and operations, for both products and services.

CyberOps applies the SCA and SCF through a maturity assessment methodology to support sponsors, project managers, technology development and operators in the space domain. The SCA and SCF are currently used together to add a layer of cyber security in activities for defence, space and critical infrastructure domains.

Value proposition


A sovereign space cyber capability to support the space industry


Assist in maturing the cyber security posture of the space industry


Solving supply chain and space regulatory and technology issues


Tailored to a growing industry

Commonly asked questions

What is the Australian Space Cyber Framework?

CyberOps developed the Australian Space Cyber Framework (SCF)  to create a common framework for different elements of the space ecosystem to assess their security practices against established standards and to assist the Australia Space ecosystem as a whole to strengthen its cyber security posture.

Why is the Australian Space Cyber Framework important?

An essential element of successful space operations is assured and secure communications between Earth and spacecraft and between spacecraft themselves. Equally important is the resilience of the space industry supply chain.  A high level of cyber awareness and robust and resilient cyber security are essential elements within this complex and extended ecosystem. The SCF is therefore important in achieving a defensible baseline of the cyber maturity of individual elements within the Australian space ecosystem and their criticality to the system overall.

Who is the Australian Space Cyber Framework useful for?

Compliance levels against the SCF can be used by organisations for activities such as applying for licences from the Australian Space Agency or as part of Australian Defence supply chain engagements. The SCF is also applicable for space companies that are selling product or services to Australian critical infrastructure providers.

Currently the SCF is targeted at specific segments of the wider space industry, though the content is still valid for a range of corporate environments including the Defence supply chain.

How is the Australian Space Cyber Framework used?

The SCF is applied using a two stage assessment process:
Firstly, a Criticality Assessment (CA) is a short questionnaire to determines the impact of a participating organisation on the wider space industry ecosystem. This assists in determining the minimum target state security posture an organisation should attain.

Second, a space cyber security Maturity Assessment (MA) is a detailed assessment that determines an organisation’s cyber security maturity measured across eight different categories. The assessment determines the current security posture of an organisation and identifies areas for improvement. The number of questions and compliance demands increase as organisations seek to obtain higher security postures in line with their prior CA results.

How do I participate in the Australian Space Cyber Framework process?

Use Reportool to determine whether your organisation fits within the scope of the SCF by completing a short survey. The questionnaire qualifies your organisation to participate in the Space Cyber Architecture (SCA) process.  Once qualified, within 48 hours, you will be invited to complete the Criticality Assessment (CA) which is another short online survey .To participate in the full Space Cyber Framework processes (CA and MA combined), a token is required. Contact to organise access to the online tools or a Reportool account.