New ESA Hardware Security Laboratory built by eShard

Protecting the ground segment of space networks

Orbiting assets may cruise hundreds of kilometres above Earth, but the ground-segment equipment that keeps them online sits in car parks, roof-tops and control rooms that can be reached. Private companies now operate more than 60% of the active satellites in orbit, multiplying the user terminals, gateway racks and ground-station antenna that must be trusted day-to-day.

Recent events show why that trust matters. On 24 February 2022, a wiper attack against Viasat’s KA-SAT network knocked tens of thousands of customer modems offline and cut remote-monitoring links to 5,800 Enercon wind turbines in Germany, demonstrating how a single strike on ground hardware can ripple across critical services.

Security research is pushing the same lesson from another angle. At Black Hat 2022, engineer Lennert Wouters used a home-built fault-injection “modchip” that cost about €230 (~$250) to gain persistent root access to a Starlink user terminal—proof that physical intrusion is a valid threat, even with low-budget equipment.

Taken together, these trends make it clear: defending the terminals is defending the constellation. The European Space Agency (ESA) therefore required a laboratory where engineers could replicate real-world side-channel attacks, electromagnetic attacks and fault injection glitches to advocate good security practices and appropriate levels of counter-measures.

Building capacity for hands-on hardware defence

In 2024, the European Space Agency opened a competitive tender for designing and building a Hardware Security Laboratory able to replicate state-of-the-art side-channel analysis (SCA), electromagnetic (EMFI) and glitch attacks.

After a competitive evaluation, eShard was awarded and provided as first step, a full survey of current attack techniques against modern chips. This work was carried out under the Element 1 of the ESA Programme Related to EU Secure Connectivity under ESA Contract No. 4000145162/24/NL/AF and funded by the European Space Agency and may be used to support ESA in its role of IRIS² Qualification and Validation Authority.

The study set the technical requirements and a clear verification plan for ESA’s new laboratory.

With the technical baseline agreed, the project shifted from analysis to execution. eShard translated the requirements into a concrete bill of equipment, verified each component at its own facility, and then transferred the complete, pre-configured equipment to ESA’s ESTEC centre for installation and site-acceptance testing.

Inside ESA’s new Hardware Security Laboratory

eShard has supplied a complete test environment that covers Side-Channel Analysis (SCA), Electromagnetic Fault Injection (EMFI) and precision voltage and clock glitching — the three physical-attack techniques most commonly used.

All benches are driven by esDynamic, installed on a dedicated server within ESA’s secure network. From any authorised workstation, engineers can control oscilloscopes and injectors in real time, watch traces as they stream in and tweak attack parameters together, without any data ever leaving the agency.

To accelerate productivity, eShard delivered a library of pre-built attack scenarios and use cases, executable notebooks and reference datasets, plus hands-on training sessions with subject-matter experts.

What’s next

ESA has confirmed its satisfaction with the laboratory’s roll-out and next steps to deepen its collaboration with eShard are already under discussion.

The view expressed herein can in no way be taken to reflect the official opinion of the European Space Agency.