This thesis explores the security of On-Board Software (OBSW) within mixed-criticality space applications, emphasizing post-exploitation threats and the need for a structured and standardized vulnerability discovery and assessment framework.

To address these challenges, we develop a threat model tailored to RTOS-based space systems, identifying key attack surfaces and adversary capabilities. Our methodology leverages fuzzing methods to systematically uncover vulnerabilities in FreeRTOS, a widely adopted RTOS in space applications, and automates the false-positive/duplicates elimination procedure to minimize the manual work needed during crash triage. The results highlight weaknesses in task isolation and privilege management, demonstrating the feasibility of horizontal lateral movement within on-board software systems.

To evaluate the severity of identified vulnerabilities we integrate an adaptation of the Common Vulnerability Scoring System (CVSS) tailored to space software security with focus on the temporal and environmental metrics. Additionally, we validate our findings through a Cube-FlatSAT experimental setup, demonstrating real-world applicability and reinforcing the need for improved isolation mechanisms in space-grade RTOS.

This research also contributes to the SPACE-SHIELD framework by refining post-exploitation analysis techniques. Our work underscores the necessity of standardized security assessments for on-board space systems, making the first step for robust development of space software against emerging cyber threats in the space domain.