Cybersecurity in Space: How NASA’s “Pink Book” Was Created

Cybersecurity expert Rich Owen has long been retired and officially stepped away from his work, yet at NASA he is considered a true legend, and his name is known to everyone there. He is the author of the so-called “Pink Book,” which is essentially the cybersecurity standard at the Johnson Space Center in Houston. This document has had a tremendous impact on the development of the entire space industry.

Owen’s dream of space began in 1962, when astronaut John Glenn made the world’s first orbital spaceflight. It was then that young Rich decided he also wanted to become an astronaut.

To pursue his ambitious goal, he enrolled at Virginia Tech to study aeronautical engineering in order to become a pilot. However, due to poor eyesight, he received a disappointing verdict from military doctors in his first year: “You will never pilot our aircraft.”

Rich then began looking for another path. He enlisted in the Army Security Agency, which developed electronic equipment for the National Security Agency. The young specialist ended up in the electronic warfare division. As part of his duties, he learned programming and built computers based on the revolutionary 8080 chip and the Z80 microprocessor.

After his military service, Owen began working as an engineer at the Mission Control Center of the Johnson Space Center. His duties included overseeing the operation of five computers on space shuttles.

Even then, his team faced completely new challenges, as digital viruses began spreading actively and threatened the entire computer system. As a result, Owen joined a large project to develop a security program. At NASA, he was tasked with creating security requirements to be followed during the maintenance of the Space Station Control Center.

Once the requirements were developed, they were compiled into a single volume with a pink cover. This was the result of a joke by one of Owen’s assistants, who decided that using such a color for a serious security book would amuse the team. And that’s how the “Pink Book” was born.

This manual became a foundational document that established NASA’s first cybersecurity standard. Its creation is considered a turning point in NASA’s history. The book provided specialists with detailed explanations on how to combat cyber threats, even though at the time the entire field was still in its early stages of development. Later, the “Pink Book” helped NASA protect its operations from a wide range of cyber risks. Moreover, the document influenced the community beyond the Agency and became a standard for other companies and organizations facing digital threats.

Of course, NASA has not stopped there and continues to actively improve its cybersecurity technologies. For example, at the end of 2023, the first version of the Space Security Best Practices Guide was released.