The Black Box Key Management Equipment (BBKME) is the standard data transfer device, used to transport key material between GCC (Ground Control Centres), GSS (Galileo Sensor Stations) and Satellites. For an overview of all provided key management services related to the depicted segments, please refer to the Cybels Key Management Centre (Cybels KMC).
The BBKME is able to securely store and distribute black and red key data of different lengths. The BBKME disposes of a secure audit function. The audit records date and time of security relevant events. Due to safety reasons, an emergency erasure functionality (zeroisation) is provided.
The device can differentiate between 20 crypto operators. Furthermore, the BBKME supports communication with Payload or Platform Security Unit (PxSU) devices, which are used in the same way as a Hardware Security Module (HSM).
Thales’ BKKME is used by Galileo authorities like the Global Navigation Satellite Systems Agency (GSA), as well as by nations and their organisations that are responsible for Galileo Key Management like the National Distribution Agencies (NDA), the Military and the National Security Agencies. In addition, it is used by companies that are involved in the Galileo development and operation like Thales Alenia Space (TAS), OHB and the German Aerospace Centre (DLR).
- Used for secured transport and management of key files and configuration files
- External BBKME Interface for communication with Hardware Security Modules (HSMs) and PxSU devices
- Receives and stores key or configuration files downloaded from the HSM and PxSU devices
- Records and stores audit events in audit files
- Uploads audit files on demand
- The BBKME has implemented a set of remote commands used to manage key and configuration data of the PxSU device
Ports
- FILL port - for crypto hosts
- Power supply port - 9 Volt DC 150mA
- Crypto Ignition Key (CIK) slot - for removable user access token
Protocols
- Serial protocol
- RS-485 64 kbps synchronous, HDLC protocol
Human-Machine Interface (HMI)
- Keypad: 43 keys
- Display: 6 x 20 characters
Temperature
- Operation: +10°C to +40°C
- Storage: -20°C to +50°C
Weight
2 kg
Dimensions
- Height: 55 mm
- Width: 240 mm
- Depth: 198 mm
Power supply
- Two 1.5 Volt C batteries
- Optional external power supply
Electromagnetic compatibility
In accordance with VG-Giudelines 95353
Classification
- Without key material: RESTREINT UE/EU RESTRICTED
- With key material and CIK up to: SECRET UE/EU SECRET
Accredited to
- TEMPEST: SDIP 27 Level A
- COMSEC: Common Criteria EAL 4 augmented by AVA.VAN4
Export limitations
Controlled Cryptographic Item
Operational security
- Removable user access token, Crypto Ignition Key (CIK)
- Tamper protection and detection
- Emergency erasure (zeroization)