This work proposes a defense-in-depth security framework for AI-enabled SoC FPGA-based satellite platforms to counter threats such as firmware tampering and runtime resource corruption. The framework integrates, for the first time in SoC FPGA satellite systems, cryptographic trusted boot, hardware-level runtime resource isolation, authenticated on-orbit reconfiguration, and secure AI model update mechanisms, while also supporting fault detection and safe rollback capabilities. Experimental validation on a real-world platform demonstrates that the proposed approach effectively mitigates unauthorized modifications and malicious update attacks, ensuring system stability while providing end-to-end integrity and reliability protection throughout the on-orbit operational lifecycle.

The increasing adoption of System-on-Chip Field-Programmable Gate Arrays (SoC FPGAs) in AI-enabled satellite systems, valued for their reconfigurability and in-orbit update capabilities, introduces significant security challenges. Compromised updates can lead to performance degradation, service disruptions, or adversarial manipulation of mission outcomes. To address these risks, this paper proposes a comprehensive security framework, AegisSat. It ensures the integrity and resilience of satellite platforms by (i) integrating cryptographically-based secure boot mechanisms to establish a trusted computing base; (ii) enforcing strict runtime resource isolation; (iii) employing authenticated procedures for in-orbit reconfiguration and AI model updates to prevent unauthorized modifications; and (iv) providing robust rollback capabilities to recover from boot and update failures and maintain system stability. To further support our claims, we conducted experiments demonstrating the integration of these mechanisms on contemporary SoC FPGA devices. This defense-in-depth framework is crucial for space applications, where physical access is impossible and systems must operate reliably over extended periods, thereby enhancing the trustworthiness of SoC FPGA-based satellite systems and enabling secure and resilient AI operations in orbit.