The software behind Artemis, Gateway and America’s defense in space deserves its own strategy

When we talk about national space infrastructure, we talk about rockets, launch pads and ground stations. We invest billions in the vehicles that carry astronauts to the moon and the telescopes that peer to the edge of the universe. But we rarely talk about the software that makes all of it work. That is a blind spot — and in an era of intensifying competition in space, it is one we can no longer afford.

NASA’s Core Flight System (cFS) is an open-source flight software framework that quietly powers some of the most ambitious space missions ever attempted. Gateway. Orion. The Human Landing System. The Lunar Terrain Vehicle. Mars Sample Return. Dozens of Earth science satellites. And increasingly, systems that I cannot discuss in detail but that are critical to our national security. cFS runs beneath all of them, largely invisible, doing exactly what good infrastructure is supposed to do: working so reliably that nobody notices it is there.The cFS community has done the hard work of building a global flight software standard — now the space industry, defense partners, and policymakers must step forward to sustain it.

A community that showed up

Last month, more than 360 aerospace professionals came to Tysons Corner, Virginia, for the annual cFS Symposium. A historic winter storm closed roads, grounded flights and shuttered federal offices across the Washington region. They came anyway.

That detail matters. It tells you something about what this community understands that the broader policy conversation has not yet fully absorbed: that software is not a supporting element of the space enterprise. It is a space enterprise. Every rocket that flies, every satellite that operates, every astronaut who travels beyond low Earth orbit depends on software to survive. The people who build and maintain that software — across NASA, the Department of Defense, commercial industry, universities and partner nations — know this in their bones.

The Department of Defense sent representatives from the U.S. Space Force, DARPA, NRO, NRL and Sandia National Laboratories. They attended a classified session on the third day. Fifty commercial companies were in the room. Eleven countries sent delegates. They did not come because of a conference agenda. They came because the stakes are real.

What happened in Tysons Corner was a community of professionals from across the civil, commercial and defense space sectors declaring — through their presence, through a winter storm — that flight software is mission-critical infrastructure and that they are committed to it. That kind of commitment is rare. It should not be taken for granted.

What this moment demands

The release of cFS Draco v7.0.0 and the introduction of AerLock (available in cFS Gov) — NASA’s first native spacecraft cybersecurity product — at this year’s Symposium reflect a program that understands the moment it is operating in.

Space is no longer a benign domain. It is contested, congested and increasingly targeted by adversaries who understand that disrupting space infrastructure is among the highest-leverage actions available to them. Cybersecurity can no longer be an afterthought bolted onto missions after the fact. It must be designed from the beginning — embedded in the software layer that every mission depends on. That is what AerLock represents. Not a product announcement. A posture shift.

Draco, meanwhile, signals something equally important: that the cFS community is governing itself with the discipline and rigor of a mature operational platform — not a government research project. The retirement of constellation-based release naming in favor of standard semantic versioning is a small change with large implications. It tells every commercial company, every international partner and every defense program manager considering cFS adoption that this is a platform they can build long-term strategies around.

AerLock is our acknowledgement that the threat environment has fundamentally changed. We are not hardening one mission. We are hardening the platform that every mission runs on. That is a completely different order of magnitude — and it is long overdue.

Software is how we lead

The United States has an extraordinary opportunity — one that will not remain open indefinitely. As space programs proliferate globally, the nation that establishes the dominant software standard for spacecraft operations gains durable influence over interoperability, mission collaboration and the norms of behavior in space for decades to come. NASA, through cFS, has built that standard. The world has begun to adopt it.

But standards are not self-sustaining. They require active stewardship, sustained development and the kind of cross-sector collaboration that the 2026 Symposium demonstrated is not only possible but already well underway. The community is there. The missions are there. The national security imperative is there.

What remains is the recognition — at the policy level — that software is not overhead. It is how we explore, how we operate and increasingly, how we compete. It is time the conversation about national space infrastructure reflected that reality.

We did not set out to build a global standard. We set out to build reliable flight software that NASA missions could share. The fact that it has grown into something the entire space community depends on — civil, commercial, defense and international — tells you something profound about the value of open, reusable, mission-proven software. Now we have a responsibility to steward it at that level.

The call: adopt, contribute, govern

The cFS community is not waiting for permission. The 2026 Symposium demonstrated a level of cross-sector engagement that most government software programs never achieve. But engagement alone is not enough. What this moment calls for is a collective step forward — from participation to ownership.

For industry: the path is adoption and contribution. Commercial space companies that have not yet integrated cFS into their mission software stacks should be asking why. The framework is open, battle-tested and backed by a global community. Contributing back to the platform — through code, tools and standards development — is how the commercial sector earns a seat at the governance table and shapes the software that their missions will depend on for decades.

For defense and national security partners: the path is deeper integration and formal collaboration. The DoD’s recognition that multiple national security space systems already run on cFS is not the end of a conversation — it is the beginning of one. A formal NASA-DoD governance framework for cFS development, with shared security requirements and joint roadmap input, would strengthen both the platform and the national security posture it supports.

For international partners: the path is standardization through the consortium model. Eleven countries were represented at this year’s Symposium. An international cFS consortium — with appropriate export control frameworks — would give partner nations a structured mechanism to contribute to and benefit from the platform, while reinforcing U.S. leadership in setting the global norms for spacecraft software.

For NASA and the policy community: the path is recognition. Recognition that software is infrastructure. Recognition that open-source does not mean ungoverned. Recognition that the competitive advantage the United States currently holds in space software is not guaranteed — it must be actively maintained, evolved and protected.

The question I am asked most often is: what does success look like for cFS? My answer is simple. Success looks like every mission that needs reliable, secure, open flight software having access to it — regardless of whether they are a NASA center, a defense program, a commercial startup, or an international partner. We are closer to that vision than most people realize. But getting all the way there requires the space community to treat software governance with the same seriousness it treats mission hardware.

The people who came to Tysons Corner through a winter storm last month already know that software is how we maintain leadership over the space frontier. The missions that depend on cFS today — and the missions we have not yet imagined — are counting on the rest of us to catch up.

The standard exists. The community is ready. The moment is now.

Ashok Prajapati is the program manager of NASA’s Core Flight System at Goddard Space Flight Center. He leads the NASA cFS Steering Committee and serves as the program’s primary architect of cross-agency collaboration across NASA, DoD, industry and international partners. He also co-chairs AIAA’s Aerospace Cybersecurity Working Group.

SpaceNews is committed to publishing our community’s diverse perspectives. Whether you’re an academic, executive, engineer or even just a concerned citizen of the cosmos, send your arguments and viewpoints to opinion (at) spacenews.com to be considered for publication online or in our next magazine. If you have something to submit, read some of our recent opinion articles and our submission guidelinesto get a sense of what we’re looking for. The perspectives shared in these opinion articles are solely those of the authors and do not necessarily represent their employers or professional affiliations.