Short Takes – 2-1-26 – Space Geek Edition

Here’s why Blue Origin just ended its suborbital space tourism program. ArsTechnica.com commentary. Pull quote: “The decision to end New Shepard will inconvenience a few dozen very rich people waiting their turn to go into space on New Shepard, but more broadly, it is a win for the US space industry. Blue Origin has justifiably been criticized for trying to do too many things at once, resulting in all of its programs moving too slowly. Focusing on New Glenn and the lunar lander program in the near term will be a great boon for space access and the nation’s competition with China to secure the Moon.”

NASA Selects Axiom Space for Fifth Private Astronaut Mission to International Space Station. AxiomSpace.com article. Pull quote: ““Voyager’s role on Ax-5 reflects a proven mission-management heritage built through years of supporting commercial payloads on the space station,” said Dylan Taylor, chairman & CEO, Voyager Technologies. “We are proud to partner with Axiom Space in support of the Ax-5 mission. As commercial LEO destinations mature into sustained operational domains, missions like Ax-5 will further demonstrate the power of end-to-end execution across human spaceflight, research payloads, and the commercial infrastructure shaping the future space economy.””

SpaceX files plans for million-satellite orbital data center constellation. SpaceNews.com article. Pull quote: “Much of the filing emphasizes the advantages of orbital data centers, a concept being explored by both established companies and startups. SpaceX argues that rising costs and power demands of terrestrial data centers, combined with falling launch costs, could make space-based computing more economical in the coming years.”

GAO flags risks in Space Development Agency’s missile-tracking satellite program. SpaceNews.com article. Pull quote: “GAO issued six recommendations, including urging SDA to conduct more rigorous assessments of technology readiness, develop an architecture-level schedule, improve collaboration with warfighters, and require more complete cost data from contractors. The Department of Defense concurred with most of the recommendations but only partially agreed with one.” Report link.

Space Command’s case for orbital logistics: Why the Pentagon is being urged to think beyond launch. SpaceNews.com article. Pull quote: “Speaking Jan. 28 at the SpaceCom Space Mobility conference, Whiting, commander of U.S. Space Command, laid out a detailed case for building a space transportation and logistics infrastructure that would allow U.S. satellites to maneuver, be repaired, refueled and sustained in orbit — much as U.S. forces on land, sea and in the air depend on vast logistics networks to operate and fight.”

NASA considering alternatives for Gateway logistics. SpaceNews.com article. Pull quote: “Work on Gateway logistics paused last year following the administration’s fiscal year 2026 budget proposal, which sought to cancel the Gateway. Congress, however, funded the program in the budget reconciliation bill passed last July.”

China eyes space resources, space tourism and on-orbit digital infrastructure. SpaceNews.com article. Pull quote: “Regarding space-based digital infrastructure, CASC proposes gigawatt-scale space-based computing infrastructure, envisioning integrated cloud-edge-terminal architecture in orbit. Concepts include space data processed in space and joint space-ground computing. This aligns with Chinese interests in reducing reliance on downlink bandwidth, autonomous satellite operations and space-based AI and data processing, as demonstrated by experimental satellites and push to develop capabilities including optical inter-satellite links.”

U.S. Space Command to bring commercial firms into classified wargame on nuclear threats in space. SpaceNews.com article. Pull quote: “Analysts note that the treaty’s [1967 Outer Space Treaty] prohibition is narrower than it sometimes appears. It does not ban all weapons in space. Anti-satellite weapons, electronic warfare, cyber operations and other counterspace capabilities fall outside the WMD ban and have been developed for years under national military doctrines.”

Backlog List

• Toxicology and Environmental Chemistry,

• Earth would have 3 days to avoid satellite catastrophe from solar storm,

• Why U.S. and Chinese satellites are ‘dogfighting’ in orbit,

• Congress’ SBIR standoff is slowing Space Force innovation — it must act now,

• Starlink Satellite Malfunctions, Ejects Debris Fragments,

• Germany awards $1.9 billion SAR satellite deal to Rheinmetall-Iceye venture,

• Trump signs sweeping executive order to assert U.S. dominance in space,

• Fact Sheet: President Donald J. Trump Launches a New Age of American Space Achievement,

• China plans 2026 debut of new rocket for crewed lunar and LEO missions, and

• ESA weighing options to address exploration funding shortfall.

Review – Bills Introduced – 2-2-26

Yesterday, with both the House and Senate in Washington, there were 30 bills introduced. One of those bills may receive additional coverage in this blog:

HR 7305 To amend the Infrastructure Investment and Jobs Act to reauthorize the Department of Energy's Energy Sector Operational Support for Cyberresilience Program to provide operational support for energy sector cybersecurity and resilience. Castor, Kathy [Rep.-D-FL-14]

 

For more information on these bills, including legislative history for similar bills in the 118^th Congress, as well as a mention in passing of a bill to require cybersecurity regulations in the SNAP program, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/bills-introduced-2-2-26  - subscription required.

Rule for HR 7148 Senate Amendment – Consolidated Appropriations

 This evening the House Rules Committee held a rule hearing for three bills that ill be considered under a rule, that includes the Senate Amendment to HR 7148 that removes the DHS spending portion of the bill and substitutes continuing resolution language for that Division. The Committee approved a closed rule to concur with the Senate Amendment by a party-line vote of 8 to 4. This means that there will be just one hour of debate on the Amendment, no amendments to be offered, and a single vote on passage.

A large portion of the federal government remains under shutdown since Friday midnight because the Senate amended the last minibus spending bill on Friday, the last day of the latest continuing resolution. If the House concurs with the Senate Amendment tomorrow, as is mostly expected, the completed bill goes to the President for signature. There remains a chance that the bill will fail in House tomorrow; House Democrats are not expected to vote for the Senate Amendment as an expression of their concerns about recent lethal immigration enforcement activities by ICE and CBP. If more than two Republicans also vote Nay on the bill because of underlying spending issues, then the bill would fail. Of course, each Democrat that did vote in favor of the Senate Amendment would provide legislative cover for an additional Republican to vote their fiscal concerns.

The House is expected to vote on the rule at about 11:30 am EST. If the rule passes a vote on the Senate Amendment is expected at about 1:00 pm EST.

Review – Committee Hearings – Week of 2-1-26

 This week both the House and Senate will be in Washington. There is a moderately busy hearing schedule, including a spending bill rule hearing and a FERC oversight hearing in the House. In the Senate there will be a space geek markup hearing and a water cybersecurity hearing.

Rule Hearing

This afternoon the Houe Rules Committee will hold a rule hearing to consider five pieces of legislation, including the Senate amended version of HR 7148, the Consolidated Appropriations Act. The amendment adopted by the Senate on Friday deleted Division H (effectively HR 7147, the DHS spending bill),  of the bill passed in the House and added continuing resolution language. That language would continue DHS funding at current rates (still including chemical security spending) through February 13^th, 2026.

FERC Oversight

On Tuesday the Subcommittee on Energy of the House Energy and Commerce Committee will hold a hearing on “Oversight of FERC: Advancing Affordable and Reliable Energy for All Americans”. The witness list includes the five FERC Commissioners.

Markup Hearings

On Tuesday the Senate Commerce, Science and Technology Committee will hold a business meeting. It will include marking-up S 1848, the Orbital Sustainability (ORBITS) Act of 2025.

Water Cybersecurity

On Wednesday the Senate Environment and Public Works Committee will hold a hearing on “Identifying and Addressing Cybersecurity Challenges to Protect America’s Water Infrastructure”.

 

For more information on these hearings, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/committee-hearings-week-of-2-1-26 - subscription required.

Review – Public ICS Disclosures – Week of 1-24-26 – Part 2

For Part 2 we have six additional vendor disclosures from dormakaba (3), Splunk, and WatchGuard (2). We have bulk vendor updates from Broadcom (7). There are six additional vendor updates from HP, HPE (3), Palo Alto Networks, and VMware. We also have a researcher report on vulnerabilities in products from IDIS. Finally, we have an exploit for products from Advantech.

Advisories

Dormakaba Advisory #1 - Dormakaba published an advisory that describes 12 vulnerabilities in their Access Manager product.

Dormakaba Advisory #2 - Dormakaba published an advisory that describes seven vulnerabilities in their Kaba exos 9300 systems.

Dormakaba Advisory #3 - Dormakaba published an advisory that describes a debug messages revealing unnecessary information vulnerability in their registration Unit 9002 Generation K5.

Splunk Advisory - Splunk published an advisory that discusses an improper handling of length parameter inconsistency vulnerability (with publicly available exploits, listed in CISA’s KEV catalog) in their Enterprise product.

WatchGuard Advisory #1 - WatchGuard published an advisory that discusses a privilege escalation vulnerability in their Mobile VPN with IPSec client for Windows.

WatchGuard Advisory #2 - WatchGuard published an advisory that describes an LDAP injection vulnerability in their Fireware OS product.

Bulk Vendor Updates – Broadcom

• Brocade Fabric OS (10.x and 9.2.x Releases) Vulnerability Disclosures,

• OS command injection vulnerability in OpenSSH (CVE-2023-51385),

• Brocade ASCG Vulnerability Disclosures,

• Brocade SANnav Vulnerability Disclosures,

• CVE-2023-31928 - XSS vulnerability in Brocade Webtools,

• Potential Denial of Service exploit in Net-SNMP 5.8 through 5.9.3, and

• Linux Kernel Vulnerable to Dangling Pointer via Garbage Collector Racing Against Connect() in AF_UNIX Module.

Bulk Vendor Updates – Hitachi Energy

• Cybersecurity Advisory - Reboot Vulnerability in Hitachi Energy Relion 670/650 and SAM600-IO series products,

• Cybersecurity Advisory - Improper Input Validation Vulnerability in Hitachi Energy’s Relion® 670/650/SAM600-IO series Product,

• Cybersecurity Advisory - OpenSSL Vulnerabilities in Hitachi Energy’s Relion® 670, 650, SAM600-IO series Product,

• Cybersecurity Advisory - Update package validation Vulnerability in Hitachi Energy’s Relion® 670, 650 and SAM600-IO Series Products, and

• Cybersecurity Advisory - IEC 61850 MMS-Server Vulnerability in Hitachi Energy’s Relion® 670, 650 series and SAM600-IO Products.

Updates

HP Update - HP published an update for their Intel Ethernet I219 Software advisory that was originally published on February 11^th, 2025, and most recently updated on April 24^th, 2025.

HPE Update #1 - HPE published an update for their OneView Software advisory that was originally published on December 17^th, 2025, and most recently updated on December 26^th, 2025.

HPE Update #2 - HPE published an update for their Aruba Networking Virtual Intranet Access advisory that was originally published on January 13^th, 2026.

HPE Update #3 - HPE published an update for their Aruba Networking AOS-8 advisory that was originally published on January 13^th, 2026.

Palo Alto Networks Update - PAN published an update for their GlobalProtect Gateway and Portal advisory that was originally published on January 14^th, 2026, and most recently updated on January 16^th, 2026.

VMware Update - Broadcom published an update for the VMware vCenter Server advisory that was originally published on June 17^th, 2024.

Researcher Reports

IDIS Report - Claroty published a report that describes an argument injection vulnerability in the IDIS ICM Viewer.

Exploits

Advantech Exploit - Indoushka published an exploit for an SQL Injection vulnerability in the Advantech IoTSuite and IoT Edge products.

 

For more information about these disclosures, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-1-2c5 - subscription required.

Short Takes – 1-31-26 – Federal Register Edition

Hazardous Materials: Request for Feedback on Hazmat Transportation Risks: Heavy-Duty Electric Vehicles Versus Internal Combustion Engine Motor Carriers. Federal Register PHMSA request for information. Summary: “The Pipeline and Hazardous Materials Safety Administration (PHMSA) seeks public input on the safety risks, operational challenges, and regulatory considerations associated with transporting hazardous materials (hazmat) using heavy-duty electric vehicles (EVs) compared to internal combustion engine (ICE) motor carriers (i.e., gas or diesel). PHMSA aims to understand what impact the transition from ICE to EV motor carriers may have on hazmat packaging integrity, transportation safety, emergency response protocols, regulatory compliance, and overall vehicle risk. PHMSA may use the information gathered to develop a statement of work for further research into the safety of transporting hazardous materials in EVs.”

Categorical Exclusion for Advanced Nuclear Reactors. Federal Register DOE categorical exception notice. Summary: “The U.S. Department of Energy (DOE or the Department) is establishing a categorical exclusion for authorization, siting, construction, operation, reauthorization, and decommissioning of advanced nuclear reactors for inclusion in its National Environmental Policy Act (NEPA) implementing procedures. DOE is including the categorical exclusion in the component of its NEPA implementing procedures that it maintains outside of the Code of Federal Regulations. The new categorical exclusion is based on the experience of DOE and other Federal agencies, current technologies, regulatory requirements, and accepted industry practice.”

Best Practices Webinar Series Presented by the National Center of Excellence for Liquefied Natural Gas Safety. Federal Register PHMSA webinar notice. Summary: “The National Center of Excellence for Liquefied Natural Gas Safety (National LNG Center) will host a series of informational webinars on best practices for LNG safety, titled “Prioritizing Safety: Best Practices in LNG.” The webinars are free, will be hosted virtually, and will require advance registration. The series will be held monthly using Zoom. Each webinar will be one hour in length and will be recorded. The National LNG Center will provide electronic access to all materials, including recordings, transcripts, and presentations, after conclusion of each webinar. The webinars will cover a different best practice each session.”

Clearance of Renewed Approval of Information Collection: Small Unmanned Aircraft Registration System. Federal Register FAA 30-day ICR renewal notice. Summary: “In accordance with the Paperwork Reduction Act of 1995, FAA invites public comments about our intention to request the Office of Management and Budget (OMB) approval to renew an information collection. The Federal Register Notice with a 60-day comment period soliciting comments on the following collection of information was published on September 23, 2025. The collection involves inputting minimal information into a database to register small, unmanned aircraft. Aircraft registration is necessary to ensure personal accountability among all users of the National Airspace System (NAS). Aircraft registration also allows the FAA and law enforcement agencies to address non-compliance by providing the means for identifying an aircraft's owner and operator. This collection also permits individuals to de-register or update their record in the registration database.”

EO 14377 - Addressing State and Local Failures to Rebuild Los Angeles After Wildfire Disasters. Federal Register.

EO 14378 - Continuance of the Federal Emergency Management Agency Review Council. Federal Register.

PHMSA Publishes 60-day Renewal Notice for 7 Hazmat ICRs

Yesterday DOT’s Pipeline and Hazardous Material Safety Administration (PHMSA) published a 60-day information collection request (ICR) renewal notice in the Federal Register (91 FR 4172-4178) for seven hazardous materials ICRs. According to the notice: “PHMSA has revised burden estimates, where appropriate, to reflect current reporting levels or adjustments based on changes in proposed or final rules published since the information collections were last approved.”

The seven ICRs include:

Inspection and Testing of Portable Tanks and Intermediate Bulk Containers (2137-0018),

Hazardous Materials Incident Reports (2137-0039),

Rail Carrier and Tank Car Tanks Requirements, Rail Tank Car Tanks—Transportation of Hazardous Materials by Rail (2137-0559),

Testing Requirements for Non-Bulk Packaging (2137-0572),

Hazardous Materials Public Sector Training and Planning Grants (2137-0586),

Cargo Tank Motor Vehicles in Liquefied Compressed Gas Service (2137-0595), and

Inspection and Testing of Meter Provers (2137-0620).

NOTE: The first link for each ICR is for the description of the collection in yesterday’s notice. The last link is to the currently approved ICR record.

The table below shows the burden estimate for both this renewal notice and the currently approved ICR.

 

There is no explanation for the large change in the burden estimates for 2137-0559 in yesterday’s notice. Comparing the detailed burden information in the notice with the Supporting Document that PHMSA provided to OIRA for the current ICR, there are six information collections missing from the notice:

• Hazardous Materials Train Consist Additional Information (Class I, II, III Railroads) - Section 174.26 (131,042 responses and 10,876 hrs),

• Notification of Hazardous Materials Accidents or Incidents - Class I, II, II Railroad - Section 174.26 (491 responses and 122.75 hrs),

• Creation of Test Records for Emergency System Notification Test (Class I, II, III) – Section (658 responses and 1438 hrs),

• Retention of Test Records for Emergency System Notification Test – Section 174.28(b) (758 responses and 63 hrs),

• Creation of Class III alternative emergency response information plan – Section (388 responses and 1,552 hrs), and

• Retention of Class III alternative emergency response information plan (Retention Only) – Section (388 responses and 32 hrs).

These may have been moved to new ICR. We will be able to tell for sure when PHMSA submits the renewal request to OIRA after the 30-day ICR notice is published.

PHMSA is soliciting public comments on this ICR renewal. Comments may be submitted via the Federal eRulemaking Portal (www.Regulations.gov; Docket #PHMSA-2026-0199). Comments should be submitted by March 31^st, 2026.