Department of the navy (don) 17. 1 Small Business Innovation Research (sbir) Proposal Submission Instructions introduction

TECHNOLOGY AREA(S): Information Systems

ACQUISITION PROGRAM: Program Executive Office Integrated Warfare System (PEO IWS) 1.0 – AEGIS Combat System; PEO IWS 10.0 – Ship Self Defense System (SSDS)

The technology within this topic is restricted under the International Traffic in Arms Regulation (ITAR), 22 CFR Parts 120-130, which controls the export and import of defense-related material and services, including export of sensitive technical data, or the Export Administration Regulation (EAR), 15 CFR Parts 730-774, which controls dual use items. Offerors must disclose any proposed use of foreign nationals (FNs), their country(ies) of origin, the type of visa or work permit possessed, and the statement of work (SOW) tasks intended for accomplishment by the FN(s) in accordance with section 5.4.c.(8) of the Announcement. Offerors are advised foreign nationals proposed to perform on this topic may be restricted due to the technical data under US Export Control Laws.

OBJECTIVE: Develop a virtualization capability that provides cyber resiliency for the AEGIS and Ship Self Defense Ship (SSDS) Combat Systems.

DESCRIPTION: Cyber resilience is about the management—not the elimination—of risk. Not only is eliminating risk impossible, but it impedes agility; an environment with an acceptable level of risk supports innovation. Cyber resiliency techniques that help a system combat a cyber-attack (an attempt by hackers to damage or destroy a computer network or system) are essential in today’s cyber environment. Without these techniques, systems are susceptible to a wide range of accidental or malicious events. In computing, virtualization refers to the act of creating a virtual (rather than actual) version of something, including virtual computer hardware platforms, operating systems, storage devices, and computer network resources. Successful use of virtualization to implement cyber resiliency capabilities will help manage a cyber-attack.

Virtualization presents a new set of risks to organizations adopting it and it is vital to be aware of risks and information security risk management strategies when implementing a virtualization strategy. The Navy’s current cybersecurity capabilities are for complex, system-of-systems surface combat systems. They currently focus on the protection and detection phases of the cyber-kill chain. The ability to combat a cyber-attack today is manual and limited due to the complexity of identifying and confirming the attack and the limited options available to restoring the system back to a trusted state in a timely manner. Identifying how virtualization can be used to implement cyber resiliency capabilities to help the combat system - detect cyber-attacks, initially react to the cyber-attack (triage) and restore the system to a trusted state during a cyber-attack - will augment the various techniques used to support cyber resiliency.

The Navy seeks an innovative technology that integrates and employs multiple cyber resiliency techniques in a virtual space. These techniques include:

(1) The Adaptive Response technique, which provides the ability to respond to a detected cyber-attack.

(2) The Heterogeneity technique, which utilizes diverse technologies to minimize the impact of attacks and simultaneously require adversaries to attack multiple different types of technologies.

(3) The Distributive Allocation technique, which positions critical assets, sensors, and processing in order to provide an unpredictable attack surface to the adversary and make it more difficult for the adversary to successfully locate, target, and compromise a cyber-asset.

(4) The Redundancy technique, which deploys multiple protected instantiations of mission critical information or cyber assets.

(5) A Coordinated Defense technique, which is a variety of distinct cybersecurity controls to defend mission dependent resources against adversary actions.
These integrated techniques better position surface navy combat systems to combat and recover from a cyber-attack. The virtual environment established will enable fast failover (< 1 second) with low latency (milliseconds) in communications.

The Phase II effort will likely require secure access, and NAVSEA will process the DD254 to support the contractor for personnel and facility certification for secure access. The Phase I effort will not require access to classified information. If need be, data of the same level of complexity as secured data will be provided to support Phase I work.

PHASE I: Develop concepts using virtualization in support of the cyber resiliency techniques identified in the Description section of this document. The company will also develop a Plan of Action, Milestones (POA&M) to design, develop, test and integrate the proposed architecture into both the AEGIS, and SSDS combat system environments. Navy subject matter experts (SMEs) will establish feasibility through evaluation and its applicability to the cyber resiliency defined techniques for integration into the combat system environment. For the purpose of Phase I the combat systems environment is a real-time environment with high availability requirements requiring fast failover (< 1 second) and low latency communication requirements (milliseconds). The Phase I Option, if awarded, will include the initial design specifications and capabilities description to build a prototype in Phase II.

PHASE II: Based upon the results of Phase I and the Phase II Statement of Work (SOW), a prototype approach using virtualization to implement features of cyber resiliency will be developed, delivered, and implemented at a Land Based Test Site (LBTS), which represents a combat system environment. The prototype must be capable of demonstrating the implementation and integration of the five cyber resiliency techniques into the combat system environment. All of these capabilities shall be able to execute with little to no impact to the performance of the combat system environment under test. The company will provide requirements, test plans and procedures to demonstrate the product meets the attributes described in the Description section of this document. The company will prepare a Phase III development plan to transition the technology for Navy and potential commercial use.

PHASE III DUAL USE APPLICATIONS: During Phase III, the company will be expected to support both PEO IWS 1.0 and 10.0 in system integration of the developed cybersecurity framework from Phase II. This will be accomplished by incorporation of the cyber resiliency techniques into each combat system’s (AEGIS and SSDS) baseline modernization process. This will consist of integrating into a baselines definition, incorporation of the baselines existing and new cybersecurity capabilities, validation testing, and combat system certification. Private Sector Commercial Potential: These cyber resiliency techniques implemented by virtualization could support any environment that is able to use virtualization and has a need to fight through a cyber-attack. Examples would be safety systems or financial systems in which availability and integrity are paramount.

REFERENCES:

1. Lockheed Martin, “The Cyber Kill Chain.” 15 April 2016. http://cyber.lockheedmartin.com/solutions/cyber-kill-chain.

2. Bodeau , D. and, Graubart, R. “Cyber Resiliency Engineering Framework.” September 2011. www.mitre.org/sites/default/files/pdf/11_4436.pdf.

3. Nicholas, M. J. and Christopher, O. S. “Building the Theory of Resilience.” January 2013. URL last accessed 15 April 2016. http://cybersecurity.pnnl.gov/documents/Theory_of_Resilience-V15.pdf.

4. “Department of Defense Defense Science Board Task Force Report: Resilient Military Systems and the Advanced Cyber Threat,” January 2013. http://www.acq.osd.mil/dsb/reports/ResilientMilitarySystems.CyberThreat.pdf”-

KEYWORDS: Cyber-kill Chain; Cybersecurity; Cyber-attack; Information Security; Cyber Resilience; Virtualization for Cybersecurity

Questions may also be submitted through DoD SBIR/STTR SITIS website.

TECHNOLOGY AREA(S): Information Systems

ACQUISITION PROGRAM: Program Executive Office Integrated Warfare Systems (PEO IWS) 1.0 – AEGIS Combat System; PEO IWS 10.0 – Ship Self Defense System (SSDS)

The technology within this topic is restricted under the International Traffic in Arms Regulation (ITAR), 22 CFR Parts 120-130, which controls the export and import of defense-related material and services, including export of sensitive technical data, or the Export Administration Regulation (EAR), 15 CFR Parts 730-774, which controls dual use items. Offerors must disclose any proposed use of foreign nationals (FNs), their country(ies) of origin, the type of visa or work permit possessed, and the statement of work (SOW) tasks intended for accomplishment by the FN(s) in accordance with section 5.4.c.(8) of the Announcement. Offerors are advised foreign nationals proposed to perform on this topic may be restricted due to the technical data under US Export Control Laws.

OBJECTIVE: Develop a modular, extensible, open, and updateable software-based cybersecurity framework for the AEGIS and Ship Self Defense Ship (SSDS) Combat Systems used to integrate multiple cybersecurity capabilities.

DESCRIPTION: U.S. Navy Combat Systems are required to address cybersecurity. The combat systems use cybersecurity capabilities that detect, prevent and react to cyber threats in today’s cyber environment. Without these capabilities, systems are susceptible to a wide range of accidental and/or malicious events. To address cybersecurity within surface ship combat systems, cybersecurity capabilities are needed to implement a Defense-In-Depth approach. Two common challenges associated with these capabilities are 1) the complicated and unique interfaces to use and manage them and 2) the need to update capabilities frequently to maintain their effectiveness against the threat. Developing a framework that provides a simple and consolidated interface and the ability to update with little or no impact to the combat system will help ensure a more effective Defense-in-Depth cybersecurity solution.

Cybersecurity capabilities available today are challenging to integrate and sustain for complex, system-of-systems surface navy combat systems. These cybersecurity capabilities, both COTS (e.g. anti-virus scanners, file integrity checkers) and GOTS (network integrity checkers, Security Information Event Managers (SIEMs)), are developed as standalone solutions with their own design and architecture. Most of these capabilities offer vendor-specific (known as vendor-lock) client-server architectures that assume computing environments with synchronous update cycles under a single programmatic authority. Such solutions present challenges. Adoption of vendor-specific technologies typically locks the combat system into the expertise and capabilities of that single vendor or solution provider, making it challenging to leverage the unique strengths of various companies across different domains. Vendor-lock also prevents developers of various combat system sensors and weapon systems from contributing tailored monitoring solutions to the overall cybersecurity solution set. An example of this would be the Navy-mandated Host Based Security System (HBSS). It provides a static list of capabilities, which are not executed on the combat systems hardware and operating system.

Asynchronous modernization and fielding timelines across various combat system elements make coordinated fielding of new cybersecurity capabilities (additional clients) or improvements (improved/updated clients) extremely challenging. The combat system’s flexibility to provide rapid updates to detect emerging attack techniques is limited.

The Navy seeks an innovative software-based solution for a modular and extensible cybersecurity framework for surface navy combat systems. The framework’s registration scheme will permit only validated and authenticated endpoint solutions to connect with the framework. It should have a simple and consolidated interface. The approach shall be modular with the ability to update with little or no impact to the combat system performance. To prevent vendor-lock it should be a communication standard solution to allow plug-and-play of new capabilities in the framework.

The benefits of this technology will enable surface navy combat systems to field cybersecurity-monitoring capabilities more rapidly than the typical multi-year cycle while eliminating the need for costly software deliveries and installations.

The Phase II effort will likely require secure access, and NAVSEA will process the DD254 to support the contractor for personnel and facility certification for secure access. The Phase I effort will not require access to classified information. If need be, data of the same level of complexity as secured data will be provided to support Phase I work.

PHASE I: Define and develop conceptual approaches and architectures to implement an open, modular, extensible and updateable cybersecurity framework that addresses attributes identified in the description section of this document. Feasibility for the selected approach will be established through modeling and algorithms that show their ability to allow for upgrades or modifications across multiple combat system architectures. The Phase I Option, if awarded, should include the initial layout of the capabilities description.

PHASE II: Based upon the results of Phase I, a software-based prototype of the cybersecurity framework will be developed and delivered. The prototype must be capable of demonstrating the integration of various non-vendor specific cybersecurity capabilities, the ability to manage those capabilities, a secure (authenticated and validated) ability to add new and update existing capabilities, and have a simple and intuitive user interface that visualizes the cyber health status of the system. All of these capabilities need to be executable with little to no impact to the performance of the combat system. The prototype will be validated through the company, coordinating test event(s) with each identified Navy combat systems test director and test team via a LBTS (Land Based Test Site) used for testing those systems. The company will develop a Plan of Action and Milestones (POA&M) to design, develop, test and integrate the proposed architecture into both the AEGIS and SSDS combat system environments and preliminary cost estimates for each identified approach.

The company shall provide requirements and interface description documentation, test plans and procedures to demonstrate the product meets the attributes described in the description section of this document, and a transition plan for Phase III.

PHASE III DUAL USE APPLICATIONS: Support both PEO IWS 1.0 and 10.0 in the integration of the developed cybersecurity framework from Phase II. This will be done by incorporation of the framework into each combat systems (AEGIS and SSDS) baseline modernization process. This will consist of integrating into a baseline definition, incorporation of the existing baselines and new cybersecurity capabilities, validation testing, and combat system certification. Private Sector Commercial Potential: This framework can support any environment that has challenges with integrating, updating, and managing various vendor cybersecurity capabilities due to the cost associated with required and frequent updates and the inability to update quickly. Examples of those industries could be those that use control systems such as nuclear facilities or the Federal Aviation Administration (FAA).

REFERENCES:

1. Department of the Navy Chief Information Officer. “DOD Instruction 8500.1 Cybersecurity.” DTIC. 14 March 2014. http://dtic.mil/whs/directives/corres/pdf/850001_2014.pdf.

2. “Host Based Security Systems.” Defense Information Systems Agency (DISA). 15 April 2016. http://disa.mil/cybersecurity/network-defense/hbss.-

KEYWORDS: Combat systems; Cybersecurity Challenges; Cybersecurity; Vendor-lock; Defense-In-Depth approach; Cybersecurity framework; Host Based Security System

Questions may also be submitted through DoD SBIR/STTR SITIS website.

TECHNOLOGY AREA(S): Battlespace, Electronics, Sensors

ACQUISITION PROGRAM: Program Executive Office Integrated Warfare Systems (PEO IWS) 2, Above Water Sensors, AN/SPS-49 Radar

The technology within this topic is restricted under the International Traffic in Arms Regulation (ITAR), 22 CFR Parts 120-130, which controls the export and import of defense-related material and services, including export of sensitive technical data, or the Export Administration Regulation (EAR), 15 CFR Parts 730-774, which controls dual use items. Offerors must disclose any proposed use of foreign nationals (FNs), their country(ies) of origin, the type of visa or work permit possessed, and the statement of work (SOW) tasks intended for accomplishment by the FN(s) in accordance with section 5.4.c.(8) of the Announcement. Offerors are advised foreign nationals proposed to perform on this topic may be restricted due to the technical data under US Export Control Laws.

OBJECTIVE: Develop advanced direct digital exciter software and associated hardware technology for direct synthesis of radar waveforms to improve performance and reduce cost.

DESCRIPTION: The Navy requires modern direct digital exciter technology for use with frequency-agile, rotating, air surveillance radar systems. Existing radar systems, designed 30 to 40 years ago, utilize two or three analog frequency up-conversion stages with multiple local oscillators, mixers, adders, dividers, and switches to create pseudo-frequency-agile radar waveforms. State-of-the-art in their time, these systems do not have the complete waveform agility to maintain optimum performance under future electronic attack. The only means for implementing advanced, robust, truly frequency-agile waveforms is to replace the entire radar exciter subsystem. Furthermore, as existing systems age and require technical updating (tech refresh), an opportunity to simplify the system, reduce the cost of future tech refresh, and allow for software generated waveform upgrades becomes available. Technology refresh for radar systems covering all transmitter and receiver electronics is actively being pursued. Maintaining operational availability for older radar systems is increasingly difficult and maintenance costs are increasing due to parts obsolescence. Consequently, advanced direct digital exciters will realize continuing cost savings as well as performance enhancements in legacy radars throughout their remaining service lives.

Digital technology presents the radar system designer with a multitude of options and allows arbitrarily transmitted waveforms to be synthesized on a pulse-to-pulse basis (Ref. 1). Digital signal synthesis (akin to arbitrary waveform generation) has matured rapidly over the past two decades with the state of the art now defined by, among other applications, software defined radio. However, radar requirements present unique challenges in the art of signal design, signal transmission, reception, and signal processing. This is especially so in the face of modern electronic attack threats. In order to remain effective, legacy radars require signal agility with high quality. Signal quality is defined by frequency stability; the absence of noise, spurs and harmonics; and highly precise timing. True agility begins with the ability to implement arbitrary intra-pulse modulations, continuously and instantly variable pulse widths, and non-periodic pulse repetition.

Both signal quality and agility are inhibited by analog circuitry (principally up-conversion stages) in the transmit chain. For example, mixers in up-conversion stages can introduce harmonics and nonlinearities. Conversion from the digital domain directly to the radio frequency (RF) domain (i.e., at the transmitted frequency) eliminates most of these problems (Ref. 2). Fortunately, advances in high-speed digital to analog converters (DACs) make this possible (Ref. 3). Consequently, high-speed direct digital synthesis (DDS) presents an attractive means for high bandwidth frequency synthesis of radar waveforms because it features sub-hertz frequency resolution, fast settling time, continuous phase switching response and low phase noise (Ref. 4).

The Navy seeks an innovative software solution for advanced, affordable, and agile direct digital exciter technology for use with existing, rotating air surveillance radar systems. The initial targeted frequency is the upper UHF band (specifically 500-1000 MHz). However, the exciter architecture and core technologies should allow extension to higher bands (particularly S-Band). Affordability not only implies initial acquisition cost, but the cost of implementing new waveforms as well as the ability to introduce future hardware upgrades. Consequently, the exciter architecture should be modular, open, and expandable (for example, the architecture should accommodate future memory and processor upgrades). The exciter function is largely expected to be software defined. Therefore, the exciter software should be easily supportable for modification, testing, performance verification, validation, and information assurance certification. Likewise, the ability to quickly update executable software, configuration files, and libraries in order to deploy new capabilities, while underway, is desired. In addition, the Navy is already developing direct digital bandpass receiver technology for the same band; therefore, the exciter must provide an interface that allows synchronization with the receiver.

Cost, performance, and reliability are the major factors driving development of the direct digital exciter. As a target, the cost of the exciter, once in production, should be less than $250K and a 25-year service life should be anticipated. Evidence of design optimization of these parameters as well as a comparison between model predictions and measured performance are expected. The exciter system should include filtering, as required, to eliminate spurious output and should be immune to shipboard prime power system noise and fluctuations. Size, weight, and power consumption (SWaP) are subordinate, although still important, considerations. Current analog exciter technology typically takes up an entire radar cabinet (19-inch wide rack, approximately 60 inches high and 24 inches deep). As a goal, the digital exciter should consume only one quarter of this space. Proposed technologies should highlight innovation in the areas of frequency resolution, frequency-switching speed, modulation capabilities, pulse-to-pulse agility, suppression of spur and harmonic generation, SWaP, cost, reliability, and sustainability.

PHASE I: The company will develop a concept for advanced direct digital exciter software and associated hardware for direct digital synthesis of radar waveforms in the upper UHF band. The company will demonstrate the feasibility of its concept in meeting Navy needs and demonstrate that the concept can be implemented, feasibly and affordably in legacy rotating radars. Feasibility will be demonstrated by some combination of modeling and analysis. Affordability will be established by analysis of the proposed architecture, major assemblies, and required software and by comparison to systems of comparable complexity.

PHASE II: Based on the Phase I results and the Phase II Statement of Work (SOW), the company will produce and deliver a prototype direct digital exciter for radar waveform generation in the upper UHF band. Evaluation will primarily be accomplished by laboratory testing of complex radar waveform scenarios accompanied by appropriate data analysis and modeling. Testing will also include demonstration of the software update capability. The company will perform testing in consultation with Government subject matter experts in order to define realistic waveforms of interest. Affordability will be addressed by refining the affordability analysis performed in Phase I to reflect the knowledge gained during Phase II execution. The company will prepare a Phase III development plan to transition the technology for Navy use.