1 / 24

Improving Cyber Innovation Intake into the Federal Government

Homeland Security Advanced Research Projects Agency. Improving Cyber Innovation Intake into the Federal Government. Douglas Maughan, Ph.D. Division Director October 24, 2012. http://www.cyber.st.dhs.gov. DHS S&T Mission.

dylan-slater
Télécharger la présentation

Improving Cyber Innovation Intake into the Federal Government

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Homeland Security Advanced Research Projects Agency Improving Cyber Innovation Intake into the Federal Government Douglas Maughan, Ph.D. Division Director October 24, 2012 http://www.cyber.st.dhs.gov

  2. DHS S&T Mission Strengthen America’s security and resiliency by providing knowledge products and innovative technology solutions for the Homeland Security Enterprise Create new technological capabilities and knowledge products Provide Acquisition Support and Operational Analysis Provide process enhancements and gain efficiencies Evolve US understanding of current and future homeland security risks and opportunities

  3. CSD R&D Execution Model Successes • Ironkey – Secure USB • Standard Issue to S&T employees from S&T CIO • Komoku – Rootkit Detection Technology • Acquired by Microsoft • HBGary – Memory and Malware Analysis • Over 100 pilot deployments as part of Cyber Forensics • Endeavor Systems – Malware Analysis tools • Acquired by McAfee • Stanford – Anti-Phishing Technologies • Open source; most browsers have included Stanford R&D • Secure Decisions – Data Visualization • Pilot with DHS/NCSD/US-CERT; Acquisition Research Development Test and Evaluation & Transition (RDTE&T)

  4. Small Business Innovation Research (SBIR) Set-aside program for small business concerns to engage in federal R&D -- with potential for commercialization Small Business Technology Transfer (STTR) Set-aside program to facilitate cooperative R&D between small business concerns and research institutions -- with potential for commercialization Programs for U. S. Small Business 2.5% .3%

  5. PHASE I • Feasibility Study • $100K (in general) and 6 month effort (amounts are changing) • PHASE II • Full Research/R&D • $750K and 24 month effort (amounts are changing) • Commercialization plan required • PHASE III • Commercialization Stage • Use of non-SBIR Funds SBIR - A 3 Phase Program

  6. Number and timing of solicitations R&D Topic Areas – Broad vs. Focused Dollar Amount of Award (Phase I and II) Proposal preparation instructions Financial details (e.g., Indirect Cost Rates) Proposal review process Proposal success rates Types of award Commercialization assistance And more………… Agency SBIR Differences

  7. Small Business Innovative Research (SBIR) • FY04 • Cross-Domain Attack Correlation Technologies (2) • Real-Time Malicious Code Identification (2) • Advanced SCADA and Related Distributed Control Systems (5) • FY05 • Hardware-assisted System Security Monitoring (4) • FY06 • Network-based Boundary Controllers (3) • Botnet Detection and Mitigation (4) • FY07 • Secure and Reliable Wireless Communication for Control Systems (2) • FY09 • Software Testing and Vulnerability Analysis (3) • FY10 • Large-Scale Network Survivability, Rapid Recovery, and Reconstitution (1) • FY11 • Mobile Device Forensics (1) • FY12 • Moving Target Defense (CNCI Topic) • Solid State Drive Analysis

  8. Small Business Innovative Research (SBIR) • Important program for creating new innovation and accelerating transition into the marketplace • Since 2004, DHS S&T Cyber Security has had: • 63 Phase I efforts • 28 Phase II efforts • 5 Phase II efforts currently in progress • 9 commercial/open source products available • Four acquisitions • Komoku, Inc. (MD) acquired by Microsoft in March 2008 • Endeavor Systems (VA) acquired by McAfee in January 2009 • Solidcore (CA) acquired by McAfee in June 2009 • HBGary (CA) acquired by ManTech in February 2012

  9. Cyber Security R&D Broad Agency Announcement (BAA) • Delivers both near-term and medium-term solutions • To develop new and enhanced technologies for the detection of, prevention of, and response to cyber attacks on the nation’s critical information infrastructure, based on customer requirements • To perform research and development (R&D) aimed at improving the security of existing deployed technologies and to ensure the security of new emerging cybersecurity systems; • To facilitate the transfer of these technologies into operational environments. • Proposals Received According to 3 Levels of Technology Maturity Type I (New Technologies) • Applied Research Phase • Development Phase • Demo in Op Environ. • Funding ≤ $3M & 36 mos. Type III (Mature Technologies) • Mature Technology • Demo Only in Op Environ. • Funding ≤ $750K & 12 mos. Type II (Prototype Technologies) • More Mature Prototypes • Development Phase • Demo in Op Environ. • Funding ≤ $2M & 24 mos. Note: Technology Demonstrations = Test, Evaluation, and Pilot deployment in DHS “customer” environments

  10. BAA 11-02 Technical Topic Areas (TTAs) • Int’l participation from AUS, UK, CA, NL, SWE • Over $4M of joint funding • 1003 White Papers • 224 Full Proposals encouraged • 34 Awards – Sep/Oct 2012

  11. HOST Program HOST = Homeland Open Security Technology Closing government cybersecurity gaps by sponsoring open source projects • Suricata Intrusions Detection System • OpenSSL FIPS validation …and helping government be able to find and deploy existing open source cybersecurity solutions • Inventory of solutions, opencybersecurity.org • Use cases & lessons learned reports • Improved policy

  12. Open Information Security Foundation and Suricata • A new model for managing and sustaining innovation • A non-profit to develop and “own” the code • Software Freedom Law Center created the License pro bono • A consortium of companies providing support in exchange for not having to release changes • Ground-up rewrite • Multi-Threaded • Automated Protocol Detection • File Identification and Extraction • GPU Acceleration ~$1.2m in DHS funding was matched by ~$8m in commercial sponsorship

  13. Let us know how we can work together • Include your open source efforts in our inventory • Project owners maintain small .xml, we crawl for updates • Let us know of projects that Gov should be using so we can share them with other Gov agencies • Let us know if there are some successes that would make a good case study • Let us know of open source cybersecurity projects that might benefit from some government funding

  14. Federal Cybersecurity R&D Strategic Plan • Science of Cyber Security • Research Themes • Tailored Trustworthy Spaces • Moving Target Defense • Cyber Economics and Incentives • Designed-In Security (New for FY12) • Transition to Practice • Technology Discovery • Test & Evaluation / Experimental Deployment • Transition / Adoption / Commercialization • Support for National Priorities • Health IT, Smart Grid, NSTIC (Trusted Identity), NICE (Education), Financial Services Released Dec 6, 2011 http://www.whitehouse.gov/blog/2011/12/06/federal-cybersecurity-rd-strategic-plan-released

  15. TTP Program Focus Areas Identify • Identify cyber security research that is at Technical Readiness Level (TRL) 5 or higher that can be projected into the Homeland Security Enterprise and beyond Implement • Partner with the IT operations groups within the Homeland Security Enterprise to pilot the cybersecurity technologies that are identified Introduce • Partner with the private sector to commercialize technology to bring the innovation to a broader audience

  16. Transition To Practice Program Focus R&D Sources • DOE National Labs • FFRDC’s (Federally Funded R&D Centers) • Academia • Small Business Transition processes • Testing & evaluation • Red Teaming • Pilot deployments Utilization • Open Sourcing • Licensing • New Companies • Adoption by cyber operations analysts • Direct private-sector adoption • Government use

  17. Transition to Practice Activities • Tech Foraging • Travel to National Labs to meet researchers and view demonstrations of mature cybersecurity research • Networking • Attend conferences and workshops • Brief industry organizations such as the CTIA – The Wireless Association and the Bay Area Council on Transition to Practice • Demonstrate Technology • Hold Demonstration Days for critical infrastructure sectors: • Federal Government • Financial Industry • Others

  18. Transition to Practice Activities • Test and Evaluation and Red Teaming • TTP will fund the Test and Evaluation and Red Teaming of all technologies it works with • The results of the T&E and Red Teaming will be provided to the research teams to make improvements if need be • Piloting • Work with the public and private sector to pilot technology in production environments • Funding • Fund incremental improvements to promising technologies • Assist operational partners in funding pilots • Assist in funding the transition to market • Business plan development

  19. DHS S&T Long Range Broad Agency Announcement (LRBAA) 12-07 • S&T seeks R&D projects for revolutionary, evolving, and maturing technologies that demonstrate the potential for significant improvement in homeland security missions and operations • Offerors can submit a pre-submission inquiry prior to White Paper submission that is reviewed by an S&T Program Manager • CSD has 14 Topic Areas (CSD.01 – CSD.14) – SEE NEXT SLIDE • LRBAA 12-07 Closes on 12/31/12 at 11:59 PM • S&T BAA Website: https://baa2.st.dhs.gov • Additional information can be found on the Federal Business Opportunities website (www.fbo.gov) (Solicitation #:DHSS-TLRBAA12-07)

  20. LRBAA Summary Listing • CSD.01 – Comprehensive National Cybersecurity Initiative and Federal R&D Strategic Plan topics • CSD.02 – Internet Infrastructure Security • CSD.03 – National Research Infrastructure • CSD.04 –Homeland Open Security Technology • CSD.05 – Forensics support to law enforcement • CSD.06 – Identity Management • CSD.07 – Data Privacy and Information Flow technologies. • CSD.08 – Software Assurance • CSD.09 – Cyber security competitions and education and curriculum development. • CSD.10 – Process Control Systems and Critical Infrastructure Security • CSD.11 – Internet Measurement and Attack Modeling • CSD.12 – Securing the mobile workforce • CSD.13 - Security in cloud based systems • CSD.14 – Experiments – Technologies developed through federally funded research requiring test and evaluation in experimental operational environments to facilitate transition.

  21. Issues Encountered • Overall Business Plan • I’ve got a hammer syndrome – DHS/DOD SBIR • Especially difficult for the academics • Chicken and Egg problems • Always a problem for the first time technology provider • Testing Infrastructure and “Guinea Pigs” • At the core of the scaling problem • Building up the list of willing partners

  22. Cyber Security Division FY 2011 Annual Report Annual Report and Research Topics • Security in Cloud-based Systems • Data Privacy • Mobile and Wireless Security • (Big) Data Analytics for Cyber Security Applications • Embedded Device Security (e.g., CPS, medical, vehicle) • Network Attribution / Traceback • System Composition • Cyber Forensics • Cyber Education / Curriculum Available NOW! 22

  23. Summary • Cybersecurity research is a key area of innovation needed to support our future • DHS S&T continues with an aggressive cyber security research agenda • Working to solve the cyber security problems of our current (and future) infrastructure and systems • Working with academe and industry to improve research tools and datasets • Looking at future R&D agendas with the most impact for the nation, including education • Need to continue strong emphasis on technology transfer and experimental deployments

  24. Douglas Maughan, Ph.D. Division Director Cyber Security Division Homeland Security Advanced Research Projects Agency (HSARPA) douglas.maughan@dhs.gov 202-254-6145 / 202-360-3170 For more information, visithttp://www.cyber.st.dhs.gov

More Related