Air Force asks industry for new ways to protect computers and embedded systems from cyber attacks
ROME, N.Y., 8 Aug. 2014. U.S. Air Force researchers are asking industry for cyber-defense capabilities to help the Air Force avoid cyber attacks. Researchers want industry's help in understanding the cyber situation, assessing potential impacts, and implementing deterrence and effects-based defensive methodologies.
Officials of the Air Force Research Laboratory's Information Directorate in Rome, N.Y., have issued a presolicitation for the Capabilities for Cyber Resiliency program (BAA-RIK-14-07), which seeks to support trusted hardware, software, and data able to secure Air Force computers from cyber attacks and help with recovery after cyber attacks.
The program, worth about $49 million through fiscal year 2019, also involves attack attribution and geolocation, protocols, cloud security, mobile device security, secure computers, virtualization security, cyber technology evaluation, cyber modeling, simulation, metrics, and measurements, cyber data mining, next-generation BIOS security, and cyber visualization.
The Capabilities for Cyber Resiliency program has five focus areas: assured by design; survival and recovery of mission essential functions; cyber deception; cyber agility; and embedded system resilience and agility.
Related: DARPA picks six companies to define enabling technologies for U.S. cyber warfare strategy
Assured by design extends through September 2017 and seeks to verify that hardware and software meet mathematical specifications that prove correctness of secure designs. This component also should help develop technologies to mitigate new and emerging cyber threats.
While many cyber solutions focus on detecting attacks after they occur and then applying security mechanisms, assured by design to prevent seeks a more proactive approach is preventing and avoiding rather than detecting after the fact.
For questions or concerns about assured by design contact the Air Force's Sarah Muccio by email at [email protected] or by phone at 315-330-4016.
Survival and recovery, which runs from October 2014 to September 2017, seeks to assure mission-essential functions during successful cyber attacks, and focuses on self-protecting software; machine-generated repair; cyber defense metrics, and infrastructure virtualization.
Related: Advanced cyber security for C4ISR computer systems is aim of Air Force cyber program
Cyber resilience involves the ability to withstand, minimize, survive, and recover from the negative effects of cyber adversity, whether man-made or natural, by mitigating vulnerabilities and fighting through successful attacks to assure mission-essential functions without disruption.
For questions or concerns about survival and recovery contact the Air Force's David Climek by email at [email protected] or by phone at 315-330-4123.
Cyber deception, which runs from October 2014 to September 2016, seeks to develop capabilities to provide false information, confuse, delay, or otherwise impede cyber attackers. These capabilities must be transparent to authorized users so as not to disrupt U.S. and allied forces, and are intended to defend U.S. military networks.
For questions or concerns about cyber deception contact the Air Force's Anthony Macera by email at [email protected] or by phone at 315-330-4480.
Cyber agility, which runs from October 2014 to September 2017, seeks to make it harder for a determined cyber attacker to succeed by disrupting attack planning and execution.
Cyber hackers today can plan their attacks carefully over time by relying on the static nature of our networks, and launch their attacks at the times and places of their choosing. The Air Force wants new tools to force hackers to spend more, cope with greater levels of complexity and uncertainty, and accept greater risks of exposure and detection.
For questions or concerns about cyber agility contact the Air Force's Walt Tirenin by email at [email protected] or by phone at 315-330-4429.
Embedded system resilience and agility, which runs from October 2014 through September 2017, seeks to defend embedded computing with preemptive and proactive defense approaches, along with reactive techniques to protect embedded systems and data through recovery and adaptation. One goal is to protect command and control of unmanned aerial vehicles (UAVs) and their control systems, Air Force officials say.
For questions or concerns about embedded system resilience and agility contact the Air Force's Douglas Schafer by email at [email protected], or by phone at 315-330-4323.
Companies interested should email four-to-five-page white papers no later than 5 Sept. 2014 to the Air Force's Jeff DeMatteis at [email protected].
More information is online at https://www.fbo.gov/spg/USAF/AFMC/AFRLRRS/BAA-RIK-14-07/listing.html.