Presentation title slide - 42 pt Times New Roman, White

Report
Homeland Security Advanced Research Projects Agency
An Update on the Cyber Security
R&D Landscape
December 4, 2013
SINET Showcase
Douglas Maughan
Division Director
http://www.dhs.gov/cyber-research
Past SINET Participation
 2007 ITSEF - Opening Doors to the Federal Government
 2008 ITSEF Panel - Federal Government Strategic
Investment Funds
 2009 ITSEF Panel - Critical Infrastructure
 2010 ITSEF Panel - Moving Forward with a Roadmap for
the IT, Banking & Finance and Energy Sectors
 2010 Showcase Workshop and 2011 ITSEF Workshop Obtaining Federal Research Funding
 2011 ITSEF Panel - Partnering Practitioners & Theory Creating Centers of Excellence
 2012 ITSEF Panel - What are the Key Attributes that Lead
to Successful Technology Transfer?
 2012 Showcase Panel - DHS and DoD Efforts at Improving
Cyber Innovation Intake into the Federal Government
Presenter’s Name
June 17, 2003
2
Presentation Outline
 Threat Space
 National / Federal Activities
 DHS Activities
 Cyber Security Division (CSD) Overview
 What’s Ahead
 Funding Opportunities
 Summary
 Q&A
Presenter’s Name
June 17, 2003
3
Environment: Greater Use of Technology,
More Threats, Less Resources
Anywhere in the
world in 24 hours
Globalization &
Transportation
Tenuous
balance
Border Security
& Immigration
Violent
Extremism
Cyber Domain
Insider
Threat
Low cost
of entry
Nature of
Innovation
Both sides get
to innovate
Misuse of
Technology
Historical
Perspective
Strategic
potential
Predictive &
Reactive
Natural Disasters
& Pushing
Beyond Design
Limits
MORE THREATS
Aviation as an
example …
L
E
S
S
R
E
S
O
U
R
C
E
S
Cyber Threat Sources Ready
to Exploit Weaknesses
Nation States
Cyber Criminals
Terrorists, DTOs, etc.
Insider Threats
Hackers/Hacktivists
Presenter’s Name
June 17, 2003
Cyber Threats
 Malware – Malicious software to disrupt computers
 Viruses, worms, …
 Theft of Intellectual Property or Data
 Hactivism – Cyber protests that are socially or politically motivated
 Mobile Devices and Applications and their associated Cyber Attacks
 Social Engineering – Entice users to click on Malicious Links
 Spear Phishing – Deceptive communications (E-Mails, Texts, Tweets…)
 Domain Name System (DNS) Hijacking
 Router Security – Border Gateway Protocol (BGP) Hijacking
 Denial of Service (DOS) – blocking access to web sites
 Others …..
Presenter’s 6Name
June 17, 2003
Recent Events
Presenter’s Name
June 17, 2003
7
Comprehensive National Cybersecurity Initiative (CNCI)
Establish a front line of defense
Reduce the Number of
Trusted Internet
Connections
Deploy Passive Sensors
Across Federal Systems
Pursue Deployment of
Automated Defense
Systems
Coordinate and
Redirect R&D Efforts
Resolve to secure cyberspace / set conditions for long-term success
Connect Current
Centers to Enhance
Situational Awareness
Develop Gov’t-wide
Counterintelligence
Plan for Cyber
Increase Security of the
Classified Networks
Expand Education
Shape future environment / secure U.S. advantage / address new threats
Define and Develop
Enduring Leap Ahead
Technologies, Strategies
& Programs
Define and Develop
Enduring Deterrence
Strategies & Programs
Manage Global Supply
Chain Risk
http://cybersecurity.whitehouse.gov
Cyber Security in
Critical Infrastructure
Domains
NITRD Participating Agencies
Networking Information
Technology R&D
9
Federal Cybersecurity R&D Strategic Plan
 Science of Cyber Security
 Research Themes




Tailored Trustworthy Spaces
Moving Target Defense
Cyber Economics and Incentives
Designed-In Security (New for FY13)
 Transition to Practice
 Technology Discovery
 Test & Evaluation / Experimental
Deployment
 Transition / Adoption / Commercialization
Released Dec 6, 2011
http://www.whitehouse.gov/blog/2011/12/06/
federal-cybersecurity-rd-strategic-plan-released
 Support for National Priorities
 Health IT, Smart Grid, NSTIC (Trusted
Identity), NICE (Education), Financial
Services
Presenter’s Name
June 17, 2003
10
DHS S&T Mission Guidance
Strategic
Guidance
Homeland
Security Act 2002
QHSR
(Feb 2010)
BUR
(July 2010)
S&T Strategic
Plan (2011)
QHSR
Threats
Core
Missions
Operational
Directives
Smaller Scale
Terrorism
Trafficking,
Crime
Pandemics,
Accidents,
Natural Hazards
1. Preventing terrorism & enhancing security
2. Securing and managing our borders
3. Enforcing & administering immigration laws
HSPD-5
National
Incident
Management
System
(2003)
HSPD-9
Defense of
U.S.
Agriculture
& Food
(2004)
Violent
Extremism
High
Consequence
WMD
4. Safeguarding and securing cyberspace
5. Ensuring resilience to disasters
HSPD-10
Biodefense
for the 21st
Century
(2004)
HSPD-22
Domestic
Chemical
Defense
(2007)
PPD-8
National
Preparedness
(2011)
Prevention, Protection, Mitigation,
Response, Recovery
Cybersecurity for the 16 Critical
Infrastructure Sectors
DHS
provides
advice and
alerts to the
16 critical
infrastructure
areas …
… DHS
collaborates
with sectors
through Sector
Coordinating
Councils (SCC)
X
X
 Business / Personal
 Shopping & Banking Point of Sale (in store or on line)
 Personnel
 Social Media
 …
EO-13636 and PPD-21
 In February 2013, the President issued two new policies:
1) Executive Order 13636: Improving Critical
Infrastructure Cybersecurity
2) Presidential Policy Directive – 21: Critical
Infrastructure Security and Resilience
 America's national security and economic prosperity are
dependent upon the operation of critical infrastructure
that are increasingly at risk to the effects of cyber attacks
 The vast majority of U.S. critical infrastructure is owned
and operated by private companies
 A strong partnership between government and industry is
indispensible to reducing the risk to these vital systems
Integrating Cyber-Physical Security
 Executive Order 13636: Improving
Critical Infrastructure Cybersecurity
directs the Executive Branch to:
 Develop a technology-neutral
voluntary cybersecurity framework
 Promote and incentivize the
adoption of cybersecurity
practices
 Increase the volume, timeliness and
quality of cyber threat information
sharing
 Incorporate strong privacy and civil
liberties protections into every
initiative to secure our critical
infrastructure
 Explore the use of existing
regulation to promote cyber security
 Presidential Policy Directive-21:
Critical Infrastructure Security and
Resilience replaces Homeland Security
Presidential Directive-7 and directs the
Executive Branch to:
 Develop a situational awareness
capability that addresses both
physical and cyber aspects of how
infrastructure is functioning in nearreal time
 Understand the cascading
consequences of infrastructure
failures
 Evaluate and mature the publicprivate partnership
 Update the National Infrastructure
Protection Plan
 Develop comprehensive research
and development plan (CSD / RSD)
Presenter’s Name
June 17, 2003
14
EO-PPD Deliverables
120 days – June 12, 2013
C
• Publish instructions: unclassified threat information
• Report on cybersecurity incentives
• Publish procedures: expand the Enhanced Cybersecurity Services
150 Days - July 12, 2013
C
C
• Identify cybersecurity critical infrastructure
• Evaluate public-private partnership models
• Expedite security clearances for private sector
240 Days – October 10, 2013
• Develop a situational awareness capability
• Update the National Infrastructure Protection Plan
• Publish draft voluntary Cybersecurity Framework
365 days – February 12, 2014
• Report on privacy and civil rights and civil liberties cybersecurity enhancement risks
• Stand up voluntary program based on finalized Cybersecurity Framework
Beyond 365 - TBD
• Critical Infrastructure Security and Resilience R&D Plan
Presenter’s Name
June 17, 2003
15
Cybersecurity Framework (NIST lead)
 Developed in collaboration with industry, provides guidance to an organization on
managing cybersecurity risk
 Supports the improvement of cybersecurity for the Nation’s Critical Infrastructure
using industry-known standards and best practices
 Provides a common language and mechanism for organizations to
1. describe current cybersecurity posture;
2. describe their target state for cybersecurity;
3. identify and prioritize opportunities for improvement within the context of risk
management;
4. assess progress toward the target state;
5. Foster communications among internal and external stakeholders.

Composed of three parts: the Framework Core, the Framework Implementation
Tiers, and Framework Profiles
Presenter’s Name
June 17, 2003
16
Cybersecurity Framework
Function
IDENTIFY
PROTECT
DETECT
RESPOND
RECOVER
Category
Asset Management
Business Environment
Governance
Risk Assessment
Risk Management
Access Control
Awareness and Training
Data Security
Information Protection Processes and Procedures
Protective Technology
Anomalies and Events
Security Continuous Monitoring
Detection Processes
Communication
Analysis
Mitigation
Improvements
Recovery Planning
Improvements
Communication
Presenter’s Name
June 17, 2003
17
Recommended Incentives
Areas:
1. Cybersecurity Insurance
6. Public Recognition
2. Grants
3. Process Preference
7. Rate Recovery for Price Regulated
Industries
4. Liability Limitation
8. Cybersecurity Research
5. Streamline Regulations
“While these reports do not yet represent a final Administration policy, they do offer
an initial examination of how the critical infrastructure community could be
incentivized to adopt the Cybersecurity Framework as envisioned in the Executive
Order. We will be making more information on these efforts available as the
Framework and Program are completed.”
Michael Daniel,
Special Assistant to the President and Cybersecurity Coordinator
White House Blog, August 6, 2013
Presenter’s Name
June 17, 2003
18
R&D guidance from PPD-21
 Within 2 years, DHS in coordination with OSTP, SSA’s, DOC and other Federal
D&A, shall provide to the President a National Critical Infrastructure Security and
Resilience R&D Plan that takes into account the evolving threat landscape, annual
metrics, and other relevant information to identify priorities and guide R&D
requirements and investments…plan issued every 4 years …updates as needed.
 Innovation and Research & Development: DHS in coordination with OSTP, SSA’s,
Commerce and other Federal D&A, shall provide input to align those Federal and
Federally-funded R&D activities that seek to strengthen the security and resiliency
of the Nation’s critical infrastructure, including:
 Promoting R&D to enable the secure and resilient design and construction of critical
infrastructure and more secure accompanying cyber technology;
 Enhancing modeling capabilities to determine potential impacts … and cascading effects;
 Facilitating initiatives to incentivize cyber security investments and the adoption of critical
infrastructure design features that strengthen all-hazards security and resilience;
 Prioritizing efforts to support the strategic guidance issued by the Secretary.
 Working Group headed up by DHS S&T
Presenter’s Name
June 17, 2003
19
How to Engage
 National Infrastructure Protection Plan process
 Review and comment on Draft Documents
 www.dhs.gov/eo-ppd
 Provide input through dialogue on IdeaScale -- http://eoppd.ideascale.com
 Encourage partners to review and provide input
 PPD/EO Integrated Task Force Weekly Stakeholder Bulletin
 Current status of activities
 List of upcoming Open Forums, Webinars and other Engagement Opportunities
 Contact [email protected] for more information
 Also R&[email protected] for R&D plan information, participation
Presenter’s Name
June 17, 2003
20
DHS S&T Mission
Strengthen America’s security and resiliency by providing
knowledge products and innovative technology solutions for
the Homeland Security Enterprise
1) Create new technological capabilities and knowledge products
2) Provide Acquisition Support and Operational Analysis
3) Provide process enhancements and gain efficiencies
4) Evolve US understanding of current and future homeland security risks and
opportunities
FOCUS AREAS
• Bio
• Explosives
• Cybersecurity
• First Responders
• Resilient Systems
• Borders / Maritime
21
Cyber Security Focus Areas
 Trustworthy Cyber Infrastructure
 Working with the global Internet community to secure cyberspace
 Research Infrastructure to Support Cybersecurity
 Developing necessary research infrastructure to support R&D community
 R&D Partnerships
 Establishing R&D partnerships with private sector, academia, and
international partners
 Innovation and Transition
 Ensuring R&D results become real solutions
 Cybersecurity Education
 Leading National and DHS cybersecurity education initiatives
Presenter’s Name
June 17, 2003
22
Trustworthy Cyber Infrastructure
 Secure Protocols
 DNSSEC – Domain Name System Security
 Govt and private sector worked together to make this happen
 Started in 2004; now 111 top level (gTLD) and country code (ccTLD) domains
adopted globally including the Root
 SPRI – Secure Protocols for Routing Infrastructure
 Internet Measurement and Attack Modeling




Geographic mapping of Internet resources
Logically and/or physically connected maps of Internet resources
Monitoring and archiving of BGP route information
Co-funding with Australia
Presenter’s Name
http://www.isi.edu/ant/address/browse/
June 17, 2003
23
Research Infrastructure
 Experimental Research Testbed (DETER)
 Researcher and vendor-neutral experimental infrastructure
 Used by over 200 organizations from more than 20 states and 17 countries
 Used by over 40 classes, from 30 institutions involving 2,000+ students
 http://www.deter-project.org
 Research Data Repository (PREDICT)
 Repository of network data for use by the U.S.- based cyber security
research community
 More than 200 users (academia, industry, gov’t); Over 600TB of network data;
Tools are used by major service providers and many companies
 Phase 2: New datasets, ICTR Ethics, International (CA, AUS, JP, EU)
 https://www.predict.org
 Software Assurance Market Place (SWAMP)
 A software assurance testing and evaluation facility and the associated
research infrastructure services
Presenter’s Name
June 17, 2003
24
R&D Partnerships
 Oil and Gas Sector
 LOGIIC – Linking Oil & Gas Industry to Improve Cybersecurity
 Electric Power Sector
 TCIPG – Trustworthy Computing Infrastructure for the Power Grid
 Banking and Finance Sector
 FI-VICS – Financial Institutions – Verification of Identity Credential Service
 DECIDE – Distributed Environment for Critical Incident Decision-making
Exercises (recent Quantum Dawn II exercise)
 State and Local
 PRISEM - Public Regional Information Security Event Management
 PIV-I/FRAC TTWG – State and Local and Private Sector First Responder
Authentication Credentials and Technology Transition
 Law Enforcement
 SWGDE – Special Working Group on Digital Evidence (FBI lead)
 CFWG – Cyber Forensics Working Group (CBP, ICE, USSS, FBI, S/L)
Presenter’s Name
June 17, 2003
25
S&T International Engagements
 International Bilateral Agreements
 Government-to-government cooperative activities for 13 bilateral Agreements
•
•
•
•
•
•
•
•
•
•
•
•
•
Canada (2004)
Australia (2004)
United Kingdom (2005)
Singapore (2007)
Sweden (2007)
Mexico (2008)
Israel (2008)
France (2008)
Germany (2009)
New Zealand (2010)
European Commission (2010)
Spain (2011)
COUNTRY
Netherlands (2013)
Over $6M of
International
co-funding
PROJECTS MONEY IN JOINT MONEY OUT
Australia
3
$300K
$400K
Canada
11
$1.8M
Germany
1
$300K
Israel
2
$100K
Netherlands
7
$450K
$1.2M
$150K
Sweden
4
$650K
United Kingdom
3
$1.2M
$400K
European Union
1
Presenter’s Name
June 17, 2003
Japan
1
CSD R&D Execution Model
Successes
•
Ironkey – Secure USB
–
–
•
Research
Development
Test and Evaluation &
Transition (RDTE&T)
Komoku – Rootkit Detection
Technology
–
•
•
•
Over 100 pilot deployments as
part of Cyber Forensics
Endeavor Systems – Malware
Analysis tools
–
Acquired by McAfee
Stanford – Anti-Phishing
Technologies
–
Example: DARPA has provided $9M to CSD for
development and transition of Military Networking
Protocol (MNP) technology and has started
discussions for testing and evaluation of
Automated Malware Analysis technology
Acquired by Microsoft
HBGary – Memory and Malware
Analysis
–
•
Standard Issue to S&T employees
from S&T CIO
Acquired by Imation
Open source; most browsers have
included Stanford R&D
Secure Decisions – Data
Visualization
–
Pilot with DHS/NCSD/US-CERT;
Acquisition
Presenter’s Name
June 17, 2003
Transition To Practice (TTP) Program
R&D Sources


DOE National
Labs
FFRDC’s (Federally
Funded R&D Centers)


Academia
Small Business
Transition
processes



Testing &
evaluation
Red Teaming
Pilot
deployments
Implement Presidential Memorandum –
“Accelerating Technology Transfer and
Commercialization of Federal Research in Support
of High-Growth Businesses” (Oct 28, 2011)
Utilization






Open Sourcing
Licensing
New Companies
Adoption by
cyber
operations
analysts
Direct privatesector adoption
Government
use
Presenter’s Name
June 17, 2003
28
A NATIONAL PROBLEM
 The Nation needs greater cybersecurity awareness and more
cybersecurity experts.
 There is a lack of communication between government, private
industry, and academia.
 Many cybersecurity training programs exist but there is little
consistency among programs, and potential employees lack
information about the skills needed for jobs.
 Cybersecurity Career development and scholarships are available but
uncoordinated, and the resources that do exist are difficult to find.
NICE was established in support
of the Comprehensive National
Cybersecurity Initiative (CNCI) –
Initiative 8: Expand Cyber
Education – Interim Way Forward
and is comprised of over 20
federal departments and agencies.
29
Cybersecurity Education
 Cyber Security Competitions (http://nationalccdc.org)
 National Initiative for Cybersecurity Education (NICE)
 NCCDC (Collegiate); U.S. Cyber Challenge (High School)
 Provide a controlled, competitive environment
to assess a student’s depth of understanding and
operational competency in managing the challenges
inherent in protecting a corporate network
infrastructure and business information systems.
 DHS Cyber Skills Task Force (CSTF)
 Established June 6, 2012 - Homeland Security Advisory Council
 Over 50 interviews (DHS internal and external)
 Identify best ways DHS can foster the development of a national security
workforce capable of meeting current and future cybersecurity challenges;
 Outline how DHS can improve its capability to recruit and retain sophisticated
cybersecurity talent.
 11 recommendations in 5 key areas
Presenter’s Name
June 17, 2003
30
DHS Cyber Skills Task Force (CSTF) - Objectives
 Objective I: Ensure that the people given responsibility for mission-critical
cybersecurity roles and tasks at DHS have demonstrated that they have high
proficiency in those areas.
 Objective II: Help DHS employees develop and maintain advanced technical
cybersecurity skills and render their working environment so supportive that
qualified candidates will prefer to work at DHS.
 Objective III: Radically expand the pipeline of highly qualified candidates for
technical mission-critical jobs through partnerships with community colleges,
universities, organizers of cyber competitions, and other federal agencies.
 Objective IV: Focus the large majority of DHS’s near term efforts in
cybersecurity hiring, training, and human capital development on ensuring that
the Department builds a team of approximately 600 federal employees with
mission-critical cybersecurity skills.
 Objective V: Establish a “CyberReserve” program to ensure a cadre of
technically proficient cybersecurity professionals are ready to be called upon if
and when the nation needs them.
31
ICE Homeland Security Investigations
(HSI) Cyber Student Initiative (7/10/13)
 36 HSI offices volunteered to participate
 291 Applicants of which 203 were Qualified Applicants
 27 Candidates Selected (of which 2 declined) – Atlanta,
Baltimore, Boston, Buffalo, Charleston, Charlotte,
Chicago, Denver, El Paso, Long Beach, Los Angeles,
New York, Orlando, Pensacola, Philadelphia, Phoenix,
San Antonio, San Francisco, Savannah, Seattle, DC.
 Twenty three (23) candidates employed between JulySeptember 2013
32
Intern Program – Round 1
Number of Interns
1intern
1 intern
1 intern
1 intern
1intern
1 intern
1 intern
EOD Date
7/22/13
7/15/13
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
7/22/13
7/09/13
7/09/13
7/09/13
7/08/13
7/09/13
7/08/13
College
Chattahoochee Technical College
Anne Arundel Community College
Anne Arundel Community College
Bunker Hill Community College
Westchester Community College
Trident Technical College
Location
Central Piedmont Community College
Atlanta, GA
Baltimore, MD
Baltimore, MD
Boston, MA
Buffalo, NY
Charleston, NC
Charlotte, NC
Moraine Valley Community College
Garden City Community College
Community College of Denver
El Paso Community College
Prince George’s Community College
DeVry University
New York Institute Technology
SUNY Orange Middletown NY
Valencia College
Valencia College
Pensacola State College
Anne Arundel Community College
Mesa Community College
Alamo Colleges
Diablo Valley College
Cochise College
Edmonds Community College
Chattahoochee Technical College
Chicago, IL
Denver, CO
Denver, CO
El Paso, TX
Fairfax, VA (C3)
Los Angeles, CA
New York, NY
New York, NY
Orlando, FL
Orlando, FL
Pensacola, FL
Philadelphia, PA
Phoenix, AZ
San Antonio, TX
San Francisco, CA
San Francisco, CA
Savannah, GA
Seattle, WA
33
White House Priorities – FY14+
 Secure Federal Networks
 Identity/Credential Access Mgmt (ICAM), Cloud Exchange, Fed-RAMP
 Protect Critical Infrastructure
 Public-Private Cyber Coordination, EO/PPD Initiatives
 Improve Incident Response and Reporting
 Information Sharing among Federal Centers
Capacity Building for State/Local/Tribal/Territorial (SLTTs)
 Engage Internationally
 Foreign Assistance Capacity Building
 Build Workforce Capacity to Support International Cyber Engagement
 Shape the Future
 National Strategy for Trusted Identity in Cyberspace (NSTIC)
 National Initiative for Cybersecurity Education (NICE)
 Cybersecurity R&D – EO/PPD R&D Plan, Federal R&D Plan, Transition
To Practice, Foundational Research
Presenter’s Name
June 17, 2003
34
Future - Inter-Agency: CPS
 Cyber Physical Systems (CPS)
 “Smart networked systems with embedded sensors, processors
and actuators that are designed to sense and interact with the
physical world (including the human users), and support real-time,
guaranteed performance in safety-critical applications”
 Several workshops over the past year or two
 Transportation
 Automotive, UAVs, Aeronautical, Rail







Manufacturing
Healthcare
Energy
Agriculture
Defense
Emergency Response
Others …..
 All with an eye towards society, economics, and impact
Presenter’s Name
June 17, 2003
35
CSD New Program Ideas















Security for Cloud-Based Systems
Data Privacy Technologies
Mobile Wireless Investigations
Mobile Device Security
Next-Generation DDOS Defenses
Application Security Threat Attack Modeling (ASTAM)
Static Tool Analysis Modernization Project (STAMP)
Network Reputation and Risk Analysis
Data Analytics Methods for Cyber Security
Cyber Security Education
Designed-In Security
Finance Sector Cybersecurity
DNSSEC Applications
Data Provenance for Cybersecurity
Cyber Economic Incentives – based on
EO/PPD June 17, 2003
Presenter’s Name
36
Programs for U. S. Small Business
Small Business Innovation Research
•2.5%
(SBIR)
Set-aside program for small business concerns to
engage in federal R&D -- with potential for
commercialization
Small Business Technology Transfer
•.3%
(STTR)
Set-aside program to facilitate cooperative R&D between
small business concerns and research institutions -- with
potential for commercialization
SBIR - A 3 Phase Program
•PHASE I
• Feasibility Study
• $100K (in general) and 6 month effort (amounts are changing)
•PHASE II
• Full Research/R&D
• $750K and 24 month effort (amounts are changing)
• Commercialization plan required
•PHASE III
• Commercialization Stage
• Use of non-SBIR Funds
Agency SBIR Differences
Number and timing of solicitations
R&D Topic Areas – Broad vs. Focused
Dollar Amount of Award (Phase I and II)
Proposal preparation instructions
Financial details (e.g., Indirect Cost Rates)
Proposal review process
Proposal success rates
Types of award
Commercialization assistance
And more…………
Small Business Innovative Research (SBIR)

FY04







Network-based Boundary Controllers
(3)
Botnet Detection and Mitigation (4)
FY07

Mobile Device Forensics (1)
FY12



Large-Scale Network Survivability,
Rapid Recovery, and Reconstitution (1)
FY11


Software Testing and Vulnerability
Analysis (3)
FY10

FY06


Hardware-assisted System Security
Monitoring (4)
FY09

FY05


Cross-Domain Attack Correlation
Technologies (2)
Real-Time Malicious Code
Identification (2)
Advanced SCADA and Related
Distributed Control Systems (5)

Moving Target Defense (2)
Solid State Drive (SSD) Analysis (1)
FY13


Hybrid Analysis Mapping
Software Based Roots of Trust for
Enhanced Mobile Device Security
Secure and Reliable Wireless
Communication for Control Systems (2)
40
Small Business Innovative Research (SBIR)
 Important program for creating new innovation and
accelerating transition into the marketplace
 Since 2004, DHS S&T Cyber Security has had:





74 Phase I efforts
28 Phase II efforts
4 Phase II efforts currently in progress
10 commercial/open source products available
Four acquisitions
 Komoku, Inc. (MD) acquired by Microsoft in March 2008
 Endeavor Systems (VA) acquired by McAfee in January 2009
 Solidcore (CA) acquired by McAfee in June 2009
 HBGary (CA) acquired by ManTech in February 2012
41
Cyber Security R&D Broad Agency
Announcement (BAA)
 Delivers both near-term and medium-term solutions
 To develop new and enhanced technologies for the detection of,
prevention of, and response to cyber attacks on the nation’s critical
information infrastructure, based on customer requirements
 To perform research and development (R&D) aimed at improving the
security of existing deployed technologies and to ensure the
security of new emerging cybersecurity systems;
 To facilitate the transfer of these technologies into operational
environments.
 Proposals Received According to 3 Levels of Technology Maturity
Type I (New Technologies)
 Applied Research Phase
 Development Phase
 Demo in Op Environ.
 Funding ≤ $3M & 36 mos.
Type II (Prototype Technologies)
 More Mature Prototypes
 Development Phase
 Demo in Op Environ.
 Funding ≤ $2M & 24 mos.
Type III (Mature Technologies)
 Mature Technology
 Demo Only in Op Environ.
 Funding ≤ $750K & 12 mos.
Note: Technology Demonstrations = Test,
Evaluation, and Pilot deployment in
DHS “customer” environments
42
DHS S&T Long Range Broad Agency
Announcement (LRBAA) 12-07
 S&T seeks R&D projects for revolutionary, evolving, and maturing
technologies that demonstrate the potential for significant
improvement in homeland security missions and operations
 Offerors can submit a pre-submission inquiry prior to White Paper
submission that is reviewed by an S&T Program Manager




CSD has 18 Topic Areas (CSD.01 – CSD.18) – SEE NEXT SLIDE
LRBAA 12-07 has been extended and closes on 12/31/13
S&T BAA Website: https://baa2.st.dhs.gov
Additional information can be found on the Federal Business
Opportunities website (www.fbo.gov) (Solicitation #:DHSSTLRBAA12-07)
43
LRBAA Summary Listing









CSD.01 – Comprehensive National
Cybersecurity Initiative and Federal R&D
Strategic Plan topics
CSD.02 – Internet Infrastructure Security
CSD.03 – National Research
Infrastructure
CSD.04 –Homeland Open Security
Technology
CSD.05 – Forensics support to law
enforcement
CSD.06 – Identity Management
CSD.07 – Data Privacy and Information
Flow technologies.
CSD.08 – Software Assurance
CSD.09 – Cyber security competitions,
education and curriculum development.









CSD.10 – Process Control Systems and
Critical Infrastructure Security
CSD.11 – Internet Measurement and
Attack Modeling
CSD.12 – Securing the mobile
workforce
CSD.13 - Security in cloud based
systems
CSD.14 – Experiments – Test and
evaluation in experimental operational
environments to facilitate transition.
CSD.15 – Research Data Repository
CSD.16 – Cybersecurity Economic
Incentives
CSD.17 – Data Analytics – analysis
techniques, visualization,
CSD.18 – Tailored Trustworthy Spaces
– trust negotiation, app anonymity
44
Summary
 Cybersecurity research is a key area of innovation to
support our global economic and national security futures
 DHS S&T continues with an aggressive cyber security
research agenda
 Working to solve the cyber security problems of our current (and
future) infrastructure and systems
 Working with academe and industry to improve research tools and
datasets
 Looking at future R&D agendas with the most impact for the nation
 Need to continue strong emphasis on technology transfer
and experimental deployments
 Must focus on the education, training, and awareness
aspects of our current and future cybersecurity workforce
Presenter’s Name
June 17, 2003
45
Recent CSD Publications
Presenter’s Name
June 17, 2003
46
Douglas Maughan, Ph.D.
Division Director
Cyber Security Division
Homeland Security Advanced
Research Projects Agency (HSARPA)
[email protected]
202-254-6145 / 202-360-3170
For more information, visit
http://www.dhs.gov/cyber-research
http://www.dhs.gov/st-csd
Presenter’s Name
June 17, 2003
47

похожие документы