Official website of the Department of Homeland Security
Portal Login
Security Broad Agency Announcements (BAA) Program Portal
Develop low cost screening systems that can detect explosives and other contraband in air cargo skids and pallets.
Non-availability of a low cost 3D skid scanning systems; Increasing volume of goods due to e-commerce that necessitate faster screening without losing detection ability; Poor environmental factors for location of screening equipment; and Extended operational hours, need for high MTBF and low MTTR factors
Air cargo screening solutions must complete Operational Test and Evaluation (OT&E) at Government facilities. Systems that pass TSA tests will be added to their Air Cargo Screening Technology List (ACSTL). Private Air Cargo screening companies are only allowed to use systems on the ACSTL.
Air cargo skid screening solutions which are less than $500,000.00 (US) in production quantities.
Non-availability of a low cost 3D skid scanning systems; Increasing volume of goods due to e-commerce that necessitate faster screening without losing detection ability; Poor environmental factors for location of screening equipment; Extended operational hours, need for high MTBF and low MTTR factors
Air cargo screening solutions must complete Operational Test and Evaluation (OT&E) at Government facilities. Systems that pass TSA tests will be added to their Air Cargo Screening Technology List (ACSTL). Private Air Cargo screening companies are only allowed to use systems on the ACSTL..
High penetration screening capability for dense (consolidated) air cargo skids.
Non-availability of a low cost 3D skid scanning systems; Increasing volume of goods due to e-commerce that necessitate faster screening without losing detection ability; Poor environmental factors for location of screening equipment; Extended operational hours, need for high MTBF and low MTTR factors>
Air cargo screening solutions must complete Operational Test and Evaluation (OT&E) at Government facilities. Systems that pass TSA tests will be added to their Air Cargo Screening Technology List (ACSTL). Private Air Cargo screening companies are only allowed to use systems on the ACSTL.
The Apex Screening at Speed Program is pursuing transformative R&D activities that support a future vision for increasing security effectiveness while dramatically reducing wait times and improving the passenger experience. These future capabilities will be interconnected through non-proprietary interfaces in a system of systems that is more secure, efficient, flexible, and adaptable than currently deployed sensors.
S&T seeks hardware and software technologies ... more
The Apex Screening at Speed Program is pursuing transformative R&D activities that support a future vision for increasing security effectiveness while dramatically reducing wait times and improving the passenger experience. These future capabilities will be interconnected through non-proprietary interfaces in a system of systems that is more secure, efficient, flexible, and adaptable than currently deployed sensors.
S&T seeks hardware and software technologies that assist in screening three hundred or more passengers per hour with minimal need for divestiture of headwear, footwear or personal items. Technologies shall contribute to a system of systems that provides detection at TSA's highest security detection standards. Technologies would ideally be capable of adapting or upgrading quickly to respond to emerging threats. Of highest interest are technologies that contribute to a system of systems that can adapt dynamically to TSA-provided individual risk assessments. Technologies shall be networkable and support cybersecurity best practices.
lessThe checkpoint of the future seeks to improve the passenger experience while enhancing detection capabilities. While the primary focus of the portfolio is on aviation security, technologies that also apply to other checkpoint scenarios (other modes of transportation, special events, etc.) are of interest as well. S&T understands that 'silver bullet' technologies that solve all possible threat scenarios are unlikely, and welcomes unique research materials regarding new capabilities that address specific threats within a broader system-of-systems security architecture.
Transportation Security Administration (TSA)
S&T is especially interested in technology that minimizes the Government's lifecycle costs and facilitates integration in a modular fashion. As such, S&T may prioritize the development of technology that better leverages open architectures, interfaces, and standards, or has additional utility in other markets that drive more favorable economies of scale. Technology that can readily adapt to multiple concepts of operations (e.g., to different threat environments, requirements for throughput, passenger risk assessments, etc.) is of special interest.
Systems that meet or exceed TSA's demanding security standards for aviation may be acquired through TSA's Passenger Screening Program. These systems may also be candidates for venues such as critical buildings, stadiums, and other modes of transportation. Additionally, TSA-qualified screening systems may adapt with minimal modification to aviation security needs in other nations.
S&T goals are to provide our customer base - TSA and the Homeland Security Enterprise (HSE) - with the tools, techniques, and knowledge to better understand, train, and utilize the detection canine, and improve proficiency of the DHS/HSE detection canine teams. Provide an enduring research and development capability to the Homeland Security Enterprise with a unique focal point and knowledge base for detection canines by establishing a scientifically rigorous, statistically significant approach for the detection canine community that is currently absent in the industry.
Operating components within the DHS and State and Local Law Enforcement within the Homeland Security Enterprise who maintain detection canines for the execution of their appointed missions
Detection focus not limited to explosive threats, but to include all detection canine threat vectors including narcotics, firearms detection, human detection, cadaver detection, infectious disease detection, and currency, for example. Operational efficacy, safety and cost are major metrics of success.
The potential exists for licensing and commercialization of tools and knowledge products that may serve the over 16,000 detection canine teams nationwide across all threat disciplines. Knowledge products and methodologies have been successful in receiving patents and facilitated various levels of commercialized products
S&T goals are to provide our customer base - TSA and the Homeland Security Enterprise (HSE) - with the tools, techniques, and knowledge to better understand, train, and utilize the detection canine and improve proficiency of the DHS/HSE detection canine teams. Provide an enduring research and development capability to the Homeland Security Enterprise with a unique focal point and knowledge base for detection canines by establishing a scientifically rigorous, statistically significant approach for the detection canine community that is currently absent in the industry.
Operating components within the DHS and State and Local Law Enforcement within the Homeland Security Enterprise who maintain detection canines for the execution of their appointed missions.
Detection focus not limited to explosive threats, but to include all detection canine threat vectors including narcotics, firearms detection, human detection, cadaver detection, infectious disease detection, and currency, for example. Operational efficacy, safety, and cost are major metrics of success.
The potential exists for licensing and commercialization of tools and knowledge products that may serve the over 16,000 detection canine teams nationwide across all threat disciplines. Knowledge products and methodologies have been successful in receiving patents and facilitated various levels of commercialized products.
S&T's goals are to provide our customer base - TSA and the Homeland Security Enterprise (HSE) - with the tools, techniques, and knowledge to better understand, train, and utilize the detection canine, and improve proficiency of the DHS/HSE detection canine teams. Provide an enduring research and development capability to the Homeland Security Enterprise with a unique focal point and knowledge base for detection canines by establishing a scientifically rigorous, statistically significant approach for the detection canine community that is currently absent in the industry.
Operating components within the DHS and State and Local Law Enforcement within the Homeland Security Enterprise who maintain detection canines for the execution of their appointed missions.
Detection focus not limited to explosive threats, but to include all detection canine threat vectors including narcotics, firearms detection, human detection, cadaver detection, infectious disease detection, and currency, for example. Operational efficacy, safety and cost are major metrics of success.
The potential exists for licensing and commercialization of tools and knowledge products that may serve the over 16,000 detection canine teams nationwide across all threat disciplines. Knowledge products and methodologies have been successful in receiving patents and facilitated various levels of commercialized products
The Checked Baggage Program seeks to improve detection capabilities of currently deployed EDS systems as well as create novel approaches to solve explosive detection. While the primary focus of the portfolio is on aviation security, technologies that also apply to other checked baggage scenarios (check point scenarios, other modes of transportation, special events, etc.) are of interest as well. S&T understands that 'silver bullet' technologies that solve all possible threat scenarios are unlikely, and welcomes unique research materials regarding new capabilities that address specific threats within a broader system-of-systems security architecture.
S&T is especially interested in technology that minimizes the Government's lifecycle costs and facilitates integration in a modular fashion. As such, S&T may prioritize the development of technology that better leverages open architectures, interfaces, and standards, or has additional utility in other markets that drive more favorable economies of scale. In particular, reductions in false alarm rate are a huge opportunity for operational cost savings. Technology that can readily adapt to multiple concepts of operations (to different threat environments, requirements for throughput, passenger risk assessments, etc.) is of special interest.
Successfully developed algorithms and software that meet or exceed TSA's demanding security standards for aviation may be candidates for usage at over 5,000 airports, scanning over 1.3 million pieces of checked luggage daily, across the country. As even small improvements in false alarm rates can save TSA millions of dollars annually, transition of successful developments is well-motivated. Transition would be to TSA's Office of Requirements and Capabilities Analysis (ORCA) or other appropriate office. Additionally, TSA-qualified screening systems may adapt with minimal modification to aviation security needs in other nations. Screening solutions must complete Operational Test and Evaluation (OT&E) at Government facilities.
The Checked Baggage Program seeks to improve detection capabilities of currently deployed EDS systems as well as create novel approaches to solve explosive detection. While the primary focus of the portfolio is on aviation security, technologies that also apply to other checked baggage scenarios (check point scenarios, other modes of transportation, special events, etc.) are of interest as well. S&T understands that 'silver bullet' technologies that solve all possible threat scenarios are unlikely, and welcomes unique research materials regarding new capabilities that address specific threats within a broader system-of-systems security architecture.
Transportation Security Administration (TSA)
S&T is especially interested in system components which minimize the Government's lifecycle costs and facilitates integration in a modular fashion. As such, S&T may prioritize the development of technology that better leverages open architectures, interfaces, and standards, or has additional utility in other markets that drive more favorable economies of scale. Technology that can readily adapt to multiple concepts of operations (e.g., to different threat environments, requirements for throughput, passenger risk assessments, etc.) is of special interest.
System components that meet or exceed TSA's demanding security standards for aviation may be candidates for inclusion in systems at over 5,000 airports, scanning over 1.3 million pieces of checked luggage daily, across the country. As even small improvements in false alarm rates can save TSA millions of dollars annually, transition of successful developments is well-motivated. Transition would be to TSA's Office of Requirements and Capabilities Analysis (ORCA) or other appropriate office. Additionally, TSA-qualified screening systems may adapt with minimal modification to aviation security needs in other nations. Screening solutions must complete Operational Test and Evaluation (OT&E) at Government facilities.
The Checked Baggage Program seeks to improve detection capabilities of currently deployed systems as well as create novel approaches to solve explosive detection. While the primary focus of the portfolio is on aviation security, technologies that also apply to other checked baggage scenarios (check point scenarios, other modes of transportation, special events, etc.) are of interest as well. S&T understands that 'silver bullet' technologies that solve all possible threat scenarios are unlikely, and welcomes unique research materials regarding new capabilities that address specific threats within a broader system-of-systems security architecture.
Transportation Security Administration (TSA)
S&T is especially interested in technology that minimizes the Government's lifecycle costs and facilitates integration in a modular fashion. As such, S&T may prioritize the development of technology that better leverages open architectures, interfaces, and standards, or has additional utility in other markets that drive more favorable economies of scale. Technology that can readily adapt to multiple concepts of operations (e.g., to different threat environments, requirements for throughput, passenger risk assessments, etc.) is of special interest.
Systems that meet or exceed TSA's demanding security standards for aviation may be candidates for airport usage across the country. Additionally, TSA-qualified screening systems may adapt with minimal modification to aviation security needs in other nations. Screening solutions must complete Operational Test and Evaluation (OT&E) at Government facilities.
The Checked Baggage Program seeks to improve detection capabilities of currently deployed EDS systems as well as create novel approaches to solve explosive detection. While the primary focus of the portfolio is on aviation security, technologies that also apply to other checked baggage scenarios (check point scenarios, other modes of transportation, special events, etc.) are of interest as well. S&T understands that 'silver bullet' technologies that solve all possible threat scenarios are unlikely, and welcomes unique research materials regarding new capabilities that address specific threats within a broader system-of-systems security architecture.
Transportation Security Administration (TSA)
S&T routinely performs feasibility analysis and developmental testing at a small number of locations. As these locations have to prioritize operational evaluation of equipment as directed by TSA, testing availability for S&T projects and vendors is sometimes limited. S&T is interested in technological developments that expands third-party testing opportunities in a regular and standardized fashion. S&T may prioritize the development of technology that better leverages open architectures, interfaces, and standards, or has additional utility in other markets that drive more favorable economies of scale. Technology that can readily adapt to the testing of multiple concepts of operations (e.g., to different threat environments, requirements for throughput, passenger risk assessments, etc.) is of special interest.
Systems or test articles that allowing meaningful testing to occur may transition to TSL or be used by the government on a routine recurring basis consistent with program development cycles and test opportunities. Additionally, qualified test articles and system may adapt with minimal modification to aviation security development needs in other nations. Solutions must complete Operational Test and Evaluation (OT&E) at Government facilities.
S&T seeks hardware and software technologies t ... more
S&T seeks hardware and software technologies that identify and assess the security risk presented by passengers at the aviation checkpoint. These technologies may be intended for deployment within the immediate checkpoint, or in a more distributed fashion throughout an airport or similar venue. All systems should conform to cybersecurity best practices and support capabilities to enable risk-based screening as well as TSA's Security Technology Integration Program (STIP). less
The checkpoint of the future seeks to improve the passenger experience while enhancing detection capabilities. While the primary focus of the portfolio is on aviation security, technologies that also apply to other checkpoint scenarios (other modes of transportation, special events, etc.) are of interest as well. S&T understands that 'silver bullet' technologies that solve all possible threat scenarios are unlikely, and welcomes proposals regarding new capabilities that address specific threats within a broader system-of-systems security architecture.
Transportation Security Administration (TSA)
S&T is especially interested in technology that minimizes the Government's lifecycle costs and facilitates integration in a modular fashion. As such, S&T may prioritize the development of technology that better leverages open architectures, interfaces, and standards, or has additional utility in other markets that drive more favorable economies of scale. Technology that can readily adapt to multiple concepts of operations (e.g., to different threat environments, requirements for throughput, passenger risk assessments, etc.) is of special interest.
Systems that meet or exceed TSA's demanding security standards for aviation may also be candidates for venues such as critical buildings, stadiums, and other modes of transportation. Additionally, TSA-qualified screening systems may adapt with minimal modification to aviation security needs in other nations.
S&T seeks hardware and software technologies t ... more
S&T seeks hardware and software technologies that screen the accessible property of three hundred or more passengers per hour with minimal need for the separation of liquids, aerosols, gels, or electronics from baggage. Technologies shall contribute to a system of systems that provides detection at TSA's highest security detection standards. These technologies would be able to be certified to TSA's Accessible Property Screening System standards standalone or when integrated with other systems. Technologies would ideally be capable of adapting or upgrading quickly to respond to emerging threats. Of highest interest are technologies that contribute to a system of systems that can adapt dynamically to TSA-provided individual risk assessments. All systems should conform to cybersecurity best practices and support capabilities to enable risk-based screening as well as TSA's Security Technology Integration Program (STIP). less
S&T seeks systems that can meet or exceed TSA's Accessible Property Screening System security standards, and significantly accelerate the overall throughput of accessible property. This acceleration may come from a reduction in the current need to divest certain items (electronics, liquids, aerosols, gels, etc.) from bags, a reduction of false alarms, faster processing, improved human-systems integration with Transportation Security Officers, or other means. While the primary focus of the portfolio is on aviation security, technologies that also apply to other checkpoint scenarios (other modes of transportation, special events, etc.) are of interest as well. S&T understands that 'silver bullet' technologies that solve all possible threat scenarios are unlikely, and welcomes unique research materials regarding new capabilities that address specific threats within a broader system-of-systems security architecture.
Transportation Security Administration (TSA)
S&T is especially interested in technology that minimizes the Government's lifecycle costs and facilitates integration in a modular fashion. As such, S&T may prioritize the development of technology that better leverages open architectures, interfaces, and standards, or has additional utility in other markets that drive more favorable economies of scale. Technology that can readily adapt to multiple concepts of operations (e.g., to different threat environments, requirements for throughput, passenger risk assessments, etc.) is of special interest.
Systems that meet or exceed TSA's demanding security standards for aviation may also be candidates for venues such as critical buildings, stadiums, and other modes of transportation. Additionally, TSA-qualified screening systems may adapt with minimal modification to aviation security needs in other nations.
S&T seeks component technologies that improve ... more
S&T seeks component technologies that improve the overall capabilities of traditional checkpoint systems and their operators. These upgrades, complements, or add-ons to systems may bolster an existing capability (such as passenger screening systems or accessible property screening systems), add a new and orthogonal capability, or improve the passenger or operator experience while maintaining current security capabilities. Unique research materials to alter existing security systems should be bolstered by engagement and support with the appropriate vendors. All systems should conform to cybersecurity best practices and support capabilities to enable risk-based screening as well as TSA's Security Technology Integration Program (STIP). less
The checkpoint of the future seeks to improve the passenger experience while enhancing detection capabilities. While the primary focus of the portfolio is on aviation security, technologies that also apply to other checkpoint scenarios (other modes of transportation, special events, etc.) are of interest as well. S&T understands that 'silver bullet' technologies that solve all possible threat scenarios are unlikely, and welcomes unique research materials regarding new capabilities that address specific threats within a broader system-of-systems security architecture.
Transportation Security Administration (TSA)
S&T is especially interested in technology that minimizes the Government's lifecycle costs and facilitates integration in a modular fashion. S&T's challenge is to deliver systems that can be maintained, adapted, and upgraded in an efficient manner. As such, S&T may prioritize the development of technology that better leverages open architectures, interfaces, and standards, or has additional utility in other markets that drive more favorable economies of scale. Technology that can readily adapt to multiple concepts of operations (e.g., to different threat environments, requirements for throughput, passenger risk assessments, etc.) is of special interest.
Systems that meet or exceed TSA's demanding security standards for aviation may also be candidates for venues such as critical buildings, stadiums, and other modes of transportation. Additionally, TSA-qualified screening systems may adapt with minimal modification to aviation security needs in other nations.
Current checkpoints consist of sensors (X-ray ... more
Current checkpoints consist of sensors (X-ray systems, bottled liquid scanners, passenger screening systems, explosive trace detection systems, etc.) that operate relatively independently. S&T seeks designs and implementation plans for gaining improved performance by integrating existing or future security capabilities into a system of systems. Proposed architectures may have creative means to combine layouts, primary screening modalities, secondary screening and alarm resolution capabilities, distributed sensors, analytics, data from beyond the traditional checkpoint, and other parameters that improve the overall security posture. Performance upgrades may encompass improved security, throughput, passenger experience, reliability, or other factors. All components should conform to cybersecurity best practices and support capabilities to enable risk-based screening as well as TSA's Security Technology Integration Program (STIP). less
The checkpoint of the future seeks to improve the passenger experience while enhancing detection capabilities. While the primary focus of the portfolio is on aviation security, technologies that also apply to other checkpoint scenarios (other modes of transportation, special events, etc.) are of interest as well. S&T understands that 'silver bullet' technologies that solve all possible threat scenarios are unlikely, and welcomes unique research materials regarding new capabilities that address specific threats within a broader system-of-systems security architecture. The end objective includes systems that are interconnected to collect and utilize security data more effectively to meet TSA's highest security standards at throughputs of 300+ passengers per lane, per hour. The systems will also more efficiently occupy space at the checkpoint to optimize value per square foot.
Transportation Security Administration (TSA)
S&T is challenged to move from the current "standalone" architecture employed at the checkpoint to a more efficient, integrated concept. To meet the challenge, S&T needs to maintain data integrity, cybersecurity, and effective analytics in modular configurations that can be adapted, upgraded, and reconfigured based on evolving operational requirements. S&T is especially interested in technology that minimizes the Government's lifecycle costs and facilitates integration in a modular fashion. As such, S&T may prioritize the development of technology that better leverages open architectures, interfaces, and standards, or has additional utility in other markets that drive more favorable economies of scale. Technology that can readily adapt to multiple concepts of operations (e.g., to different threat environments, requirements for throughput, passenger risk assessments, etc.) is of special interest.
Systems that meet or exceed TSA's demanding security standards for aviation may also be candidates for venues such as critical buildings, stadiums, and other modes of transportation. Additionally, TSA-qualified screening systems may adapt with minimal modification to aviation security needs in other nations.
The Apex Screening at Speed Program is pursuing transformative R&D activities that support a future vision for increasing security effectiveness while dramatically reducing wait times and improving the passenger experience. These future capabilities will be interconnected through non-proprietary interfaces in a system of systems that is more secure, efficient, flexible, and adaptable than currently deployed sensors.
S&T seeks third-party test and evaluati ... more
The Apex Screening at Speed Program is pursuing transformative R&D activities that support a future vision for increasing security effectiveness while dramatically reducing wait times and improving the passenger experience. These future capabilities will be interconnected through non-proprietary interfaces in a system of systems that is more secure, efficient, flexible, and adaptable than currently deployed sensors.
S&T seeks third-party test and evaluation checkpoint capabilities relevant to aviation security and similar environments to accelerate the certification and deployment of checkpoint screening systems under TSA's Passenger Screening Program and Electronic Baggage Screening Program. Specialized modeling and simulation capabilities that inform, accelerate, develop and support testing and evaluation activities are also of interest.
lessThe checkpoint of the future seeks to improve the passenger experience while enhancing detection capabilities. While the primary focus of the portfolio is on aviation security, technologies that also apply to other checkpoint scenarios (other modes of transportation, special events, etc.) are of interest as well. S&T understands that 'silver bullet' technologies that solve all possible threat scenarios are unlikely, and welcomes unique research materials regarding new capabilities that address specific threats within a broader system-of-systems security architecture.
Transportation Security Administration (TSA)
S&T is especially interested in technology that minimizes the Government's lifecycle costs and facilitates integration in a modular fashion. As such, S&T may prioritize the development of technology that better leverages open architectures, interfaces, and standards, or has additional utility in other markets that drive more favorable economies of scale. Technology that can readily adapt to multiple concepts of operations (e.g., to different threat environments, requirements for throughput, passenger risk assessments, etc.) is of special interest.
Systems that meet or exceed TSA's demanding security standards for aviation may also be candidates for venues such as critical buildings, stadiums, and other modes of transportation. Additionally, TSA-qualified screening systems may adapt with minimal modification to aviation security needs in other nations.
Expanding countermeasure discovery and development of new and emerging animal and zoonotic infectious diseases using cutting edge broad spectrum vaccines, and metaphylactic and biotherapeutic technologies. Developing end-user friendly, rapid diagnostic platforms for agricultural pathogens.
PIADC-USDA-DHS, APHIS, NBAF
New and improved animal pathogen vaccine platforms expressing multiple antigenic determinants to reduce the scope and number of individual vaccines (i.e., covering multiple serotypes to reduce the necessary number of vaccines that are needed for agricultural linked diseases. Improved and end-user friendly, portable and hand-held rapid detection and surveillance platforms and devices are also needed to provide front-line personnel the ability to screen and detect various viral diseases in livestock. S&T Challenges and Capability Gaps include few or no efforts to develop countermeasures on new and emerging animal and zoonotic diseases, or efforts on other veterinary species of agricultural importance with respect to transboundary animal diseases (e.g., ovine, caprine, avian). There are few or no efforts to develop veterinary adjuvant, and there is a lack of robust, next-generation adjuvant development programs for lead vaccine platforms. There is also a lack of countermeasure development projects focused on lead optimization, broad spectrum metaphylactic or biotherapeutic candidates for animal diseases. Finally, there is a requirement for end-user-friendly, rapid diagnostics and detection and surveillance methods and platforms for foreign animal diseases and zoonoses.
Transition opportunities include multiple Federal and State agencies with responsibilities for the monitoring, protection (vaccinations and countermeasures), detection and surveillance against foreign animal diseases. DHS-PIADC-USDA, NBAF, APHIS, State Agricultural Agencies.
The end objective of this effort is develop and demonstrate innovative, reliable, easy-to-use, and easy-to-deploy technologies that allow the Department of Homeland Security Components to accurately and consistently detect, track, classify, and conduct threat assessments of Unmanned Aerial Systems in variable and complex environments.
Customs and Border Protection / United States Coast Guard
DHS S&T is working to facilitate the development of technologies that allow the DHS Component to accurately and consistently detect, track, classify, and conduct threat assessments of Unmanned Aerial Systems in variable and complex environments. As such, it is open to any potentially viable technique, methodology, or approach that fulfills the aforementioned requirements. The primary challenge is target discrimination as birds, debris, insects, and other airborne objects appear as valid UAS to many sensors. Other challenges include interference with and damage of other systems using the same wave bands (including visual bands in the case of high-power laser systems), high noise levels such as the use of acoustics sensors in urban environments, and excessive target-sensor stand-off distances. Technologies should address, but not be limited to, the following requirements:
1. Easy-to-Use
2. Easy-to-Deploy
3. Work in variable weather conditions
4. Work at variable altitudes
5. Work in densely populated urban centers or sparsely populated rural areas
6. Should not interfere with customer component standard operations
7. Should not cause disruptions of civilian services
8. Have a low false alarm rate in the areas of detection, tracking, and classification
9. Capable of being configured or converted for portable operations
10. Provide users with real-time analysis and after-action reports
11. Capable of being networked incorporating robust cybersecurity attributes
Selected industry participants will have their technologies exposed to DHS Component acquisition and operations personnel during development and demonstration.
The end objective of this effort is to collect unique research material that address and explore the development and deployment of innovative, reliable, easy-to-use, and easy-to-deploy technologies that allow the component customers of the Department of Homeland Security's Science and Technology Directorate to accurately and consistently detect, track, classify, and conduct a cursory threat assessment of Unmanned Aircraft Systems in variable and complex environments.
Customs and Border Protection, US Border Patrol
DHS S&T is working to facilitate the development of technologies that allow the component customers of the Department of Homeland Security's Science and Technology Directorate to accurately and consistently detect, track, classify, and conduct a cursory threat assessment of Unmanned Aircraft Systems in variable and complex environments. As such, it is open to any potentially viable technique, methodology, or approach that fulfills the aforementioned requirements on behalf of our component customers. Proposed systems should fulfill, but not be limited to, the following requirements:
1. Easy-to-Use
2. Easy-to-Deploy
3. Work in variable weather conditions
4. Work at variable altitudes
5. Work in densely populated urban centers or sparsely populated communities
6. Should not interfere with customer component standard operations
7. Should not cause disruptions of civilian services
8. Have a low false alarm rate in the areas of detection, tracking, and classification
9. Have a smaller portable version
10. Provide users with real-time analysis and after-action reports
11. Should have networking capabilities
12. Should have high-level cybersecurity capabilities
Industry participants chosen to take part in DHS S&T UAS Detection, Tracking, and Classification Programs will carry out projects whose ultimate objective and mission will fulfill key requirements defined by DHS S&T component customers. DHS S&T funded projects will have clearly defined transition requirements consistent with the needs of DHS S&T component customers.
The end objective of this effort the development and deployment of innovative, reliable, easy-to-use, and easy-to-deploy technologies that allow DHS Components to accurately and consistently mitigate Unmanned Aerial Systems in variable and complex environments.
Customs and Border Protection
DHS S&T is working to facilitate the development of technologies that allow the component customers of the Department of Homeland Security's Science and Technology Directorate to accurately and consistently mitigate Unmanned Aircraft Systems as a threat in variable and complex environments. As such, the Directorate is open to any potentially viable technique, methodology, or approach that fulfills the aforementioned requirements on behalf of our component customers. Proposed systems should fulfill, but not be limited to, the following requirements:
1. Innovative Approaches in the following areas should be considered:
a. Directional RF/GNSS Jamming
b. Omni-Directional RF/GNSS Jamming
c. Spoofing (cyber attacking)
d. Kinetic Attacks
2. Easy-to-Use
3. Easy-to-Deploy
4. Work in variable weather conditions
5. Work at variable altitudes
6. Work in densely populated urban centers or sparsely populated communities
7. Should not interfere with customer component standard operations
8. Should not cause disruptions of civilian services
9. Be effective at variable distances
10. Have a smaller portable version
11. Provide users with real-time analysis and after-action reports
12. Should have networking capabilities
13. Should have integrated cybersecurity protections
Industry participants chosen to take part in DHS S&T UAS Threat Mitigation Programs will carry out projects whose ultimate objective and mission will fulfill key requirements defined by DHS S&T component customers. DHS S&T funded projects will have clearly defined transition requirements consistent with the needs of DHS S&T component customers.
The end objective of this effort the development and deployment of innovative, reliable, easy-to-use, and easy-to-deploy technologies that allow DHS Components to accurately and consistently mitigate Unmanned Aerial Systems in variable and complex environments.
Customs and Border Protection
DHS S&T is working to facilitate the development of technologies that allow the component customers of the Department of Homeland Security's Science and Technology Directorate to accurately and consistently mitigate Unmanned Aircraft Systems as a threat in variable and complex environments. As such, the Directorate is open to any potentially viable technique, methodology, or approach that fulfills the aforementioned requirements on behalf of our component customers. Proposed systems should fulfill, but not be limited to, the following requirements:
1. Innovative Approaches in the following areas should be considered:
a. Directional RF/GNSS Jamming
b. Omni-Directional RF/GNSS Jamming
c. Spoofing (cyber attacking)
d. Kinetic Attacks
2. Easy-to-Use
3. Easy-to-Deploy
4. Work in variable weather conditions
5. Work at variable altitudes
6. Work in densely populated urban centers or sparsely populated communities
7. Should not interfere with customer component standard operations
8. Should not cause disruptions of civilian services
9. Be effective at variable distances
10. Have a smaller portable version
11. Provide users with real-time analysis and after-action reports
12. Should have networking capabilities
13. Should have integrated cybersecurity protections
Industry participants chosen to take part in DHS S&T UAS Threat Mitigation Programs will carry out projects whose ultimate objective and mission will fulfill key requirements defined by DHS S&T component customers. DHS S&T funded projects will have clearly defined transition requirements consistent with the needs of DHS S&T component customers.
Advance operationally-relevant, end-user focused applied social and behavioral science research that will enable decision makers, inform policy makers, and assist operational partners in mitigating the human and monetary costs of human trafficking.
DHS Blue Campaign, Immigrations and Customs Enforcement, Customs and Border Protection, DHS Policy/Trade Policy
The Human Trafficking and Modern Slavery program will pursue evidence-based research to address the growing phenomenon of human trafficking. Worldwide there are an estimated 20.9 million victims of human trafficking, comprising an industry worth more than $150 billion in illegal profits. Given the scale, evolving nature, and complexity of human trafficking, combatting the problem poses a significant challenge, particularly for those on the front lines.
Opportunities for higher return on investment include leveraging and integrating findings and lessons learned to improve efficiency of operational components.
A technology that improves non-intrusive screening capabilities to detect and interdict illicit drugs with minimal disruption to the flow of commerce, is likely to be adopted by end users, and has a path to transition and/or commercialization.
Customs and Border Protection Office of Field Operations
The President's Commission on Combating Drug Addiction and the Opioid Crisis final report recommended that DHS use additional technologies to detect and intercept synthetic opioids, like fentanyl, and other illicit drugs. The magnitude and urgency of the opioid crisis demands that S&T take an innovative approach to develop near-term deployable solutions that impact the supply of opioids entering the United States.
With the tightened controls on the legal acquisition of fentanyl and other medical opioids, the problem of controlling the illegal supply has only been made more pressing to solve. Illegal synthetic opioids are largely being provided to users and criminal elements from overseas and are entering the US via the mail (USPS) and express consignment (Fed Ex, DHL,UPS). Customs and Border Protection (CBP) Office of Field Operations (OFO) has the mission to inspect items entering the US for illegal material, to include illegal drugs.
The chemical and physical nature of synthetic opioids impose significant limitations to non-intrusive detection and identification of these substances in packaged mail and parcels, and other vessels for illegal smuggling. This topic seeks technologies that can improve the ability for end-users to rapidly screen bulk packaged materials (e.g., packages/parcels, containers, cargo) to detect synthetic opioids and other drugs, to include: (1) advanced technologies that offer three-dimensional imaging; (2) technologies that will enable end-users to discriminate illicit materials from lawful materials; and (3) technologies that enable end-users to continue normal operations with minimal disruption to flow of commerce. Such technology is critical to increasing seizures and thereby taking illegal drugs off the street.
Offerors should consider the operational environment of DHS end-users at BPE and IMFs and factors that would facilitate successful transition/adoption. These factors include, but are not limited to, training and usability, ease of integration into existing operational environments, lifecycle costs, and reliability. These considerations should be part of an Offeror's transition strategy.
Opportunities for higher return on investment include patents and licenses and/or commercialization.
DHS S&T seeks TRL 7-9 technologies to provide sensor capability to existing unmanned maritime system platforms. In the end state, sensors and sensors platforms are envisioned to integrate with existing government command and control systems to aid in the detection, classification, and resolution of maritime threats.
United States Coast Guard, Customs and Border Protection
One of the key challenges for U.S. homeland security is achieving awareness of the nation's vast maritime domain, which is roughly as large as the nation's land area and extends from New England to Guam. These waters are vital to our nation's prosperity as routes for trade, sources of food, and sources of energy; they also play an important economic role in providing recreation. However, the nation's vast maritime area also imposes requirements on DHS and other agencies. These agencies seek to protect people and property from damage by the sea, the nation from illicit movements via the maritime environment that threaten its security, and the maritime environment itself from both pollution and illicit fishing. To do so, they need to achieve maritime domain awareness (MDA) across diverse regions, as well as the ability to rapidly communicate, integrate, and analyze this information to facilitate effective and appropriate actions. Increasing MDA can contribute to numerous DHS mission sets, including counter drug, migrant interdiction, critical infrastructure surveillance, port and coastal surveillance, environmental monitoring, spill monitoring, fisheries enforcement, and security zone enforcement, and enforcement of laws and treaties.
The goal of this project is to research and integrate technologies that will enable the USCG to conduct more effective operations in support of any of their eleven statutory missions:
- Port & Waterway Security
- Drug Interdiction
- Aids to Navigation
- Search & Rescue
- Living Marine Resources
- Marine Safety
- Defense Readiness
- Migrant Interdiction
- Marine Environmental Protection
- Ice Operations
- Law Enforcement
This program will concentrate on Intelligence, Surveillance, Reconnaissance (ISR) missions to provide situation awareness and critical law enforcement information using unmanned maritime systems (UMS).
The potential exists for commercialization of sensors across a broad spectrum of UMS platforms in the federal space. Potential also exists for the use of adapted sensors on platforms other than UMS.
Results of this topic should provide new and novel capabilities and solutions to assist DHS, Operations, and Law Enforcement components to improve the understanding and confidence of DHS and the Homeland Security Enterprise (HSE) on how CNPS leverage network environments (trusted and untrusted), devices, and sensors to compute and communicate processes and the security risks and challenges associated with the appropriate level of automation, Machine-to-Machine (M2M), communications, learning, and intelligence.
DHS Components, Operations, and Law Enforcement Components
This topic is seeking to address various challenges faced by DHS, Operations, and Law Enforcement. CNPS builds upon the CPSSEC Strategy and the nine key strategic drivers identified in the 2015 NITRD CPS Vision Statement. CNPS are being designed and scaled to autonomously compute, communicate, and execute processes from data collected from networks, devices and sensors, and other intelligent systems. As CNPS system design becomes more complex, automated, intelligent, and integrated with legacy networks and systems - Cybersecurity risks and challenges will only increase.
Developed solutions should transition to federal and law enforcement end-users. Solutions may be brand new capabilities not currently available on the market or current solutions that can be modified to address specific needs.
Results of this topic should provide new and novel capabilities and solutions to assist DHS mission, operations, and law enforcement components to securely leverage, integrate, and interact with IoT systems that affect their operations and assets. Objectives include Detecting, Authenticating, and Updating IoT devices, sensors, and systems to gain comprehensive and near continuous knowledge of an IoT environment.
DHS Mission, Operations, and Law Enforcement Components
This topic is seeking to address various challenges faced by DHS Mission, Operations, and Law Enforcement components in securing the interactions between existing networks and IoT Devices. The IoT continues to expand and disrupt the nation's CI/IT infrastructure. This expansion has resulted in numerous advancements but has also increased the attack surface for malicious actors.
Developed solutions should transition to federal and law enforcement end-users. Solutions may be brand new capabilities not currently available on the market or current solutions that can be modified to address specific needs.
The Cybersecurity Experimentation of the Future (CEF) Testbed will provide cybersecurity researchers with the ability to run experiments on an unclassified secure "virtual internet," through contained environments that can safely test advanced defense mechanisms against live threats without endangering operational networks.The CEF Testbed will provide the cybersecurity research community with a complex test capability and infrastructure (networks, tools, methodologies, tech support) to support national-scale testing of advanced cybersecurity technologies in an open, non-proprietary environment. CEF will enable the applied/research community to share complex cybersecurity experiments, designs, lab setups, software, tools, procedures and data; this allows rapid validation of complex technical findings and avoiding redundant experimental effort.
Transition customers include cybersecurity researchers, instructors and students.
Realization of experimental research infrastructures, capabilities, and approaches that reach beyond today's state of the art are needed. These infrastructures, together with similar broad-based objectives that transform discovery, validation, and ongoing analysis in an increasingly complex and challenging domain must provide, as examples:
- Support for multi-disciplinary, complex, and extreme scale experimentation;
- Support for emerging research areas such as specialized cyber-physical systems and cybersecurity relevant human behavior;
- The creation and capture of advances in scientific methodologies, experimental processes, and education; and
- Strategies for dynamic and flexible experimentation across user communities and infrastructure facilities.
Developed solutions should transition to federal, state and academic cybersecurity testbeds. Solutions may be brand new capabilities not currently on the market or current solutions that can be modified to address specific requirements.
To establish and demonstrate replicable, scalable, and sustainable models for incubation and deployment of interoperable, secure, standard-based solutions using advanced technologies such as Internet of Things (IoT) and Cyber-Physical Systems (CPS) and demonstrate their measurable benefits in cities and communities
Homeland Security Enterprise, DHS Components
There are numerous organizations across the United States and internationally, including local governments, nonprofit organizations, academic institutions, technologists, and corporations working to enhance and improve life in cities and communities. These projects have primarily focused on enabling IoT devices and applications to interact and improve processes across a range of domains. The challenge is that many of these projects have not focused on the privacy and security aspects of IoT enabled devices.
Developed solutions should transition to primarily local Smart City communities, but may be applied to a broader range of organizations.
Architectures, technologies and processes needed to enhance the security and trustworthiness of systems and services.
DHS Components, Homeland Security Enterprise
This topic is seeking to address challenges faced by organizations across the following identity management components:
- User Sign-In covering issuance, authentication, revocation and derivation to ensure that an individual is present and that digital interactions can be attributed to this same individual.
- Verified Person covering identity establishment, resolution, validation and verification to ensure that the individual is a real person with a real, not synthetic or fabricated, record.
- Authorization covering consent, enrollment, delegation and authorization to ensure that the individual has provided contextually relevant consent and entitlement information to enable authorization or to appropriately delegate authorization.
- Digital Identity covering user experience, user notification, session risk and transaction risk to enable an electronic representation of an individual that can be relied on for high value interactions taking into account user experience and ongoing risk management.
- Trusted Infrastructure covering crosscutting capabilities to ensure that identity management services mitigate fraud, ensure privacy, and assure security while remaining scalable, resilient and interoperable.
Developed solutions should transition to provide availability to commercial and government end-users. Solutions may be brand new capabilities not currently available on the market or current solutions that can be modified to address specific needs.
- Connected sensor devices, mobile computing and sensor platforms
- Automation and autonomous systems
- The delivery of digital services
- Connected sensor devices, mobile computing and sensor platforms
- Automation and autonomous systems
- The delivery of digital services
The purpose of the Data Privacy Program is to help society realize the benefits of information technologies in the three stated contexts (connected devices and sensors, automation and autonomous systems, and digital services delivery) while minimizing their negative societal impact. Strategies for minimizing potential risks to privacy must consider a range of opportunities, from minimizing data collections to proper safeguarding of data once collected to controlling how data is used. To achieve this objective, Data Privacy calls for applied research and advanced development along a continuum of challenges, from how people understand privacy in different situations and how their privacy needs can be formally specified, to how these needs can be respected and how mitigation and remediation can be accomplished should privacy expectations and interests be violated. Finally, Data Privacy emphasizes the need to transition research results that address governmental and commercial stakeholder's needs so that they can improve practice as necessary and appropriate.
Cyber-threats are rapidly shifting and privacy-related breaches are increasing in frequency and impact. The Data Privacy project is aligned with National Privacy and Cyber Security Research and Development strategic initiatives to develop a targeted set of research priorities to ensure that cyberspace is safe, trustworthy and prosperous. Specifically, the project provides the R&D community expertise and resources to prevent, mitigate and recover from adverse effects of privacy threats and intrusions on privacy that arise from information system policies and processing. This work includes mitigation of risks by engineering privacy-protecting systems, educating the public, and understanding behavioral, social, organizational and policy dimensions of privacy. The Data Privacy Program is working to develop innovative solutions that ensure trusted innovation by helping to ensure that the protection of individual privacy is consistent with applicable law, policy and mission.
Data Privacy supports the development and operationalization of technical and knowledge solutions to help the Transition Customer address data privacy capability gaps.
- Investment into cybersecurity controls (technology, regulatory, and legal) by private-sector, government, and private actors
- ... more
- Investment into cybersecurity controls (technology, regulatory, and legal) by private-sector, government, and private actors
- Impact of investment on the probability, severity, and consequences of actual risks and resulting cost and harm
- Value of the correlation between business performance measures and evaluations of cybersecurity investments and impacts
- Incentives to optimize the investments, impacts and value basis of cyber risk management
Priority R&D needs for this program are analytics and metrics for cybersecurity effectiveness, severity, and comparison. The CYRIE program endeavors to improve value-based decision making by those who own, operate, protect, and regulate the nation's vital data assets and critical infrastructure. As such, the program looks beyond the traditional economics view of incentives for cybersecurity, where individuals are assumed to be rational actors who know how to maximize their well-being, and considers a broader array of factors that include business, legal, technical, and behavioral factors. In this way, CYRIE R&D can more effectively address strategy and tactics for cyber risk avoidance, acceptance, mitigation, and transfer.
Application to Cyber Security Operations, Critical Infrastructure Operations, Law Enforcement, Incident and Disaster Response, and Businesses of all sizes
In 2013, two Executive actions were issued, aimed at enhancing the capability of owners and operators of the nation's critical infrastructure to protect their networks and systems against cyber attacks (Executive Order 13636, Improving Critical Infrastructure Cybersecurity, and Presidential Policy Directive 21, Critical Infrastructure Security and Resilience). These policy documents gave DHS a coordinating role in pursing the cybersecurity objectives outlined in each document and directed National Institute of Science and Technology (NIST) to develop a voluntary framework that owner/operators could use to improve their cybersecurity posture. DHS led an interagency working group focused on cyber economic incentives, and together, with the Departments of Commerce and Treasury, prepared an analysis of federal policy options for incentivizing adoption of the NIST framework. DHS S&T continues to maintain active engagement in the effort to understand and develop stronger cyber economic incentives through its R&D efforts and portfolio.
The working group and resulting analysis focused primarily on policy and incentives from a microeconomic-based view of marginal costs and benefits of adoption. While this analysis provided a solid start for the study of incentives in cybersecurity, a more holistic approach to research in the area of cyber risk economics is clearly needed that incorporates perspectives on security decisions and behavior from a wide range of social and behavioral sciences.
Recognizing the importance of data sharing to building capacity across the four dimensions (investment, impact, value, incentives), CYRIE supports the sharing of cybersecurity best practices, investments, incidents, and outcomes among diverse stakeholders. More collective information is needed to enable value-based risk management of the shared ecosystem. Effective information sharing can help mitigate against the often siloed view of risk, create positive network effects, and foster "RoS"(return on sharing) as an element of cyber risk management.
CYRIE supports the development and operationalization of technical and knowledge solutions to help the Transition Customer address capability gaps along any of the program's stated dimensions. The program also aims to inform the government about how it can reduce cyber risk levels through development and enforcement of policy and regulation, convening and coordination of stakeholders, adoption of technology, promulgation of standards, and facilitation of research and development.
Research and development results of this topic should provide innovative technologies, techniques, and processes towards the creation, operation, and maintenance of federated enterprise environments and the related C2 infrastructure. Objectives include enabling local decision making given global knowledge and the seamless incorporation of various cybersecurity technologies and techniques (Moving Target/Dynamic/Adaptive Defenses, privacy preserving and multi-party computing, deception, etc.) into federated enterprise environments. Results are also sought to protect any cloud-based infrastructure that enables federated enterprise environments.
Cybersecurity and Infrastructure Security Agency (CISA), Homeland Security Enterprise, DHS and Components with need for federated environments
This topic is seeking to address various challenges faced by Federal government entities and the Homeland Security Enterprise in the creation, operation, and maintenance of federated enterprise environments. Coordinating mechanisms are needed in order to provide reliable defenses that do not adversely affect usability or limit privacy protections. Additionally, a robust command and control capability is needed to coordinate defenses and make management of processes easier, faster, more reliable, and secure.
Developed solutions should transition to DHS Components, Federal, State and Local Government Agencies; the Homeland Security Enterprise Solutions may be brand new capabilities not currently available on the market or current solutions that can be modified to address specific needs. Some projects, such as those protecting 911 voice systems, have a cross-over market in-call center protection that is sustainable commercially.
Results of this topic should provide new and novel capabilities and solutions to assist federal, state, and local agencies to improve their security posture.
DHS Components, Federal, State and Local Government Agencies
This topic is seeking to address various challenges faced by DHS Components, Federal, State and Local Government Agencies, the Homeland Security Enterprise for situational awareness and to improve their security posture.
Developed solutions should transition to DHS Components, Federal, State and Local Government Agencies, the Homeland Security Enterprise Solutions may be brand new capabilities not currently available on the market or current solutions that can be modified to address specific needs.
The Department of Homeland Security (DHS) Science and Technology Directorate's (S&T) Office of Mission Capability Support (MCS) Physical and Cyber Security (PCS) Division seeks to coordinate, enhance, and develop advanced data and information sharing tools, datasets, technologies, models, methodologies, and infrastructure to strengthen the capabilities of national and international cyber risk R&D. These data sharing components are intended to be broadly available as national and international resources to bridge the gap between producers of cyber risk-relevant ground truth data, academic and industrial researchers, cybersecurity technology developers, and decision makers to inform their analysis of and policymaking on cyber risk and trust issues.
Application to Cyber Security Operations, Critical Infrastructure Operations, Law Enforcement, Incident and Disaster Response, and Day-To-Day Business, Public and Private Cyber Security Researchers
Cybersecurity R&D requires real world data to develop advanced knowledge, test products and technologies, and prove the utility of research in large scale network environments. IMPACT is the only publicly available, legally collected, distributed repository of large scale datasets containing real network and system traffic that could be used to advance state-of-the-art cybersecurity R&D. The centralized brokering and distributed provisioning between the data providers, data hosts, and researchers addresses the operational, trust, and administrative costs and challenges that impede sustainable and scalable data sharing. IMPACT continually adds new data that is responsive to cyber risk management (e.g. attacks and measurements) to provide the R&D community timely, high-value information to enhance research innovation and quality. The IMPACT model also serves as a laboratory for testing various data sharing models, including batch transfers, newer Data Analytics as a Service (DaaS), and visualization techniques.
Transition data, decision analytics, and capabilities outputs to the cybersecurity research community.
The primary objective is to have a mature testbed that can be used to test and validate claims from various projects, in particular the DDoSD projects.
The results of this topic will catalyze and support the research and development of advanced experimental research tools, technologies, and methodologies as broadly available national resources. Indicators of the success of this program objective will be the realization of experimental research capabilities and approaches that reach beyond today's state of the art.
Distributed Denial of Service (DDoSD) projects
Extensive testing and evaluation is required before any new tool or technique goes "live" on a real network. This testing generally starts in a testbed environment where conditions can be tightly controlled, then progresses to more realistic environments. The first step in testing is required for any project to get out of the development stage and into operations.
The DETER testbed is used not only by DHS projects to test and validate results, but also to train new cyber professionals in a controlled environment, where mistakes do not have operational consequences.
The Cybersecurity Experimentation of the Future (CEF) Testbed will provide cybersecurity researchers with the ability to run experiments on an unclassified secure "virtual internet," through contained environments that can safely test advanced defense mechanisms against live threats without endangering operational networks. The CEF Testbed will provide the cybersecurity research community with a complex test capability and infrastructure (networks, tools, methodologies, tech support) to support national-scale testing of advanced cybersecurity technologies in an open, non-proprietary environment. CEF will enable the applied/research community to share complex cybersecurity experiments, designs, lab setups, software, tools, procedures and data; this allows rapid validation of complex technical findings and avoiding redundant experimental effort.
Transition customers include cybersecurity researchers, instructors and students.
Realization of experimental research infrastructures, capabilities, and approaches that reach beyond today's state of the art are needed. These infrastructures, together with similar broad-based objectives that transform discovery, validation, and ongoing analysis in an increasingly complex and challenging domain must provide, as examples:
- Support for multi-disciplinary, complex, and extreme scale experimentation;
- Support for emerging research areas such as specialized cyber-physical systems and cybersecurity relevant human behavior;
- The creation and capture of advances in scientific methodologies, experimental processes, and education; and
- Strategies for dynamic and flexible experimentation across user communities and infrastructure facilities.
Developed solutions should transition to federal, state and academic cybersecurity testbeds. Solutions may be brand new capabilities not currently on the market or current solutions that can be modified to address specific requirements.
The end objective is to have data available for research, development, testing and training. The data shall be managed for access and to meet all data provider requirements.
The Information Marketplace for Policy and Analysis of Cyber-risk & Trust (IMPACT) project supports the global cyber-risk research community by coordinating and developing real world data and information sharing capabilities, tools, models, and methodologies. To accelerate solutions around cyber-risk issues and infrastructure security, the IMPACT project enables empirical data and information sharing between and among the global cybersecurity research and development (R&D) community in academia, industry, and government. Importantly, IMPACT also addresses the cybersecurity decision-analytic needs of Homeland Security Enterprise (HSE) customers in the face of high volume, high velocity, high variety, and/or high value data through its network of Decision Analytics-as-a-Service Providers (DASP). These resources are a service technology or tool capable of supporting the following types of analytics: descriptive (what happened), diagnostic (why it happened), predictive (what will happen), and prescriptive (what should happen).
Application to Cyber Security Operations, Critical Infrastructure Operations, Law Enforcement, Incident and Disaster Response, and Day-To-Day Business, Public and Private Cyber Security Researchers
Reproducibility of research results has been an issue for a long time for cybersecurity. The Internet is constantly changing, and running two experiments even a short time apart can lead to different results. Data sets collected for specific events, such as DDOS attack traffic, is required for research and development of tools and mitigation techniques.
Data sets are also used for training and planning purposes. In short, having good data available leads to good research, development, and tools that meet the needs of DHS.
Data sets are used at CISA and also by many academic and commercial researchers and developers.
Results of this topic should provide new and novel capabilities and solutions to support operational security requirements for mobile ecosystem technologies.
DHS Components, Civilian Federal Government and DoD
The DHS workforce is becoming increasingly mobile, and employees expect to use mobile devices to access data and deliver mission services wherever they may be located, and at any time. DHS mobile user groups cross all Components and Offices and include executives, managers, knowledge workers, immigration and law enforcement officials, case officers, and emergency responders.
The architecture, design, and use of mobile technologies to access systems, applications, and data and deliver government services is substantially different from the traditional desktop workstations and laptops used within a protected enterprise network. A new security approach is needed to protect DHS data and systems from the additional risk posed by use of consumer devices that may operate from anywhere in the world across any available network (cellular, Wi-Fi), possess features and capabilities beyond those available on desktops, and that may contain dozens of diverse mobile apps that can access data on the device.
The Mobile Security Research and Development (R&D) program is partnering with all DHS components and collaborating with several organizations to facilitate piloting, transition and adoption of the technologies developed under the program. This provides an opportunity to fine-tune requirements, align to and influence development of federal standards or criteria, and conduct pilots with real-world applications. The partners will provide support in developing requirements and use cases; providing information, insights, and access to information technology architecture; offering feedback and evaluation of CSD-developed R&D; and contributing in-kind resources associated with testing.
Currently, Cyber Apex is working to harden the cyber-defenses of the financial services sector (FSS), which is a frequent target of cybercriminals. The Cyber Apex Review Team (CART), spo ... more
Currently, Cyber Apex is working to harden the cyber-defenses of the financial services sector (FSS), which is a frequent target of cybercriminals. The Cyber Apex Review Team (CART), sponsored by CSD and made up of FSS institution and Treasury Department representatives, identifies gaps and evaluates solutions. While some identified gaps are solvable by mature technology, others needed novel ideas. This finding led Cyber Apex to establish two development paths: creating a consortium to test existing solutions and partnering with the DHS Silicon Valley Innovation Program (SVIP) for early-stage solutions.
The consortium focuses on operational testing of mature technologies to determine if they meet FSS needs. The program uses a consortium manager-Cyber Apex Solutions-to maintain an efficient process for foraging and building a consortium of technology owners.
SVIP focuses on finding novel solutions from startups whose technologies are not mature enough for rigorous operational testing and evaluation. Solutions with promise are piloted and evaluated. Cyber Apex solicitations under SVIP-the Financial Services Cyber Security Active Defense-seeks startups that have novel solutions in the areas of moving-target defense, isolation and containment and cyber-intrusion deception. less
The results of this topic should produce new and novel technologies, techniques and approaches to help secure the nation's critical infrastructure sectors.
Homeland Security Enterprise, DHS Components, Critical Infrastructure organizations
The nation's critical infrastructure provides the essential services that underpin American society and serve as the backbone of our nation's economy, security, and health. The needs and cyber security maturity levels of the 16 sectors vary widely (e.g. different architectures, different regulatory and compliance factors), which make securing them a challenge for S&T.
Developed solutions should transition to federal and Homeland Security Enterprise end users.
The results of this topic should produce new and novel technologies, techniques and approaches to secure government networks.
Homeland Security Enterprise, DHS Components
Securing government networks is a significant challenge for DHS. S&Ts challenges supporting this activity include: the customer set (e.g. large agencies to very small agencies) and the variety of architectural approaches that each agency has developed over time, suited to their mission needs.
Developed solutions should transition to federal and Homeland Security Enterprise end users.
The nation's electric grid faces challenges from cyberattacks, natural disasters and accidental failures. To address these challenges, CSD and the Department of Energy (DOE) jointly fund the Cyber Resilient Energy Delivery Consortium (CREDC). The consortium is developing solutions through R&D, education and industry engagement. CREDC will generate research, evaluate the results and deploy solutions in the marketplace. The project's foci include cyber-protection technologies; cyber monitoring, metrics, and event detection; risk assessment of Energy Delivery Systems (EDS) technology; data analytics for cyber event detection; resilient EDS architectures and networks; and identifying the impact of disruptive technologies such as the Internet of Things and cloud computing on EDS resiliency.
The Linking the Oil and Gas Industry to Improve Cybersecurity (LOGIIC) project is an ongoing collaboration between DHS S&T and oil and natural gas companies. The collaborative program facilitates cooperative research, development, testing and evaluation procedures to improve cybersecurity in petroleum industry digital control systems. The project undertakes collaborative R&D projects to improve the level of cybersecurity in critical systems of interest to the oil and natural gas sector. The project objective is to develop sector capabilities while maintaining impartiality, the independence of the participants and vendor neutrality. less
The result from this topic should provide new and novel approaches to help formulate risk-informed, integrated design solutions and management strategies that can incorporate proactive resilience remains a significant multi-domain challenge.
Homeland Security Enterprise, Critical Infrastructure Organizations
Critical infrastructure is vital to national and economic security, public health and well-being, and has become increasingly global, complex and susceptible to disruptions. S&T seeks solutions that provide improved awareness of potential disruptions and the ability to design in flexibility and resilience to mitigate the effects of such disruptions. S&T also seeks risk-assessment and management approaches that incorporate all relevant linkages such as sector interdependencies and cybersecurity risk factors.
Developed solutions should transition to federal and Homeland Security Enterprise end users.
- Strengthen DHS's ability to assess the impact of cyber-attacks and cyber disruptions on cr ... more
- Strengthen DHS's ability to assess the impact of cyber-attacks and cyber disruptions on critical infrastructure operations.
- Develop methodologies to characterize the criticality of Federal networks and better estimate the consequences of their disruption.
- Improve DHS's ability to anticipate emerging cyber risk by using innovative and advanced techniques to analyze evolving cyber threats, vulnerabilities, and trends. less
The end objective of this project is a model that discretely quantifies the mission impacts of cyber disruptions to information technology networks (e.g. a Federal agency loses the ability to execute a Mission Essential Function due to a disruption to a certain IT network).
Models/tools developed must comply with DHS security standards. Models/tools should run on stand-alone commodity computing hardware (a single computer with, e.g. up to 32 cores, 128GB RAM, 1TB disk space). Models should provide a docker build script so they can easily be compiled and run anywhere.
Office of Cyber and Infrastructure Analysis, National Protection and Programs Directorate
- The coupling of operations with education and training;
- Abstract learning versus learning with context;
- Bayesian learning (prior knowledge) and where and how it might be applicable;
- The coupling of operations with education and training;
- Abstract learning versus learning with context;
- Bayesian learning (prior knowledge) and where and how it might be applicable;
- Incident response feedback systems, that drive subsequent training/learning directions;
- Regional education and learning models coordinating efforts across different kinds of organizations.
The objective is to develop, demonstrate, and transition substantive and adaptive cyber security education models that impact organizations and infrastructures/sectors for the better. These models should address key dimensions of the challenge, such as multiple age levels, cyber security across multiple operational domains, and different kinds of threats. An overarching objective of this work is to support development of "learning organization" capabilities across all kinds of organizations and infrastructures/sectors. The models and associated technologies need to support cybersecurity competitions, education and curriculum development, and workforce training and development needs.
Cybersecurity and Infrastructure Security Agency (CISA), Homeland Security Enterprise, Other DHS Components
This topic is seeking to address various challenges faced by Federal government entities and the Homeland Security Enterprise in regards to addressing the Nation's shortage of skilled cybersecurity professionals.
Developed solutions should transition to federal and Homeland Security Enterprise end users.
Results of this topic should provide new and novel capabilities and solutions to assist federal, state, and local law enforcement investigating cybercrimes. Objectives include identifying illicit anonymous marketplaces and website users, as well as users facilitating illicit transactions.
DHS Law Enforcement Components, Federal, State and Local Law Enforcement Agencies
This topic is seeking to address various challenges faced by Law Enforcement (LE) investigating anonymous networks and currencies. Investigations are resource intensive, requiring significant man hours to investigate and prosecute. Criminals use these networks to exploit the anonymity and protections built into the encryption.
Developed solutions should transition to federal, state and local law enforcement end-users. Solutions may be brand new capabilities not currently available on the market or current solutions that can be modified to address specific needs.
Results of this topic should provide new and novel capabilities and solutions to assist federal, state, and local law enforcement in the forensic acquisition and analysis of evidence from digital devices used in criminal activity.
DHS Law Enforcement Components, Federal, State and Local Law Enforcement Agencies
This topic is seeking to address three main challenges faced by law enforcement: lack of forensic tool testing standards and uniformity, high cost of forensics tools, and technology gaps between commercial technology advances and advances in acquiring data in support of investigations.
Developed solutions should transition to federal, state and local law enforcement end-users. Solutions may be brand new capabilities not currently available on the market or current solutions that can be modified to address specific needs.
(1)Conduct research, develop tools, and technologies to improve the detection, analysis, and understanding of victims and perpetrators of child exploitation, and (2)conduct gap analysis to identify aspects of child exploitation in greatest need of empirical research.
Homeland Security Investigations (HSI), Internet Crimes Against Children Task Forces, National Center for Missing and Exploited Children (NCMEC)
An astonishing 16 million reports of child exploitation are submitted per year. Without an efficient way to prioritize tips and identify the most dangerous offenders, the current volume of incoming data is overwhelming law enforcement.
Opportunities for higher return on investment include leveraging and integrating findings and lessons learned to improve the efficiency of operational components.
Improvements in digital forensics, biometrics, and identity management, including real-time and forensics positive verification of individual identity using multiple biometrics; mobile biometrics screening capabilities; high-fidelity ten print capture; and non-cooperative biometric technologies for identification of adults and children.
First Responders (Federal, State and local)
Current systems used in identity management are limited by algorithm development, training and machine learning using limited data sets and end user capabilities.
Potential for higher return on investment for industry as a result of this research project.
Results of this topic should provide new and novel capabilities and solutions to assist DHS, Operations, and Law Enforcement components to improve the understanding and confidence of DHS and the Homeland Security Enterprise (HSE) on how CNPS leverage network environments (trusted and untrusted), devices, and sensors to compute and communicate processes and the security risks and challenges associated with the appropriate level of automation, Machine-to-Machine (M2M), communications, learning, and intelligence.
DHS Components, Operations, and Law Enforcement Components
This topic is seeking to address various challenges faced by DHS, Operations, and Law Enforcement. CNPS builds upon the CPSSEC Strategy and the nine key strategic drivers identified in the 2015 NITRD CPS Vision Statement. CNPS are being designed and scaled to autonomously compute, communicate, and execute processes from data collected from networks, devices and sensors, and other intelligent systems. As CNPS system design becomes more complex, automated, intelligent, and integrated with legacy networks and systems - Cybersecurity risks and challenges will only increase.
Developed solutions should transition to federal and law enforcement end-users. Solutions may be brand new capabilities not currently available on the market or current solutions that can be modified to address specific needs.
Results of this topic should provide new and novel capabilities and solutions to assist DHS mission, operations, and law enforcement components to securely leverage, integrate, and interact with IoT systems that affect their operations and assets. Objectives include Detecting, Authenticating, and Updating IoT devices, sensors, and systems to gain comprehensive and near continuous knowledge of an IoT environment.
DHS Mission, Operations, and Law Enforcement Components
This topic is seeking to address various challenges faced by DHS Mission, Operations, and Law Enforcement components in securing the interactions between existing networks and IoT Devices. The IoT continues to expand and disrupt the nation's CI/IT infrastructure. This expansion has resulted in numerous advancements but has also increased the attack surface for malicious actors.
Developed solutions should transition to federal and law enforcement end-users. Solutions may be brand new capabilities not currently available on the market or current solutions that can be modified to address specific needs.
To establish and demonstrate replicable, scalable, and sustainable models for incubation and deployment of interoperable, secure, standard-based solutions using advanced technologies such as Internet of Things (IoT) and Cyber-Physical Systems (CPS) and demonstrate their measurable benefits in cities and communities.
Transition customers include cybersecurity researchers, instructors and students.
Realization of experimental research infrastructures, capabilities, and approaches that reach beyond today's state of the art are needed. These infrastructures, together with similar broad-based objectives that transform discovery, validation, and ongoing analysis in an increasingly complex and challenging domain must provide, as examples:
- Support for multi-disciplinary, complex, and extreme scale experimentation;
- Support for emerging research areas such as specialized cyber-physical systems and cybersecurity relevant human behavior;
- The creation and capture of advances in scientific methodologies, experimental processes, and education; and
- Strategies for dynamic and flexible experimentation across user communities and infrastructure facilities.
Developed solutions should transition to federal, state and academic cybersecurity testbeds. Solutions may be brand new capabilities not currently on the market or current solutions that can be modified to address specific requirements.
To provide private industry with an alternative fertilizer to those that can be used as an explosive precursor. This will make it harder for adversaries to construct explosives devices while also allowing industry to continue providing the agricultural community with effective fertilizers. The product must be completely non-detonable, even if manipulated, mixed, or concentrated
The private sector agricultural industry.
Terrorists often utilize products with legitimate uses as precursors to construct homemade explosive devices. This is a threat not only to homeland soft-targets and critical infrastructure, but also to American personnel in-theatre. This effort would require buy-in from both the private industry and public agencies. This topic would complement the DHS NPPD Chemical Facilities Anti-Terrorism Standards program (CFATS
1. Research and development to improve the detection, analysis, understanding, and mitigation of the threats posed by violent individuals;
2. Knowledge, tools and technologies to determine when individuals, groups, and movements are likely to engage in violence; and
3. What ideological, organizational, and contextual f ... more
1. Research and development to improve the detection, analysis, understanding, and mitigation of the threats posed by violent individuals;
2. Knowledge, tools and technologies to determine when individuals, groups, and movements are likely to engage in violence; and
3. What ideological, organizational, and contextual factors may influence violent action and target selection. less
A better understanding of how to prevent targeted violence or mitigate the effects of that violence through knowledge of evidence-based research and/or evaluation of existing or emerging programs addressing targeted violence
First Responders, NGOs, State/Local government.
Given there is no one pathway to violent extremism and the ubiquity of social media in terrorist and extremist groups recruiting individuals, this is a field where the state of knowledge is always changing, and requires multi-disciplinary applications to the social science issues related to targeted violence.
Local stakeholders can tailor local solutions to targeted violence based on the translation of research knowledge/evaluation into practice.
The Data Analytics Technology Center (DA-TC) invests in research, innovative solutions, and emerging technologies to enable advanced analytics for Next Generation Homeland Security Missions. Facilitating data driven solutions demands cross-cutting work on computation, data management, advanced analytics, technical architecture, and the underlying policy and for using enterprise data sets for cross mission applications.
Areas of interest to DA-TC that focus ... more
The Data Analytics Technology Center (DA-TC) invests in research, innovative solutions, and emerging technologies to enable advanced analytics for Next Generation Homeland Security Missions. Facilitating data driven solutions demands cross-cutting work on computation, data management, advanced analytics, technical architecture, and the underlying policy and for using enterprise data sets for cross mission applications.
Areas of interest to DA-TC that focus on technical architecture include distributed storage systems, block chain applications for privacy protecting information sharing and analytics, and secure multi-party computation. Effective data analytics requires reliable data, so that DA-TC is also focused on solutions to enable data wrangling and preparation as well as entity resolution.
DA-TC investigates the potential of advanced and emerging analytics capabilities to support the Homeland Security Mission, including advanced computational concepts, analytics and visualization, machine learning and deep learning, human centered systems, analytics for the Internet of Things (IOT), large-scale analytics on publicly available information including social media, real-time analytics for multi-party, multi-latency, metro-scale networks, human-centered systems, and quantum information science.
Nearly all DA-TC research and development undertakings also have important policy implications. A few of DA-TC's areas of interest highlight the cross-cutting nature of technical and policy considerations such as countering foreign influence, cyber security and cyber-physical security, election security, infrastructure protection, emergency management, and decision support and business processes, advanced privacy and security concepts, and adversarial machine learning.
lessDevelop capabilities that will increase the Department's ability to leverage data for decision-making.
Various customers throughout DHS, including the homeland security enterprise and supporting agencies.
The Data Analytics Technology Center (DA-TC) advises DHS and the larger Homeland Security Enterprise (HSE) on advanced data analytics tools, storage, and computational techniques that increase the effectiveness of the government's homeland security missions. DA-TC engages in rapid prototyping, independent assessments of emerging technologies, and strategic research and development.
Transition opportunities include DHS Components and partners in the homeland security enterprise.
Conduct research and pilots; and develop Alerts, Warnings, and Notifications (AWN) program planning guidance on how to build an effective AWN Program (e.g., Standard Messaging Templates, Hazard Matrices, Training Standards, Metrics, and Advocacy Materials for key decision makers) with planning artifacts for State, Local, Territorial, and Tribal (SLTT) alert originators.
Department of Homeland Security (DHS) Federal Emergency Management Agency (FEMA) Integrated Public Alert and Warning System (IPAWS) Program Management Office (PMO)
S&Ts recently developed AWN program planning guidance:
- The Report on Alerting Tactics provides recommendations on effective combinations of alerting tactics for various incident types based upon lessons learned from practitioners.
- The Common Alerting Protocol (CAP) Assessment Guide examines the current version of the CAP standard and whether modifications are necessary for the standard to keep pace with the evolution of the alerts and warnings ecosystem.
- Alerts, Warnings, and Notifications (AWN) Guidance Materials help agencies plan for enhanced AWN, providing both guidance for, and a measure of how to successfully address alerting issues in totality. These tools and solutions most closely align with the S&T emergency communications strategic program area.
Projects in support of this topic will empower FEMA to (1) increase the number of SLTT alerting authorities using the IPAWS system, and following its requirements; (2) support alert originator education and guidance on best practices for modern and accessible AWN to enhance emergency messaging; and (3) address ad-hoc public alerting procedures and processes to support standardized local, regional, or national AWN planning.
1. disruption alerting and mitigation technologies;
2. technologies that will enable end-users to continue normal operations through PNT disruption events; and
3. technologies that provide novel PNT capabilities.
1. disruption alerting and mitigation technologies;
2. technologies that will enable end-users to continue normal operations through PNT disruption events; and
3. technologies that provide novel PNT capabilities. less
A technology that improves PNT resilience, is likely to be adopted by critical infrastructure PNT end-users, and has a path to transition and/or commercialization.
Accurate position, navigation, and timing (PNT) information is important for the functioning of many critical infrastructure sectors. Disruption of PNT services can hamper the operational capabilities of critical infrastructure operations that rely on precision timing or positioning. This topic seeks technologies that can improve resilience for PNT end-users to include:
1. disruption alerting and mitigation technologies;
2. technologies that will enable end-users to continue normal operations through PNT disruption events; and
3. technologies that provide novel PNT capabilities.
Offerors should consider the operational environment of PNT end-users in critical infrastructure and factors that would facilitate successful transition/adoption. These factors include, but are not limited to, ease of integration into existing operational environments, price, and reliability. These considerations should be part of an Offeror's transition strategy.
Opportunities for higher return on investment include patents and licenses and/or commercialization.
1. disruption alerting and mitigation technologies;
2. technologies that will enable end-users to continue normal operations through PNT disruption events; and
3. technologies that provide novel PNT capabilities.
1. disruption alerting and mitigation technologies;
2. technologies that will enable end-users to continue normal operations through PNT disruption events; and
3. technologies that provide novel PNT capabilities. less
A technology that improves PNT resilience, is likely to be adopted by critical infrastructure PNT end-users, and has a path to transition and/or commercialization
Accurate position, navigation, and timing (PNT) information is important for the functioning of many critical infrastructure sectors. Disruption of PNT services can hamper the operational capabilities of critical infrastructure operations that rely on precision timing or positioning. This topic seeks technologies that can improve resilience for PNT end-users to include
1. disruption alerting and mitigation technologies;
2. technologies that will enable end-users to continue normal operations through PNT disruption events; and
3. technologies that provide novel PNT capabilities.
Offerors should consider the operational environment of PNT end-users in critical infrastructure and factors that would facilitate successful transition/adoption. These factors include, but are not limited to, ease of integration into existing operational environments, price, and reliability. These considerations should be part of an Offeror's transition strategy.
Opportunities for higher return on investment include patents and licenses and/or commercialization.
Research concept materials should:
- Effectively leverage existing coverage fro ... more
Research concept materials should:
- Effectively leverage existing coverage from both public safety (LMR, FirstNet) and commercial wireless service providers though the use of LMR/LTE hybrid solutions (Solutions should address varying levels of available coverage from wilderness areas with poor and non-existent coverage to urban centers with excellent coverage.)
- Utilize standards-based technology interfaces, promoting standards-based solutions rather than proprietary ones
- Reduce life-cycle costs (acquisition, operations & maintenance, and refresh)
A technology that enables CBP to deploy enterprise-wide data services within the next 12-18 months.
CBP with potential transition across DHS Components.
CBP is seeking solutions that would allow a seamless transition from existing voice-only services based on current LMR networks today to mixed-mode voice, data, and video services leveraging broadband capabilities from commercial and public safety networks. Data services should provide adequate bandwidth for situational awareness tools, image/file transfer, and video capabilities. Solutions and technologies should address ease of integration, use of non-proprietary open standards, price, reliability, and a deployment schedule of 12-18 months. Each Source's transition strategy should address these considerations.
Opportunities for higher return on investment include patents and licenses and/or commercialization.
Improve interoperability and compatibility by ensuring that equipment are developed using existing standards and verified through a compliant testing program. Conduct gap analysis of standards and recommend new standards or changes to existing standards as necessary.
Communications interoperability and compatibility is essential for safety of First Responders and their ability to complete their mission. Public safety standards (e.g., Project 25 (P25)) and related commercial standards (e.g., 3GPP LTE) are used to improve interoperability and compatibility for first responders. Within the P25 environment, existing testing processes and procedures for assuring interoperability and compatibility across different vendor solutions are inadequate and evolving technologies may also necessitate the need for updating the standards and subsequently the existing testing program.
Land Mobile Radio and LTE manufacturers can submit their equipment for compliance to standards through the procedures established by this proposal. Once achieved, the vendors could market their equipment more effectively to first responders highlighting its adherence to rigorous testing procedures.
No methodology exists to measure the impact of foreign influence operations on Americans or the effectiveness of measures put in place to mitigate the risk of foreign influence. In order to design and implement effective resilience measures, a baseline understanding of how foreign influence operations impact citizens and a methodology to measure the effectiveness of programs is required.
Designing robust metrics requires analysis of foreign influence al ... more
No methodology exists to measure the impact of foreign influence operations on Americans or the effectiveness of measures put in place to mitigate the risk of foreign influence. In order to design and implement effective resilience measures, a baseline understanding of how foreign influence operations impact citizens and a methodology to measure the effectiveness of programs is required.
Designing robust metrics requires analysis of foreign influence along several dimensions, including both the physical and cyber. Given that much human activity today has both physical and cyber footprints, detecting bad activity would be harder if one focuses on one of the other only. Infrastructure Protection (IP) theft for example, typically involves both.
lessThese metrics would be used to identify the most effective methods for building national resilience to foreign influence operations. The information would be used to design and implement programs and communications to mitigate the risk of foreign influence operations. This is particularly important to DHS' emphasis on building National resilience through public awareness and education. Messaging, tactics, target audience, and outreach can all be guided by these metrics and methodology.
Cybersecurity and Infrastructure Security Agency (CISA), National Risk Management Center (NRMC) in support of the DHS Countering foreign influence subcommittee
Design an easily implemented methodology to measure the impact of foreign influence operations and the effectiveness of resilience building activities to mitigate the risk. Foreign influence can take on many different forms manifesting into the physical and cyber world, yet no methodology yet exists to identify foreign activities that specifically try to influence domestic population and economy.
Potential to benefit DHS and all The Committee on Foreign Investment in the United States (CFIUS) Departments and Agencies members including: Department of the Treasury, Department of Justice, Department of Commerce, Department of Defense, Department of State, Department of Energy, Office of the U.S. Trade Representative, Office of Science & Technology Policy
https://www.fbi.gov/news/pressrel/press-releases/the-fbi-launches-a-combating-foreign-influence-webpage
https://home.treasury.gov/policy-issues/international/the-committee-on-foreign-investment-in-the-united-states-cfius
https://www.dhs.gov/publication/countering-foreign-influence-subcommittee-membership-list
Any or all of the following:
- Threat and Hazard Modeling-Severe geomagnetic disturbance (GMD) and nuclear electromagnetic pulse (EMP) are large-scale, high-impact, low-frequency (HILF) events where we have limited historical data and experience. The lack of experience creates a heavy reliance on models and simulations of these events to guide the protection of critical infrastructure (CI) and to estimate post-event responses for recovery and restoration.
- Mapping of National Critical Functions to Critical Infrastructure Networks-National Critical Functions (NCF) provide a high level definitions of functions that need to be sustained to avoid serious disruption to national security and safety and economic activity.
- Identification of Key Critical Infrastructure Assets and Vulnerability Assessments-The CI networks that support the NCFs are composed of many subsystems, devices and components.
- Prediction of Critical Infrastructure Network Performance Under Extreme Conditions-The CI networks that support the NCFs often exhibit complex behavior governed by physics, control systems, and human operator intervention.
- Design of Critical Infrastructure Network Vulnerability Mitigations To Ensure NCF Performance-Resources for hardening or sparing CI network subsystems, devices and components are often limited, and the effect of these mitigations on the CI network, especially as it pertains to NCF PEMP, are often not straightforward due to complex network behavior.
Cybersecurity and Infrastructure Security Agency (CISA) - National Risk Management Center, public and private sector owners, operators of critical infrastructure and manufacturers, distributors
- Lack of historical experience and data-Infrequent natural occurrence or full-scale testing of these phenomena limits the available ground truth, system response data to baseline mitigation methods, and creates heavy reliance on modeling and simulation to guide decision making
- Multi-physics-End-to-end modeling and simulating EMP and GMD requires integration of a vast range of physical phenomena including nuclear weapons outputs, space weather, particle scattering, electromagnetic propagation and coupling, and component and infrastructure network response
- Wide range of spatial and temporal scales-The physics discussed above spans from sub nanosecond for nuclear physics and particle scattering to minutes for infrastructure response. Important spatial scales include CONUS-scale electromagnetic fields and infrastructure networks to 10-km electrical transmission lines to 1-meter conductors in an electrical substation
- Multiple affected infrastructures-The widespread nature of these events leads to simultaneous impacts on multiple infrastructure, and the interconnectivity of modern infrastructure systems may lead to complex impacts
- Complex mitigations-The widespread nature of the EMP and GMD hazards and the complexity of infrastructure network response to potential component failures. Hardening or other resilience mitigations in one part of a network may increase risk in other parts of the network complicating achieving overall infrastructure resilience.
DHS recently released its "Strategy for Protecting and Preparing the Homeland Against Threats of Electromagnetic Pulse and Geomagnetic Disturbances" (as required in 6 USC 121(d)) that defines a vision where the United States is prepared for extreme electromagnetic incidents and capable of quickly restoring critical infrastructure and supporting communities to fully recover. This strategy is aligned with the statutory direction to the Department in 6 USC 195(f) that current efforts must take further action to mitigate the impact of EMP and GMD on critical infrastructure. Action includes completing objective scientific analyses, identifying critical utilities and national security assets and infrastructure that are at risk from threats of EMP and GMD, and analysis of technology options available to improve the resiliency of critical infrastructure to threats of EMP and GMD.
Both GMD and EMP are low probability/high consequence scenarios that challenge effective policymaking. Science and technology advancements in the following topic areas will clarify our understanding the threat and impacts and improve our ability to mitigate the consequences.
Additional Transition Customers: retailers of energy system (i.e., electrical grid and natural gas and petroleum pipelines), communications, water and wastewater systems, and transportation equipment.
https://www.dhs.gov/publication/protecting-and-preparing-homeland-against-threats-electromagnetic-pulse-and-geomagnetic
Any or all of the following:
- Threat and Hazard Modeling-Severe geomagnetic disturbance (GMD) and nuclear electromagnetic pulse (EMP) are large-scale, high-impact, low-frequency (HILF) events where we have limited historical data and experience. The lack of experience creates a heavy reliance on models and simulations of these events to guide the protection of critical infrastructure (CI) and to estimate post-event responses for recovery and restoration.
- Mapping of National Critical Functions to Critical Infrastructure Networks-National Critical Functions (NCF) provide a high level definitions of functions that need to be sustained to avoid serious disruption to national security and safety and economic activity.
- Identification of Key Critical Infrastructure Assets and Vulnerability Assessments-The CI networks that support the NCFs are composed of many subsystems, devices and components.
- Prediction of Critical Infrastructure Network Performance Under Extreme Conditions-The CI networks that support the NCFs often exhibit complex behavior governed by physics, control systems, and human operator intervention.
- Design of Critical Infrastructure Network Vulnerability Mitigations To Ensure NCF Performance-Resources for hardening or sparing CI network subsystems, devices and components are often limited, and the effect of these mitigations on the CI network, especially as it pertains to NCF PEMP, are often not straightforward due to complex network behavior.
CISA - NRMC, public and private sector owners, operators of critical infrastructure and manufacturers, distributors, and retailers of energy system (i.e., electrical grid and natural gas and petroleum pipelines), communications, water and wastewater syste
- Lack of historical experience and data-Infrequent natural occurrence or full-scale testing of these phenomena limits the available ground truth, system response data to baseline mitigation methods, and creates heavy reliance on modeling and simulation to guide decision making
- Multi-physics-End-to-end modeling and simulating EMP and GMD requires integration of a vast range of physical phenomena including nuclear weapons outputs, space weather, particle scattering, electromagnetic propagation and coupling, and component and infrastructure network response
- Wide range of spatial and temporal scales-The physics discussed above spans from sub nanosecond for nuclear physics and particle scattering to minutes for infrastructure response. Important spatial scales include CONUS-scale electromagnetic fields and infrastructure networks to 10-km electrical transmission lines to 1-meter conductors in an electrical substation
- Multiple affected infrastructures-The widespread nature of these events leads to simultaneous impacts on multiple infrastructure, and the interconnectivity of modern infrastructure systems may lead to complex impacts
- Complex mitigations-The widespread nature of the EMP and GMD hazards and the complexity of infrastructure network response to potential component failures. Hardening or other resilience mitigations in one part of a network may increase risk in other parts of the network complicating achieving overall infrastructure resilience.
DHS recently released its "Strategy for Protecting and Preparing the Homeland Against Threats of Electromagnetic Pulse and Geomagnetic Disturbances" (as required in 6 USC 121(d)) that defines a vision where the United States is prepared for extreme electromagnetic incidents and capable of quickly restoring critical infrastructure and supporting communities to fully recover. This strategy is aligned with the statutory direction to the Department in 6 USC 195(f) that current efforts must take further action to mitigate the impact of EMP and GMD on critical infrastructure. Action includes completing objective scientific analyses, identifying critical utilities and national security assets and infrastructure that are at risk from threats of EMP and GMD, and analysis of technology options available to improve the resiliency of critical infrastructure to threats of EMP and GMD.
Both GMD and EMP are low probability/high consequence scenarios that challenge effective policymaking. Science and technology advancements in the following topic areas will clarify our understanding the threat and impacts and improve our ability to mitigate the consequences.
- Use of cloud-based solutions to provide greater scalability and adaptability for future technological capab ... more
- Use of cloud-based solutions to provide greater scalability and adaptability for future technological capabilities
- Platform that supports data interoperability and integration from diverse sources. Compatibility, where possible, with legacy and state-of-the-art edge network devices.
- Adoption of data hierarchy concepts (i.e. "authoritative data" concept from CAD architectures) as an organizing principle;
- Utilize standards-based technology interfaces, promoting standards-based solutions rather than proprietary ones;
- Demonstrably reduce life-cycle costs (acquisition, operations & maintenance, and technology refresh);
- Result in force-multiplier functionality for users across all public safety disciplines and at all jurisdictional levels.
The successful demonstration of data interoperability and integration of cloud based solutions to support multi-agency dispatching, information sharing, and incident management. Solutions will result in enhanced functions for call taking, dispatch, resource management, situational awareness, intelligent data analytics, sensor integration, alerting, and provide common operating intelligence to streamline and expedite decisions while reducing response time and improving responder awareness and safety.
State and Local First Responder Agencies
I. Although NGFR's primary focus was on-body sensor devices, integrated situational awareness platforms that could give leadership a view of the incident scene provided first responders with the most operational impact II. During all NGFR integration experiments, edge device sensors pushed data through an intermediary broker in order to reach participating situational awareness platforms III. One Situational awareness platform that can provide cross agency interoperable functionality will allow all responders to focus on one system instead of many
Investment in this technology supports many tactical users within DHS components and the public safety community. The resulting solutions, models, and practices will provide a roadmap for agencies nationwide and across all levels of government to migrate from legacy systems to next-generation, secure, interoperable, integrated solutions while lowering operating costs and initial investments.
- Understand the CAD interoperability landscape today including its challenges.
- Define interoperability, associated requirements, and their specifications to encourage interoperability between different solutions in use within one or more public safety agencies and with other incident information management stakeholders.
- Evaluate standards for use, aimed at the achievement of increased interoperability to support a full complement of inter-operable emergency incident data exchanges between a variety of public safety systems (CAD-to-CAD, CAD-to-records management system, CAD-to-mobile data, and others).
- Determine conformance specifications, validating testing methodologies, and encourage agency inclusion of the specifications during the acquisition process to foster broader adoption.
- Leverage existing national systems if feasible.
- Make recommendations to other public safety organizations and/or committees. on actions and steps that need to be taken in a comprehensive report.
- A phased approach that includes a proof of concept/operational prototypes. less
The end objective is to achieve a very resilient public safety Cad-to-Cad ecosystem that is very efficient, interoperable, and supports multi-discipline response to regional, multistate, or national events.
Leveraging a national system, such as the National Law Enforcement Telecommunications System (NLETS) should be considered.
Cad-to-Cad communications is key to interoperability and resilience between government agencies responding to emergencies. Public safety agencies have different CAD systems causing ineffective and costly interoperable communications. These systems in most cases do not efficiently share information during unified responses that include many public safety (Fire/Law Enforcement/EMS) disciplines. Advances in technology have nonetheless transformed challenges into opportunities and S&T can take this National interoperable need and provide leadership to develop a viable solution.
The seamless exchange of data that is technology agnostic and without geographic or agency response area boundaries is a core element of interoperability in the public safety environment. The costs savings and resiliency improvements that the Nation can achieve can be very substantial. The Government can also provide procurement language, implementation guidance documentation, outreach, and communications to facilitate understanding of issues, recommendations, and opportunities.
A phased approach to achieve the end objective shall be established. Phase-I with TRLs 1 to 3 can be achieved through the items outlined on the topic description. Upon completion of Phase-I, research recommendations to the Government, public safety organizations and/or committees on actions and key steps that need to be taken should be provided in a comprehensive report. Phase-II shall look to achieve TRLs 4 to 7 extrapolating the best of ongoing or completed pilots in the recent past and use Phase-I findings. In addition, implement operational pilots and proofs of concepts based on Phase-I findings and new technology opportunities. Phase-III should layout a standard baseline for TRL 8 to 9 that would be scalable, duplicable, cost effective and commercially available.
TRLs Chart
| TRL | TRL Definition |
|---|---|
| 1 | Basic principles observed and reported. |
| 2 | Technology concept and/or application formulated. |
| 3 | Analytical and experimental critical function and/or characteristic proof-of-concept. |
| 4 | Component and/or breadboard validation in laboratory environment. |
| 5 | Component and/or breadboard validation in relevant environment. |
| 6 | System/subsystem model or prototype demonstration in a relevant environment. |
| 7 | System prototype demonstration in an operational environment. |
| 8 | Actual system completed and qualified through test and demonstration. |
| 9 | Actual system proven through successful mission operations. |
At the conclusion of this project, we envision a standard's-based system that is scalable, duplicable, and ready to be commercialized.
National Capital Region - Communications Infrastructurehttps://www.nist.gov/system/files/documents/2019/06/27/nist.ir_.8255.pdf
CAD-to-CAD Data Sharing: A Review of Recommended Standards, IJIS (February 2017).
Supporting R&D through social media, crowdsourcing models, planning tools and templates, trainings, architectures, and technologies to enhance community preparation, resilience, response, and recovery in the face of all-hazards. Improvements in these capabilities can include:
1. Improved risk awareness, communications, and information-sharing between emergency responders and public officials;2. Increased pre-event planning, tactical operations, and recover ... more
Supporting R&D through social media, crowdsourcing models, planning tools and templates, trainings, architectures, and technologies to enhance community preparation, resilience, response, and recovery in the face of all-hazards. Improvements in these capabilities can include:
1. Improved risk awareness, communications, and information-sharing between emergency responders and public officials;2. Increased pre-event planning, tactical operations, and recovery through education and training methods to support the implementation of information-sharing tools and tactics (examples including but not limited to: social media and crowdsourcing technologies) during emergency response operations;
3. Applied theoretical and empirical research into the properties of resilient Smart Cities and communities less
Planning tools and templates, trainings, architectures, and technologies to enhance community preparation, resilience, response, and recovery through new and novel application(s) of all-hazards mitigation strategies
First Responders, FEMA, CISA
For years, S&T has supported first responders in enhancing information-sharing and technology integration to improve community resilience. All efforts align to S&T's key mission areas in managing incidents and foster stakeholders' increased situational awareness, communications, and risk assessment and planning. Specific initiatives include:
The DHS S&T Social Media Emergency Management (SMEM) Guidance Tool - The DHS S&T SMEM Guidance tool provides emergency managers and public information officers with a simple, step-by-step line of questioning to create plans to improve their organization's SMEM operations.
Virtual Social Media Working Group (VSMWG) - The VSMWG provides recommendations to the emergency preparedness and response community on the safe and sustainable use of social media technologies before, during and after emergencies.
Smart Cities - Smart cities efforts range from piloting innovative new edge network devices, integration platforms, developing system architectures, and crafting best practices and lessons learned from rigorous scientific experimentation.
Projects in support of this topic will further DHS S&T's role as a force multiplier to its component customers. Successful technology integration and implementation will facilitate smooth transition to component customers through a variety of means. To FEMA the focus on community resilience is in alignment with their foundational strategy, and the fitment to their requirements ensures topical relevance to their needs. To first responders, developing capabilities and tools to serve their communities gives them enhanced planning, response, and recovery options not currently available.
National Capital Region - Communications Infrastructure
https://smemguidancetool.org/
https://www.dhs.gov/publication/st-social-media-business-case-guide
https://www.dhs.gov/publication/st-digital-volunteer-program-guide
https://www.dhs.gov/publication/st-social-media-plan-guide
https://www.dhs.gov/science-and-technology/smwg-documents
https://www.dhs.gov/science-and-technology/news/2018/12/18/snapshot-st-delivering-emerging-smart-cities-technologies
https://www.dhs.gov/sites/default/files/publications/scira_fact_sheet_081419-508.pdf
A technology that improves Flood Forecasting/Modeling to natural hazards and man-made events, that is likely to be adopted by end-users, and has a path to transition and/or commercialization.
FEMA, State, Local, Tribal and Territorial, or critical infrastructure partners
Over the last 30 years, floods have been the most frequent and presidentially declared disaster in the United States. Property losses from floods of all types have averaged $7.96 billion per year, with the loss trend increasing. The National Flood Insurance Program (NFIP) has 5.1 million policies in force, covers $1.2 trillion in property and collects $3.5 billion in insurance income annually. The National Flood Insurance Fund was over $23 billion in debt to the U.S. Treasury as of December 21, 2014. In addition, an average of 82 flood-related fatalities have occurred annually. Unlike other natural hazards, the number of fatalities from flood hazards is not declining. FEMA has established strategic goals to improve flood response, recovery and mitigation through increased uptake of flood insurance, additional investment in mitigation, advances in flood detection, warnings, notifications, and analysis, enhancements to flood sensor networks and monitoring capabilities.
Offerors should consider the below factors in their unique research material and what would facilitate successful transition/adoption by end users and key stakeholders. These factors include, but are not limited to, ease of integration into existing operational environments, price, and reliability. These considerations should be part of an Offeror's transition strategy.
Opportunities for higher return on investment include patents and licenses and/or commercialization.
- Establish a capability to identify or assign dependency relationships for assets supporting the critical infrastructure lifelines or other key functions, and use methods such as failure analysis to identify the links or nodes most critical to supporting those functions.
- Improve DHS's ability to provide accurate and timely analysis of the impacts to services caused by all-hazards disruptions to the lifeline critical infrastructure systems, including integrated tools that provide end-to-end capabilities for key hazards.
- Improve data, information, and heuristics related to infrastructure dependencies through techniques that may include machine learning, web-scraping, open source information, /field collection, case studies, and validation/verification activities.
- Provide DHS analysts and field personnel with analytic tools to understand infrastructure dependencies during crisis events, exercises, and steady-state analysis
The end objective of this project is to develop a methodology to estimate the impacts of emerging man-made attacks vectors (e.g. cyber; positioning, navigation, and timing (PNT); etc.) on life-saving commodity supply chains in a non-crisis or incident response context.
Models/tools developed must comply with DHS security standards. Models/tools should run on stand-alone commodity computing hardware (a single computer with, e.g. up to 32 cores, 128GB RAM, 1TB disk space). Models should provide a docker build script so they can easily be compiled and run anywhere.
NPPD, Office of Cyber and Infrastructure Analysis, National Infrastructure Simulation and Analysis Center
- Implement an approach to use National Critical Functions to understand dependencies and the effects of all-hazards infrastructure disrup ... more
- Implement an approach to use National Critical Functions to understand dependencies and the effects of all-hazards infrastructure disruptions on these functions.
- Improve DHS's capacity to identify and communicate areas of greatest strategic infrastructure risk through the refinement and execution of an annual NPPD Mission Risk Register and other risk analyses.
- Develop the capability to analyze and communicate nationally, regionally, and functionally significant systemic, all-hazards risks-including cyber risks-across and within infrastructure sectors and the attributes that may help detect and mitigate the risks.
- Implement an ongoing futures analysis capability focused on identifying future drivers of all-hazards risk in the NPPD mission space and risk management strategies that are robust across multiple alternative futures.
- Improve homeland security decision makers' understanding of how to apply risk-informed priorities to the development and management of strategy, plans, programs, and budgets.
The end objectives of this project are 1.) A framework that will support sector and cross-sector modeling and simulation of critical infrastructure assets and systems, 2.) Implementation of the framework by building sector-level models of the DHS National Infrastructure Protection Plan Lifeline Sectors (Energy, Communications, Transportation, Water and Wastewater, Healthcare and Public Health), and 3.) Validation and verification that the framework can support single asset (n-1) and multiple asset (n-k) failures to identify sector-level and cross sector dependencies/interdependencies of infrastructure assets and systems.
Models/tools developed must comply with DHS security standards. Models/tools should run on stand-alone commodity computing hardware (a single computer with, e.g. up to 32 cores, 128GB RAM, 1TB disk space). Models should provide a docker build script so they can easily be compiled and run anywhere.
NPPD, Office of Cyber and Infrastructure Analysis, National Infrastructure Simulation and Analysis Center