Abstracts of DHSST-LRBAA14-02 Full Proposal Awards
Back to Award List

BMD 1.1

Company

Arizona Board of Regents, University of Arizona
PO Box 210158
University of Arizona, Sponsored Projects Services
Tucson, AZ 85721-0158

Proposal Information DHSST-LRBAA14-02-BMD 1.1-0007-I - A general informatics workflow, database, and geospatial tools for the dissemination of high quality biodiversity across space and time.
Topic Information BMD 1.1 - Noninvasive, minimally disruptive sensors and systems
Award/Contract Number HSHQDC-16-C-B0009
Abstract

This proposal is to provide a new biogeographic tool that will provide accurate geolocation from botanical samples. However, geolocation necessitates accurate measures of the geographic niches (or ranges) of each species. Geolocation necessitates integrating and standardising the worlds botanical data in order to create a common resource for botanical geolocation. I propose to build on the existing BIEN data network core databases and data networks to create a larger and more novel global resource for quantitative plant biodiversity science. The proposed research will develop, and make freely available, a generic computational pipeline capable of linking biodiversity occurrence data to species ranges. A lack of appropriate tools and a failure to combine tools into an integrated pipeline prevent such scaling. Key challenges include: 1) appropriately scrubbing data to remove taxonomic and geographic errors, 2) identifying clear best practice methods for range modeling applicable across diverse species, 3) innovating range modeling methods that integrate diverse data such as presence only museum collections and abundance based plot data and 4) scaling computationally-intensive range modeling in an High Performance Computing, HPC, environment. The proposed research will develop such a pipeline using the previous work on the BIEN project, which has assembled a database of 89,000,000 global observations of 300,000 + species of plants and a focused more complete databased of 20,000,000 observations of plants within the new world as well as a preliminary assessment of the geographic distribution of the botanical diversity of Europe and Asia.

Back to top

BMD 1.2

Company

Team Augmented Reality, Inc.
PO Box F
Brunswick, ME 04011-0587

Proposal Information DHSST-LRBAA14-02-BMD.02-0003-I - AIS-i e-Navigation
Topic Information BMD 1.2 - Cost-effective airborne sensors for better land border security
Award/Contract Number HSHQDC-15-C-B0013
Abstract

The AIS-i e-Navigation project will enhance the safety and operational capabilities of mariners including those serving DHS elements (e.g. USCG), commercial operators (e.g. shipping), and recreational boaters. This proposal sets forth four tasks that will lead to further enhancement and refinement of AIS-I protocols, adoption of the protocols and services as and internationally sanctioned standard (or the equivalent), extension of services to support crowd sourced bathymetry, and robust testing and demonstration of resultant capabilities with the goal of accelerating adoption by first responders and the communities they serve. Overall AIS-i e-Navigation Objectives include: 1)Support and Champion the evolution of AIS-i into an internationally recognized standard, 2) Demonstrate AIS-i capability in a large scale, high profile maritime event (San Francisco Fleet Week), 3) Stand up a non-profit AIS-i service provider, 4) Establish data connections that support sharing of Vessel and Bathymetric information in support of e-Navigation, 5) Collaborate with the international community to establish standards for the Maritime Cloud, 6) Develop and demonstrate innovative new approaches to data collection that exploit the e-Navigation architecture and AIS-i protocols., 7) Provide Virtual AtoNs and routes that support e-Navigation and AIS-i protocols, 8) Establish a US national presence within the international e-Navigation community that is focused on Arctic navigation, and builds upon the emerging architectures and capabilities developed by others, and contributes the proven results from Arctic applications back to the international community.

Back to top

BMD 2.4

Company

Salient Federal Solutions, Inc.
4000 Legato Rd.
Ste. 600
Fairfax, VA 22033-2893

Proposal Information DHSST-LRBAA14-02-BMD 2.4-0002-I - Border Research/Integrattion Transition Environment (BorderRITE)
Topic Information BMD 2.4 - Concepts, methodologies, and/or technologies that utilize public as well as private databases
Award/Contract Number HSHQDC-16-C-B0011
Abstract

This submission from Salient Federal Solutions, Inc., proposes the Borders & Maritime Research, Integration and Transition Environments (BorderRITE) to support the S&T interests. The objective of BorderRITE is to provide two environments that seamlessly work together to support S&Ts mission. Salient is offering a unique solution to address testing and transition needs for S&T.

Back to top

CDS.01

Company

SNA International
525 Wythe Street
Alexandria, VA 22314-4805

Proposal Information DHSST-LRBAA14-02-CDS.01-0018-I - Applying Biometric Standards: Pilot Software Implementation for Rapid DNA
Topic Information CDS.01 - Capability Development Support
Award/Contract Number HSHQDC-17-C-B0033
Abstract

Rapid DNA, a new technology being adopted by the Department of Homeland Security (DHS), enhances the DHS mission of providing national security by closing identified security gaps. Rapid DNA technology can quickly and accurately identify fraud, mitigate terrorist entry into the U.S., minimize human trafficking and support verification of biological relationships (kinship analysis). The Office of Biometric Identity Management (OBIM) protects the nation by providing most biometric identification services to verify identities. However, OBIM does not possess human DNA analysis software to incorporate Rapid DNA into daily operations. To successfully adopt the new Rapid DNA technology, DHS will need a mechanism to integrate consensus standards, share, analyze, match and store DNA profiles. The pilot will offer a secure location for DHS DNA results and supports direct and familial matching algorithms, ensures standards-based real-time data sharing with law enforcement and intelligence community stakeholders, and remains compliant with civil liberties and Federal records retention requirements. The project tasks include: creating and updating DHS component DNA use cases, evaluating COTS/GOTS software, identifying the most appropriate COTS/GOTS software for a pilot software prototype in OBIM's Automated Biometric Identification System (IDENT), identifying global data sharing protocols and ensuring HART compatibility. The software development pilot will use an Agile development approach and DHS will own the product. This platform will offer DHS a prototype to develop the first DHS-owned standardized human DNA analysis tool that can be used across a global landscape and potentially encompass the entire DHS organization.

Back to top

CSD.01

Company

Red Balloon Security
336 West 37th Street Suite 1024
New York, NY 10018-4592

Proposal Information DHSST-LRBAA14-02-CSD.01-0002-I - Host-based defense of Cisco IOS routers using Software Symbiotes
Topic Information CSD.01 - Internet Infrastructure Security
Award/Contract Number HSHQDC-14-C-B0029
Abstract

Cisco IOS, the firmware running inside the majority of Cisco routers and switches, has been shown to be vulnerable to the same types of malware attacks that plague general-purpose computers. Numerous exploitation and persistent malicious implant techniques have been demonstrated against Cisco networking equipment. Since such devices form the actual substrate of any modern network, successful exploitation of routers and switches will lead to total compromise of the security, integrity and availability of the victim's IT infrastructure. Red Balloon Security has developed a new host-based embedded system defense called Symbiote that injects attack detection and mitigation functionality into the firmware of any embedded device. Symbiotes can be injected into existing Cisco networking devices without altering the original functionality of the device in an automated fashion using a firmware modification platform developed by Red Balloon Security called FRAK. The Symbiote within the firmware simultaneously performs checksums on all protected regions of the router's memory while periodically communicating with an external monitor via a channel appropriate for the operating environment. In the event of an unauthorized memory modification within the router, the Symbiote will raise an alarm to the monitor, which then triggers the capture and analysis component of our system. Thus, RBS's Symbiote technology deployed in situ in existing routers provides, for the first time, an early attack warning sensor network for critical infrastructure protection.

Company

Intelligent Automation Inc
15400 Calhoun Dr, Suite 400
Rockville, MD 20855-2737

Proposal Information DHSST-LRBAA14-02-CSD.01-0004-I - Self-shielding Dynamic Network Architecture (SDNA) Federations
Topic Information CSD.01 - Internet Infrastructure Security
Award/Contract Number HSHQPM-16-X-00129
Abstract

In the last few years, a new paradigm in security has gained increased acceptance based on the notion of resilience where systems can detect, respond to, and recover from undesired events automatically. Systems must be continually changing and evolving to better respond to an environment, requirements, and adversaries that are also continually changing and evolving. Similarly, new defensive capabilities are able to adapt and evolve based on their own experiences, user feedback, and system events. A variety of moving target defense (MTD) technologies are emerging to improve the defensive posture of the enterprise networks. However, an enterprise's assets are often physically distributed and employ diverse technologies that compete for network resources. As a result, coordination and control of network defense is difficult and likely to produce sub-optimal and conflicting behaviors. Enabling network enclaves to share information in a federation coordinates the use of MTD technologies, leading to a stronger defense of the federation as a whole. In this work, IAI proposes to integrate the Self-shielding Dynamic Network Architecture (SDNA) technology with the Federated Command and Control (FC2) Framework and develop an SDNA-C2FED prototype with the potential to protect various global enterprise networks.

Company

The Linux Foundation
1 Letterman Drive
Building D, Suite D4700
San Francisco, CA 94129-1494

Proposal Information DHSST-LRBAA14-02-CSD.01-0006-I - Linux Foundation Core Infrastructure Initiative
Topic Information CSD.01 - Internet Infrastructure Security
Award/Contract Number HSHQPM-17-X-00165
Abstract

In response to the global Heartbleed security crisis in April 2014, the Linux Foundation (LF) raised $5.7 million from 19 of the world's largest technology companies to invest in improving the security of open source software. The resulting investments, infrastructure, and monitoring have been successful at reducing the immediate security threats. Over the last two years, the LF's Core Infrastructure Initiative (CII) has assembled and proven a model to work with and add value to existing open source software developers. We're now ready to drastically expand the size and scope of the CII's work. There is far more software in need of review, and we can build on our existing successes to dramatically broaden our reach. With support from the Department of Homeland Security, the LF can elevate the Core Infrastructure Initiative into an essential catalyst for improving the security of open source software as it used on the Internet and by business and government. CII is a private-sector solution that represents bringing together the disparate stakeholders than depend on and benefit from open source security. We are requesting $2 million a year in funding from the Department of Homeland Security for the each of the next five years. This funding would include a DHS representative holding a voting seat on the CII Steering Group which allocates the funds.

Back to top

CSD.03

Company

GovReady PBC
10415 Lorain Avenue
Silver Spring, MD 20901-2410

Proposal Information DHSST-LRBAA14-02-CSD.03-0003-I -  Security Controls Compliance Server
Topic Information CSD.03 - Homeland Open Security Technology
Award/Contract Number D16PC00014
Abstract

Open source software (OSS) developers struggle to have their products and services adopted by government because of the unfamiliar, expensive, and time-consuming process certification and accreditation under FISMA. Even when OSS could have a positive impact on cyber security, government agencies struggle with adoption because open source is often perceived as not secure or not compliant. This prevents agencies from keeping pace with private sector innovation and restricts government IT choices to fewer, costlier choices, even when government funds the innovation and OSS via Small Business Innovation Grants (SBIR) and technology transfer programs. We propose to dramatically expedite and significantly increase the implementation and deployment of open security technologies in Federal, State, and Local environments by developing an open source "security control compliance server" that simplifies and automates the complexities of tailoring the federally-mandated 17 families of security controls to specific technologies, environments of operation, communities of interest, and missions/business functions. This capability will help developers create and maintain software, source code and systems that are FISMA-compliant. This innovation will be achieved by transforming NIST 800 series publications--including the 460-page NIST SP 800-53 catalog of security controls--into machine readable data and rules and applying best-fit algorithms to a knowledge base of example policies, roles, technologies, and system architectures. The server architecture would centralize and track all policies, security controls, and roles for an organization across an enterprise catalog of information systems to enable synchronous and asynchronous reporting requests.

Company

Global Business Resources
4423 Point Fosdick Drive
Suite 208
GIG HARBOR, WA 98335-1794

Proposal Information DHSST-LRBAA14-02-CSD.03-0008-I - Technical Preparation to Support an Operational Testbed for S&T Cybersecurity Technologies
Topic Information CSD.03 - Homeland Open Security Technology
Award/Contract Number HSHQDC-17-C-B0009
Abstract

We propose to create a method for delivering S&T technologies to operational customers, as a means of evaluating their readiness for operational use and commercialization. Using the PISCES Regional Monitoring System (PISCES), we propose to integrate selected S&T products that may improve incident monitoring and indicator sharing, and evaluate them in a "live-fire" test bed with (a) the DIMS framework for controlled rapid deployment, (b) Stucco for combining endogenous and exogenous data into knowledge graphs, (c) WIT for monitoring internet routing, and (d) Retro-Future, to facilitate "playback" of internet traffic.

Back to top

CSD.04

Company

Mississippi State University
449 Hardy Rd
113 Etheredge Hall
Mississippi State, MS 39762-6156

Proposal Information DHSST-LRBAA14-02-CSD.04-0017-I - A Supervised Learning Approach for Supplemental Malware Identification in Memory Images /Cyber Security Division
Topic Information CSD.04 - Forensics Support to Law Enforcement
Award/Contract Number HSHQDC-16-C-B0030
Abstract

Malicious software, or malware, is a growing threat seen across multiple domains ranging from the home user to the nation state level. In order for malware to accomplish its goals, it must execute at some point within the system. Malware authors have several options available regarding the implementation of their malware on a Windows system. It may manifest as a process, an injected DLL, an orphaned thread, a service, shellcode, or as a driver. Each of these forms is represented in Windows memory by different data structures. The memory forensics community uses characteristics of these structures, and the way that malware abuses them, to help identify the presence of malware within a system. Despite

Company

VTO, Inc.
9720 NE 120TH PL
KIRKLAND, WA 98034-4267

Proposal Information DHSST-LRBAA14-02-CSD.04-0024-I - Drone Forensics
Topic Information CSD.04 - Forensics Support to Law Enforcement
Award/Contract Number HHSP233201700017C
Abstract

LAW ENFORCEMENT SENSITIVE

Back to top

CSD.05

Company

Transglobal Secure Collaboration Participation, Inc
8000 Tower Crescent Drive
Suite 1350
Vienna, VA 22182-6207

Proposal Information DHSST-LRBAA14-02-CSD.05-0001-I - Federation and Information Sharing Emergency Management Cloud Service
Topic Information CSD.05 - Identity Management (IdM)
Award/Contract Number HSHQPM-15-X-00054
Abstract

This project will establish and demonstrate scenario-based collaboration between the private sector critical infrastructure and public safety responders and will be executed in three concurrent phases: POC, Pilot & Production. Each phase will be based on scenarios such as a major storm, terrorist attack or other scenarios of concern to key critical infrastructure and public safety command elements. During each phase, we will securely label the types of information that can be shared in a federated cloud environment; proprietary information will be labeled in a way so that it cannot be shared, or only shared with authorized personnel.In todays environment, first responders have some degree of access to information from critical data providers, however, full access and the security of that data is hampered due to weaknesses in secure collaboration capabilities. The goal is to create an environment that provides PIV-I credentials to an emergency responder community, and to implement secure identity federation and information labeling and handling across the stakeholders. In addition, we will also test persistent attributes in the Geographic Information System (GIS) component of the pilot system. TSCP's trust framework establishes the appropriate governance around secure identity federation and information labeling, handling and data sharing. This pilot project will share key private sector critical infrastructure, e.g., energy, rail, retail, telecommunications, financial, etc. using a mechanism that securely shares key emergency response and recovery activities or incidents with authorized members, such as federal organizations, state emergency management organizations, state department of transportation organizations, and energy associations.

Company

Booz Allen Hamilton
8283 GREENSBORO DR
Mclean, VA 22102-7876

Proposal Information DHSST-LRBAA14-02-CSD.05-0011-I - Multimodal Biometric Fusion Study and Pilot
Topic Information CSD.05 - Identity Management (IdM)
Award/Contract Number 140D7D18C0004
Abstract

We understand DHS S&T's mission to support basic and applied research pertinent to homeland security. The DHS OBIM provides critical support to the first responder community and partners through store, match and share of biometric identity information for a large, growing repository of identities. Traditionally, biometric data is used independently to perform searches (e.g., searching using fingerprints, faces, or iris probe templates), however, significant performance gains and processing efficiency can be achieved by augmenting and fusing biometric modalities and matching schemes. Novel fusion strategies are needed to keep up with requirements for accurate and timely responses using all of the data at OBIM's disposal. This proposal describes a three phased approach to improving OBIM search capabilities through multi-modal biometric fusion. In Phase 1 of this Multi-modal fusion study and pilot, we will evaluate OBIM's current match, store, share capability and data to develop a fusion strategy leveraging the wealth of data provided by OBIM's customers. The primary objective of this study is to improve match performance accuracy allowing for scaling of OBIM searches to accommodate a growing database (200M+ identities) and increased number of transactions. A secondary objective of this study is to investigate techniques improving search speed. Informed by the fusion strategy, in Phase 2 we will integrate COTS/GOTS and custom tools to build backend software tools for fusion. Finally, in Phase 3 we will work with OBIM engineers to transition the developed fusion tools for evaluation on operational data and matching systems

Back to top

CSD.06

Company

Galois, Inc.
421 SW Sixth Avenue
Suite 300
Portland, OR 97204-1662

Proposal Information DHSST-LRBAA14-02-CSD.06-0015-I - FIDURA: A Risk and Utility Assessment Capability for the FIDES Framework for Information Disclosure
Topic Information CSD.06 - Data Privacy Technologies
Award/Contract Number 70RSAT18KPM000044
Abstract

The Framework for Information Disclosure with Ethical Security (FIDES) project has recently been selected for partial funding as part of the DHS IMPACT program BAA. FIDES is a scalable, fine-grained, technical disclosure control system for DHS IMPACT datasets. FIDES uniquely reduces risk for data providers by keeping non-anonymized data cryptographically secure for its entire lifetime: neither end users nor malicious adversaries can access such data in the clear at any time. At the same time, FIDES provides high utility for analyses that require direct access to sensitive details in the data, a capability not achievable with existing pre-anonymized approaches. In this proposal, we offer FIDURA, which adds risk and utility profile support to the FIDES platform. FIDURA extends FIDES to offer support for data providers and data analysts to specify the risk profile of allowing access to shared data and the utility profile required from that data in order to produce useful analytic results. In addition, FIDURA supports rapid decision-making (by humans or, in some cases, by FIDES) about those risk and utility profiles, and encodes resulting technical controls that limit allowed analysis.

Company

Tozny, LLC
519 SW 3rd Ave
Suite 800
Portland, OR 97204-2553

Proposal Information DHSST-LRBAA14-02-CSD.06-0023-I - Repeatable User Privacy of City Data with Strong Cryptography
Topic Information CSD.06 - Data Privacy Technologies
Award/Contract Number 70RSAT18KPM000174
Abstract

Privacy and Security are holding back data collection and use in cities. Tozny proposes a pilot in collaboration with Portland, Oregon to collect, secure, and share public and private datasets. Cities around the US are engaged in data collection efforts, but both privacy and security risks are a major barrier to innovation. This work will address data management and privacy concerns expressed by cities like Columbus, Ohio and Portland, Oregon in a repeatable and scalable way. Our commercial and government purpose product emphasizes 1. technical enforcement of privacy policy to reduce the risk of parties violating privacy agreements 2. end-to-end encryption of data for enhanced control throughout its lifecycle, and 3. cryptographically-enforced control of user-originated data to avoid the intentional or accidental aggregation of sensitive data. Portland plans to collect and share this data, and DHS funding would apply Tozny's existing NIST- and DARPA-funded product to safely manage this data. Tozny is engaged in a separate DARPA effort to manage terabyte scale datasets for mobile health analysis and the proposed DHS pilot would benefit from the scale and sustainment of those programs as well as the growing commercial success of the product.

Back to top

CSD.08

Company

Applied Visions, Inc.
6 Bayview Avenue
Northport, NY 11768-1502

Proposal Information DHSST-LRBAA14-02-CSD.08-0004-I - Comic-Based Education and Evaluation (Comic-BEE)
Topic Information CSD.08 - Cyber Security Education
Award/Contract Number HHSP233201600057C
Abstract

In the proposed Comic-BEE (Comic Based Education and Evaluation) project, Secure Decisions will expand and refine our existing proof of concept software (CyberWISE) that enables subject matter experts and educators to create, publish and share choose your own adventure comics (CYOA) for cyber security education, without requiring a computer programmer or graphic artist. In the base task, we will refine and enhance the user interface, expand the comic graphic asset library and expand automation to create full color panels for CYOA comics; we will demonstrate the refinements by creating a new comic. In other tasks, we plan to pilot the prototype at 2016 National Collegiate Cyber Defense Competition. We will work with transition partners to develop and demonstrate comic content as classroom curriculum. We plan to add scoring capabilities to the prototype, which will allow readers to demonstrate their cyber competence by achieving high score; we will partner with subject matter experts and transition partners to develop scored comics and pilot the use of CYOA comics in cyber competitions, and as tool for workforce evaluation. We will develop a transition strategy that identifies a sustainable path to commercialization of this technology. Lastly, we seek to optimize the comic creation process by increasing automation that leverages metadata in the script to automatically layout draft storyboards, and convert completed storyboards to draft CYOA comics. The overall project goal is to reduce the time needed to create a CYOA comic from more than a week to just days.

Company

Center for Internet Security
31 Tech Valley Dr
East Greenbush, NY 12061-4134

Proposal Information DHSST-LRBAA14-02-CSD.08-0010-I - The US Cyber Challenge: An International Comparison
Topic Information CSD.08 - Cyber Security Education
Award/Contract Number HSHQDC-17-C-B0026
Abstract

Many existing efforts are still focused on curriculum and STEM programs, both of which are mid-term to long-term solutions. USCC intends to research alternative approaches addressing the particular skills practitioners need by holding national competitions, expanding into international competitions, and hosting summer training camps. The competitions will allow USCC to address specific techniques and analytical approaches for effective security and response against highly-advanced cyber threats. Next, the USCC will be able to determine if the original work completed in the Mission-Control Roles final report is an effective baseline by the capturing of data associated with potentially diverse approaches from different countries as well as the participants from those countries located here in the U.S. The USCC proposes to expand the competition and also expand the data captured during the competition with outreach to the international community. The USCC intends to add new tools and capabilities to the CCX platform to address the analysis needed to support U.S. performance in comparison to the other countries. This analysis will allow DHS/S&T to gain the insight into the necessary skills and to correlate the skills with governmental, critical infrastructure, and private sector entities that interact globally relying on networks and systems. Moreover, this analysis will provide insight into workforce gaps internationally, which will allow programs to improve their cybersecurity posture and reduce overall risk nationally by directly supporting the DHS mission and internationally with our partner organizations.

Back to top

CSD.09

Company

True Digital Security, Inc.
P.O. Box 35623
Tulsa, OK 74153-0623

Proposal Information DHSST-LRBAA14-02-CSD.09-0005-I - CLIQUE Deployment and Use Case within a SCADA Network
Topic Information CSD.09 - Cyber-Physical Systems Security and Security for the Internet of Things Security
Award/Contract Number HSHQPM-14-X-00184
Abstract

The Clique tool provides a high-level overview of network traffic using a new behavioral model-based anomaly detection technique. Similar to stock market data trending and analysis, CLIQUE is a powerful toolset that requires industry specific knowledge to leverage. For CLIQUE to become a viable toolset within the community, details on deployment, analysis, and management are necessary. A diverse set of examples and implementation strategies should be made available. Knowledge gleaned from these experiments should drive future automation and development efforts to further support commercialization viability. True Digital Security (True) along with its membership consortium, the State of Oklahoma Cyber Security Operations Center (SOC2), represent diverse industry and government entities, including the energy and financial sectors and local governments. This project will be leveraged to support members' security efforts, while providing tremendous value to the CLIQUE development team and DHS S&T's commercialization aspirations. True intends to deploy the technology within the City of Tulsa government, focusing on the City's utility SCADA network and its demilitarized public facing network segment to achieve a diverse data set, and conduct in-depth analysis on the data present through CLIQUE. A white paper describing the requirements of the deployment, implementation considerations, political and policy requirements, legal hurdles to overcome, analysis of the data, and, most importantly, how the City incorporated that data into strengthening its defenses, will be created. The white paper will provide valuable information to both future CLIQUE clients and to potential commercialization partners and provide insight into future development and research opportunities.

Company

Circadence, Corp.
1011 WALNUT ST
STE 400
BOULDER, CO 80302-5182

Proposal Information DHSST-LRBAA14-02-CSD.09-0020-I - Integration of a SCADA Cyber Weakness in an AI-Enabled Cyber Training Platform
Topic Information CSD.09 - Cyber-Physical Systems Security and Security for the Internet of Things Security
Award/Contract Number D16PC00247
Abstract

The Research and Development ambitions of both the government and commercial sectors that expand the defense and support of our nations infrastructure against cyber attack will need new and different approaches to addressing two core DHS mission elements: Safeguard and secure cyberspace and Endure resilience to disasters. Circadence believes that it has devised a solution that merges two of the fastest growing areas in technology as a path to meet this demand. Notably, we are merging Artificial Intelligence into a training platform that enables the use of Big Data to detect and identify new and evolving threats. Our approach is to engage users by placing them directly into a competitive gaming environment that reinforces training goals. The AI-enabled platform, Project Ares, is highly customizable and allows for the incorporation of new and different threats and approaches. This Research & Development effort contemplates the incorporation of a SCADA weakness as a training scenario, or what is commonly referred to as a mission. Our goal and focus is to advance the understanding and overlap between control and critical information systems. If successful, this would demonstrate that Project Ares could be utilized as an avenue for building further SCADA vulnerability missions, incorporating cyber threats, and providing a training approach against them to a larger variety of industrial and operations security capabilities.

Company

Constellation Software Engineering, Corp.
180 Admiral Cochrane Drive
230
Annapolis, MD 21401, MD 21401-5107

Proposal Information DHSST-LRBAA14-02-CSD.09-0025-I - CSE Corp CPS and Security for Enhancement of IoT Security
Topic Information CSD.09 - Cyber-Physical Systems Security and Security for the Internet of Things Security
Award/Contract Number D17PC00393
Abstract

CSE Corp will utilize a 4-phased approach in executing this research and development order: 1. Feasibility/Proof of Concept relating to securing command consolidation and cyber insulation of sensors for individual units 2. Security architecture adaptation that unify multi IoT (sensors and devices) based trusted perimeter 3. Security architecture adaptation that unify multi IoT (sensors and devices) based trusted and untrusted perimeter 4. Security Architecture transfer to OCIO and SICO

Company

Texas A & M University Central Texas
1001 Leadership Place
Killeen, TX 76549-5901

Proposal Information DHSST-LRBAA14-02-CSD.09-0035-I - Hardware Integrity Verification Utilizing Scanning Electron Microscopy
Topic Information CSD.09 - Cyber-Physical Systems Security and Security for the Internet of Things Security
Award/Contract Number 70RSAT18KPM000180
Abstract

We propose to develop new methodologies to verify the integrity of physical systems, cyber-physical systems (CPS) and Internet of Things (IoT) devices via scanning electron microscopy (SEM), electrical, and software characterization techniques to prevent the unintended manipulation of hardware and software. Vulnerability analysis and novel watermarking/fingerprinting research utilizing scanning electron microscopy are central to the proposed work plan. This conceptual work will then be scaled for use in commercial settings.

Back to top

CSD.10

Company

Brigham Young University
A-285 ASB
Provo, UT 84602-1231

Proposal Information DHSST-LRBAA14-02-CSD.10-0006-I - Financial Sector Situational Awareness Part 1: Stock Markets
Topic Information CSD.10 - Internet Measurement and Attack Modeling Techniques
Award/Contract Number HSHQDC-15-C-B0060
Abstract

This work will develop strategies for securing the national equity market system by monitoring and detecting imminent risks and then developing optimal circuit breaker strategies across market centers. The team will develop models and software that increase situational awareness of attack vectors in the financial market system and develop a conceptual framework for understanding the system risks of individual asset price movements. Specifically, this work proposes to: 1. Develop a model linking the state of the current order book in a market to evolution of that asset's price. 2. Develop a model linking the evolution of one asset's price to other assets' prices (contagion) through a construction of financial market network architecture. 3. Model the price impact between market centers (e.g. Nasdaq, NYSE and BATS/DirectEdge). 4. Given the models developed in (1), (2) and (3), the financial market impact of attack vectors against individual markets and assets can be determined as well as optimal policies for minimizing the impact of these attacks.

Company

Brigham Young University
A-285 ASB
Provo, UT 84602-1231

Proposal Information DHSST-LRBAA14-02-CSD.10-0007-I - Mission Impact Situational Awareness Tool for Distributed Operations Management of Cyber-Physical-Human Critical Infrastructures/CSD.10
Topic Information CSD.10 - Internet Measurement and Attack Modeling Techniques
Award/Contract Number HSHQDC-15-C-B0056
Abstract

One of the most important analyses one must consider when evaluating potential or eminent threats on a critical infrastructure is how the attack will impact the mission, or functionality, of the system. Mission impact thus becomes a gold standard from which one may categorize and rank potential threats on any system. This work proposes to leverage previous research to build a system-scale prototype of a mission impact situational awareness (MISA) tool. This software will: 1. Facilitate attack-surface modeling, characterizing potentially exposed information vs. assumed-to-be secure information, 2. Automate mission-focused vulnerability assessment, 3. Automate strategic attack design (how should an attacker hit the system to accomplish various attack objectives?), 4. Automate reconfiguration for attack mitigation based on a. Distinguishing legacy systems that are fixed and unchangeable from newer additions that may potentially be re-architected for security purposes, b. Proposing system redesigns that maintain functionality but enhance security, 5. Automate mission impact assessment, 6. Incorporate a counterfactual "what if" analysis tool, and 7. Consider distributed workflow design for human operations management The proposal is to develop a general-purpose system-scale prototype and deploy it on an actual critical infrastructure system. Our team is well positioned to demonstrate the prototype on strategic water management applications. As part of the work we also propose exploring the technical feasibility of the tool for other critical infrastructure systems and extend the fundamental science of system security methodologies driving the tool.

Company

Dissect Cyber Inc
36 Sherman St
North Kingstown, RI 02852-5153

Proposal Information DHSST-LRBAA14-02-CSD.10-0009-I - Strengthening the Cyber Security of Critical Infrastructure through Discovery and Remediation of Vulnerable Supply Chain Organizations
Topic Information CSD.10 - Internet Measurement and Attack Modeling Techniques
Award/Contract Number D16PC00018
Abstract

Critical infrastructure entities do not exist in a vacuum; they are connected to a constellation of affiliate organizations. Vendor cyber security issues degrade the capacity for security of critical infrastructure operations they support. Through our research, we intend to identify high priority critical infrastructures and their compromised affiliates, establish a snapshot of the current state, and develop and test robust mitigation strategies. We will compile and interpret the data gathered to generate recommendations for improved cyber security of critical infrastructure.

Company

University of California, San Diego
9500 Gilman Drive
MC 0934
La Jolla, CA 92093-0934

Proposal Information DHSST-LRBAA14-02-CSD.10-0010-I - Science of Internet Security: Technology and Experimental Research (SISTER)
Topic Information CSD.10 - Internet Measurement and Attack Modeling Techniques
Award/Contract Number HHSP233201600012C
Abstract

With previous NSF and DHS funding we have designed, implemented, deployed, and operated a secure measurement platform, Archipelago, that supports large-scale active measurement studies of the global Internet. Ark is a unique laboratory in which researchers can quickly design, implement, and easily coordinate the execution of experiments across a globally distributed set of dedicated monitors. It supports precise time synchronization across monitors, continuous comprehensive global Internet topology measurements, and measurements-on-demand. Now that we have this intellectually fertile community research infrastructure firmly established, we want to focus on achieving greater involvement from a broader cross-section of the security research community, by lowering the barrier to using the infrastructure and its data products. We propose a series of tasks to demonstrate and illuminate the capabilities of the Ark infrastructure while serving specific articulated needs of the DHS SandT community. Results will include documented explanations of structural and dynamic aspects of the Internet infrastructure relevant to cybersecurity vulnerabilities, including macroscopic stability and resiliency analyses, TCP vulnerabilities, and physical layer topology maps. The proposed work is organized as a single base option with a series of additional options to maximize DHS's flexibility in using the infrastructure for scientific assessments of highest national priority over the next two years. Each task is selected for its ability to enhance DHS's scientific understanding and technical capabilities in measurement of security-relevant properties and behavior of the global Internet. The proposal directly targets the goals outlined in CSD.10: Internet Measurement and Attack Modeling Techniques.

Company

University of Southern California
Department of Contracts and Grants - Marina Office
4676 Admiralty Way, Suite 1001
Marina del Rey, CA 90292-6601

Proposal Information DHSST-LRBAA14-02-CSD.10-0011-I - Retro-Future Bridge and Outages
Topic Information CSD.10 - Internet Measurement and Attack Modeling Techniques
Award/Contract Number HHSP233201600010C
Abstract

We propose to extend Retro-Future to explore methods to detect, report on, and study Internet outages. Retro-future is an Internet DVR to support time-travel and cross-organizational sharing of data relevant to Internet events. We propose to extend the Retro-Future system to support a new data stream such as network outages. In options, we propose A: carry out a pilot deployment of the Retro-Future System working with Northrup Grumman or their academic partners. B: to develop, jointly working with the FCC, a daily reporting and processing of network outages to provide capabilities similar to the FCC NORS system of voluntary outage reporting. C: to develop tools to support near-real time (30-60 minutes) reporting of network outages, providing a capability analogous to the FCC DIRS system of disaster assessment, and relevant to the DHS NCCIC.

Company

Charles River Analytics Inc.
625 Mount Auburn Street
Cambridge, MA 02138-4555

Proposal Information DHSST-LRBAA14-02-CSD.10-0014-I - Predictive Malware Defense (PMD)
Topic Information CSD.10 - Internet Measurement and Attack Modeling Techniques
Award/Contract Number HHSP233201600011C
Abstract

The amount and complexity of malicious cyber activity (including malware) is growing at an unprecedented rate. Beyond some static defenses (e.g., firewalls with rule-based access, signature-based antivirus programs), existing methods for defense against malware attacks are almost always responsive. To counter and shift the advantage from the attacker to the defender, Charles River Analytics proposes to develop Predictive Malware Defense, a system that can (a) predict the future significance, impact, and potency of new malware samples; and (b) generate malware defenses preemptively. Just as medical researchers try to predict which influenza virus will be most prevalent during the next winter and use this prediction to develop a vaccine, we aim to develop malware prediction models that would produce signatures of yet unseen malware. In particular, we will explore the applicability of the Figaro probabilistic programming language to the problem of malware prediction and preemptive defense. Using Figaro, we will create a dynamic, hierarchal Bayesian model of evolution within a malware family, as well as the correlation and coevolution of families. As input to the model, we will extract advanced features based on generalized semantic representations of code blocks from malware binaries. This will enable us to account for the functionality of malware components in our model. Using these features, the model will generate signatures of possible malware variants. Thus, we will generate preemptive malware defenses based on the predicted signatures. We also aim to develop a prototype streaming system that generates preemptive defenses as new samples enter the system.

Company

Oak Ridge National Laboratory
P O Box 2008
MS 6242
Oak Ridge, TN 37831-6242

Proposal Information DHSST-LRBAA14-02-CSD.10-0016-I - Combining anomaly detection with signature generation for automated cyber defense
Topic Information CSD.10 - Internet Measurement and Attack Modeling Techniques
Award/Contract Number HSHQPM-16-X-00205
Abstract

ORNL proposes to combine the best of two methods, anomaly detection and signature based intrusion detection, by leveraging two existing technologies, Situ and FAST, to enhance security across organizational boundaries. Situ, developed at Oak Ridge National Laboratory, is a scalable, real time platform for discovering and explaining suspicious behavior that current technologies cannot detect. Situ combines anomaly detection and data visualization to provide a distributed, streaming platform for discovery and explanation of suspicious behavior to enhance situation awareness. Framework for Auto generated Signature Technology ,FAST, developed at Raytheon BBN Technologies, is designed to receive anomalous packet samples and then extracts low false alarm rate signatures. These signatures are then distributed to remote Snort or Suricata instances. The integration of these two technologies will lead to shareable signatures based on novel attack patterns to increase the cyber security of the nations critical infrastructure.

Back to top

CSD.11

Company

Kryptowire, LLC
3975 UNIVERSITY DR STE 350
FAIRFAX, VA 22032-3282

Proposal Information DHSST-LRBAA14-02-CSD.11-0006-I - A Framework for Assessing, Analyzing, and Archiving Mobile Applications
Topic Information CSD.11 - Securing the Mobile Workforce
Award/Contract Number D15PC00178
Abstract

We propose the research and development of a system for assessing, analyzing, and archiving of mobile applications that is scalable and can offer a workflow for mobile application vetting. The proposed system will meet and exceed the criteria set forth by NIST guidelines on how to assess 3rd party mobile apps including iOS, Android, and Windows mobile covered by: - NIST special publication SP800-163 - National Information Assurance Partnership (NIAP) Protection Profile for Application Software (https://www.niap-ccevs.org/pp/PP_APP_v1.1/) - MTTT approved the Mobile App Security Vetting Security Criteria

Company

Red Balloon Security
336 West 37th Street Suite 1024
New York, NY 10018-4592

Proposal Information DHSST-LRBAA14-02-CSD.11-0009-I - Persistent Implant Finder
Topic Information CSD.11 - Securing the Mobile Workforce
Award/Contract Number FA8750-17-C-0060
Abstract

Persistent malware implants have recently been found being widely distributed via normal supply channels, including in Android phones, Juniper routers, and other embedded devices. We propose to leverage FRAK, our existing automated embedded device firmware unpacking and analysis framework to search a variety of embedded device firmware for backdoors and malware implanted along the supply chain. Creating new firmware unpackers and malware hunting analysis modules for FRAK will allow us to automate much of a previously time intensive manual process. Any malware discoveries in widely used devices will increase the security of organizations and users everywhere.

Back to top

CSD.12

Company

University of Texas at San Antonio
One UTSA Circle
San Antonio, TX 78249-1644

Proposal Information DHSST-LRBAA14-02-CSD.12-0011-I - Lightweight Media Forensics for Insider Threat Detection Follow-Up
Topic Information CSD.12 - Insider Threat
Award/Contract Number HHSP233201600034C
Abstract

This project pioneers a new approach for detecting hostile insiders by looking for individuals whose disk level storage behavior (file types, sensitive data, strings, etc. stored) diverges from their prior behavior and/or peers. A lightweight forensics agent is run on each workstation within an organization, the results of which are centrally tabulated to identify workstations with unusual statistical properties that warrant further monitoring and/or analysis. Data mining is used to find outliers, which are then identified and brought to the attention of security personnel. This proposed research: creates a deployable lightweight media forensics agent that can scan the contents of a Windows workstation hard drive using bulk data analysis and randomized sampling. creates a centrally located threat detection engine/management console that can collect information from host-based agents, aggregate and prepare the data for outlier detection analysis, and display results in a visually appealing and analytical useful manner. demonstrates the ability to detect insider threat activity by identifying client workstations where user activity is statically deviant from historical norms. tests the agent and management console on a USG production network. The proposed effort finishes out the prior funded effort involving NPS and UTSA. The proposed effort brings in a collaborator with proven past performance with the DHS Cyber Security Division, as well as past collaborative experience on insider threat detection systems with UTSA. We propose a 24 month period of performance with an estimated cost of $649,329.

Company

LiveSafe, Inc.
1400 Key Blvd
Suite 800
Arlington, VA 22209-1547

Proposal Information DHSST-LRBAA14-02-CSD.12-0017-I - LiveSafe Mobile Safety Platform
Topic Information CSD.12 - Insider Threat
Award/Contract Number 70RSAT18CB0000009
Abstract

Complex, global organizations leverage LiveSafe's innovative, real-time, cloud-based platform to identify, monitor, respond to and prevent physical safety issues. The platform harnesses crowdsourced human intelligence, allowing safety and security personnel to act pro-actively to prevent incidents from happening. Working closely with DHS's Office of the Chief Security Officer (OCSO), LiveSafe has identified a novel application of its platform that will create an effective human infrastructure for gathering intelligence that will revolutionize current approaches to insider threat reduction and prevention within the Department (per Research Topic CSD.02 and CSD .12). LiveSafe's technology, applied in the novel context of insider threat prevention, can exponentially accelerate the deployment of critical homeland security technologies to mitigate risks that inhibit the mission of DHS. To prove the efficacy of this approach, a research period is required to collect and analyze data to measure the effectiveness of this use case.

Back to top

CSD.13

Company

Assured Information Security Inc
153 Brooks Road
Rome, NY 13441-

Proposal Information DHSST-LRBAA14-02-CSD.13-0005-I - The Acceleration of Cyber Technology readiness, Innovation, Commercialization, and Security (TACTICS)
Topic Information CSD.13 - Experiments and Pilots
Award/Contract Number FA875016C0111
Abstract

Assured Information Security, Inc. (AIS), along with its subcontractor Robert Rodriguez and Associates, LLC, proposes The Acceleration of Cyber Technology readiness, Innovation, Commercialization, and Security (TACTICS), a five year, 5.2 million effort designed to advance the functionality, security, and robustness of technologies developed under DHS S&T Cyber Security Division (CSD) funding. TACTICS will accelerate technology readiness and create opportunities that enhance viability in the commercial marketplace. TACTICS will accomplish these objectives through three tasks; 1) the acquisition, assessment, and red-teaming of cybersecurity technologies, 2) the piloting, experimentation, and deployment of technologies into representative environments or among early adopters or potential end-users, and 3) collaboration workshops, forums, and events that facilitate cyber entrepreneurship, awareness, innovation, investment, and public/private cooperation. DHS S&T CSD has achieved a high degree of success in efforts to forage, test, pilot, and transition cutting-edge solutions to a diverse set of end-users with disparate missions. Existing testing efforts, being largely functional in nature, have ensured that capabilities align with end-user needs, while experiments and pilots have been an effective mechanism for identifying and reducing the risks surrounding the deployment of novel solutions. The TACTICS efforts innovative approach to enhancing CSDs testing, transition, and commercialization practices as well as documentation, metrics and reporting will serve as a logical extension to current practice, and will have an immediate and profound impact on the overall technology transition and commercialization capabilities of CSD as well as stakeholders across the Homeland Security Enterprise.

Company

CyberSponse, Inc.
14747 N Northsight Blve
Suite 111-115
Scottsdale, AZ 85260-

Proposal Information DHSST-LRBAA14-02-CSD.13-0008-I - US Secret Service & Cyber Incident Response Orchestration Platform
Topic Information CSD.13 - Experiments and Pilots
Award/Contract Number FA8750-16-C-0081
Abstract

The United States Secret Service is seeking to customize and deploy CyberSponse's SecOps360 software and requires configuration support, installation, testing for acceptance, necessary licenses, training, documentation, maintenance and technical support of the Software. The CyberSponse IRP fully complies with DHS's requirements to modify, customize and tailor the technology unique to their use case and capability.

Company

Intelligent Automation Inc
15400 Calhoun Dr, Suite 400
Rockville, MD 20855-2814

Proposal Information DHSST-LRBAA14-02-CSD.13-0009-I - Self-shielding Dynamic Network Architecture (SDNA) Enclave Deployment Demonstration
Topic Information CSD.13 - Experiments and Pilots
Award/Contract Number HHSP233201600065C
Abstract

Significant improvements can be achieved to the current reactive defensive posture of an enterprise or mission through the introduction of moving target defense (MTD) technologies into the network. Intelligent Automation Inc. (IAI) has developed Self Shielding Dynamic Network Architecture (SDNA) which disrupts the initial compromise of a network as well as the spread of an attack when a host in the enclave becomes compromised. SDNA imposes significant increases in the effort, time, and risk an attacker must spend. IAI proposes to demonstrate SDNA's effectiveness and feasibility in a designated network.

Company

SecureLogix
13750 San Pedro
San Antonio, TX 78232-4314

Proposal Information DHSST-LRBAA14-02-CSD.13-0011-I - Complex Distributed Telephony Denial of Service (TDoS) Pilots
Topic Information CSD.13 - Experiments and Pilots
Award/Contract Number D16PC00248
Abstract

SecureLogix Corporation is submitting this white paper under the Department of Homeland Security (DHS) Science and Technology (S&T) Long Range Broad Agency Announcement (BAA) 14-02, for the S&T Cyber Security Division (CSD) and CSD.13 Research Topic. SecureLogix proposes to deploy our recently released PolicyGuru solution at several enterprise partners for pilots. This solution addresses evolving voice security threats, such as Telephony Denial of Service (TDoS), social engineering through calling number spoofing, and financial fraud. Funding is needed to deploy this new solution and achieve the following objectives: - Gain experience and confirm that the solution does not impact operational environments, detects the attacks it was designed for, and does not generate false positives. - Test the results of research in the form of software, polices, and rules. These features can only be tested so well in a lab and must be confirmed in operational environments. - Improve the security posture of the pilot partners and demonstrate a roadmap for deployment in similar enterprises, such as 911, other emergency services, and financial services.

Company

SecureLogix
13750 San Pedro
San Antonio, TX 78232-4314

Proposal Information DHSST-LRBAA14-02-CSD.13-0018-I - SecureLogix/Verizon Impersonation Scam Defense Pilots
Topic Information CSD.13 - Experiments and Pilots
Award/Contract Number 70RSAT18KPM000087
Abstract

SecureLogix proposes to perform research into detection of various types of impersonation scams, to include the Internal Revenue Service (IRS) scam, technical support (IT) scams, and other impersonation scams and forms of social engineering. We will leverage work we are doing now to detect and mitigate issues such as Telephony Denial of Service (TDoS), spoofing, and lack of authentication. We will work with Verizon on a joint service provider and customer premise solution. We plan to demonstrate the capability at multiple pilot sites. We are focusing on government organizations within the DHS enterprise. We recommend this white paper be reviewed by Dr. Ann Cox

Back to top

CSD.14

Company

Georgia Tech Research Corp.
505 10th Street, NW
Atlanta, GA 30332-0420

Proposal Information DHSST-LRBAA14-02-CSD.14-0001-I - Applying Behavioral Economics to Improve Cyber Security Behaviors: A Cyber Insurance Application
Topic Information CSD.14 - Cyber Security Economics
Award/Contract Number FA8750-16-2-0051
Abstract

The Georgia Institute of Technology (Georgia Tech) in collaboration with major insurance companies (e.g., AIG), propose to improve cyber security behaviors and address cyber insurance 'anomalies'--cyber insurance purchasing and marketing activities that do not produce results that are in the best interest of corporations at risk. We will use Nobel-winning behavioral-economic theories (e.g., prospect theory) to 'quantitatively' capture cyber security behaviors and to address cyber insurance anomalies. We will develop our quantitative models 'without' making simplistic assumptions (e.g., humans are rational decision makers). Our results will incentivize and assist corporate managers and insurance professionals to improve cyber security behaviors by: 1) quantitative capturing of heuristics (mental shortcuts used in making decisions) and biases that negatively influence cyber security decisions and lead to insurance anomalies, 2) assessing premiums that reflect cyber security risks and signaling the security status of the corporations to their mangers, and 3) assisting corporate managers with how to reduce the premiums and to deal with cyber insurance, similar to other types of insurance (e.g., fire prevention)--i.e., helping them to accept some amount of risk, mitigate some more risk with various technologies and procedures, and insure the rest of it. We will transition our quantitative models to working environments in the insurance sector, working with 'live' partners. We will also work with Georgia Tech Professional Education to disseminate our results by delivering new courses to industry professionals.

Company

The University of Tulsa
Office of Research and Sponsored Programs
800 S Tucker Drive
Tulsa, OK 74104-9700

Proposal Information DHSST-LRBAA14-02-CSD.14-0003-I - The Economics of Cybersecurity Research Data Sharing
Topic Information CSD.14 - Cyber Security Economics
Award/Contract Number FA9750-17-2-0148
Abstract

Cybersecurity research and practice is becoming increasingly data-driven. Despite its importance, a number of challenges can stymie the sharing of cybersecurity data. The goal of this research project is to empirically study data usage and production by researchers in order to construct a better picture of the prospects for cybersecurity data sharing. The project will examine the published research literature to identify what data is being produced in order to understand the data that can be shared, how we are falling short, and ultimately recommend how sharing can be improved. Additionally, the project will analyze usage data collected for PREDICT/IMPACT, in order to understand how existing datasets are being leveraged by others when shared. Finally, the project will empirically estimate the costs associated with data sharing using information gathered by DHS.

Company

418 Intelligence Corp.
2214 Rock Hill Road
Suite 270
Herndon, VA 20170-4214

Proposal Information DHSST-LRBAA14-02-CSD.14-0005-I - FourSight - The Crowdsourced Cyber Threat Controls Benchmarking Information Marketplace
Topic Information CSD.14 - Cyber Security Economics
Award/Contract Number HSHQPM-17-X-00169
Abstract

Every day, US defenders of cyber attacks face decisions about how to respond to intrusions detected or suspected on their networks. Frequently, when this happens, they will ask questions about the cyber security technologies or controls they are using -- "Can I trust what my controls have been telling me? Are my current controls adequate or will new technologies or controls lower my risks now or in the future? Am I getting the value from this technology that I'm paying for it?" Answering these questions is vital to the decisions organizations must make to become resilient. But in cyber security this is difficult because both threats and technologies are constantly changing. Thus it is imperative that information be collected to inform these decisions that is contextual, dynamic, based in real-world results, and up-to-date. This research will operationalize a crowdsourced solution to systematically track the real-world effectiveness of cyber controls through a quantitative forecasting platform that will also solve the information disclosure security challenges for this use case. The approach will use an engaging game-play experience supported by incentives in the forms of points for forecasters, credits for contributing reporting data, and, later, real dollar awards for accurate intelligence on controls benchmarks. By its holistic approach the research proposes to determine the economic and privacy protection elements needed to stimulate meaningful information and intelligence sharing in cyber security. Potential commercial applications include improved decision management systems, community defense and diffusion of innovations, applications to cyber insurance, and technology investment decision feeds.

Company

University of Michigan
Office of Research and Sponsored Projects
3003 South State Street #1056
Ann Arbor, MI 48109-1274

Proposal Information DHSST-LRBAA14-02-CSD.14-0006-I - A New Paradigm in Risk-Informed Cyber Insurance Policy Design: Meta-Policies and Risk Aggregation
Topic Information CSD.14 - Cyber Security Economics
Award/Contract Number 70RSAT18KPM000107
Abstract

Cyber-insurance is both a method for transferring and mitigating cyber-security risks and a potential incentive mechanism for internalizing the externalities of security investments. Over the past few years we have built and successfully transitioned the core technology that collects at a global scale the a diverse set of Internet measurement data on a network's malicious activities, mismanagement, active threats, among others. By applying advanced machine learning techniques to the aggregate data, we are able to assess risks and perform prediction of future security incidents. This marks concrete progress towards generating the cyber security actuarial data the insurance industry sorely needs. Our engagement with commercial entities has provided us with significant new insight into the cyber security and insurance eco-system, which puts us in a unique position to bring about a paradigm shift in the design of truly risk-informed cyber insurance policies. The proposed research aims to tackle some of the most significant challenges facing this space, by focusing on establishing a solid theoretical and practical foundation for the understanding of credible security pre-screening/audit and the impact of risk dependencies on both policy design and on our ability to assess aggregated risks. One of the most important goals of DHS is to build and maintain an effective (economic) understanding of the security posture of major business sectors and promote an environment where institutions are incentivized to take proactive measures. The work described in this proposal will undoubtedly help DHS in furthering the above goal.

Company

University of California, San Diego
9500 Gilman Drive
MC 0934
La Jolla, CA 92093-0934

Proposal Information DHSST-LRBAA14-02-CSD.14-0007-I - Foundations of Threat Intelligence Metrics
Topic Information CSD.14 - Cyber Security Economics
Award/Contract Number 70RSAT18KPM000024
Abstract

Threat intelligence is a key ingredient in a modern cyber defense. Unfortunately, current threat intelligence markets lack transparency and are driven by marketing departments rather than empirical evidence. The investigators propose to develop THREAT INTELLIGENCE METRICS, tools and techniques for measuring the value of a threat intelligence source to an enterprise or its fitness for a particular purpose. Specifically, the work will develop four kids of metrics: TECHNICAL METRICS that are based on absolute qualities of the threat intelligence source, COMPARATIVE METRICS that allow a user to compare one threat intelligence source to similar sources, OPERATIONAL METRICS that measure the operational value of a source, and RISK METRICS that assess the predictive value of threat intelligence in assessing organizational risk. The proposed work will greatly increase threat intelligence market transparency by developing metrics that allow users to compare different threat intelligence products reliably. The operational threat intelligence metrics proposed in this work will provide organizations with quantifiable, concrete evidence of the value of their investment in threat intelligence. This will promote proactive, rather than reactive, cyber security investments. The risk metrics proposed will allow cyber insurance underwriters to evaluate cyber risk more effectively, leading to less costly and more effective risk management tools for organizations.

Company

The University of Tulsa
Office of Research and Sponsored Programs
800 S Tucker Drive
Tulsa, OK 74104-9700

Proposal Information DHSST-LRBAA14-02-CSD.14-0014-I - Towards Outcome-Based Cybersecurity Risk Management
Topic Information CSD.14 - Cyber Security Economics
Award/Contract Number 70RSAT18KPM000167
Abstract

Cyber risk management by firms is typically driven by evaluating inputs. CIOs and other decision makers use normative frameworks that enumerate a series of controls organizations should adopt. Unfortunately, by emphasizing the inputs to cybersecurity (controls) rather than the outcomes (how investments reduce risk of attack), we know very little about whether and how investments in controls produce secure outcomes. This proposed project tackles this problem by gathering and analyzing data from two disparate populations of firms. First, via a collaboration with a managed security services provider, we will study the main causal links between investment and security, and between security and outcomes. We propose to develop outcome-based risk metrics based on highly granular data for approximately 130 organizations monitored by the provider. We will validate risk metrics based on external measurements against ground-truth data from internal measurements for these organizations. Second, we will collect new control and breach data on approximately 4000 publicly-listed companies in the U.S. We will collaborate with industry partners to estimate security levels, in addition to leveraging existing vulnerability and abuse data feeds. Combining these datasets in different research designs should enable us to draw more robust causal inferences about the main relationships and provide the foundation for more robust outcome-based risk metrics.

Back to top

CSD.17

Company

University of California, San Diego
9500 Gilman Drive
MC 0934
La Jolla, CA 92093-0934

Proposal Information DHSST-LRBAA14-02-CSD.17-0010-I - Augment Spoofer Project to Improve Remediation Efforts (ASPIRE)
Topic Information CSD.17 - Distributed Denial of Service Defense
Award/Contract Number 140D7018C001070RSAT18KPM000108
Abstract

With previous DHS funding we have re-designed, re-implemented, deployed, and operated a secure measurement infrastructure, Spoofer, that supports large-scale studies of anti-spoofing measures deployed (or not) in the global Internet. During the course of the project we have realized that there is a gap between generating security hygiene data and achieving remediation at scale. Thus, after successful completion of all tasks funded by the contract D15PC00188 (Software Systems for Surveying Spoofing Susceptibility), we propose the following new tasks targeting focused remediation efforts, for a new 2-year contract, in an international collaboration with the University of Waikato. Our proposed tasks include: maintaining the Spoofer server-client platform operations and improving the project reporting web site to facilitate remediation efforts; experimenting, evaluating, and documenting the effects of different approaches to stimulating remediation activities; and analyzing, socializing, and documenting community feedback on policy and regulation aspects of SAV deployment. These tasks aim at achieving greater involvement from a broader cross-section of the security research and operations community, by lowering the barrier to using the Spoofer infrastructure and acting on knowledge gained from its data products.

Back to top

CSD.18

Company

Florida Institute of Technology
150 W University Blvd
Melbourne, FL 32901-6975

Proposal Information DHSST-LRBAA14-02-CSD.18-0007-I - A Federated Defense Community and Ecosystem (FDCE) in Practice
Topic Information CSD.18 - Cloud Computing Security
Award/Contract Number 70RSAT18CB0000035
Abstract

The challenge is that most initiatives focus on the orchestration and control of sensors and defenses under a common administrative domain, affecting a single enterprise or infrastructure. With the increasing transition of enterprise to operate over private (or shared) cloud infrastructures, the boundaries of enterprises become less clear and there is a need to enable security across organizations. As such there has been a missed opportunity in exploring the collective information available across enterprises, leveraging the collective knowledge, experience, and possibly the detection and defensive capabilities of the combination of multiple domains or enterprises. This opportunity was recognized by DHS S&T through the support of a research effort focused on the development of a Federated Command and Control capability for cyber defense operations. The Federated Command and Control (FC2) research project, led by the Florida Institute of Technology, has embodied that challenge, and has successfully designed, developed, and deployed a FC2 prototype infrastructure involving multiple partner technologies from organizations such as CMU/SEI, MIT/LL, HRL, Sandia National Laboratories, and other private research organizations. The FC2 effort has demonstrated how multiple organizations can easily and dynamically come together and operate through a policy-controlled federated infrastructure to contextually share interests, indicators, defenses, experience, and playbooks that enable better individual defensive capabilities for each organization and a greater collective defense posture for the federation. The FC2 framework was built on the mission-aware infrastructure for resilient agents (MIRA) developed at Florida Tech, which provides semantic policy-based capabilities for information sharing.

Back to top

CSD.19

Company

Cyber Apex Solutions, LLC
3616 8th ST S
Arlington, VA 22204-1579

Proposal Information DHSST-LRBAA14-02-CSD.19-0001-I - A Non-Traditional Approach to Support the Cyber Apex Program
Topic Information CSD.19 - Next Generation Cyber Infrastructure
Award/Contract Number HSHQDC17900002
Abstract

Cyber Apex Solutions (CAS), llc, a non-traditional government contractor, was established to fill the gap in the market related to an entity that could provide the proper support to DHS S&T Cyber Security Division's (CSD) Apex Program (i.e., CSD.19) and related technology development, testing, and deployment efforts. CAS's mission is to execute R&D and prototyping/piloting initiatives using an innovative procurement means and a unique consortium made up of a number of non-traditional government contractors. CAS has proposed a means that give it and CSD the flexibility to leverage both the Federal government's and CAS's consortium members' technology, people, and processes to gather and understand the financial sector's security requirements and user needs and close the sector's capability gaps effectively and efficiently. In addition, and most importantly, this initiative will result in viable, new commercially available technologies and solutions that will help secure the financial sector and possibly others. CAS is proposing a five-year award that mirrors the initial five-year time line of the Cyber Security Apex Program.

Back to top

CSD.21

Company

RiskIQ
22 Battery St. 10th Floor
San Francisco, CA 94111-5524

Proposal Information DHSST-LRBAA14-02-CSD.21-0002-I - Continuous Discovery and Monitoring of the DHS Digital Footprint
Topic Information CSD.21 - Cyber Situational Understanding
Award/Contract Number HSHQPM-17-X-00168
Abstract

Defining the Enterprise Digital Footprint An organization's Digital Footprint is typically larger and more complex than expected. As modern organizations adopt the web for growth and efficiencies, their digital footprint grows, which leads to an ever-changing attack surface to defend. A Digital Footprint is comprised of all the applications and digital assets exposed to the Internet and the supporting infrastructure that powers it. A typical, modern organization has an attack surface, or digital footprint, comprised of: -Web Servers and Web Applications: Official and sanctioned web systems, dependencies and content. -Shadow IT: Assets created via initiatives outside the IT team and without explicit approval. This can result in the creation and external hosting of websites that are unknown to IT security teams. -Third-party Components: Dependencies that are outside the direct control of an organization but are presented to the Internet as part of their web systems. Third-party components can be problematic because a web browser acts as a code execution engine for web applications. Executed third-party components represent a forfeiture of organizational control. Examples of 3rd party components in digital footprints: --3rd party code (inclusive of widgets, analytics providers, ads, etc.) --3rd party dependencies (inclusive of: CDNs, CMSs, DNS, etc.) --3rd party infrastructure (inclusive of: Email servers, AWS, Azure, etc.)

Company

Norwich University Applied Research Institutes
PO Box 30
57 Old Freight Yard
Northfield, VT 05663-0030

Proposal Information DHSST-LRBAA14-02-CSD.21-0008-I - DECIDE Energy
Topic Information CSD.21 - Cyber Situational Understanding
Award/Contract Number 70RSAT18KPM000164
Abstract

NUARI's Distributed Environment for Critical Infrastructure Decision-making Exercises (DECIDE) platform was developed to engage the financial sector leadership and business process owners in situational awareness of cybersecurity impacts and effects at the sector and business operations level. DECIDE creates a focused and collaborative environment to explore internal, firm-to-firm, and sector understanding of the systems, processes, regulatory, and legal effects of cybersecurity events. DECIDE allows a sector and its dependencies to proactively identify, analyze, assess, and coordinate activities to mitigate critical infrastructure and systemic risk. DECIDE and associated financial sector exercises have been critical drivers for the development of a Financial Sector Playbook and greater situational awareness across the sector of cybersecurity impacts on tactics, techniques, and procedures. Use of the DECIDE Platform strengthens the organizational capability to respond to and recover from cybersecurity events, as well as the ability to execute these plans under conditions of operational duress. In highly interconnected infrastructures, response across the sector is essential for survivability. DECIDE platform allows for the maturity of both the individual and the sector. NUARI is proposing the development of an energy-sector focused DECIDE platform, which includes engagement with firms, industry organizations, and information-sharing entities. This proposed project is consistent with CSD.21.

Back to top

CSD.22

Company

Carnegie-Mellon University
5000 Forbes Avenue
Pittsburgh, PA 15213-2612

Proposal Information DHSST-LRBAA14-02-CSD.22-0002-I - A Queryable Platform for Online Crime Repositories
Topic Information CSD.22 - Research Data Marketplace
Award/Contract Number HSHQPM17X00070
Abstract

Building on years of research in data collection, the object of this proposal is to build and deploy queryable online platforms for our online crime repositories. We primarily focus on two types of data we have at our disposal: anonymous online marketplace data, and search-redirection attack corpora, which are primarily used for attracting customers to illicit or fraudulent websites. We propose to build and deploy simple web- based graphical interfaces, accessible to partner institutions and researchers at no cost. Our work would also include exporting some of the data through the IMPACT initiative.

Back to top

EXD.01

Company

Michigan State University
426 Auditorium Road
Room 2
East Lansing, MI 48824-2601

Proposal Information DHSST-LRBAA14-02-EXD.01-0001-I - Single Ultrafast Pulse Excitation for Remote Stimulated Raman Scattering (SUPER-SRS)
Topic Information EXD.01 - Standoff Detection of Explosives
Award/Contract Number HSHQDC-15-C-B0002
Abstract

There is a need for detecting trace quantities of explosives from a standoff distance, especially in public spaces. Single-beam stimulated Raman scattering (SRS) has the sensitivity, background discrimination, and detection speed required for explosives detection. The speed of this approach makes it ideal for the development of automated detection and identification capabilities with both imaging and spectroscopic capabilities, relevant to topic EXD.01. The goal of this effort will be to demonstrate the availability of a laser platform that will make possible to use the SRS technology to accomplish eye-safe fast sub-2sec high resolution chemical imaging.

Back to top

EXD.02

Company

The Johns Hopkins University Applied Physics Laboratory
11100 Johns Hopkins University Applied Physics Laboratory
Laurel, MD 20723-6099

Proposal Information DHSST-LRBAA14-02-EXD.02-0003-I - Handheld Optical Explosives Trace Detector
Topic Information EXD.02 - Trace Detection of Explosives
Award/Contract Number HSHQDC-14-C-B0051
Abstract

The Johns Hopkins University Applied Physics Laboratory (JHU/APL), a division of the Johns Hopkins University and a non-profit University Affiliated Research Center (UARC), proposed to develop and demonstrate a portable, handheld trace explosives detector over an 18-month period. Individuals entering special events may be subject to security screening at temporary checkpoints. Handheld magnetometers are used to screen for metallic objects underneath clothing, and JHU/APL proposed to develop technology capable of screening individuals and their personal items (objects) for minute quantities of explosives (called explosives trace) using a similar concept of operations. A detector such as this could screen full body and sensitive areas on individuals and the exterior of objects. A quick and easy to setup system could be re-deployable between temporary checkpoint locations at an event. JHU/APL proposes to perform five tasks to realize a handheld optical explosives trace detection (ETD) system. Task 1 would involve a survey of the current state-of-the-art in laser-based, standoff explosives detection technologies. In Task 2, JHU/APL would develop technical and operational requirements for handheld optical ETDs. Tasks 3 and 4 would involve soliciting academia performers and partnering with one to conduct a feasibility demonstration of a promising concept. Task 5 involves developing a forward-looking roadmap and gap analysis of handheld optical ETD technologies. This proposed scope of work could lead to the realization of a commercial product to be used federal, state and local law enforcement officials charged with event security as an alternative to pat-downs, magnetometers and other anomaly detection devices.

Company

The Johns Hopkins University Applied Physics Laboratory
11100 Johns Hopkins University Applied Physics Laboratory
Laurel, MD 20723-6099

Proposal Information DHSST-LRBAA14-02-EXD.02-0006-I - Standoff Explosives Trace Detector Test and Evaluation
Topic Information EXD.02 - Trace Detection of Explosives
Award/Contract Number HSHQDC-15-C-B0016
Abstract

The Johns Hopkins University Applied Physics Laboratory (JHU/APL), a division of the Johns Hopkins University and a non-profit University Affiliated Research Center (UARC), proposes a series of test and evaluation (T&E) activities over a 21-month period to develop a standoff explosives detection capability. The primary task proposed is T&E for a quantum-cascade laser-based, infrared reflectance detector prototype device from EOS Photonics. JHU/APL proposes to perform this task in two test phases: characterization and performance. Test and evaluation of the EOS Photonics device will include detection and operational suitability based upon input from the DHS Customer. The effort also includes four optional tasks. One task consists of additional testing of the EOS Photonics prototype if vendor updates stemming from the initial test results are made. Another optional task includes testing of standoff explosives trace detection devices from other vendors. The third optional task involves the development of an augmented sample preparation capability. This task, which would include method development and validation, ensures that samples for the T&E are prepared in the most rigorous and defensible manner that can currently be achieved. The final optional task involves surveying the current state-of-the-art in image processing algorithms, developing an RFI solicitation, and JHU/APL competitively selecting an academia partner to collaborate with on a feasibility demonstration of a promising concept in the areas of compressive sensing and coded aperture processing.

Back to top

EXD.03

Company

IDSS Holdings Inc
430 Bedford Road, Suite 204
Armonk, NY 10504-2002

Proposal Information DHSST-LRBAA14-02-EXD.03-0016-I - Update to CT-Based Break-Bulk and Pallet Cargo Screening System Leveraging Existing CTDE Qualified Checkpoint Baggage Cost-Effective Technology
Topic Information EXD.03 - Air Cargo Security
Award/Contract Number HSHQDC-17-C-B0027
Abstract

IDSS has addressed the comments provided by DHS S&T and now established a more cost effective and better defined solution for cargo pallet screening that can meet the objectives defined by DHS S&T and TSA. This design utilizes a unique approach to scanning large pallets by incorporating a horizontally mounted CT gantry, which is raised to move a pallet into position and then is lowered to quickly scan a pallet from the bottom to the 65-inch height. By utilizing a horizontally mounted CT gantry, the CT rotational subsystem and pallet movement is simplified while cost of manufacturing the unit is significantly reduced. IDSS has a target price for the final system of $425,000, which provides a very attractive solution for Cargo shippers as a cost effective and efficient way to address TSA screening requirements.

Back to top

EXD.06

Company

One Resonance Sensors, LLC
2878 Camino del Rio South
Suite 115
San Diego, FL 92104-3844

Proposal Information DHSST-LRBAA14-02-EXD.06-0003-I - Explosive Detection Devices for Checkpoint Security
Topic Information EXD.06 - Risk-Based Screening
Award/Contract Number HSHQDC-15-9-00001
Abstract

Current screening technologies in use at airports and other security checkpoints are likely to miss explosives that are hidden in electronic devices. One Resonance Sensors, LLC is developing Nuclear Quadrupole Resonance-based portable electronic scanners as a response to this threat. Small amounts of plastic or powder explosives concealed in electronic devices are identified by using a specific sequence of radio-frequency pulses. The scanner uses chemically specific detection protocols to interrogate the interior of electronic devices, providing a simple Clear or Alarm response in less than 10 seconds. The system will be upgradable to add new threats without hardware changes. Under the proposed project One Resonance Sensors, LLC will: (1) optimize, test and validate the smart phone scanner, (2) develop and test a device that scans both smart phones and tablets and, (3) use the Nuclear Quadrupole Resonance technology to address other checkpoint needs. The commercial application of the effort is the deployment of screening devices to security checkpoints. This is relevant to the missions of TSA and USSS, but also responds to needs for added security at critical infrastructure facilities and events.

Company

IDSS Holdings Inc
430 Bedford Road, Suite 204
Armonk, NY 10504-2002

Proposal Information DHSST-LRBAA14-02-EXD.06-0005-I - Study of the DETECT 1000 Dual Energy CT performance against Liquid Aerosols and Gels (LAGs) and Thin Targets
Topic Information EXD.06 - Risk-Based Screening
Award/Contract Number HSHQDC-15-C-B0045
Abstract

Demonstrate the ability of a Checkpoint Explosive Detection System to properly isolate Thin Sheet Explosives in laptops and small electronics as well as alarm on liquid threats and clear safe liquids in common carry-on baggage.

Back to top

EXD.10.1

Company

Pacific NW National Laboratory
902 Battelle Blvd
Richland, WA 99354-1793

Proposal Information DHSST-LRBAA14-02-EXD.10.1-0004-I - Millimeter-wave shoe scanner
Topic Information EXD.10.1 - Checkpoint Passenger Screening
Award/Contract Number HSHQPM-16-X-00169
Abstract

According to the International Air Transport Association (IATA) among a survey of 142 airports, before September 11, 2001, approximately 350 people passed through security checkpoints every hour. A November 2011 survey found that processing times fell to about 149 passengers per hour. Passengers are currently required to divest outer layers of clothing before they pass through security checkpoints. Clothing divestment, especially shoes, is a significant impediment to efficient screening. Reduced throughput in security checkpoints increases inconvenience to passengers, which ultimately leads to lost revenue for airports and lost productivity for the general economy. Integrating a millimeter-wave (mm-wave) imaging array into the floor of the current millimeter-wave advanced imaging technology portal would remove the need for passengers to divest shoes before being screened. The unique advantage of this solution is the increased capability without an increase in checkpoint footprint. This solution would also decrease the load on operators scanning objects passing through carry-on luggage x-ray scanners, possibly reducing manpower needed to operate a checkpoint.

Company

Pacific NW National Laboratory
902 Battelle Blvd
Richland, WA 99354-1793

Proposal Information DHSST-LRBAA14-02-EXD.10.1-0005-I - Walk-by screening using stationary millimeter-wave sparse linear arrays
Topic Information EXD.10.1 - Checkpoint Passenger Screening
Award/Contract Number HSHQPM-16-X-00169-B
Abstract

Cylindrical millimeter-wave (mm-wave) scanners are highly effective for passenger screening at airport checkpoints and are now widely used throughout the world. Millimeter-waves can pass through common clothing material and reflect off the body and concealed threats allowing high-resolution images to be formed that reveal the shape and orientation of concealed items. This technology was developed at the Pacific Northwest National Laboratory (PNNL). While effective, the cylindrical imaging systems do have a number of significant limitations. The passenger is required to stand and pose while the scan is being performed, which could limit throughput and may be inconvenient. Additionally, the large footprint of the scanners may limit their application in some locations. DHS S&T has articulated a checkpoint-of-the-future concept that would minimize passenger delays by utilizing walk-through portals. PNNL proposes a research and development project to ultimately develop a system that allows passengers to walk through a portal composed of fixed mm-wave linear arrays. This technology would eliminate the cylindrical mechanical scan, which would be replaced through the motion of the passenger. The arrays in this technique would collect data continuously while the motion of the person is determined optically using fixed optical cameras. This would allow convenient, compact imaging systems based on a moderate number of reasonable cost arrays, while preserving the high-resolution possible with linear array-based mm-wave imaging systems.

Back to top

FRG.01

Company

Oasys International Corporation
1750 Tysons Boulevard, Suite 1500
McLean, VA 22102-4200

Proposal Information DHSST-LRBAA14-02-FRG.01-0009-I - First Responder Community and FirstNet: Enabling Practical, Resilient Situational Awareness and Decision Making
Topic Information FRG.01 - Trend and Pattern Identification
Award/Contract Number HSHQDC-16-C B0023
Abstract

Created by Congress in 2012, the FirstNet Program mission is to establish, operate, and maintain an interoperable public safety broadband network dedicated to public safety, emergency management and the First Responder Community. Fundamental to the FirstNet mission is collaboration among state, local, tribal and Federal resources for effective incident response. It is estimated the FirstNet public safety network, when operational, will include more than 5 million people, vehicles, electronic devices, and other pieces of gear. To realize interoperability and mission success, FirstNet requires a strategy to advance practical and resilient capabilities that facilitate incident situational awareness and operational decision making. Furthermore, the strategy must facilitate analyses and timely, secure sharing of appropriately synthesized information for incident responders. To accomplish this strategy, FirstNet is dependent upon digital identity and attribute standards, capabilities and technologies that facilitate synchronized registration, verification, and authorization of FirstNet users, devices, and gear across the various communities. This must be paired with efficient information tagging capabilities and digital authorization policies that accelerate data analysis and synthesis for operational decision making. This strategy should also advance policies, standards and technologies that facilitate a tangible, ubiquitous identity management, data content optimization and distribution framework while optimizing usability for the First Responder, FirstNet, and other emergency management communities. For these purposes, our proposal recommends establishing a framework, resources, and capable expertise led and coordinated by DHS Science and Technology.

Company

Taborda Solutions, Inc.
110 Woodmere Road Suite 250, Folsom, CA 95630
Suite 250
Folsom, CA 95630-4776

Proposal Information DHSST-LRBAA14-02-FRG.01-0011-I - Next-Generation Incident Command System (NICS) Identity and Access Management
Topic Information FRG.01 - Trend and Pattern Identification
Award/Contract Number HSHQDC-17-C-B0005
Abstract

The California instance of NICS, called the Situation Collaboration and Awareness Tool (SCOUT) has been operational since June of 2016 and has supported incident response to dozens of large scale fire related incidents across the state. SCOUT currently is used by over 800 users from Cal OES, CALFIRE and local public safety agencies. The experience gathered from SCOUT's active support of fire related incident management provides an opportunity to create an operational assessment and application updates to improve the system's identity management component. Identity management is a critical portion of the system as First Responders often request accounts as they arrive at incidents requiring establishment of accounts in a quick and reliable manner.

Back to top

FRG.05

Company

TeleCommunication Systems, Inc.
275 West Street
Annapolis, MD 21228-3466

Proposal Information DHSST-LRBAA14-02-FRG.05-0002-I - Constructing Algorithms That Utilize RF Cell Sites Propagation Footprints - Phase II
Topic Information FRG.05 - Ability to monitor airborne radioactive fallout particles
Award/Contract Number HSHQDC-15-C-B0028
Abstract

TeleCommunication Systems (TCS) was contracted by the Department of Homeland Security (DHS), under Contract HSHQDC-14-C-B0003, to investigate the feasibility of using enhanced geo-targeting algorithms that take into account more than just the physical location of cell towers. Referring to this project as Phase 1, TCS evaluated the use of predicted cellular RF coverage areas that were included in new WEA geo-targeting algorithms. The Phase 1 research project performed by TCS in a laboratory environment resulted in a promising and positive result showing convincing improvement to the existing methods: Improve existing granularity through the use of the Common Alerting Protocol (CAP) alert area polygon and cell tower RF propagation to prevent over-alerting and under-alerting condition. Allow more alerts affecting much smaller target areas such as campus incident, chemical spill, or local fire to be submitted. Expand coverage to fill gaps in current methods used, further protecting mobile subscribers in a potential emergency situation that would not receive an alert. To reach the final goal of this research, TCS is proposing a Phase 2 project where the theoretical and laboratory results will be applied in a live production environment. The Phase 2 project will consist of field testing with real RF coverage data and actual mobile devices to validate the algorithms effectiveness of alert delivery accuracy. In partnering with a commercial mobile carrier, TCS can take the leadership role in carrying out necessary software updates, network changes, and field testing.

Back to top

FRG.08

Company

Talus Analytics, LLC
645 1st Ave.
PO Box 1487
Lyons, CO 80540-1487

Proposal Information DHSST-LRBAA14-02-FRG.08-0001-I - Resilience Metrics and Systems Analysis
Topic Information FRG.08 - Flood Forecasting/Modeling
Award/Contract Number HSHQDC-16-C B0017
Abstract

Flooding is one of the most common and costly natural hazards in the US. It affects millions of people every year and causes hundreds of millions of dollars of damage. As the primary agency responsible for responding to and mitigating against natural disaster, the Department of Homeland Security (DHS) and the Federal Emergency Management Agency (FEMA) have a critical mission to helping communities understand their risk and build resilience to flooding. However, despite a wide range of flood risk and resilience-focused efforts both within and outside the Federal Government, there are currently no tools available to evaluate or prioritize efforts to enhance flood resilience at the community level based on a cross-walk between flood risk and resilience characteristics. To fill this gap, we propose a systems-level analysis of the intersection of flood risk and community-level resilience assessments to define an evidence-basis for resilience enhancements that can be performed by communities and bolstered by federal level support. Using the results of this systems analysis, we will develop an end-to-end decision support dashboard, built in an interactive web-based dashboard, to support communities in defining their risk to flooding and quantify predicted increases in resilience for enhancements so that the most meaningful flood-related investments are identified. A commercialization strategy will then be outlined to make the dashboard and decision support tools available to public and private sector audiences.

Company

National Alliance for Public Safety GIS Foundation
5335 Wisconsin Avenue NW Suite 440
Washington, DC 20015-2097

Proposal Information DHSST-LRBAA14-02-FRG.08-0002-I - Core Operational Information Solution
Topic Information FRG.08 - Flood Forecasting/Modeling
Award/Contract Number HSHQDC-16-C B0016
Abstract

The goal of this project is to address the need for timely, reliable, and accessible sources of current operational, and preparedness information to support local decision making. 911, what is your emergency? This question is the foundation of our approach to research, and development, and will define the critical information needs of local public safety officials. Using in-person, regional tabletop exercise seminars based on a flood scenario, local emergency responders, and public safety officials will be guided through the decision making process from the initial 911 call through the response cycle. This project is focused on understanding, and defining the core operational information needs for effective decision making by local emergency responders, and public safety officials in flood events. The project team will assess, and identify the core operational datasets, and mission-critical attributes needed to fulfill the operational information needs defined. For example, a dataset of hospitals, simply showing location, is only minimally useful in potentially saving lives during an event. An information product showing hospital location, trauma level, bed capacity, and divert status is much more actionable. The desired outcomes of this project are as follows: Emergency responders, and public safety leaders will have access to current, relevant, and trusted critical operational information to drive informed decision making AND Public, and private sector technology providers have consistent guidelines for solution development, and implementation

Company

LCRA
PO Box 220
Austin, TX 78767-0220

Proposal Information DHSST-LRBAA14-02-FRG.08-0003-I - LCRA Smart Alerts Pilot
Topic Information FRG.08 - Flood Forecasting/Modeling
Award/Contract Number HSHQDC-16-C-B0019
Abstract

According to the National Oceanic and Atmospheric Administration, flooding has been the leading cause of weather related deaths in the U.S. as of 2014. Its U.S. Natural Hazards Statistics show an annual average of 81 flood related deaths spanning the 30 year period of 1985 through 2014, while the annual averages for tornadoes and lightening are 72 and 49, respectively. According to the U.S. Department of Homeland Security Federal Emergency Management Agency, the state of Texas has experienced the second highest amount of flood insurance claims spanning the timeframe of January 1, 1978 and September 30, 2015. Compounded with the challenge of weather unpredictability, flooding will continue to be a major threat to our communities. Helping citizens avoid harm and enabling them to protect themselves is crucial. Yet, engaging citizens and empowering them with actionable information continues to be a challenge, particularly in the area of mobile alerting. As a critical infrastructure provider responsible for managing dams and flood prone areas in Central Texas, LCRA aims to address the issue of flood-related mobile alerting by examining smart solutions. Through the conduct of a smart mobile alerts pilot, LCRA would examine automated data transmission and alert triggering, contextual data translation, and enhanced geotargeted delivery of messages. By enhancing its capabilities, LCRA also aims to help DHS identify solutions and promising practices that could be applied by other infrastructure providers and public safety and homeland security agencies across the nation.

Company

MDA Information Systems LLC
820 West Diamond Ave., Suite 300
Gaithersburg, MD 20878-1469

Proposal Information DHSST-LRBAA14-02-FRG.08-0004-I - ANALYSIS OF HISTORICAL SATELLITE IMAGERY TO MAP APPARENT FLOOD INUNDATION EXTENT
Topic Information FRG.08 - Flood Forecasting/Modeling
Award/Contract Number HSHQDC-16-C B0015
Abstract

An initiative is proposed to make empirical measurements of most flood inundation extents going back 32 years using a unique process and a satellite imagery archive. Empirical measurement of flood inundation extent is a valuable means to validate the accuracy of Digital Flood Insurance Rate Maps (DFIRM) developed from engineering Flood Insurance Studies. With real evidence, DFIRM accuracy can be improved. Because it is often difficult to take aerial/satellite imagery of peak flood extent, the generally used method involves a field survey to measure high water marks at select points shortly after the event. Only a small fraction of flood events have been surveyed. MDA Information Systems LLC (MDA) developed a method to map flood extent detectable by Landsat satellite imagery taken up to two to three months after the event. Using the Landsat archive going back over 32 years it will be possible to retroactively measure flood extents for most floods over the lower 48 States. This process was initially used by MDA for the Federal Emergency Management Agency (FEMA) and the Scientific Assessment and Strategy Team (SAST) to map the extent of The Great Flood of 1993. Variations on the technique have been used for several other floods. It is proposed to work with FEMA and demonstrate an improved process using up to five previously field-measured historical flood events.

Company

Ping4 Inc.
20 Cotton Road
Suite 203
Nashua , NH 03063-7170

Proposal Information DHSST-LRBAA14-02-FRG.08-0005-I - Geographically Precise Smartphone Public Alerting
Topic Information FRG.08 - Flood Forecasting/Modeling
Award/Contract Number HSHQDC-16-C B0020
Abstract

Proposed solution is a rich media emergency communications platform under development that allows public safety agencies to send high precision, rich media, location-based emergency alerts to citizens within a specific geographic area. The proposed use of this solution is to send geo-targeted rich media flood alerts to help reduce flood fatalities. Alerts are managed and provisioned from a cloud-based web service, with administrator controls, in conjunction with a smartphone mobile app for receiving and responding to alerts within the targeted alert area. By leveraging the location-based features of smart mobile devices through a technology called geofencing, the proposed solution enables law enforcement and public safety agencies to send highly targeted, rich media alerts to mobile devices quickly notifying citizens of dangers and emergencies happening where they happen to be. Any user within or entering that defined location will receive the alert with instructions to keep them informed and protected. In addition, messages can remain active in an alert zone for prescribed periods of time so that users entering the alert zone anytime during the alert period also receive the alert message. Alerts can be sent exclusively to citizens in a very specific geofence, otherwise known as hyperlocal messaging. These geofences include dynamic, multisided polygons as well as pre-identified areas. They can be as small as a building, or as large as an entire continent. Alert content may include rich media such as custom audio, images, and video and web links.

Company

AECOM
12420 Milestone Center Drive
Suite 150
Germantown, MD 20876-7112

Proposal Information DHSST-LRBAA14-02-FRG.08-0006-I - Adapting FEMA Risk MAP Flood Risk Products for Flood Forecasting
Topic Information FRG.08 - Flood Forecasting/Modeling
Award/Contract Number HSHQDC-16-C B0018
Abstract

AECOM proposes to expand on work performed in Colorado to provide a more nationwide basis to determine applicability and feasibility for leveraging FEMA Risk MAP Flood Risk Products for flood forecasting. The three approaches that will be used to leverage FEMA Flood Risk Products for flood forecasting are 1.) Modeling additional flood events beyond the FEMA standard events, 2.) Developing enhanced datasets from hydrologic models, and 3.) Developing enhanced datasets from gage data. The proposed DHS S&T project would identify a set of five locations nationwide representing a range of different hydrologic and terrain conditions beyond the options in Colorado. For each location, AECOM would conduct pilot studies to test the approach used in Colorado and then to adjust that approach so that it could be applied nationally for a variety of flood risk types.

Company

LCRA
PO Box 220
Austin, TX 78767-0220

Proposal Information DHSST-LRBAA14-02-FRG.08-0008-I - LCRA Smart Alerts Pilot
Topic Information FRG.08 - Flood Forecasting/Modeling
Award/Contract Number HSHQDC-16-C B0019
Abstract

According to the National Oceanic and Atmospheric Administration, flooding has been the leading cause of weather related deaths in the U.S. as of 2014. Its U.S. Natural Hazards Statistics show an annual average of 81 flood related deaths spanning the 30 year period of 1985 through 2014, while the annual averages for tornadoes and lightening are 72 and 49, respectively. According to the U.S. Department of Homeland Security Federal Emergency Management Agency, the state of Texas has experienced the second highest amount of flood insurance claims spanning the timeframe of January 1, 1978 and September 30, 2015. Compounded with the challenge of weather unpredictability, flooding will continue to be a major threat to our communities. Helping citizens avoid harm and enabling them to protect themselves is crucial. Yet, engaging citizens and empowering them with actionable information continues to be a challenge, particularly in the area of mobile alerting. As a critical infrastructure provider responsible for managing dams and flood prone areas in Central Texas, LCRA aims to address the issue of flood-related mobile alerting by examining smart solutions. Through the conduct of a smart mobile alerts pilot, LCRA would examine automated data transmission and alert triggering, contextual data translation, and enhanced geotargeted delivery of messages. By enhancing its capabilities, LCRA also aims to help DHS identify solutions and promising practices that could be applied by other infrastructure providers and public safety and homeland security agencies across the nation.

Company

MDA Information Systems LLC
820 West Diamond Ave., Suite 300
Gaithersburg, MD 20878-1469

Proposal Information DHSST-LRBAA14-02-FRG.08-0012-I - Properties at Flood Risk Outside 100 year Zones
Topic Information FRG.08 - Flood Forecasting/Modeling
Award/Contract Number HSHQDC-17-C-B0024
Abstract

Significant new construction is occurring in areas of flood risk outside of areas regulated by FIRMs. Some new at risk construction has subsequently been flooded. This study will demonstrate a process to estimate the value of new construction at risk, the cost of post construction flood claims and the economic benefits associated with mapping previous floods. Due to budget limitations, more than 65% of the CONUS has not received a Flood Study delineating zones at risk of flood. In the past several decades 32% of flood claims have been outside been outside 1% (100 year) flood zones or in unstudied areas. New construction is occurring in areas that have been previously flooded and presumably would be at future risk without flood mitigation efforts. There is no systematic record of previous flood extent from which home owners, developers, banks, insurers and local/state planning agencies can benefit. MDA has developed and demonstrated to DHS a low-cost method of capturing the flood extent of some floods in the past 33 years by examining historical satellite imagery. The process is called Observed Flood Extent (OFE). Eight study areas were evaluated and validated with OFE as part of a previous study. This study will examine new construction on previously flooded areas outside the 1% zones for these eight areas. Sources will include OFE, satellite imagery, aerial imagery, stream gauges, urban change indicators, property valuation, damage claim, local flood reports, property zoning and open sources such as news reports, etc.

Back to top

FRG.09

Company

Constellation Software Engineering, Corp.
4640 Forbes Blvd
Suite 201
Lanham, MD 20706-

Proposal Information DHSST-LRBAA14-02-FRG.09-0001-I - Resilience Research and Development
Topic Information FRG.09 - Community Resilience
Award/Contract Number HSHQDC-16-C B0029
Abstract

By enabling and incorporating new emerging technologies DHS SandT is fully enabling emergency managers and First Responders to effectively cope with multi-hazard emergencies technologies. Such as integrated MandS based incident management capability to analyze all hazard disaster and or CPS crises response and recovery options and Patterns and tactics and plans and procedures for use in a real time environment for simulation based training and advanced algorithms to increase operational capabilities and infrastructures for visualization of improved situational awareness. Researching and developing Information Technology (IT) solutions in a complex and ever changing of MandS environment is never easy. Therefore CSE RandD team has developed a step by step approach to ensure full stakeholders engagement starting with addressing key needs through a comprehensive requirements gathering and building a coordinated validation and verification process to ensure the RandD prototyping and pilot initiative support the organization targeted mission and goals.

Company

National Emergency Management Association
1776 Avenue of the States
Lexington, KY 40511-8536

Proposal Information DHSST-LRBAA14-02-FRG.09-0002-I - National Resiliency Foundation Project/ The First Responders Group (FRG)
Topic Information FRG.09 - Community Resilience
Award/Contract Number HSHQDC-17-C-B0002
Abstract

This project will develop and document foundational methodologies, standards and protocols to guide the understanding, implementation and assessment of community resilience efforts. The overarching objective is to produce a national repository of processes, procedures and organizational constructs, built on community identified standards and goals, to advance the nation towards a higher level of resiliency in the face of local and national disasters. Specifically, this project will bridge gaps in current research community resilience projects, by defining an overarching achievable framework for community resiliency actions and standards.

Company

SPIN Global Limited Liability Company
1133 15th Street NW
12th Floor, Section D, Ste 4
Washington, DC 20005-2710

Proposal Information DHSST-LRBAA14-02-FRG.09-0008-I - Enhanced Resiliency Experiment Framework
Topic Information FRG.09 - Community Resilience
Award/Contract Number HSHQDC-17-C-B0001
Abstract

The objective of the proposed research is to develop, test and transition an Enhanced Resiliency Experiment Framework (framework) that will measurably improve community resilience to regional disasters. Disaster resilience cannot be achieved in a silo. Communities must work together to improve their overall posture of preparedness toward their anticipated hazards, threats and vulnerabilities. An enhanced resiliency experiment framework will provide a repeatable process to help communities design, develop and evaluate their own regional disaster resilience initiatives. The first phase (proof of concept) will include evaluation, design, development of a framework, a repeatable process that could be tested in collaboration with another country. In the second phase (test phase), the technical concept will be demonstrated and evaluated for its operational utility, especially as it relates to measurably improving regional disaster resilience. The second phase of the project will include a test implementation of the framework, including a Mexico-U.S. Enhanced Resiliency Experiment (MEXUS) that will be measured and evaluated vis-a-vis the framework. The operational concept is that a practitioner-tested and approved enhanced resiliency experiment framework, along with a training and implementation toolkit, would enable communities around the world to jumpstart their efforts to measurably improve resilience. The third phase (transition) will include evaluation and transition of the framework as it applies to the international community. Transition will include development of a framework operations and maintenance transition strategy, and design, development and coordination to deliver an online training and implementation toolkit.

Company

Corner Alliance, Inc.
1103 Priscilla Lane
Alexandria , VA 22308-2545

Proposal Information DHSST-LRBAA14-02-FRG.09-0011-I - Integrating the Smart Community to Improve Information Sharing
Topic Information FRG.09 - Community Resilience
Award/Contract Number HSHQDC-17-C-B0013
Abstract

Technology advances are providing first responders and government officials more tools than ever to achieve situational awareness; operational communications; public alerts and warnings; and command, control, and coordination. However, governance, policy, procedures, and standards initiatives are having a hard time keeping up to support coordinated use of available applications to support information sharing to keep our communities safe. The CA team will engage target audiences from the public and private sectors to capture user experiences and expert recommendations to guide the nation towards integrated technology solutions, enhanced information sharing, and a shared understanding of best practices for preparing the public safety community for the digital future in the following areas with the following benefits: 1. Smart City Performance Indicators Development will inform planning, standards development, and technology integration across public safety and government. 2. Operational Information Sharing Assessment via the Capability Maturity Model will empower public safety officials to self-assess operational information sharing capabilities and gaps to inform action and strategic planning. 3. Social Media Use Assessment will foster enhanced use of social media within public safety to share real-time, accurate information from public safety to residents (and from residents to public safety) across the nation to support situational awareness and decision making. 4. Wireless Emergency Alerting Standards Assessment will assess and share recommendations for the Common Alerting Protocol to ensure this essential standard can scale, adapt, and perform as requirements evolve from alert originators and receivers.

Company

United States Geospatial Intelligence Foundation
2325 Dulles Corner Blvd
Suite 450
Herndon, VA 20171-4675

Proposal Information DHSST-LRBAA14-02-FRG.09-0017-I - Leveraging Geospatial Intelligence to Improve Community Resilience
Topic Information FRG.09 - Community Resilience
Award/Contract Number HSHQDC-17-C-B0017
Abstract

The Geospatial Community Resilience Workshop project will bring together GEOINT and First Responder subject matter experts to share knowledge and develop strategies to better utilize ubiquitous geospatial information in order to improve community resilience. As a unifying construct, geospatial data underpins planning and mitigation efforts in a way that will allow first responders and emergency managers to design more resilient communities and improve emergency response prior to, and after, manmade or natural disasters or critical infrastructure loss. Workshop participants will develop multiple strategic pathways to better leverage GEOINT against those critical resilience requirements using flooding as a foundation model. Derived pathways will be captured in a written knowledge product articulating recommendations to the Department of Homeland Security for inclusion in the National Flood Decision Support Toolbox (NFDST). These strategies will be transportable to all forms of disaster mitigation and improving resilience.

Company

Penn Vet Working Dog Center
Suite 500, Jon M. Huntsman Hall
3730 Walnut Street
Philadelphia, PA 19104-6340

Proposal Information DHSST-LRBAA14-02-FRG.09-0021-I - Evaluating the Private Flood Insurance Market
Topic Information FRG.09 - Community Resilience
Award/Contract Number HSHQDC-17-C-B0032
Abstract

The vast majority of flood insurance in the United States is written by the National Flood Insurance Program (NFIP). There is, however, a small, but growing, private market for flood insurance. Policymakers are interested in this emerging market and whether it could help expand take-up or provide more affordable coverage. There is, however, very little understanding about the current state of private flood insurance and the role it could play in meeting policy goals. There is no nationwide information on the companies writing flood insurance, the types of coverages offered, and how pricing and other policy features compare with NFIP policies. It is also unclear if the private market is competing with the NFIP, or complementary to it, as well as where geographically the private sector is finding it most profitable to write flood policies. This project would fill these knowledge gaps, as well as identify the best policies to harness the benefits of the public and private sectors. Specifically, there are three primary project objectives: (1) document the state of the private flood insurance market across the country and the nature of coverage being offered; (2) analyze current state and federal regulations and programs that influence the supply of flood insurance by the private market, and (3) develop policy recommendations to improve the ability of the private flood insurance market so as to close the flood insurance gap. This will be done through a mixed-methods, state-by-state survey of the private flood insurance market in the U.S.

Company

Association of State Floodplain Managers
575 Donofrio Drive
Suite 200
Madison, WI 53719-2832

Proposal Information DHSST-LRBAA14-02-FRG.09-0022-I - National Resilience Standards for Floodproofing (Barrier) Products
Topic Information FRG.09 - Community Resilience
Award/Contract Number HSHQDC-17-C-B0030
Abstract

Flooding in the United States is the also the leading cause of losses (now averaging over $10 billion/year). There is an increasing awareness of flood issues and interest in floodproofing products and technologies to not only protect new construction but existing buildings and infrastructure. ASFPM and its partners (FM Approvals and US Army Corps of Engineers) created the National Flood Barrier Testing and Certification Program to develop standards for four classes of flood barrier products (out of six) and publishes those completing certification on the program's website. To date three temporary barriers and nine closure devices have been successfully tested. This proposal is to enhance community resilience under research topic FRG.09 by leveraging more than a decade of work and resources invested by ASFPM, FM Approvals, and the US Army Corps of Engineers to develop two additional standards for testing and certification semi-permanent barriers and sealant products; to complete all steps needed to prepare the existing flood abatement standards FM/ANSI 2510 for incorporation into international building codes including working with partner organizations as well as the consensus code councils; and to promote the floodproofing standards much more widely than they are promoted today by developing guides for communities and individual property owners as well as direct outreach to local governments including first responders.

Company

Talus Analytics, LLC
645 1st Ave.
PO Box 1487
Lyons, CO 80540-1487

Proposal Information DHSST-LRBAA14-02-FRG.09-0024-I - Linking Flood Risk to Resilience: NFDST Systems Design and Development
Topic Information FRG.09 - Community Resilience
Award/Contract Number HSHQDC-17-C-B0018
Abstract

Resilience is the ability to adapt to changing conditions and withstand and rapidly recover from disruption due to emergencies. To implement resilience, and specifically resilience to floods, communities must understand the types of flooding events to which they are most at risk, the impacts of those events, and, most critical, the types of measures most effective to help them adapt, withstand, and recover from those events. Here, we propose to design and build a comprehensive tool for the National Flood Decision Support Tool (NFDST) to support communities in rapidly assessing their flood risk based on impacts and prioritize resilience investments based on their relative benefit in reducing those impacts. This resilience investment decision support tool will incorporate the most in-depth and current research findings in flood modeling and resilience research, identify and integrate the best available flood risk data and modeling resources into the method, and fully incorporate resilience best practices specifically to meet the needs of community-level implementers of resilience. We will finalize design of a comprehensive systems architecture based on the results of our flood modeling and resilience analysis, design and build a production-ready software application, and deploy the NFDST tool both for use within DHS S&T and within partner communities. Development and deployment will include maintenance and hosting plans to ensure long-term sustainability of the NFDST.

Back to top

FRG.10

Company

Georgia State University Research Foundation
P.O. Box 3999
Atlanta, GA 30302-3999

Proposal Information DHSST-LRBAA14-02-FRG.10-0002-I - Text-Enabled CVE Gatekeeper Intervention Help-Line & Referral System
Topic Information FRG.10 - Violent Extremism
Award/Contract Number HSHQDC-16-C B0028
Abstract

Abstract: Despite that many communities, throughout the U.S., have 24/7 hotlines (e.g., 2-1-1 or 3-1-1 call centers) to refer residents to a vast array of social services:, virtually none of those services have protocols in place to counter violent extremism, by referring callers, or their friends/loved ones, to CVE-relevant service providers. Furthermore, only a few of such hotlines are equipped to communicate with the public via texting: a widely popular form of communication, especially among youth/young adults (who can be considered a key demographic in CVE). In expanding the capabilities of 2-1-1 call centers to receive texts (as has been done in Nevada), and to refer both texters and phone callers to CVE-relevant service providers, it is also critical to develop, and test the impact of, materials intended to promote the service to primary intended users (e.g., youth/young adults, school staff, clergy, and parents). Such a texting-enabled crisis call-center would empower local communities with a convenient, readily accessible, confidential means to intervene in circumstances in which they are concerned that peers/loved ones might be on a path toward engaging in, or otherwise supporting, violent extremism. The fundamental purpose, of this prospective project, is to provide such a means of empowerment: by providing DHS S&T FRG with the technology platform, policies, and procedures to establish local, regional, or national texting-enabled crisis call-centers. Therefore, we kindly request permission to submit to DHS S&T FRG a whitepaper that summarizes that proposed project.

Back to top

FRG.18

Company

Center fo Innovative Technology
2214 Rock Hill Rd
Suite 600
Herndon, VA 20170-4228

Proposal Information DHSST-LRBAA14-02-FRG.18-0001-I - S&T Long Range BAA 14-02 White Paper - DHS Smart Community IoT Interoperable (SCITI) Sensors and Standards Project
Topic Information FRG.18 - Smart City Internet of Things (IoT) Interoperable Sensors and Standards
Award/Contract Number HSHQDC-17-C-B0023
Abstract

Rapid technology advances in Internet of Things (IoT) technologies, particularly as used in advanced Smart City environments, provide both threats and opportunities for First Responders. This effort seeks to design, develop, prototype, evaluate and put on a path to commercialization two sets of technologies that have the potential for relatively short term capabilities in the field for first responder usage. By building these capabilities to open standards this effort can also influence other industry developments going forward, demonstrating the efficacy of adopting such standards to the standards bodies and commercial equipment providers. The two technologies are Unmanned Aerial System (UAS) sensors suitable for indoor use, and fixed inside building sensor suites for deployment on EXIT signs or similar common building features. A key metric of success for this effort is to demonstrate functional prototypes with the potential to be widely commercially available at commercially competitive prices. The first responder use cases for these technologies are focused around search and rescue types of operations in difficult post-incident environments. The commercial applications include new approaches to building security at lower cost for owners. Successful prototypes from this effort may have the opportunity for direct paths to commercial pilot implementations via the new Smart City Works Actuator commercial program.

Back to top

RSD 1.1

Company

Northeastern University
360 Huntington Avenue
960 RP
Boston, MA 02115-5000

Proposal Information DHSST-LRBAA14-02-RSD 1.1-0005-I - Northeastern University Proposal: Center for Resilience Studies Network (CRS-NET)
Topic Information RSD 1.1 - Behavior-based methods, models, trainings and technologies to enhance community resilience
Award/Contract Number D15PC00263
Abstract

The Northeastern University Center for Resilience Studies proposes to lead an effort to support DHS in informing and advancing the capacity for lifeline infrastructures to be better prepared for, to rapidly recover from, and to adapt to natural and man-made disasters. Specifically, the Center will form and lead a collaborative research team of experts and practitioners that will examine major disasters with the objective of better understanding and identifying ways to move beyond the barriers to building infrastructure resilience. This effort with involve the gathering and assessing of the data generated by these events and identifying lessons and developing new tools, methods, models, trainings and technologies and processes for better understanding risk, and risk perception and communication.

Back to top

RSD 1.3

Company

Reallaer, LLC
PO Box 549
Port Republic, MD 20676-0549

Proposal Information DHSST-LRBAA14-02-RSD 1.3-0002-I - Data Collection and Evaluation of TSA SPOT Behaviors
Topic Information RSD 1.3 - Methods for non-invasively identifying deceptive and suspicious behavior
Award/Contract Number D15PC00015
Abstract

Reallaer, LLC is offering to support the US Department of Homeland Security Science and Technology Directorate's (DHS S&T) scientific, engineering and technological investment in making America safer through the collection and management of video data to improve the screening of passengers using behavioral observation. This effort will also support the validation of the Transportation Security Agency's (TSA) Screening of Passengers by Observation Technique (SPOT) program. Reallaer can assist the performance of TSA's Behavior Detection Officers (BDO) by providing enabling technologies and service that will improve the initial and refresher training plus evaluate and integrate emerging Capturing Closed-Circuit Television (CCTV) computer vision and video analytics technologies.

Back to top

RSD 1.4

Company

SNA International
4707B Eisenhower Avenue
Alexandria, VA 22304-4805

Proposal Information DHSST-LRBAA14-02-RSD 1.4-0001-I - Biometric Identification: Strategic Implementation of Rapid DNA
Topic Information RSD 1.4 - Improvements in Biometrics
Award/Contract Number D15PC00016
Abstract

DNA is considered the most powerful means of human identification. DNA can be used to determine the identity of biological material left by an individual at a location of interest and/or determine relationships between unknown individuals. Historically, DNA has not been routinely used in biometrics because testing was time-consuming and required highly trained and educated DNA analysts working in dedicated facilities. However, with the advent of Rapid DNA technology, DNA can now be incorporated into the Department of Homeland Security's (DHS) biometric program. A strategic implementation approach will ensure that Rapid DNA integrates into existing DHS biometric operational environments in an agile, fail-proof, and cost-effective manner. In order to define program mission, vision, and requirements, this strategic implementation will also systemically engage appropriate DHS stakeholders. A Business Requirements Document will define and document the implementation plan in a way that minimizes resources while maximizing value. The successful integration of rapid DNA into the DHS Components will support DHS in its mission to ensure a "homeland that is safe, secure, and resilient against terrorism and other hazards."

Back to top

RSD 3.2

Company

Kiernan Group Holdings, Inc
1201 First Street North
Suite 504
Jacksonville Beach, FL 32250-8203

Proposal Information DHSST-LRBAA14-02-RSD 3.2-0002-I - Adversarial Intimacy Exploitation (RSD Larry Willis)
Topic Information RSD 3.2 - Modeling, Simulation, and Gaming Technologies
Award/Contract Number D15PC00011
Abstract

The development of observational acuity for anomalous or suspicious behavior detection requires a deep familiarity akin to intimacy within the adversarial recruitment, training and deployment attack continuum best acquired through experienced practitioners directly involved in persistent observation and interaction coupled with field research. This provides a baseline understanding of the common variables across threat vectors to include the identification of behavior associated with, but not limited to criminal and terrorist threats against critical infrastructure, active shooter and suicide bombers. Developing, validating, delivering and measuring training related to enhanced preparedness, situational awareness and interdiction has wide application within the homeland security enterprise.

Back to top

RSD 3.4

Company

Constellation Software Engineering, Corp.
4640 Forbes Blvd
Suite 201
Lanham, MD 20706-4885

Proposal Information DHSST-LRBAA14-02-RSD 3.4-0003-I - Enhance Logistical Tracking of Emergency Supplies
Topic Information RSD 3.4 - Emergency Management
Award/Contract Number D15PC00268
Abstract

We will leverage our subject matter expertize in architecting and engineering knowhow to make a robust structure to track the progress and transport and usage of the typed resource across various organizations and departments. Overall it will reduce the emergency management operational costs as well as other related involved such as manually tracking and the duplication of data using silo or disparate IT solutions. CSE proposes to produce a work produce that will create visibility into all the important resource tracking processes. CSE will develop a blueprint containing coherent resource typed tracking workflow shared and enabling the FEMA National Incident Management System (NIMS) to ensure a smooth transition of the pilot to the Emergency Management Stakeholders at the Federal, State, and Local level. CSE will develop unified resource typed tracking matrices for S&T stakeholders such as FEMA, as well as, develop a web-based pilot Typed Resource Tracking which will create visibility and better collaboration for all practitioners. Effective resource management and tracking of the typed resources is a priority for all first responder enablers and communities who are constantly looking to optimize their resource management processes. Enhanced unified tracking of typed resources will ensure that the right resources are deployed timely to the right incident, based on real-time data as the incident evolves. Finally, we believe that this effort establish a capability that can be quickly replicated for other DHS S&T Emergency Management Partners as well as other Component program.

Back to top
Back to Award List