alert image
  • The DHS S&T BAA Portal website will be undergoing scheduled maintenance and will not be available on the following dates and times:
    • 11:00 PM Saturday, January 25, 2020 EDT - 6:00 AM, Sunday, January 26, 2020 EDT
    We apologize for any inconvenience. If you need assistance, please contact the help desk at

Past Solicitations
Information Marketplace for Policy and Analysis of Cyber-risk & Trust (IMPACT)

This BAA solicitation/Call (HSHQDC-17-R-00030) is a Call issued against Department of Homeland Security (DHS), Science & Technology (S&T), Cyber Security Division (CSD), 5-Year Broad Agency Announcement (BAA), HSHQDC-17-R-B0002 (current issue). All terms and conditions of the DHS S&T CSD 5-Year BAA HSHQDC-17-R-B0002 (current issue) apply to this solicitation unless otherwise noted herein. The "current issue" of the DHS S&T CSD 5-Year BAA HSHQDC-17-R-B0002 used herein refers to the latest issue posted in the Federal Business Opportunities (FBO) website.


TTA 1 - Data Providers (DPs) Network

TTA 1 (as depicted in Appendix A) seeks to provide foundational data hosting and provisioning to fulfill the IMPACT project objectives. Using the IMPACT infrastructure (19). Each Data Provider will provide the data that it owns or has a right to control and disclose to researchers, and also maintain the computing infrastructure to store and distribute data it receives or collects. To support the evaluation of next-generation cybersecurity solutions, using the IMPACT mediation infrastructure, IMPACT DPs will make cybersecurity research data available to the international research community. Specific to TTA #1, DHS is seeking DPs to make available, subject to IMPACT terms and conditions, the following non-inclusive categories of data that are relevant to cybersecurity R&D: hostile/malicious activities (e.g., malware, phishing, botnet, data breach, insider threat, other cybercrime measurements), Internet demographics (e.g., network naming and routing, ISP interconnection data, physical and logical Internet and network representations), wireless and cellular network, cyber physical systems (e.g., power grid, Internet of Things (IoT))(20). In addition to the examples above, other types of data may include but are not limited to: address space allocation, Border Gateway Protocol (BGP) routing, black-hole address space, labeled traffic traces, scan data, intrusion detection system (IDS) and firewall, infrastructure, Internet topology, Internet protocol (IP) packet headers, performance and quality measurements, synthetically-generated attacks, unsolicited bulk email, traffic flow, and botnet command and control traffic. Offerors may propose to engage other types of cybersecurity data; however, all technical approaches should describe the cybersecurity relevance of the data to be provided, as well as any associated terms and conditioned that would have to be administered by the IMPACT mediation infrastructure.

TTA 2 - Decision Analytics-As-A-Service Providers (DASP) Network

TTA 2 comprises the IMPACT Application layer (as depicted in Appendix A). It will consist of a network of operational research environments that enable cybersecurity analysts, operators, and researchers & developers in industry, government and academia to reduce the amount of time and effort finding, curating and understanding data, so they have more time to extract insight and meaningful information to enhance their decision-making. The DASPs role is to abstract away the low level knowledge- and labor- intensive elements that comprise high dimensional data identification, complex association and fusion, and high-context presentation elements of data for decision analytics. In general, DASPs are responsible for leveraging existing resources to enhance a data and analytical environment or standalone capability for the purpose of repeatedly and reliably providing storage and access to the decision analytics data and/or tools (e.g., visual analysis and awareness front end tools, analytics enabling tools, and/or algorithms). Brand-new build-out of infrastructure is not supported, however, enhancements to existing infrastructure to directly support proposed capabilities are permissible. Technical approaches to this TTA must present one or more cybersecurity challenge problems (CCP) and capabilities, and include reasoning as to how the proposal has the potential to address HSE decision analytical needs.

Key Dates
Solicitation Open Date:
Registration Deadline:
03/24/2017 04:30 PM ET
Submission Deadline:
03/24/2017 04:30 PM ET

Back to Past Solicitations List