MODIFICATION
A -- Capabilities for Cyber Resiliency
- Notice Date
- 2/27/2015
- Notice Type
- Modification/Amendment
- NAICS
- 541712
— Research and Development in the Physical, Engineering, and Life Sciences (except Biotechnology)
- Contracting Office
- Department of the Air Force, Air Force Materiel Command, AFRL/RIK - Rome, 26 Electronic Parkway, Rome, New York, 13441-4514, United States
- ZIP Code
- 13441-4514
- Solicitation Number
- BAA-RIK-14-07
- Point of Contact
- Gail E. Marsh, Phone: 315-330-7518
- E-Mail Address
-
Gail.Marsh@us.af.mil
(Gail.Marsh@us.af.mil)
- Small Business Set-Aside
- N/A
- Description
- BAA RIK-14-07 Amendment 3 The purpose of this modification is to update Section I - FUNDING OPPORTUNITY DESCRIPTION and revise Section IV-APPLICATION AND SUBMISSION INFORMATION, Paragraph 1. 1) Section I is deleted in its entirety and replaced with the following : I. FUNDING OPPORTUNITY DESCRIPTION: This BAA is a contracting tool directly responsive to Air Force Research Laboratory (AFRL) cyber science & technology (S&T) strategic goals. To support these strategic goals, this BAA seeks to procure proactive cyberspace defense capabilities for avoiding threats through understanding the cyber situation, assessing potential impacts, and implementing deterrence and effects-based defensive methodologies. As such, it supports work in the areas of trusted hardware, trusted software, trusted data, secure systems/architectures, maneuverability, mission awareness, mission assurance, and survivability and recovery techniques. Other applicable areas of technology include, but are not limited to, attack attribution/geolocation, novel protocols, cloud architectures/security, mobile device security, secure computer/processor architectures, virtualization security, cyber technology evaluation techniques, cyber modeling, simulation, metrics, and measurements, cyber data mining/understanding, next generation BIOS Security, and cyber visualization. NOTE: White Papers for the above will be accepted over the life of this BAA. The following Specific Focus Areas are only open for the fiscal years noted. FY14 - FY17 SPECIFIC FOCUS AREA: ASSURED BY DESIGN Background: Many cyber solutions currently focus on detecting attacks after they occur and then attempt to apply security mechanisms to existing hardware and software. This type of solution is inefficient and keeps systems and networks in a constant state of "react". A more proactive approach is preventing and avoiding rather than detecting after the fact. This area seeks to develop mathematically rigorous tools and techniques that modify the cyber domain in favor of mission assurance. Objective: To formally verify that hardware and software implementations meet mathematical specifications that prove correctness of secure designs and to lead research in technologies to mitigate new and emerging threats that could degrade capabilities by developing innovative solutions through science and engineering applications to national security problems. Results of this work would place missions orthogonal to threats. This focus area is not interested in concepts, approaches, and techniques that rely on detection and reaction. The Assured by Design area is divided into three main thrusts: Science of Mission Assurance, Engineering Assured Systems, and Domain Modification. The goal of the Science of Mission Assurance thrust is to develop a security engineering culture that mathematically represents the specifications of critical mission essential functions and verifies their implementation in a contested cyber domain. The Engineering Assured Systems thrust intends to research hardware assisted security, formal methods, and validation to provide prevention techniques to current and future systems through specialized hardware and software systems. Deliverables should include foundational research with demonstration of software and hardware prototypes. Research seeks to create and verify the "mission layer" and produce a design framework to create assured cyber systems. Domain Modification capitalizes on novel, out-of-the-box approaches to provide successful execution of mission essential functions. Interest is in techniques that modify the domain in favor of mission assurance and increase the cost to the adversary to exploit systems. The focus is on preventing and avoiding vulnerabilities in missions. Questions regarding this focus area can be directed to: Dr. Sarah Muccio (315) 330-4016 sarah.muccio@us.af.mil FY15 - FY16 SPECIFIC FOCUS AREA: CYBER DECEPTION Background: Deception is a deliberate act to conceal activity on our networks, create uncertainty and confusion against the adversary's efforts to establish situational awareness and to influence and misdirect adversary perceptions and decision processes. Military deception is defined as "those actions executed to deliberately mislead adversary decision makers as to friendly military capabilities, intentions, and operations, thereby causing the adversary to take specific actions (or inactions) that will contribute to the accomplishment of the friendly mission." Military forces have historically used techniques such as camouflage, feints, chaff, jammers, fake equipment, false messages or traffic to alter an enemy's perception of reality. Modern day military planners need a capability that goes beyond the current state-of-the-art in cyber deception to provide a system or systems that can be employed by a commander when needed to enable deception to be inserted into defensive cyber operations. Relevance and realism are the grand technical challenges to cyber deception. The application of the proposed technology must be relevant to operational and support systems within the DoD. The DoD operates within a highly standardized environment. Any technology that significantly disrupts or increases the cost to the standard of practice will not be adopted. If the technology is adopted, the defense system must appear legitimate to the adversary trying to exploit it. Objective: To provide cyber-deception capabilities that could be employed by commanders to provide false information, confuse, delay, or otherwise impede cyber attackers to the benefit of friendly forces. Deception mechanisms must be incorporated in such a way that they are transparent to authorized users, and must introduce minimal functional and performance impacts, in order to disrupt our adversaries and not ourselves. As such, proposed techniques must consider how challenges relating to transparency and impact will be addressed. The security of such mechanisms is also paramount, so that their power is not co-opted by attackers against us for their own purposes. These techniques are intended to be employed for defensive purposes only on networks and systems controlled by the DoD. Advanced techniques are needed with a focus on introducing varying deception dynamics in network protocols and services which can severely impede, confound, and degrade an attacker's methods of exploitation and attack, thereby increasing the costs and limiting the benefits gained from the attack. The emphasis is on techniques that delay the attacker in the reconnaissance through weaponization stages of an attack and also aid defenses by forcing an attacker to move and act in a more observable manner. Techniques across the host and network layers or a hybrid thereof are of interest in order to provide AF cyber operations with effective, flexible, and rapid deployment options. This focus area is currently envisioned to consist of two phases running approximately 12 months each. The first phase (Concept Development) will consist of one to three study efforts that will examine potential deception technologies that could be developed. This will focus on the description, design and development of techniques and technologies that could be employed in an Air Force network. These efforts will be brought to a proof-of-concept level, and the implementations will be evaluated at the end of this phase. In the second phase (Prototyping), also lasting approximately 12 months, one or more of the concepts that show promise will be further developed to produce a prototype system capable of demonstration in a relevant environment. The system(s) developed by the end of this phase will be evaluated. At the end of this second phase, a "go/no-go" decision will be made to determine if the prototype(s) will undergo further refinement, evaluation, and potential integration with an eye toward transition. Questions regarding this focus area can be directed to: Anthony Macera (315) 330-4480 anthony.macera.1@us.af.mil FY15 - FY17 SPECIFIC FOCUS AREA: EMBEDDED SYSTEM RESILIENCE AND AGILITY Background: Technology trends and growth indicate a highly interconnected environment with an increasing reliance on system autonomy and embedded systems. Embedded systems may be viewed as an electronic device that contains a microprocessor (one or more), along with purpose-built software to perform specific functions within a larger community. Embedded system software, data, and memory often contain high-value information and control key assets. With this level of criticality, security provisions are crucial across the full-spectrum of embedded systems. Embedded systems require dedicated effort to infuse strong security and time-critical performance with limited resources and storage constraints. Within many applications, embedded systems are employed within platforms which are vulnerable to intentional or unintentional hazards or attacks. Any event, intentional or not, may compromise the reliability of a system and become a mission critical security threat. Objective: To research and demonstrate preemptive and proactive defense approaches, along with reactive techniques protecting assets, key functions, and data through recovery and adaptation. The focus of this research is protection of resources vice networking. The embedded system solution may include hardware, software, and advanced techniques to protect critical assets against cyber threat vectors either onboard or from external vectors. One specific use case for this focus area is the command and control of Unmanned Aerial Systems. Additionally, embedded systems must support real-time, guaranteed performance in safety and security-critical applications. Within cyber-physical systems, the joint behavior of the "cyber" and "physical" elements of the system is critical-computing, control, sensing, and networking are deeply integrated into every component, and the actions of components and systems must be carefully orchestrated, tested, and verified. Thus, system testing will be critical. This focus area will be comprised of 2 initial phases. Phase 1 is Analysis of Alternatives (AoA), security analysis, and system design. Phase 2 is prototype development and test. Successful completion of Phase 1 is a strong indicator of progression into Phase 2. Phase 1: Analysis of Alternatives (AoA), Security Analysis, and System Design Embedded security techniques are characterized by awareness of and protection against threats, minimization of vulnerabilities, computation of optimal assurance solutions, and protection of critical functions/information. These techniques should proactively deter adverse events as well as allow for real-time mitigation, leading to system recovery and adaption to the event. This phase investigates the mix of commercial and government solutions to present a cost-effective and high-assurance embedded system platform. Assessment of solutions against industry standards and internal/external threats should be included. Key technical areas of this phase may include, but not limited to: 1. Trusted monitoring, awareness, and control down to hardware-level 2. Techniques to reduce vulnerable attack surface; protect critical functions and data 3. Embedded system agility, diversity, and internal moving target concepts 4. Advanced fault tolerance/techniques to continue critical functions 5. Monitoring and reasoning of system events to determine and apply recovery and adaption techniques 6. Integration of software techniques onto enabling hardware for subsystem/system prototyping Phase 2: Prototype Development and Test The objective of this phase is the production of an embedded system prototype based on phase 1. This prototype should be subjected to functionality testing and vulnerability analysis, and should meet and exceed (where applicable) standards. Robust validation and verification is a critical component of this phase. Key concepts of this phase may include, but are not limited to: 1. Resilience metrics, measurement, and understanding of improved models of complex systems of systems, control and authority, levels of autonomy, system-system interactions, and new integrated analytical and decision-support tools through static and dynamic testing 2. Advanced testing techniques, to include autonomy and machine-learning, which stresses security, safety, runtime performance and vulnerabilities 3. Advanced methods for obtaining and extrapolating measurements to predict system behavior Questions regarding this focus area can be directed to: Douglas Schafer (315) 330-4323 douglas.schafer.6@us.af.mil FY16 - FY18 SPECIFIC FOCUS AREA: AUTONOMOUS INTEGRATED CYBER DEFENSE Background: The Air Force executes cyber operations that happen in real time at computer speeds. Many operations can be automated; for a given input a prescribed output can be generated and many current technologies address automation of cyber operations. There are still many areas where complex thought, decision-making, and understanding are required to effectively perform cyber operations. Currently these decisions are made primarily by human operators. Precluding areas where human-in-the-loop decision-making is required by statute or policy, this program will seek to identify these decisions points, implement machine-learning and other artificial intelligence technologies, and deliver capabilities for semi-autonomous cyber operations. Objective: Maximize the use of autonomous systems in full spectrum, integrated cyber operations. Identify decision points within current cyber operations that could potentially be guided by autonomous systems. Develop machine learning algorithms or other artificial intelligence technologies that can assist in decisions to support cyber operations. Develop integrated, proofs-of-concept for semi-autonomous cyber operations. AFRL seeks ideas and concepts in the following thrust areas: 1. Identification of complex decision-making components of cyber operations that could be assisted by autonomous systems. 2. Development of machine learning and artificial intelligence technologies that lend themselves to cyber operations decision-making support. 3. Integrated proofs-of-concept for cyber operations that leverage autonomous decision-making capabilities. Questions regarding this focus area can be directed to: John Marx (315) 330-3625 john.marx.2@us.af.mil FY17 SPECIFIC FOCUS AREA: CYBER AGILITY Background: Currently, adversaries can plan their attacks carefully over time by relying on the static nature of our networks, and launch their attacks at the times and places of their choosing. The DoD needs new tools and technologies to reverse the current asymmetry that favors our cyber adversaries, by forcing them to spend more, cope with greater levels of complexity and uncertainty, and accept greater risks of exposure and detection due to the significantly increased requirements for reconnaissance and intelligence collection on our networks. AFRL is seeking science & technology for defensive cyber maneuver and agility to disrupt adversary cyberspace operations, including adversary attack planning and execution. Objective: To reduce attacks by making it harder for a determined adversary to succeed. Increasing agility, diversity, and redundancy will result in disrupting attack planning and execution. Agility mechanisms must be incorporated in such a way that they are transparent to authorized users, and must introduce minimal functional and performance impacts, in order to disrupt our adversaries and not ourselves. As such, proposed techniques must consider how challenges relating to transparency and impact will be addressed. The security of such mechanisms is also paramount, so that their power is not co-opted by attackers against us for their own purposes. Questions regarding this focus area can be directed to: Walt Tirenin (315) 330-4429 wladimir.tirenin@us.af.mil NOTE: The POC for each focus area is provided for QUESTIONS ONLY. See Section IV Paragraph 2 for submission details. 2) SECTION IV is revised as follows: IV. APPLICATION AND SUBMISSION INFORMATION, Paragraph 1. SUBMISSION DATES AND TIMES: While white papers will be accepted over the life of this BAA, it is recommended that they be received by the following dates to maximize the possibility of award: FY15 by 05 Sep 2014 FY16 by 15 Jun 2015 FY17 by 15 Jun 2016 FY18 by 15 Jun 2017 FY19 by 15 Jun 2018 White papers will be accepted until 2pm Eastern time on 30 Sep 2019, but it is less likely that funding will be available in each respective fiscal year after the dates cited. This BAA will close on 30 Sep 2019.
- Web Link
-
FBO.gov Permalink
(https://www.fbo.gov/spg/USAF/AFMC/AFRLRRS/BAA-RIK-14-07/listing.html)
- Record
- SN03654634-W 20150301/150228000206-70e59d1d60a746e32357058caaa5e089 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |