Homeland Security Advanced Research Projects Agency

An Update on the Cyber Security R&D Landscape

December 4, 2013

SINET Showcase

Douglas Maughan

Division Director

http://www.dhs.gov/cyber-research

Presenter’s Name June 17, 2003

2007 ITSEF - Opening Doors to the Federal Government 2008 ITSEF Panel - Federal Government Strategic

Investment Funds 2009 ITSEF Panel - Critical Infrastructure 2010 ITSEF Panel - Moving Forward with a Roadmap for

the IT, Banking & Finance and Energy Sectors 2010 Showcase Workshop and 2011 ITSEF Workshop -

Obtaining Federal Research Funding 2011 ITSEF Panel - Partnering Practitioners & Theory -

Creating Centers of Excellence 2012 ITSEF Panel - What are the Key Attributes that Lead

to Successful Technology Transfer? 2012 Showcase Panel - DHS and DoD Efforts at Improving

Cyber Innovation Intake into the Federal Government

Past SINET Participation

2

Presenter’s Name June 17, 2003

Presentation Outline

Threat Space

National / Federal Activities

DHS Activities

Cyber Security Division (CSD) Overview

What’s Ahead

Funding Opportunities

Summary

Q&A

3

Environment: Greater Use of Technology, More Threats, Less Resources

Globalization & Transportation

Natural Disasters & Pushing

Beyond Design Limits

Misuse of Technology

Border Security & Immigration

Cyber Domain

LESS RESOURCES

MORE THREATS

Violent Extremism

Nature of Innovation

Both sides get to innovate

Predictive & Reactive

Aviation as an example …

Low cost of entry

Strategic potential

Anywhere in the world in 24 hours

Historical Perspective

Tenuous balance

Insider Threat

Presenter’s Name June 17, 2003

Cyber Threat Sources Ready to Exploit Weaknesses

Nation States

Hackers/Hacktivists

Cyber Criminals

Insider Threats

Terrorists, DTOs, etc.

Presenter’s Name June 17, 2003

Malware – Malicious software to disrupt computers

Viruses, worms, …

Theft of Intellectual Property or Data

Hactivism – Cyber protests that are socially or politically motivated

Mobile Devices and Applications and their associated Cyber Attacks

Social Engineering – Entice users to click on Malicious Links

Spear Phishing – Deceptive communications (E-Mails, Texts,

Tweets…)

Domain Name System (DNS) Hijacking

Router Security – Border Gateway Protocol (BGP) Hijacking

Denial of Service (DOS) – blocking access to web sites

Others …..6

Cyber Threats

Presenter’s Name June 17, 2003

Recent Events

7

Comprehensive National Cybersecurity Initiative (CNCI)

Reduce the Number of Trusted Internet

Connections

Deploy Passive Sensors Across Federal Systems

Pursue Deployment of Automated Defense

Systems

Coordinate and Redirect R&D Efforts

Establish a front line of defense

Connect Current Centers to Enhance

Situational Awareness

Develop Gov’t-wide Counterintelligence

Plan for Cyber

Increase Security of the Classified Networks Expand Education

Resolve to secure cyberspace / set conditions for long-term success

Define and Develop Enduring Leap Ahead

Technologies, Strategies & Programs

Define and Develop Enduring Deterrence

Strategies & Programs

Manage Global Supply Chain Risk

Cyber Security in Critical Infrastructure

Domains

http://cybersecurity.whitehouse.gov

Shape future environment / secure U.S. advantage / address new threats

NITRD Participating Agencies

9

Networking Information Technology R&D

Presenter’s Name June 17, 2003

Federal Cybersecurity R&D Strategic Plan

Science of Cyber Security

Research Themes Tailored Trustworthy Spaces Moving Target Defense Cyber Economics and Incentives Designed-In Security (New for FY13)

Transition to Practice Technology Discovery Test & Evaluation / Experimental

Deployment Transition / Adoption / Commercialization

Support for National Priorities Health IT, Smart Grid, NSTIC (Trusted

Identity), NICE (Education), Financial Services

Released Dec 6, 2011http://www.whitehouse.gov/blog/2011/12/06/federal-cybersecurity-rd-strategic-plan-released

10

DHS S&T Mission Guidance

StrategicGuidance

OperationalDirectives

HSPD-5National Incident

Management System(2003)

PPD-8National

Preparedness(2011)

HSPD-22Domestic Chemical Defense(2007)

HSPD-9Defense of

U.S. Agriculture

& Food(2004)

HSPD-10Biodefense for the 21st

Century(2004)

Homeland Security Act

2002

QHSR (Feb 2010)

BUR(July 2010)

1. Preventing terrorism & enhancing security2. Securing and managing our borders3. Enforcing & administering immigration laws

4. Safeguarding and securing cyberspace5. Ensuring resilience to disasters

Prevention, Protection, Mitigation, Response, Recovery

S&T Strategic Plan (2011)

Smaller Scale Terrorism

Trafficking, Crime

Pandemics, Accidents,

Natural Hazards

Violent Extremism

High Consequence

WMDThreats

Core Missions

QHSR

Cybersecurity for the 16 Critical Infrastructure Sectors

Business / Personal Shopping & Banking Point of Sale (in store or on line)

Personnel

Social Media

…

DHS provides

advice and alerts to the 16 critical

infrastructure areas …

… DHS collaborates with sectors

through Sector Coordinating

Councils (SCC)

X X

EO-13636 and PPD-21

In February 2013, the President issued two new policies:

1) Executive Order 13636: Improving Critical Infrastructure Cybersecurity

2) Presidential Policy Directive – 21: Critical Infrastructure Security and Resilience

America's national security and economic prosperity are dependent upon the operation of critical infrastructure that are increasingly at risk to the effects of cyber attacks

The vast majority of U.S. critical infrastructure is owned and operated by private companies

A strong partnership between government and industry is indispensible to reducing the risk to these vital systems

Presenter’s Name June 17, 2003

Integrating Cyber-Physical Security

Executive Order 13636: Improving Critical Infrastructure Cybersecurity directs the Executive Branch to:

Develop a technology-neutral voluntary cybersecurity framework

Promote and incentivize the adoption of cybersecurity practices

Increase the volume, timeliness and quality of cyber threat information sharing

Incorporate strong privacy and civil liberties protections into every initiative to secure our critical infrastructure

Explore the use of existing regulation to promote cyber security

Presidential Policy Directive-21: Critical Infrastructure Security and Resilience replaces Homeland Security Presidential Directive-7 and directs the Executive Branch to: Develop a situational awareness

capability that addresses both physical and cyber aspects of how infrastructure is functioning in near-real time

Understand the cascading consequences of infrastructure failures

Evaluate and mature the public-private partnership

Update the National Infrastructure Protection Plan

Develop comprehensive research and development plan (CSD / RSD)

14

Presenter’s Name June 17, 2003

120 days – June 12, 2013• Publish instructions: unclassified threat information• Report on cybersecurity incentives• Publish procedures: expand the Enhanced Cybersecurity Services

150 Days - July 12, 2013• Identify cybersecurity critical infrastructure• Evaluate public-private partnership models• Expedite security clearances for private sector

240 Days – October 10, 2013• Develop a situational awareness capability • Update the National Infrastructure Protection Plan• Publish draft voluntary Cybersecurity Framework

365 days – February 12, 2014

• Report on privacy and civil rights and civil liberties cybersecurity enhancement risks• Stand up voluntary program based on finalized Cybersecurity Framework

Beyond 365 - TBD

• Critical Infrastructure Security and Resilience R&D Plan

15

C

C

EO-PPD Deliverables

C

Presenter’s Name June 17, 2003

Cybersecurity Framework (NIST lead) Developed in collaboration with industry, provides guidance to an organization on

managing cybersecurity risk Supports the improvement of cybersecurity for the Nation’s Critical Infrastructure

using industry-known standards and best practices Provides a common language and mechanism for organizations to

1. describe current cybersecurity posture;

2. describe their target state for cybersecurity;

3. identify and prioritize opportunities for improvement within the context of risk management;

4. assess progress toward the target state;

5. Foster communications among internal and external stakeholders. Composed of three parts: the Framework Core, the Framework Implementation

Tiers, and Framework Profiles

16

Presenter’s Name June 17, 2003

Cybersecurity FrameworkFunction Category

IDENTIFY

Asset ManagementBusiness EnvironmentGovernanceRisk AssessmentRisk Management

PROTECT

Access ControlAwareness and TrainingData SecurityInformation Protection Processes and ProceduresProtective Technology

DETECTAnomalies and EventsSecurity Continuous MonitoringDetection Processes

RESPOND

CommunicationAnalysisMitigationImprovements

RECOVERRecovery PlanningImprovementsCommunication

17

Presenter’s Name June 17, 2003 18

Areas:

“While these reports do not yet represent a final Administration policy, they do offer an initial examination of how the critical infrastructure community could be incentivized to adopt the Cybersecurity Framework as envisioned in the Executive Order. We will be making more information on these efforts available as the Framework and Program are completed.”

Michael Daniel,Special Assistant to the President and Cybersecurity Coordinator

White House Blog, August 6, 2013

1. Cybersecurity Insurance

2. Grants

3. Process Preference

4. Liability Limitation

5. Streamline Regulations

6. Public Recognition

7. Rate Recovery for Price Regulated Industries

8. Cybersecurity Research

Recommended Incentives

Presenter’s Name June 17, 2003

R&D guidance from PPD-21 Within 2 years, DHS in coordination with OSTP, SSA’s, DOC and other Federal

D&A, shall provide to the President a National Critical Infrastructure Security and Resilience R&D Plan that takes into account the evolving threat landscape, annual metrics, and other relevant information to identify priorities and guide R&D requirements and investments…plan issued every 4 years …updates as needed.

Innovation and Research & Development: DHS in coordination with OSTP, SSA’s, Commerce and other Federal D&A, shall provide input to align those Federal and Federally-funded R&D activities that seek to strengthen the security and resiliency of the Nation’s critical infrastructure, including:

Promoting R&D to enable the secure and resilient design and construction of critical infrastructure and more secure accompanying cyber technology;

Enhancing modeling capabilities to determine potential impacts … and cascading effects;

Facilitating initiatives to incentivize cyber security investments and the adoption of critical infrastructure design features that strengthen all-hazards security and resilience;

Prioritizing efforts to support the strategic guidance issued by the Secretary.

Working Group headed up by DHS S&T

19

Presenter’s Name June 17, 2003

How to Engage National Infrastructure Protection Plan process

Review and comment on Draft Documents www.dhs.gov/eo-ppd Provide input through dialogue on IdeaScale -- http://eoppd.ideascale.com Encourage partners to review and provide input

PPD/EO Integrated Task Force Weekly Stakeholder Bulletin Current status of activities List of upcoming Open Forums, Webinars and other Engagement Opportunities

Contact EO-PPDTaskForce@hq.dhs.gov for more information

Also R&DWG@hq.dhs.gov for R&D plan information, participation

20

21

DHS S&T MissionStrengthen America’s security and resiliency by providing

knowledge products and innovative technology solutions for the Homeland Security Enterprise

1) Create new technological capabilities and knowledge products

2) Provide Acquisition Support and Operational Analysis

3) Provide process enhancements and gain efficiencies

4) Evolve US understanding of current and future homeland security risks and opportunities

FOCUS AREAS• Bio• Explosives• Cybersecurity• First Responders• Resilient Systems• Borders / Maritime

Presenter’s Name June 17, 2003

Cyber Security Focus Areas

Trustworthy Cyber Infrastructure Working with the global Internet community to secure cyberspace

Research Infrastructure to Support Cybersecurity Developing necessary research infrastructure to support R&D community

R&D Partnerships Establishing R&D partnerships with private sector, academia, and

international partners

Innovation and Transition Ensuring R&D results become real solutions

Cybersecurity Education Leading National and DHS cybersecurity education initiatives

22

Presenter’s Name June 17, 2003

Trustworthy Cyber Infrastructure Secure Protocols

DNSSEC – Domain Name System Security Govt and private sector worked together to make this happen Started in 2004; now 111 top level (gTLD) and country code (ccTLD) domains

adopted globally including the Root SPRI – Secure Protocols for Routing Infrastructure

Internet Measurement and Attack Modeling Geographic mapping of Internet resources Logically and/or physically connected maps of Internet resources Monitoring and archiving of BGP route information Co-funding with Australia

23http://www.isi.edu/ant/address/browse/

Presenter’s Name June 17, 2003

Research Infrastructure Experimental Research Testbed (DETER)

Researcher and vendor-neutral experimental infrastructure Used by over 200 organizations from more than 20 states and 17 countries Used by over 40 classes, from 30 institutions involving 2,000+ students

http://www.deter-project.org

Research Data Repository (PREDICT) Repository of network data for use by the U.S.- based cyber security

research community More than 200 users (academia, industry, gov’t); Over 600TB of network data;

Tools are used by major service providers and many companies Phase 2: New datasets, ICTR Ethics, International (CA, AUS, JP, EU)

https://www.predict.org

Software Assurance Market Place (SWAMP) A software assurance testing and evaluation facility and the associated

research infrastructure services

24

Presenter’s Name June 17, 2003

R&D Partnerships Oil and Gas Sector

LOGIIC – Linking Oil & Gas Industry to Improve Cybersecurity

Electric Power Sector TCIPG – Trustworthy Computing Infrastructure for the Power Grid

Banking and Finance Sector FI-VICS – Financial Institutions – Verification of Identity Credential Service DECIDE – Distributed Environment for Critical Incident Decision-making

Exercises (recent Quantum Dawn II exercise)

State and Local PRISEM - Public Regional Information Security Event Management PIV-I/FRAC TTWG – State and Local and Private Sector First Responder

Authentication Credentials and Technology Transition

Law Enforcement SWGDE – Special Working Group on Digital Evidence (FBI lead) CFWG – Cyber Forensics Working Group (CBP, ICE, USSS, FBI, S/L)

25

Presenter’s Name June 17, 2003

International Bilateral Agreements

Government-to-government cooperative activities for 13 bilateral Agreements

S&T International Engagements

• Canada (2004) • Australia (2004)• United Kingdom (2005)• Singapore (2007)• Sweden (2007) • Mexico (2008)• Israel (2008)• France (2008) • Germany (2009) • New Zealand (2010)• European Commission (2010)• Spain (2011)• Netherlands (2013) COUNTRY PROJECTS MONEY IN JOINT MONEY OUT

Australia 3 $300K $400K Canada 11 $1.8M Germany 1 $300K Israel 2 $100KNetherlands 7 $450K $1.2M $150KSweden 4 $650K United Kingdom 3 $1.2M $400KEuropean Union 1 Japan 1

Over $6M ofInternationalco-funding

Presenter’s Name June 17, 2003

CSD R&D Execution Model

• Ironkey – Secure USB– Standard Issue to S&T employees

from S&T CIO– Acquired by Imation

• Komoku – Rootkit Detection Technology

– Acquired by Microsoft• HBGary – Memory and Malware

Analysis– Over 100 pilot deployments as

part of Cyber Forensics• Endeavor Systems – Malware

Analysis tools– Acquired by McAfee

• Stanford – Anti-Phishing Technologies

– Open source; most browsers have included Stanford R&D

• Secure Decisions – Data Visualization

– Pilot with DHS/NCSD/US-CERT; Acquisition

Successes

ResearchDevelopmentTest and Evaluation &Transition (RDTE&T)

Example: DARPA has provided $9M to CSD for development and transition of Military Networking Protocol (MNP) technology and has started discussions for testing and evaluation of Automated Malware Analysis technology

Presenter’s Name June 17, 2003

Transition To Practice (TTP) Program

28

R&D Sources DOE National

Labs FFRDC’s (Federally

Funded R&D Centers)

Academia Small Business

Transition processes

Testing & evaluation

Red Teaming Pilot

deployments

Utilization Open Sourcing Licensing New Companies Adoption by

cyber operations analysts

Direct private-sector adoption

Government use

Implement Presidential Memorandum – “Accelerating Technology Transfer and Commercialization of Federal Research in Support of High-Growth Businesses” (Oct 28, 2011)

A NATIONAL PROBLEM

29

The Nation needs greater cybersecurity awareness and more cybersecurity experts.

There is a lack of communication between government, private industry, and academia.

Many cybersecurity training programs exist but there is little consistency among programs, and potential employees lack information about the skills needed for jobs.

Cybersecurity Career development and scholarships are available but uncoordinated, and the resources that do exist are difficult to find.

NICE was established in support of the Comprehensive National Cybersecurity Initiative (CNCI) – Initiative 8: Expand Cyber Education – Interim Way Forward and is comprised of over 20 federal departments and agencies.

Presenter’s Name June 17, 2003

Cybersecurity Education Cyber Security Competitions (http://nationalccdc.org)

National Initiative for Cybersecurity Education (NICE)

NCCDC (Collegiate); U.S. Cyber Challenge (High School)

Provide a controlled, competitive environment to assess a student’s depth of understanding and operational competency in managing the challenges inherent in protecting a corporate network infrastructure and business information systems.

DHS Cyber Skills Task Force (CSTF) Established June 6, 2012 - Homeland Security Advisory Council

Over 50 interviews (DHS internal and external) Identify best ways DHS can foster the development of a national security

workforce capable of meeting current and future cybersecurity challenges; Outline how DHS can improve its capability to recruit and retain sophisticated

cybersecurity talent.

11 recommendations in 5 key areas

30

DHS Cyber Skills Task Force (CSTF) - Objectives

Objective I: Ensure that the people given responsibility for mission-critical cybersecurity roles and tasks at DHS have demonstrated that they have high proficiency in those areas.

Objective II: Help DHS employees develop and maintain advanced technical cybersecurity skills and render their working environment so supportive that qualified candidates will prefer to work at DHS.

Objective III: Radically expand the pipeline of highly qualified candidates for technical mission-critical jobs through partnerships with community colleges, universities, organizers of cyber competitions, and other federal agencies.

Objective IV: Focus the large majority of DHS’s near term efforts in cybersecurity hiring, training, and human capital development on ensuring that the Department builds a team of approximately 600 federal employees with mission-critical cybersecurity skills.

Objective V: Establish a “CyberReserve” program to ensure a cadre of technically proficient cybersecurity professionals are ready to be called upon if and when the nation needs them.

31

32

ICE Homeland Security Investigations (HSI) Cyber Student Initiative (7/10/13) 36 HSI offices volunteered to participate 291 Applicants of which 203 were Qualified Applicants 27 Candidates Selected (of which 2 declined) – Atlanta,

Baltimore, Boston, Buffalo, Charleston, Charlotte, Chicago, Denver, El Paso, Long Beach, Los Angeles, New York, Orlando, Pensacola, Philadelphia, Phoenix, San Antonio, San Francisco, Savannah, Seattle, DC.

Twenty three (23) candidates employed between July-September 2013

33

Intern Program – Round 1Number of Interns EOD Date College Location

1intern 7/22/13 Chattahoochee Technical College Atlanta, GA1 intern 7/15/13 Anne Arundel Community College Baltimore, MD1 intern Anne Arundel Community College Baltimore, MD1 intern Bunker Hill Community College Boston, MA1intern Westchester Community College Buffalo, NY1 intern Trident Technical College Charleston, NC1 intern Central Piedmont Community College Charlotte, NC

1 intern 7/22/13 Moraine Valley Community College Chicago, IL1 intern Garden City Community College Denver, CO1 intern Community College of Denver Denver, CO1 intern El Paso Community College El Paso, TX1 intern Prince George’s Community College Fairfax, VA (C3)1 intern DeVry University Los Angeles, CA1 intern 7/09/13 New York Institute Technology New York, NY1 intern 7/09/13 SUNY Orange Middletown NY New York, NY1 intern 7/09/13 Valencia College Orlando, FL1 intern Valencia College Orlando, FL1 intern 7/08/13 Pensacola State College Pensacola, FL1 intern Anne Arundel Community College Philadelphia, PA1 intern 7/09/13 Mesa Community College Phoenix, AZ1 intern Alamo Colleges San Antonio, TX1 intern 7/08/13 Diablo Valley College San Francisco, CA1 intern Cochise College San Francisco, CA1 intern Edmonds Community College Savannah, GA1 intern Chattahoochee Technical College Seattle, WA

Presenter’s Name June 17, 2003

White House Priorities – FY14+ Secure Federal Networks

Identity/Credential Access Mgmt (ICAM), Cloud Exchange, Fed-RAMP

Protect Critical Infrastructure Public-Private Cyber Coordination, EO/PPD Initiatives

Improve Incident Response and Reporting Information Sharing among Federal CentersCapacity Building for State/Local/Tribal/Territorial (SLTTs)

Engage Internationally Foreign Assistance Capacity Building Build Workforce Capacity to Support International Cyber Engagement

Shape the Future National Strategy for Trusted Identity in Cyberspace (NSTIC) National Initiative for Cybersecurity Education (NICE) Cybersecurity R&D – EO/PPD R&D Plan, Federal R&D Plan, Transition

To Practice, Foundational Research

34

Presenter’s Name June 17, 2003

Cyber Physical Systems (CPS) “Smart networked systems with embedded sensors, processors

and actuators that are designed to sense and interact with the physical world (including the human users), and support real-time, guaranteed performance in safety-critical applications”

Several workshops over the past year or two Transportation

Automotive, UAVs, Aeronautical, Rail Manufacturing Healthcare Energy Agriculture Defense Emergency Response Others …..

All with an eye towards society, economics, and impact

Future - Inter-Agency: CPS

35

Presenter’s Name June 17, 2003

CSD New Program Ideas Security for Cloud-Based Systems Data Privacy Technologies Mobile Wireless Investigations Mobile Device Security Next-Generation DDOS Defenses Application Security Threat Attack Modeling (ASTAM) Static Tool Analysis Modernization Project (STAMP) Network Reputation and Risk Analysis Data Analytics Methods for Cyber Security Cyber Security Education Designed-In Security Finance Sector Cybersecurity DNSSEC Applications Data Provenance for Cybersecurity Cyber Economic Incentives – based on EO/PPD

36

Programs for U. S. Small Business

Small Business Innovation Research (SBIR)

Set-aside program for small business concerns to engage in federal R&D -- with potential for commercialization

Small Business Technology Transfer (STTR)

Set-aside program to facilitate cooperative R&D between small business concerns and research institutions -- with potential for commercialization

• 2.5%

• .3%

• PHASE I • Feasibility Study • $100K (in general) and 6 month effort (amounts are changing)

• PHASE III• Commercialization Stage• Use of non-SBIR Funds

• PHASE II• Full Research/R&D• $750K and 24 month effort (amounts are changing)• Commercialization plan required

SBIR - A 3 Phase Program

Agency SBIR Differences

Number and timing of solicitations

R&D Topic Areas – Broad vs. Focused

Dollar Amount of Award (Phase I and II)

Proposal preparation instructions

Financial details (e.g., Indirect Cost Rates)

Proposal review process

Proposal success rates

Types of award

Commercialization assistance

And more…………

40

FY04 Cross-Domain Attack Correlation

Technologies (2) Real-Time Malicious Code

Identification (2) Advanced SCADA and Related

Distributed Control Systems (5) FY05

Hardware-assisted System Security Monitoring (4)

FY06 Network-based Boundary Controllers

(3) Botnet Detection and Mitigation (4)

FY07 Secure and Reliable Wireless

Communication for Control Systems (2)

Small Business Innovative Research (SBIR)

FY09 Software Testing and Vulnerability

Analysis (3) FY10

Large-Scale Network Survivability, Rapid Recovery, and Reconstitution (1)

FY11 Mobile Device Forensics (1)

FY12 Moving Target Defense (2) Solid State Drive (SSD) Analysis (1)

FY13 Hybrid Analysis Mapping Software Based Roots of Trust for

Enhanced Mobile Device Security

41

Small Business Innovative Research (SBIR)

Important program for creating new innovation and accelerating transition into the marketplace

Since 2004, DHS S&T Cyber Security has had: 74 Phase I efforts 28 Phase II efforts 4 Phase II efforts currently in progress 10 commercial/open source products available Four acquisitions

Komoku, Inc. (MD) acquired by Microsoft in March 2008Endeavor Systems (VA) acquired by McAfee in January 2009Solidcore (CA) acquired by McAfee in June 2009HBGary (CA) acquired by ManTech in February 2012

42

Cyber Security R&D Broad Agency Announcement (BAA) Delivers both near-term and medium-term solutions

To develop new and enhanced technologies for the detection of, prevention of, and response to cyber attacks on the nation’s critical information infrastructure, based on customer requirements

To perform research and development (R&D) aimed at improving the security of existing deployed technologies and to ensure the security of new emerging cybersecurity systems;

To facilitate the transfer of these technologies into operational environments.

Proposals Received According to 3 Levels of Technology MaturityType I (New Technologies) Applied Research Phase Development Phase Demo in Op Environ. Funding ≤ $3M & 36 mos.

Type II (Prototype Technologies) More Mature Prototypes Development Phase Demo in Op Environ. Funding ≤ $2M & 24 mos.

Type III (Mature Technologies) Mature Technology Demo Only in Op Environ. Funding ≤ $750K & 12 mos.

Note: Technology Demonstrations = Test, Evaluation, and Pilot deployment in DHS “customer” environments

43

DHS S&T Long Range Broad Agency Announcement (LRBAA) 12-07 S&T seeks R&D projects for revolutionary, evolving, and maturing

technologies that demonstrate the potential for significant improvement in homeland security missions and operations

Offerors can submit a pre-submission inquiry prior to White Paper submission that is reviewed by an S&T Program Manager

CSD has 18 Topic Areas (CSD.01 – CSD.18) – SEE NEXT SLIDE LRBAA 12-07 has been extended and closes on 12/31/13 S&T BAA Website: https://baa2.st.dhs.gov Additional information can be found on the Federal Business

Opportunities website (www.fbo.gov) (Solicitation #:DHSS-TLRBAA12-07)

44

CSD.01 – Comprehensive National Cybersecurity Initiative and Federal R&D Strategic Plan topics

CSD.02 – Internet Infrastructure Security CSD.03 – National Research

Infrastructure CSD.04 –Homeland Open Security

Technology CSD.05 – Forensics support to law

enforcement CSD.06 – Identity Management CSD.07 – Data Privacy and Information

Flow technologies. CSD.08 – Software Assurance CSD.09 – Cyber security competitions,

education and curriculum development.

LRBAA Summary Listing CSD.10 – Process Control Systems and

Critical Infrastructure Security CSD.11 – Internet Measurement and

Attack Modeling CSD.12 – Securing the mobile

workforce CSD.13 - Security in cloud based

systems CSD.14 – Experiments – Test and

evaluation in experimental operational environments to facilitate transition.

CSD.15 – Research Data Repository CSD.16 – Cybersecurity Economic

Incentives CSD.17 – Data Analytics – analysis

techniques, visualization, CSD.18 – Tailored Trustworthy Spaces

– trust negotiation, app anonymity

Presenter’s Name June 17, 2003

Summary

Cybersecurity research is a key area of innovation to support our global economic and national security futures

DHS S&T continues with an aggressive cyber security research agenda Working to solve the cyber security problems of our current (and

future) infrastructure and systems Working with academe and industry to improve research tools and

datasets Looking at future R&D agendas with the most impact for the

nation

Need to continue strong emphasis on technology transfer and experimental deployments

Must focus on the education, training, and awareness aspects of our current and future cybersecurity workforce

45

Presenter’s Name June 17, 2003

Recent CSD Publications

46

Presenter’s Name June 17, 2003

For more information, visit

http://www.dhs.gov/cyber-researchhttp://www.dhs.gov/st-csd

Douglas Maughan, Ph.D.

Division Director

Cyber Security Division

Homeland Security Advanced Research Projects Agency (HSARPA)

douglas.maughan@dhs.gov

202-254-6145 / 202-360-3170

47