Architecture Technology Corporation | Date: 2016-10-17
A network node includes enhanced functionality to fight through cyber-attacks. A plurality of virtual machines run at the network node. The network node receives a plurality of transaction requests and distributes a copy of each of the transaction requests to the plurality of virtual machines over a plurality of time steps. Based on the first virtual machine having executed (n) transaction requests in the plurality of transaction requests, the node detects whether any of the virtual machines has been compromised. In response to detecting the plurality of virtual machines includes a compromised virtual machine, the network node isolates the compromised virtual machine. Furthermore, after isolating the compromised virtual machine, the network node may receive a subsequent transaction request and dispatch the subsequent transaction request to the compromised virtual machine. The compromised virtual machine may execute the subsequent transaction request.
Architecture Technology Corporation | Date: 2016-08-04
An example method includes generating, by a computing system, first unique configuration information, generating, by the computing system and based on the first unique configuration information, a first unique instance of a software component, generating second unique configuration information, wherein the second unique configuration information is different from the first unique configuration information, and generating, based on the second unique configuration information, a second unique instance of the software component that is executable on the runtime computing system. The first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system.
Architecture Technology Corporation | Date: 2016-06-06
In general, this disclosure describes media stream transmission techniques for a field computing device and a central computing device. The central computing device may capture an image of a local background environment. The central computing device may record a first media stream that includes at least a portion of the image of the background environment and at least one movement of at least one object through the background environment. The central computing device may remove the image of the background environment from the first media stream to create a second media stream that includes the movement of the object through the background environment without the image of the background environment. The second media stream may also include timing information that can be synchronized to timing information for a media stream originating at the field computing device such that the second media stream may be superimposed on the field media stream.
Architecture Technology Corporation | Date: 2016-05-25
An example method includes selecting, based at least on first and second policies, first and second containers in which to execute first and second applications, respectively. The example method further includes isolating execution of the first application in the first container, and isolating execution of the second application in the second container. The example method also includes applying, based at least on the first policy, a first group of security controls to the first application executing in the first container, wherein the first container defines a first domain in which the first application is executed, and applying, based at least on the second policy, a second group of security controls to the second application executing in the second container, wherein the second container defines a second domain in which the second application is executed.
Architecture Technology Corporation | Date: 2016-06-30
This disclosure generally relates to automated execution and evaluation of computer network training exercises, such as in a virtual machine environment. An example environment includes a control and monitoring system, an attack system, and a target system. The control and monitoring system initiates a training scenario to cause the attack system to engage in an attack against the target system. The target system then performs an action in response to the attack. Monitor information associated with the attack against the target system is collected by continuously monitoring the training scenario. The attack system is then capable of sending dynamic response data to the target system, wherein the dynamic response data is generated according to the collected monitor information to adapt the training scenario to the action performed by the target system. The control and monitoring system then generates an automated evaluation based upon the collected monitor information.
Agency: Department of Defense | Branch: Air Force | Program: SBIR | Phase: Phase II | Award Amount: 749.84K | Year: 2015
ABSTRACT:IP-based tactical networks which are being deployed increasingly must possess the capability to gracefully shed mission functions in accordance with the intent of the commander when network congestion occurs. Such congestion events are expected to be prevalent in tactical wireless networks because of two major factors: (1) the increasing use of bandwidth-hungry applications, such as full-motion video (FMV); and (2) dynamic changes in the capacity of wireless links, caused by node movement and environmental factors, which could dramatically shrink the available capacity of a link to a small fraction of its advertised maximum. Prioritization of IP packet flows associated with mission applications (e.g., VoIP, FMV, fire control, chat, web), in accordance with the commanders current mission priorities, will enable the network to preempt or discard packet flows with lower priorities to preserve unimpeded operation of high-priority mission-critical applications under network congestion events. Since mission priorities may change over time, dynamic or on-the-fly reprioritization of IP packet flows is imperative for tactical IP networks. To address this technical challenge and to meet the need identified by the Air Force, Architecture Technology Corporation (ATCorp) proposes an innovative software-based network management solution called the Mission-Based Agile Network Traffic Reprioritization (MANTRA) system. BENEFIT:The results of this SBIR effort will produce a MANTRA software product that can be integrated within tactical IP networks to enable mission-oriented network command and control. DoD programs and initiatives that will benefit from the dynamic network traffic prioritization capability provided by MANTRA include the Joint Aerial Layer Network (JALN), Tactical Edge Networking C2, Joint Tactical Edge Networking (JTEN), WIN-T, and ADNS.
Agency: Department of Defense | Branch: Air Force | Program: SBIR | Phase: Phase II | Award Amount: 749.84K | Year: 2015
ABSTRACT:CEDAR is a software solution implementing a cloud computing capability within an unmanned aircraft system (UAS) such as the MQ-9 Reaper. It aggregates the available processing and storage capacity of onboard computers enabling them to be shared across a variety of mission applications ranging from sensor exploitation (SE) applications to on-board diagnostics and prognostics applications where the applications may belong to different security domains, e.g., Unclassified, and SECRET. By enabling mission-specific smarts to be easily programmed within a UAS, CEDAR provides the foundation for implementing the needed autonomy for mission operations. CEDAR allows a mix of computer platforms with varying capabilities to be dynamically provisioned among independently developed software applications in isolated security domains. It does this while providing fast, direct communication of sensor data, usually without the need for cross-domain guards, and without compromising security. The CEDAR design supports mission commanders in planning software deployment pre-mission to ensure available cloud hardware supports mission software needs. It enables autonomous in-mission cloud provisioning decisions by cloud-located applications, allowing the cloud to react to hardware failures and mission-generated tasks without requiring ground control intervention, making the CEDAR cloud appropriate for permissive and A2AD/contested environments. BENEFIT:CEDAR is a novel software product that efficiently and autonomously manages shared compute resources in an unmanned entity (UAV or robot) to run mission applications that analyze, combine, and filter data in real-time or near real-time. CEDAR provides an open platform for supporting the development of new UAS and Internet of Things applications. By supporting deployment of simultaneous applications in multiple security domains, it maximizes compute and storage resource utilization, allowing diverse independent, single-focus applications and providing the performance necessary for UAS on-board sensor exploitation with the possibility of increased UAS autonomy. Autonomous cloud control ensures mission-critical applications are provided critical resources, and allows testing new applications in an active platform without risk of interfering with existing mission-critical applications. The result of CEDAR research and development will be software adaptable to diverse hardware platforms, suitable for managing a cloud of low-cost COTS computer devices hosting commercial real-time operating systems and providing mixed capabilities in terms of processing power and coprocessor support that will benefit a wide variety of sensor data analysis algorithms. CEDAR will facilitate rapid innovation of surveillance, sensor exploitation, and diagnostics/prognostics applications by presenting a consistent virtualized environment from development to operational use. CEDARs cloud provisioning approach supports autonomous operation of UAV and robotic platforms, decreasing the oversight required Potential customers for the resulting commercial product include the military, law enforcement and homeland defense, and commercial enterprises.
Agency: Department of Defense | Branch: Army | Program: SBIR | Phase: Phase II | Award Amount: 999.88K | Year: 2015
Rapid and accurate initialization and reconfiguration of network devices provide the foundation for a robust tactical network needed to enable agile mission operations. In Phase I of this SBIR, Architecture Technology Corporation (ATCorp), in collaboration with Future Skies the lead developer of the Armys Command and Control Registry (C2R), established the feasibility of an innovative technology called Dynamic Host Configuration Protocol for Tactical Networks (DHCP-T) through detailed design and a proof-of-concept demonstration (or rapid prototype). Addressing the need identified by the Army for automated network-parameter assignment to network devices in the tactical environments, DHCP-T will eliminate time-consuming manual configuration of network devices in mission command systems and dynamically assign network parameters based on mission needs. Developed on industry standards, DHCP-T includes an extensible architecture capable of handling a variety of network devices and networking scenarios, including those involving tactical radios and routers. The software-only technology will operate within the existing COTS network infrastructure, providing a cost-effective solution to network initialization and reconfiguration. Based on the confirmed feasibility, the team will implement a full TRL 6+ prototype of the technology during the proposed Phase II effort o transition the technology to the field to improve the agility of the tactical networks.
Agency: Department of Energy | Branch: | Program: SBIR | Phase: Phase I | Award Amount: 149.85K | Year: 2016
The Energy Sciences Network (ESnet) is a high-speed computer network serving United States Department of Energy (DOE) scientists and their HPC collaborators worldwide. The ESnet is a multi- domain network over virtual circuits guaranteeing end-to-end data transfer performance and security on the network. This network structure built using VPN connections and IPSEC tunnels is very similar to military crypto-partitioned networks and have the same problems taking advantage of network routing and security techniques to improve performance. This makes it harder to ensure resilient mission data exchange among user enclaves in the face of WAN impairments induced by cyber-attacks, network misconfiguration, equipment failures, and other causes. Architecture Technology Corporation (ATCorp) will develop a network appliance called WANshielder for enabling robust and resilient operation of high performance computing (HPC) applications over a wide-area Energy Sciences Network (ESnet) infrastructure experiencing accidental failures or cyber- attacks. Residing entirely within the plain text side of a HPC user enclave behind the inline network encryptor (INE), WANshielder operates as a transparent bridge or a “bump in the wire” device passively monitoring all IP traffic entering and leaving the enclave to infer the onset or occurrence of network events which could adversely impact mission applications. It then automatically takes actions to mitigate the impact of these network events. The ability of WANshielder to provide such automatic and agile recovery from network events, while meeting the throughput and latency requirements for networked HPC applications in an Energy Sciences Network (ESnet) environment, is well beyond the capabilities of the state of the art. During Phase I ATCorp will: (1) develop the detailed design of WANshielder; and (2) establish thefeasibility of the approach by building a proof-of-concept prototype of the appliance. WANshielder is a device installed within each enclave of a secure network that will ensure resilient mission data exchange between users in other enclaves in the face of WAN impairments induced by cyber-attacks, network misconfiguration, equipment failures, or other causes Commercial Applications and Other Benefits: The successful completion of a Phase I and then a Phase II prototype of WANShielder will allow ATCorp to move forward along the Technology Readiness scale (TRL levels), to further develop and productize WANShielder. The WANShielder project has many foundational components from previous DoD SBIRs and a successful Phase II and Phase III will obviously benefit the nation’s research and science community, but the software and techniques will then be able to be transferred to military applications as well to implement WANShielder on military Crypto-partitioned networks using HAIPEs as well. These types of networks are also used widely within large enterprise networks that connect multiple distributed locations into a single secure network. The potential public benefits of the WANShielder project are numerous, and the potential customers and market size are large.
Agency: Department of Energy | Branch: | Program: SBIR | Phase: Phase I | Award Amount: 149.94K | Year: 2016
Formerly relegated to research institutions and behind closed doors, modern large-scale computing systems are often used for critical infrastructure modeling and control. These high-performance computing systems are now often geographically distributed and exposed to the Internet, becoming attractive resources for potential misuse and cyberattack. As high-performance computing systems grow more widely distributed, simply firewalling and isolating the system is no longer feasible as a solution. SilverlineHPC is a software system for modeling, analyzing, and automatically evaluating the security configurations of large-scale distributed systems. SilverlineHPC uses attack trees to model risks to distributed computing systems, adding tools that facilitate the analysis of very large-scale systems. The software then performs automated evaluations and computations on the attack trees, testing on-line to see whether particular vulnerabilities are present or known-weak configurations or libraries are in use, then computing metrics and costs based on component metrics. The goal of the Phase I effort is to develop and test a proof- of-concept prototype that focuses on the key technical challenges of our approach. This prototype will build on the company’s existing Silverline software, developing and demonstrating high-performance computing-specific automated evaluation and analysis features. Specifically, the effort will add assessment methods targeted at common computing libraries and frameworks in use by commercial and critical infrastructure sectors. It will also enhance Silverline’s scale, providing effective tools for the modeling and evaluation of large-scale computing systems with hundreds of nodes, actors, and interconnection paths. SilverlineHPC, developed by ATC-NY for the Department of Energy under a Small Business Innovative Research (SBIR) grant, increases the safety and security of high-performance computing and large-scale computing systems that are used for power grid analysis, healthcare, and critical infrastructure applications. Commercial Applications and Other Benefits: SilverlineHPC will increase the safety and security of the critical infrastructure controlled by distributed computing systems. At the same time, SilverlineHPC’s systematic, auditable approach to security risks will encourage new infrastructure processes to be automated—bringing increased efficiency and lower operating costs. SilverlineHPC’s approach provides similar benefits to healthcare, power grid modeling, and other compute-intensive sectors.