Agency: Department of Defense | Branch: Air Force | Program: STTR | Phase: Phase I | Award Amount: 99.76K | Year: 2011
ABSTRACT: The CTI/SU team proposes the Cyber Cross-Layer Optimization Publish-Subscribe (CYCLOPS) framework for design, prototyping and assessment of innovative methods for creating cognitive network architectures and protocols to achieve autonomous network resiliency in contested Radio Frequency spectra. Within this framework, the team will design metrics for estimating the benefits, costs and risks (vulnerabilities) associated with alternative wireless network Courses Of Action (COAs). Within this framework, the team will prototype both conventional filters and cognitive agents to perform multi-objective (benefits, costs, risks) optimization that will dynamically select COAs, including spectrum allocations, network routes, [reliable] [multicast] transport parameters and Delay/Disruption/Disconnection Tolerant Network (DTN) bundle transport options. Within this framework, loosely coupled agents created by different methods (design by human engineers, evolution by genetic programming) and tuned by different methods (learning neural network weights, learning classifier system rules) will interoperate synergistically by exchanging information. The heart of the CYCLOPS framework is a distributed blackboard in the management plane: control/user plane protocol stack layers and other entities, such as battery level monitors and Global Positioning System (GPS) receivers, publish information of potential value; other entities, especially stack layers, subscribe to relevant information and use it to optimize their behavior. BENEFIT: Through the design and development of an automated cross layer information sharing blackboard with a publish/subscribe architecture and an automated, cognitive, optimization decision optimization algorithm, this solution will determine costs, risks, and benefits for the sharing of state data across the layers, and for the execution of any resultant optimization decision. Oracles based upon predictive and cognitive, evolutionary learning algorithms will identify and evaluate the current and near-future node state, integrate individual function, node, AND system policies, costs, risks, and benefits, and then generate decisions which approach long term node and network optimization. In addition to addressing these questions and developing an optimization decision, these efforts will instantiate the concept of executing a decision NOT to share information and of NOT to"optimize". Thus individual agents will execute and report on their own OODA (observe, orient-assess, decide, & act) loop and optimization options, and system agents"will evaluate the net cost/benefit effect of the decisions of each individual agent; identify decisions that yield maximum benefit/minimized cost/managed risk; and will then also eliminate individual optimizations that result in minimized gains but increased, undesirable long-term system costs (e.g. thrashing between channels for minimal additional throughput). Given a selection of any mobile wireless platform based upon the Android 2.0+ OS, CTI and SU will plan on transitioning this technology as a series of licensure products customized for each wireless handheld manufacturer. The initial customer will be the US wireless providers deploying the Android-based OS in their"smart phone"offerings, whom have already been identified during CTI"s previous commercial program (the Personal Status Monitoring Project)
Stepanyan V.,Critical Technologies Inc |
Proceedings of the IEEE Conference on Decision and Control | Year: 2011
This paper presents design and performance analysis of a modified reference model MRAC (M-MRAC) architecture for a class of multi-input multi-output uncertain nonlinear systems in the presence of bounded disturbances. M-MRAC incorporates an error feedback in the reference model definition, which allows for fast adaptation without generating high frequency oscillations in the control signal, which closely follows the certainty equivalent control signal. The benefits of the method are demonstrated via a simulation example of an aircraft's wing rock motion. © 2011 IEEE.
Card S.W.,Critical Technologies Inc
Proceedings of the 12th Annual Genetic and Evolutionary Computation Conference, GECCO '10 - Companion Publication | Year: 2010
Commensurate indicators of diversity and fitness with desirable metric properties are derived from information distances based on Shannon entropy and Kolmogorov complexity. These metrics measure various useful distances: from an information theoretic characterization of the phenotypic behavior of a candidate model in the population to that of an ideal model of the target system's input-output relationship (fitness); from behavior of one candidate model to that of another (total information diversity); from the information about the target provided by one model to that provided by another (target relevant information diversity); from the code of one model to that of another (genotypic representation diversity); etc. Algorithms are cited for calculating the Shannon entropy based metrics from discrete data and estimating analogs there of from heuristically binned continuous data; references are cited to methods for estimating the Kolmogorov complexity based metric. Not in the paper, but at the workshop, results will be shown of applying these algorithms to several synthetic and real world data sets: the simplest known deterministic chaotic flow; symbolic regression test functions; industrial process monitoring and control variables; and international political leadership data. Ongoing work is outlined. © 2010 ACM.
Agency: Department of Defense | Branch: Air Force | Program: SBIR | Phase: Phase I | Award Amount: 99.97K | Year: 2011
Given the following four facts: the steadily increasing computational power of mobile handheld devices the steadily increasing number of mobile handheld devices in the modern networked battlespace the steadily increasing need for and supply of sensor data and Situational Awareness (SA) information in the networked battlespace the continuing state of the wireless infrastructure available (lossy, asymmetric, degraded, intermittent links) to network the increasing data load to and from the increasing number of mobile wireless platforms then the need to process as much of the data as possible as far out"on the edge"as possible is a given. CTI proposes an architecture and set of cross-layer optimization algorithms where the mobile wireless platform invests a policy-based degree of its energy in: managing its internal data storage managing its connectivity via disruption delay routing managing the data stored amongst the networked nodes via an evolutionary algorithm managing the analysis of the data between LAN A software solution, based within transparent gateways, will be packaged in a hardware-agnostic component, allowing for deployment across mobile wireless platforms.
Agency: Department of Defense | Branch: Air Force | Program: SBIR | Phase: Phase I | Award Amount: 147.39K | Year: 2013
ABSTRACT: The overall objective is to enable users on-the-move to reliably and securely send and receive information, targeted for recipients? geographic locations, filtered on their credentials, made persistently available if so designated, and tailored for their devices, facilitating their rapid reaction to changing operational conditions. The team proposes to integrate: wireless physical layer broadcast; link layer multicast where supported by hardware and firmware of mobile devices and infrastructure; network layer multicast where supported by routing infrastructure; an efficient, reliable, scalable multicast transport protocol; multicast address mapping per geography, credentials and metadata markups; automated means for tailoring per those markups; and a secure, robust, distributed file system. This will yield a publish-subscribe-query Data Distribution Service (DDS) with archival of persistent messages (a blackboard), where DDS topics map to multicast addresses and correspond to geographic and other filtering criteria. Policy Based Access Control to DDS topics will support restriction based upon security classification/clearance, roles and credentials, and will be enforced with strong encryption and capability based security. GATSID will address a major aspect of the challenge of delivering On-demand Information: What you need, When you need it?, enabling situation awareness systems to exploit tactical sensor data and deliver customized, location-specific intelligence products. BENEFIT: Critical and Capraro will contact the USAF transition professionals of whom we are already aware, specifically those local to the team at the AFRL-Rome Site (Franklin Hoke, Jr. of the Office of Research and Tech Applications, Jan Norelli, Director-SBA) and the Navy (Dawnbreaker-TAP contractor). Ray will also work with the SBIR TPOC and Program team to identify AFRL, then USAF and DoD PMs, PEOs, user groups, programs of record, Government-Wide Acquisition Contracts (GWACs), and stated DoD and DHS operational needs. One key to initial transition will be a successful Phase I demo of relevant location-specified unicast and multicast SA data traffic of differing priorities from and to networked mobile platforms communicating over actual DoD wireless environments (single link/single path to multilinks/multipath). Post-such a Phase I demo, the team plans to approach the Program Managers DoD and DHS PMs identified via Ray"s research with the documented results of this effort, a recording of the demo, and an invitation to provide feedback into the features suite and technology roadmap. Within DoD, we believe this combination CYCLOPS/ARGOS/DDS software solution (mounted in smartphone and smart radios) can find a home within SOCom, and that this solution has a high correlation with the WIN-T (Warfighter Information Network Tactical) program, especially the unmanned vehicle networking technology components. The portions of the GD C4 planned systems and associated simulations, called Multiple Unified Simulation Environment (MUSE), and the Air Force Synthetic Environment for Reconnaissance and Surveillance (AFSERS), would appear to be very relevant Simulation and Modeling vehicles upon which to demonstrate and advance its TRL levels and transition into operational units. Beyond WIN-T, the next transition step would involve meetings and demos to the already known USAF ESC staff, with invitations extended through ESC and the Aeronautical Systems Center-CES to PM teams at PEO-Combat Mission Support (CM), PEO Cyber NetCentric, PEO ISR/Special Operation Forces (ISR/SOF), PEO Command and Control & Combat Support Systems (C2 & CS), and PEO C2ISR. Additionally, the team will target a presentation and late Phase I demo to the Navy"s ESC equivalent (the C4I PEO), to their internal network acquisition and support organization (Navy PEO-Enterprise Information Systems), and a number of operational program offices already identified and known to the team, including NAVSEA-PEO-Strike Weapons and Unmanned Vehicles). Similarly, the team will plan to present and demonstrate for the Army via invitations to Mrs. Roccio Bauer and Mr. Bud Graf with the Cognitive Networking Technologies groups at the Army CERDEC, PEO-Command, Control and Communications-Tactical (C3T), Network Enterprise Technology Command (NETCom), and for the Army"s own networking infrastructure under the Enterprise Information Systems (EIS). Regarding DHS transition, the corps of law enforcement and crisis/disaster relief organizations possess similar needs in automatically acquiring and sharing data to fellow networked members based upon a developed"need to know"or"located near"list instead of a pre-loaded"everyone on the network"list, with minimal disruption to their operations. Potential, targeted user organizations also include those units operating in areas with complicated, multi-team, long duration missions plagued with intermittent comms due to natural factors(US DHS-Border Patrol and Customs; ad-hoc teams from the National Urban Search and Rescue Response System; DHS-Coast Guard"s ship- and port-inspection programs, and State Search and Rescue units) or man-made disasters (FEMA, Community Emergency Response Teams (CERTs); Nuclear, Biological, Chemical, and Radiological (NBCR) crews; OSHA and DOT"s Haz Mat units; and ad hoc, multi-jurisdictional law enforcement teams). The initial marketing plan will also address those with a stated need for accurate, displayed knowledge of human and object SA to a subset of network nodes to conserve bandwidth within a contested space, such as the US Secret Service, Depts. of Justice and Treasury, the FBI"s Hostage Rescue Teams (HRTs), deployed Customs and ATF agent teams, and regional interdiction units The transition plan is to earn a TRL 8-9, be accepted by an approved DoD mobile, wireless platform and NSP provider, and negotiate to become a licensed OEM software component within their platform hardware. With the support of the PM team, a series of Phase I demos to the leadership of both operational and integration organizations (i.e.Space Command-Cyber Operations, StratCom) will be planned and executed. Commercial market transition will be focused on groups similar to the governmental target customers: specifically, corporate and private crisis responder teams prone to operating in ad hoc mixed teams with multiple purposes (and thus differing data needs at different times) with constrained bandwidth (i.e. facility security, environmental disaster units, firefighting teams, land- or sea-based emergency response, urban facility patrol/management, and inspectors within"dead zone"/confined/steel facilities). For example, the ability to ID range and location of specific targets to specific groups of smartphone-equipped network nodes (staff, lifts, trucks, train cars, and RFID-equipped products) within corporate campus-, warehouse-, or transmodal logistics facilities that have intermittent or expensive cellular coverage is a non-traditional market for DoD transition tech. Similarly, this software solution, instantiated on individual smartphones and on any controlling, networked hardware, and which can identify the range and location of staff, RF-ID card-equipped students or gerontological tenants, can be transitioned as an OEM or an After Market component into the emerging"SMART"home/school/office markets. Industry expositions have already been identified, anticipating a strategy of"show and tell"booths and demos driving industry interest and sales. The increasing prevalence of personal, mobile devices in defense, law enforcement, first responder, industrial, and commercial markets has resulted in an increased reliance upon these devices for timely and useful information (more than just data). When time or stress is not an issue, we can handle the flood of data and take the time to sift through and extract the information; when time and stress are an issue, we cannot afford to do this. Thus, it is imperative to reduce data and information overload by placing a system that can target the right information to the right people in the right time Organizations understand this, as proven by innumerable market surveys across multiple industries, all identifying information overload during times of crisis as a debilitating issue. Thus the marketing would not be to replace/compete with existing communication or network services (staff/asset location apps, SA apps, transmodal logistic tracking products, etc) but rather to provide a reliable, scalable, flexible, comprehensive, and automated addendum service to better distribute the data. CTI foresees this post-Phase II solution developing into products (OEM licensure or after-market products) targeted at spirals of user groups, as defined above, each spiral building on the success of its predecessor.
Agency: Department of Defense | Branch: Air Force | Program: SBIR | Phase: Phase II | Award Amount: 1.05M | Year: 2013
ABSTRACT: Warfighters need to be able to trust the systems on which their lives depend. Cases include an individual human trusting an individual computer, an individual computer trusting a server or network to which it is connecting, a server or network trusting an individual computer connecting to it, and (new here) one network trusting another with which it is inter-connecting. Military airborne networks and the emerging commercial Internet of Things and People (IoTaP) are complex dynamic environments. One problem is the need for sophisticated techniques; another is the difficulty of integrating these into a comprehensive end-to-end solution for wireless mobile ad hoc network (MANET) attestation despite $SWAP constraints. Our solution is agent/capability-based Mandatory Access Control, information dispersal complementing strong encryption, and Trusted Computing Group (TCG) Direct Anonymous Attestation (DAA) inspired Distributed Attestation for Mobile, Multicast & Multiple Operator Networks (DAM3ON). The goal is secure and trusted transactions in a distributed Network Centric Operations environment. TPM chips, security enhanced bootloaders, microkernels that enforce capability based access control, hypervisors, security enhanced operating systems, robust encrypted distributed file systems, scalable reliable multicast transport protocols and [zero knowledge] remote attestation protocols all exist, but no architecture integrating these and exploiting their synergies has existed heretofore. BENEFIT: The transition opportunities of integrating the RADTiN/DAM3ON solution into industrial and commercial networks are based upon: integrating the software solution into an existing network and data security hardware product as a licensed sale; integrating the software solution into an existing mobile platform developer as part of an NSP offering, as an OEM sale; or developing our own distribution channel to sell customized versions of the RADTiN/DAM3ON software product line as an after-market reliability and security solution. The industrial and commercial target customers would have a great deal in common with the DoD users being addressed, having to address security and trust issues with remote and/or mobile networked nodes/platforms/smartphones. The team will address these potential users (national grid network monitoring/inspection mobile networked platforms, private corporate network operators, ad hoc disaster relief organizations; border/crisis monitoring platforms, etc) with customized demonstrations based upon their most likely deployed platforms But the most unique commercialization opportunity is in the emerging digital currency/commerce marketplace. Using the teams already existing reputation (as the enablers of the worlds first BitCoin/vending machine transaction) and relationships, the RADTiN/DAM3ON software will be demonstrated as a key enabling technology for the establishment of trust and the security of transactions between digital wallets and physical point-of-sale machines. The key to penetration in this emerging marketplace is to maximize automation (ease of operation), verified security of your smartphone and digital wallet, and trust in the sales machine, the protection of your data in motion (to the machine) and at rest (in the cloud) The ability to clearly attest to the security of your smartphone, your digital wallet, and your data before, during, and after the transaction will be of interest to the firms attempting to broaden this emerging economy. The demonstration of this technology will allow the team entry into these diverse marketplaces, and represent a unique potential commercialization opportunity for a DoD SBIR research effort.
Agency: Department of Defense | Branch: Air Force | Program: SBIR | Phase: Phase II | Award Amount: 749.87K | Year: 2014
ABSTRACT: The overall objective is to enable users on-the-move to reliably and securely send and receive information, targeted for recipients' geographic locations, filtered on their credentials, made persistently available if so designated, and tailored for their devices, facilitating their rapid reaction to changing operational conditions. The team proposes to integrate: wireless physical layer broadcast; link layer multicast where supported by hardware and firmware of mobile devices and infrastructure; network layer multicast where supported by routing infrastructure; an efficient, reliable, scalable multicast transport protocol; DDS topics scoped per geography, credentials and metadata markups; automated means for tailoring per those markups; and a secure, robust, distributed file system. This will yield a publish-subscribe-query Data Distribution Service (DDS) with archival of persistent messages (a blackboard), where DDS topics map to multicast addresses and correspond to geographic and other filtering criteria. Policy Based Access Control to DDS topics will support restriction based upon security classification/clearance, roles and credentials, and will be enforced with strong encryption and capability based security. GATSID will address a major aspect of the challenge of delivering "On-demand Information: What you need, When you need it", enabling situation awareness systems to exploit tactical sensor data and deliver customized, location-specific intelligence products. BENEFIT: The transition and commercialization of GATSID will be driven by its ability to deliver secured, automated, delay-tolerant, role-based accessed, location-based messaging services across multiple communication channels to multiple platforms and using a distributed storage/archive technique. The enhanced GATSID DDS will specifically deliver four unique technical benefits, and form a competitive advantage for both the DoD/DHS and the commercial product lines. First, this software will provide a much higher, capabilities-based security to a greater granularity of tailored, geographically aware topics than current DDS products. Second, it will provide BOTH geographically- and role-filtered services AND geographic privacy of the individual user. Third, the DDS will provide efficient, scalable, reliable, multicast transport services tailored for classes of platforms and link types. Finally, GATSID will also deliver the pub/sub/query interfaces and administrative APIs that enable superior management of role-based access, topic control, and publisher/subscriber lists. The applications will be addressed in multiple spirals of transition and commercialization demonstrations and customized productization efforts. Generally, these spirals will consist of three strategic applications. First, there will be the demonstration and acceptance of GATSID as an enhancement to existing mass notification communication and networking programs already paid for and deployed by DoD and DHS users. Each of these GATSID applications will be tailored to enhance a greater number of automated LBS message types, greater use of delay tolerant transport, routing, and distributed storage techniques, a greater number of utilized link types and platforms, a greater number of enabled mobile nodes/users. A number of such enhancement opportunities have already been identified, and include USAF AtHoc+GATSID, FEMA EAS and FEMA Desktop Alert MNSv5 products, and an emerging commercial LBS product line design, sales, and distribution company involved in multiple industrial sectors (i.e. LocAid). Second, there will be the demonstration, marketing, and sales of GATSID as a free-standing software product, sold as licensed software as a new LBS OEM to an existing mobile wireless platform and as an upgrade or enhancement to existing LBS software product line for different commercial or retail spaces spaces and existing LBS hardware/software product line for different industrial spaces. Each of these GATSID software formats will be tailored to the specific platform hardware and customized to enhance a greater number of automated LBS message types, DTN and either a private or public cloud, and a greater number of commercial links. A number of such industrial opportunities have been identified, most specifically our registration and emerging participation as an Enterprise Partner for a top smartphone designer, manufacturer, and global distributor interested in our LBS design The Third strategy is centered upon the teams Grand Vision Product/Service bundle. The software product will be an instantiation of GATSID and its enhanced DDS technologies, RADTiN/DAM3ON attestation capabilities, PocoDoc/IMP, DTN routing techniques, and access-controlled access to distributed data storage. The hardware platform will either be a next-gen smartphone or a three-factor authenticated USB platform with secured integration of multiple micro-visored (VMs) of a users OS, data, and apps. The service would entail agent-controlled access to distributed storage as well as backup services and guaranteed replacement, hosted by multiple clouds.
Agency: Department of Defense | Branch: Air Force | Program: SBIR | Phase: Phase I | Award Amount: 149.63K | Year: 2012
ABSTRACT: Warfighters need to be able to trust the computer systems on which their lives depend, which includes every computer in or attached to the network. We can launch a trustworthy computer by booting from a Trusted Computing Base consisting of a Microvisor with capabilities security plus a Capability Proxy engine running in a Virtual Machine, all protected by a Trusted Platform Module. We can instantiate multiple VMs that communicate with each other only by means of Microvisor methods that enforce capability-based security, instantiate a Tahoe-LAFS grid in the VM server farm, and run Secure Multi-Party Computation on the VMs. We can use secure multicast communications protected by capability-based security using NORM plus DIPLOMA, instantiate multiple Tahoe-LAFS grids and run Secure Multi-Party Computation on multiple computers to make the network resistant to exploitation. We can share security information using publish-subscribe distributed blackboards. We can enable trust relationships between VMs and between computers using the Trusted Computing Group"s Direct Anonymous Attestation. We can use multi-factor authentication of the user to the computer. We can make it easy for users to do the right thing and difficult for users and adversaries to do the wrong thing by managing capabilities with Capability Middleware, which CTI will design. BENEFIT: The increasing prevalence of mobile devices in defense, law enforcement, industrial, and commercial markets has resulted in an increased need for scalable, flexible, comprehensive, and automated security of the devices and of the data they store and transmit/receive. Additional to the security of the data is the requirement for secure computing, as apps on mobile smartphones, laptops, and personal computing devices are more frequently targeted with malware, spyware, and DoS attacks, and are less prepared to thwart attacks, when compared to traditional (and still prevalent) fixed workstations. Thus, there exists an acknowledge market need (both in government and the commercial marketplaces, regardless of industry) for a method that will enable mobile data storage, mobile computing, and the security to use a mobile node to access a static network via any node, agnostic to that node"s attributes or status (vulnerable, infected, unknown, etc.) CTI foresees this solution developing not into a single point solution, but a product line of OEM component solutions, customized for multiple hardware platforms (beyond the proposed PoC MXI stealth USB drive) and user groups. The latest market size figures for such a solution range from five hundred million to one and a half billion dollars in annual sales (2 to 4 million units sold in the US with an estimated average unit price of $250 over several storage MB limits) by the year 2016, more than tripling in size over the next five years, and experiencing a compound annual growth rate of 5-17% as various international commercial markets are forecast to grow. Given the potential service bureau attached to the proposed product line (whose value is not being estimated above), the sales of this hardware and service package solution would exceed one billion dollars net Certainly, even at this early stage, there are markets aware of the unsolved problems, the need for the benefits, and the willingness to purchase a solution capable of defending against evolving threats. Such market figures and educated customers indicate low programmatic risk for transition and commercialization.
Agency: Department of Defense | Branch: Defense Advanced Research Projects Agency | Program: SBIR | Phase: Phase II | Award Amount: 1.50M | Year: 2015
The overall objective of this topic is to build applications that expand the ecosystem of secure software components around the seL4 operating system microkernel. The CTI/SU teams interpretation of this is broad, including an application primarily as a demonstration of the utility of a more fundamental expansion of the ecosystem: to release to the community, as open source, a minimized Trusted Computing Base (TCB) that strongly isolates VMs, supports capability based security and computer resource management, is amenable to independent formal verification and penetration testing, has been formally verified and penetration tested at least once, and facilitates mixed proof / factored security arguments where components vary in their trustworthiness and pedigree. The objective of Phase II is to develop secure software components together with a demonstration application, on top of seL4. The secure software components will be the Syracuse Assured Boot Loader Executive (SABLE) and the Genode operating system framework. The demonstration application will be the Geographically Aware & Target Secure Information Dissemination (GATSID) pub-sub-query DDS. The real impact is that developers are enabled to construct explicitly mixed-trust systems on a trustworthy base and administrators are enabled to assess objectively the trust they should repose in such systems.