You are here

Cyber Security of Physical Systems

Description:

TECHNOLOGY AREA(S): Info Systems 

OBJECTIVE: This is an AF Special Topic in partnership with MD5, please see the AF Special Topic instructions for further details specifically for requirements related to MD5 programs and services and this topic. The objective of this topic is to develop innovative systems or prototypes that address the capability to identify and mitigate intrusions into or manipulation of physical systems. Trends towards extending connectivity and electronic access to physical systems provide new attack surfaces, vulnerabilities, and safety concerns for transportation systems, health care systems, critical infrastructure systems, energy systems, etc. This topic will reach companies that can complete a feasibility study and prototype validated concepts in accelerated Phase I and II schedules. A Phase I award will be completed over3 months with a maximum award of $75K and a Phase II may be awarded for a maximum period of 15 months and $750K. Proposals that are selected for award under the MD5Special Topics will need to have participated in an MD5 program or service, or in another technology acceleration program, prior to the completion of the proposed Phase I SBIR project as noted in the AF Special Topic instructions. 

DESCRIPTION: The Air Force is interested in exploring approaches to characterize and mitigate threats to physical systems caused by intrusions through connected systems and attacks from within a system that attempt to maliciously influence the functions of subsystems or components. Of particular interest are cyber threats to aviation systems and subsystems, including navigation, communications, flight control, sensor, maintenance, and air traffic management. The intent of this topic is to develop and demonstrate prototype products that are capable of identifying attack surfaces in test and evaluation and/or mitigating threats in aviation systems. It is not required that a product address all aspects of the cyber threats to physical systems, but it is required that any solution that solves part of the cyber threat challenge be able to integrate well with other existing and potential solutions. It is also desired that any potential solutions have a linkage to relevant commercial technologies or products that will help to advance the development of products for the warfighter. 

PHASE I: Conduct a feasibility study to determine the effectiveness of potential or existing commercial or defense solution(s) for one or more of the cyber threat to physical systems challenges. This feasibility study should directly address: 1. Which problem area(s) are being addressed by the solutions 2. How they will apply to the US Government’s needs 3. The breadth of applicability of the solution(s) to the US Government 4. Give examples of which government customers would likely be able to utilize the solution(s) 5. The solution(s) should also be evaluated for cost and feasibility of being integrated with current and future complementary solutions 6. How the solution(s) will be able to address potential future changes in physical system technologies and challenges 7. The potential to keep pace with technological change due to things such as other non-DoD applications and customer bases for the solution(s) The funds obligated on the resulting Phase I SBIR contracts are to be used for the sole purpose of conducting a thorough feasibility study using interviews, analyses, trade studies, experiments, simulations, and/or component testing. 

PHASE II: Develop and demonstrate a prototype system determined to be the most feasible solution during the Phase I feasibility study on cyber security of physical system challenges. This demonstration should focus specifically on: 1. A clear and specific government customer that can immediately utilize the solution 2. How the solution differs from any existing technology or product to solve the DoD need (i.e. leverage of new technology or a description of how existing technology has been modified) 3. How the solution can leverage continued advances in technology 4. How the demonstrated capability can be used by other DoD customers 

PHASE III: The contractor will pursue commercialization of the various technologies developed in Phase II for transitioning expanded mission capability to a broad range of potential government and civilian users and alternate mission applications. 

REFERENCES: 

1: US Air Force, Cybervision 2025. Dec 2012. http://www.defenseinnovationmarketplace.mil/resources/AF_Cyber_Vision_2025.pdf

2:  NIST CPS Public Working Group, Framework for Cyberphysical Systems, Release 1.0. May 2016. https://s3.amazonaws.com/nist-sgcps/cpspwg/files/pwgglobal/CPS_PWG_Framework_for_Cyber_Physical_Systems_Release_1_0Final.pdf

3:  IEEE Control Systems Society, Cyberphysical Systems by Radhakisan Baheti and Helen Gill (Part 3, paper #2). Feb 2011. https://s3-us-west-2.amazonaws.com/cc-ieeecss/IoCT-FullReport_v2.pdf

KEYWORDS: Cyberphysical Systems, Cybersecurity, Aircraft Systems, Flight Safety 

CONTACT(S): 

Greg Coleman (MD5) 

(301) 502-1609 

gcoleman@md5.net 

US Flag An Official Website of the United States Government