DHS FY 19 SBIR Solicitation

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) developed Rapid DNA technology under a prior Small Business Innovative Research (SBIR) program to provide family relationship verifications in the field, a capability that no other biometric provides. Rapid DNA is an innovative technology that reduces the testing and analysis time for Deoxyribonucleic Acid (DNA) from the classical three to six months down to 90 minutes using a printer-size portable device. Rapid DNA also internally analyses the DNA profiles and with OBIM Store/Match/Share software can verify family relationship claims of biological relatedness (kinship). This has direct application to improving processes and reducing fraud in immigration, human trafficking/ smuggling at the borders, and for reunification of families following a mass casualty event. This SBIR topic builds on the established Rapid DNA capability, adding the necessary capability to provide for reach-back review of Rapid DNA results in an accredited environment.

DHS S&T has had a significant role in developing, overseeing, testing and evaluating the Rapid DNA technology and it is now commercially available and ready to be implemented. Better than 90% of the time Rapid DNA produces a DNA profile cable of supporting a match and the instrument returns a green checkmark. But the remaining 8% of the time, the profiles receive either a yellow or red flag and need to be reviewed. Some of these yellow or red flags are due to issues with the DNA profile that will not impact the kinship analysis and some are due to processing issues by the technology. Either way, DHS needs an ability to reach-back to a DNA analyst to review the DNA profiles and to re-run a DNA sample when necessary. The DNA analyst and the facility also need to be accredited so that the fielded Rapid DNA results and those of the reach-back capability are shown to be repeatable and accurate to stand up in court, if challenged.

The DHS Customs and Border Protection (CBP) Laboratories and Scientific Services Directorate (LSSD) has multiple regional laboratories and satellite offices for the processing of multiple forensic sample types, but does not currently have a human DNA laboratory. We are seeking any innovative/alternative solutions that would provide a reach-back capability for fielded Rapid DNA systems, anticipating that the developed solution would ultimately transition into the LSSD laboratory for long-term operational support to DHS field components.

The research into potential reach-back solutions would need to address the analysis of innovative or potential solutions to provide reach-back support for Rapid DNA, the interface an analyst uses to review and annotate Rapid DNA field results, the use of DNA data sharing standards, the accreditation of the reach back capability, location/staffing/costs for the reach-back capability, and the eventual transition of the new capability to DHS LSSD facilities.

Once the alternative reach-back solutions are proposed, a pilot solution would be developed to implement the reach back capability. This would include specifying and acquiring the appropriate technology, developing the detailed documentation to establish and maintain accreditation, researching and developing training materials, establishing performance metrics and risk mitigation recommendations and measurement plans, and addressing access and privacy protection solutions.

DESCRIPTION: The Department of Homeland Security (DHS) Science and Technology Directorate’s (S&T)

Project Responder 5 Report identified key capabilities to help first responders be more effective
in their mission. Among   the   findings   included   the   need   to   securely  share  
information,   validate   responders   from   other organizations, and securely maintain records.
These challenges only increase as responders rely on more data. There is a critical need for
responders to securely validate users and share information.  Identity, Credential, & Access
Management (ICAM) principles can mitigate these challenges.

ICAM is a framework of policies built into an organization’s IT infrastructure that allows system
owners to have assurance  that  the  right  person  is  accessing  the  right  information  at  the
 right  time  for  the  right  reason.  First Responders need to safely and securely share
information between jurisdictions, but first responder organizations do  not  currently  have 
federations  set  up  to  aid  in  information  sharing.  Instead,  during  multi-jurisdictional
responses, organization might be forced to manually provision an un-vetted new user or take days to
vet a new user's identity and certificates. Lead agencies require quick and secure solutions to vet
identities and credentials in real time as well as auto-provision users into information sharing
applications. ICAM On-the-Fly would allow new users to show up to assist in a public safety event,
bringing their own credential, their own device and the role they are to provide during the event.

Fundamentally, ICAM On-The-Fly must:

•    Perform Quick Identity Proofing;

(e.g. validate that the user is who they says they are)

•    Validate applicable certifications and attributes required to access the information to be
shared; (e.g. EMT Certified, sworn law enforcement)

•     Automatically Provision (register) New Users;

•     Be built using open standards to preserve interoperability;

•     Be cross platform (iOS/Android) compatible; and

•     Recognize  a  broad  array  of  credential  attributes  in  diverse  environments  (i.e. 
multiple  types  of  LDAP,  Active Directory, etc.)

First responders will need to carry many more devices such as sensors (environmental,

physiological monitoring, hazard), IoT devices in addition to their cell phones and radios and
peripheral devices (e.g., heads up displays) that require power.  Each of these devices may have
different power requirement (e.g., USB, USB-C, Apple,microUSB) and may need to be charged at
different intervals depending on battery life and use.  Requiring first responders to charge and
track battery levels for all these devices would be an additional burden and work load.  The
innovation sought here is to develop a power module for first responders (PMFR) that would service
all the current and emerging requirements of on-body devices.  The Power Module would provide
long-term, exchangeable and rechargeable battery, or viable alternative such as fuel cell, power to
the various modules for extended use.

Currently, DHS is aware of some power modules/battery packs that have been developed for Department
of Defense (DoD) applications but none for the first responder civilian applications.  It is
anticipated that in the future if these power modules are deployed ubiquitously then sensors and
peripheral devices no longer need built in power systems and can rely on the PMFR for power.  Use
of external power subsystems would then reduce the costs, size and form factor of sensors and
peripheral devices.

The PMFR should be:

•    Flexible to support a number of devices and power requirements (IoT devices, sensor modules,
cellular and radio systems)

•    Swappable (swap out a unit with low charged with a fully charged device); ideally hot
swappable

•    Portable (low size and weight for use on day to day applications and for carrying)

•    Low cost (objective $50/threshold $100 for non-intrinsic models)

•    Available for different applications (intrinsically safe for fire applications or standard
ruggedized for EMS or law enforcement IP68 or CSA for intrinsic applications)

•    Operate for 24 hours (objective) or 8-12 hours (threshold))

•    Rechargeable through 110 Volts or 12 volts (from vehicle)

•    Capable of providing battery status, report run-time remaining and alert when charge falls
below a threshold

•    Capable of using standard battery or batteries (for backup)

•    Capable of detecting and reporting modules connected to the Power Module and provide battery
status

•    Power status application with low-power alert function;

DESCRIPTION: DHS and first responders need low cost, high performance sensors that can be used to
detect
chemical materials in different environments. A persistent problem in chemical sensing is the
inability of the sensor system to reliably address complex sensing tasks and environments. Such
conditions are regularly encountered in situations involving environmental monitoring, industrial
process control, toxic chemical and fire detection. Often, these tasks are centered on the detection
of chemical signatures rather than individual chemical compounds. However, detection of individual
analytes is often complicated significantly by environmental conditions that exist in backgrounds
with multiple potentially interfering chemical species. This can lead to surprisingly poor
performance in real-world environments after excellent results have been demonstrated in the
laboratory. Hence understanding the surrounding details of a chemical sensing problem is critical
to finding a solution, together with knowing and addressing the target analytes themselves.

Different types of sensors, a large number of them being based on molecular sensing capability and
coupled with nanostructured surfaces, are being developed. However, most of these sensor
developments are empirical and their performance, particularly the interplay between sensitivity
and selectivity, cannot be predicted until the sensors are fully tested in a real-world
environment. The costs to the user are therefore quite substantial for each sensor development
before an objective assessment with regards to their usability can be made.  On the other hand, a
modeling-based approach, which would allow design of surfaces as well as the sensing device
diagnostics, could allow for an inexpensive, user friendly approach to designing sensor materials
that can be integrated with electronics to produce any type of sensor – chemical or biological,
with parts per trillion (ppt) sensitivity and fast (seconds) response times. The reduction in cost
compared to the current sensor development approaches which are empirical in design is expected to
be at least an order of magnitude.

Many current sensor developments involve different types of polymers like those used in surface
acoustic wave (SAW) mode or molecular imprinted polymer (MIP) configurations. A recurring problem
with regards to sensing of chemical vapors is the issue of addressing complex sensing tasks and
environments that are routinely encountered in most real-world situations.  Even detection of
individual analytes is almost always complicated significantly by these unavoidable environmental
conditions.  This can lead to surprisingly poor performance in environments relevant to first
responders [1,2]. The same selectivity problem exists even in the case of arrays of sensors [1].
Theoretically based strategies for design and optimization of chemical sensors are rarely adopted
by sensor developers. The same situation also exists for molecularly imprinted polymers.  Molecular
imprinting is the process whereby a polymer matrix is cross-linked in the presence of molecules
with surface sites that can bind selectively to certain ligands on the polymer. Recent theoretical
work [3,4] has discussed a model that accounts for the key features of this molecular recognition
approach. Using a combination of analytical calculations and Monte Carlo simulations, it has been
shown that the model can account for the binding of rigid particles to an imprinted polymer matrix
with valence-limited interactions. It has also been shown as to how the binding multivalency and
the polymer material properties affect the efficiency and selectivity of molecular imprinting. These
calculations also indicate pathways to formulate design criteria for optimal molecular imprinting.
While theoretical models for rational design of sensors and sensors arrays do exist, there has not
been any sensor development which are explicitly based on these models. The goal of the project is
to develop sensors based on the rational designs of the theoretical models and evaluate the sensor
performance in both pristine and complex environments relevant to the needs of the user community.

DESCRIPTION: Currently fielded explosive detection equipment uses electromagnetic signals, such as
X-rays

or MMWs to interrogate passengers and their belongings. Automatic algorithms process the images
generated by the screening hardware either to clear the passenger/property or to identify specific
anomalies for further investigation. The use of machine learning and deep learning approaches to
develop these algorithms have shown significant promise in improving overall system performance.
The DHS S&T/TSA Passenger Screening Algorithm results showed the effectiveness of deep learning
applied to passenger screening. Development of the equipment and its associated detection
algorithms is time consuming and expensive because system screening performance is difficult to
accurately model.  Currently:

•    Prototype systems must be built and tested to measure and understand the interaction of
X-rays/MMWs with explosives in various containment configurations.

•    Development requires physical test articles to be fabricated or acquired.  Suitable test
articles may even be impossible to create if the explosives involved are unsafe to synthesize.

•    If machine learning or deep learning algorithms are developed for detection, many test
articles must be created and scanned to build datasets for algorithm development, training, and
testing. This is particularly labor intensive in order to generate large, representative datasets.

In order to accelerate the advancement of explosive detection equipment, the DHS S&T Directorate
seeks to develop tools to create virtual models of human travelers, their baggage and its contents.
These models:

•    Should be representative of the stream of commerce.

•    Should be capable of including simulated explosives and prohibited items.

•    Should be able to be generated in large numbers (many thousands or millions) in a reasonable
amount of time (under 1 second per image).

•    Should be useable by researchers and vendors to predict the performance of emerging explosive
detection technologies and to train machine learning-based detection algorithms.  The predictions
and training will make use of tools (see, for example,
https://www1.aps.anl.gov/science/scientific-software) that simulate the propagation of X-rays/MMWs
through simulated objects.

•    Should be useable for assessing a system’s ability to detect emerging threats that are unsafe
to synthesize.

•    Should be useable for a variety of electromagnetic interrogation methods including synthetic
aperture radar, computed tomography, and single and multi-view (AT2) line scanners. These
technologies use transmission, diffraction, and phase contrast to detect explosives and prohibited
items.

The tools should:

•    Include methods to create shape descriptions for explosives and other objects, and methods to
insert these items into representative scans. The mathematical descriptions may be based on the
union of geometric primitives, polygon meshes, and sampled three-dimensional volumes.

•    Include parametric descriptions for the features of explosives, so that users do not require
access to classified information.

•    Be compatible with tools in the public domain for simulating X-ray/MMW interactions with
objects.

•    Be compatible with script- or code-based algorithms targeting open-source multi-dimensional
modeling software (e.g., MakeHuman and Blender)

•Provide for a real-time means of dynamic configurability, especially as regards the physical
properties of virtual materials to be used in the modeling and the system’s input/output file pathways (e.g., use of “config files”)

Organizations throughout the American economy and government are faced with designing and then
operating
cybersecurity risk management, in a complicated and dynamic environment.  They have been provided
with a useful starting point, a cybersecurity risk management framework, developed by NIST,
supported by DHS, and filled out in some detail by different critical infrastructure sectors and
organizations.  But sustaining risk management operations is more difficult, as organizations must
somehow blend a great deal of technical input (vulnerability reports, incident reports, threat
analysis, technical guidance, etc.) with their own organizational experience.  The cybersecurity
“knowledge management” challenge is significant for any particular organization, regardless of size
or critical infrastructure domain.

Additionally, several million organizations and companies across the country are faced with this
challenge, continuously.  Most information sharing systems assume that these many organizations and
companies should report their cybersecurity experiences vertically to commercial and governmental
centers, which are to synthesize these various reports and report back analytical insight.  But
what does not yet exist is a peer-to-peer version of this reporting activity, where an organization
can directly leverage related experiences of thousands of organizations and companies, through a
tool that can capture and report their own experiences and connect them with comparable experience
of other organizations and companies, to better help them understand and manage their cybersecurity
risk.

The end product of this effort should address capabilities such as:
•    Key internal risk assessment elements
•    The time/dynamics of internal risk assessment elements
•    Outside context for these assessments (vulnerabilities, operating data, etc.)
•    Multiple information sharing mechanisms (one to one, one to many, collaboration drafts, etc.)
The key requirement is that this tool must be able to support enterprise consideration of
cybersecurity risk, by bringing into the process valuable insight from other enterprise’ consideration of risk

Networks, and systems of networks are ubiquitous in modern technology used throughout society today. Identification of risk in these networks often requires a model to be developed for the network or system of networks. These models range from the simple to the mathematically complicated models used for large networks. Some risks, such as cascading failures in a network, are difficult to identify. The goal for this effort is to develop the tools necessary to identify these risks, with a potential to identify mitigation strategies with an initial focus on emergency communications networks.

The tool should be capable of including information about the network, such as number and type of nodes, appropriate labels for nodes, and known risks or defects for the network. The tools will also be capable of performing counterfactual or "what-if" analysis, to identify risks in the network, such as the potential for cascading failures. The tool shall be able to incorporate information about the network or system from the PARIDINE project. PARIDINE is intended to provide disruptive event information for large networks or the Internet. This includes: 1) a definition of a disruptive event; 2) identification of data to identify disruptive events; 3) identification and operational reporting via an API for disruptive events and 4) attribution or root cause analysis of the disruptive events, with a measure of attribution accuracy. At least three state space models will be produced under the phase I effort.

Blockchain and Distributed Ledger Technology (DLT) are emerging technologies being leveraged for a wide range of commercial and governmental applications. The most well-known use case would likely be Bitcoin, within the newly emerged cryptocurrency arena, which has spurred further interest and developments. Prior efforts have addressed Bitcoin analytics, which covers only a limited scope within the realm of cryptocurrencies. This proposal seeks applications of blockchain forensic analytics for newer cryptocurrencies, such as Zcash and Monero. And, ongoing research within the field also contributes to new technological implementations and techniques that continue to multiply the specific types of consensus, privacy, security, and proof mechanisms.

A key feature underlying these newer blockchain platforms that is frequently emphasized is the capability for anonymity and privacy protection. While these features are desirable, there is similarly a compelling interest in tracing and understanding transactions and actions on the blockchain of an illegal nature. To that end, this proposal calls for solutions that enable law enforcement investigations to perform forensic analysis on blockchain transactions. This analysis can be approached in any number of ways and may consider different data situation use cases depending on whether additional data from off-chain sources are available. Furthermore, with the proliferation of new blockchain variants, the desired solution should either attempt to show generality or extensibility, or at least provide working approaches to treating newer blockchain implementations.

This topic seeks the development of relevant communications protocols, application programming interfaces (APIs), and interface control documentation (ICDs) to allow legacy and emerging radiation detection systems in operational use to be integrated into current and emerging networked systems. The effort would encompass surveying commonly deployed legacy radiation detection systems, cost-benefit analyses to assess the relative importance of which detection systems merit integration, and subsequent development of the required interfaces to permit integration of those systems.

The effort must include the ability to transmit/stream the data from the sensor(s) to current and emerging networked systems. It should take into account that there are a multitude of sensors that can be categorized as permanent, deployable, and roving, all of which can be in GPS-denied environments. Proposed technical solutions must provide near-real-time transmission of sensor data when cellular or WiFi communication is unavailable. These capabilities are critical to operational environments where cellular is not readily available, such as U.S. Coast Guard operations, and U.S. Customs and Border Protection (CBP) U.S. Border Patrol (BP) operations. Solutions should be proposed that are capable of high bandwidth, secured, rugged, scalable, cost effective, and low size, weight, and power. Additionally, solutions that allow transmission of data while minimizing signatures for geolocation of the transmitter would also permit a wider range of CONOPS.

Proposers should expect to develop working relationships with original equipment manufacturers (OEMs) of deployed legacy R/N detection systems and current performers supporting the current networked system.

The goal of this effort is to prove the concept of automated UAS to conduct radiation
detection operations in a cluttered three-dimensional environment such as a cargo container yard,
stadium, or
parking lot. The only operator action will be to define the boundaries of the environment to be
searched, to include defining basic search parameters (e.g. minimum separation distance from
obstacles and flight line spacing). The UAS may include multiple small unmanned aerial vehicles.
UAS capabilities must include:

1.   Operation within 2 m of objects to be inspected during flight.
2.   Detection of anomalous gamma-ray and neutron radiation. The onboard radiation detection
systems will meet the radiological test detection requirements of the ANSI N42.48.
3.   Production of a real-time “heat map” for radiation as flight is conducted.
4.   Dwelling at locations where radiation anomalies are identified for as little as 30 seconds and
no more than 5 minutes.
5.   Optimization of search pattern to minimize search time while maintaining the ability to
localize and identify radiological threats, including the ability to provide the operator with
search time and battery usage estimates based on the definition of optimized search area and flight
parameters provided by the operator.
6.   LIDAR for collision avoidance and to map search area and using that information to develop an
optimized search pattern.
7.   Visual cameras to provide live feed of flight profile.
8.   The ability to transmit location information of one small unmanned aerial vehicle (UAV)
relative to the object being scanned and other unmanned aerial vehicles (if applicable).
9.   Logging and transmitting to the operator and/or a designated reachback center geo-referenced
gamma- ray spectra, visual imagery, LIDAR profile, and all flight parameters when the UAS records
either a gamma-ray or neutron alarm.
10. Flexible communications (Satellite, Cellular Tower, Wireless, hardwired, etc.) depending on
what is available at a given deployment location.
11. The ability to launch from a designated site, perform search, and return before running out of
power or when “mission” is complete.
12. Communication of system health status back to operator (“heartbeat”).
13. Recharging for subsequent assignment.
14. A human interface that allows for all automated functions to be controlled manually.
15. A “kill” button for emergency power-down on both the human interface and the unmanned aerial
vehicle itself.

16. Field repairs on limited life components prone to deteriorate due to the nature of their
function/design.
17. Running full diagnostics on the UAS platform for maintenance purposes as well as firmware
updates,
etc.