You are here

Small Space, Weight, and Power (SWaP) Multilevel Security Cross-Domain Solution

Description:

TECHNOLOGY AREA(S): Information Systems, Air Platform

OBJECTIVE: Develop a small form factor, integrated, multi-level security, cross-domain solution.

DESCRIPTION: The Navy's integrated warfighting strategy, driven by advancing adversaries, calls for high levels of interoperability while at the same time maintaining the highest level of cybersecurity protection. Multiple security enclaves within a platform are becoming commonplace across the Navy, but no common solution exists. Along with coordination of systems and sensors within a platform, datalinks between similar and dissimilar aircraft are critical to success for the future of the Navy. Due to the current security posture across the Department of Defense (DoD), data of different security levels are often unable to be integrated, limiting warfighters’ ability to make tactical decisions. The development and fielding of a small form factor, integrated, multi-level security, cross-domain solution able to be tailored to a platform's need while maintaining a set of common standards would save each program from redundant development [Refs 1, 2]. Each Naval program will have their independent needs for number of domains, required classification levels, and SWaP constraints, but at a minimum, the developed technology must meet the following requirements:Demonstrate concurrent operation across four distinct security domains. Operator interface with access to all security levels. Develop rulesets to control data flows within, in, and out of the system. Send and receive data across each domain while ensuring no spillage to unapproved domains with Government designated simulation environment. In-flight demonstration of technology with similar and dissimilar aircraft in Government-designated scenario. Process DoD classified data at all levels of classification. Plan for National Security Agency (NSA) approval as a cryptologic device [Refs 3, 4]. Maximum physical size of 1” x 4” x 6” per security domain.Maximum weight of 8 ounces per security domain. Operate via aircraft power at 28VDC or 400Hz AC. MIL-STD 810H [Ref 5] for environmental effects.Without a common solution and coordination of system architecture design, the Navy is at risk of stove piped solutions that would require complete redesign when asked to fight together.Work produced in Phase II may become classified. Note: The prospective contractor(s) must be U.S. owned and operated with no foreign influence as defined by DoD 5220.22-M, National Industrial Security Program Operating Manual, unless acceptable mitigating procedures can and have been implemented and approved by the Defense Counterintelligence and Security Agency (DCSA). The selected contractor and/or subcontractor must be able to acquire and maintain a secret level facility and Personnel Security Clearances. This will allow contractor personnel to perform on advanced phases of this project as set forth by DCSA and NAVAIR in order to gain access to classified information pertaining to the national defense of the United States and its allies; this will be an inherent requirement. The selected company will be required to safeguard classified material IAW DoD 5220.22-M during the advanced phases of this contract.

PHASE I: Design and demonstrate feasibility of a flyable routing solution scalable to various platform configurations with a cross-domain solution addressing multiple security levels. Develop a draft architecture and plan for attaining NSA approval for cryptologic systems. The Phase I effort will include prototype plans to be developed under Phase II.

PHASE II: Further design and develop the solution identified in Phase I into a prototype. In conjunction with the Government, develop simulated data and then use that data to demonstrate the prototype. Develop an unclassified set of controls to handle organic and off-board classified data types provided by the Government. Initiate process of attaining NSA approval for designed hardware and software.Work in Phase II may become classified. Please see note in the Description section.

PHASE III: Complete development of the cross-domain control measures and perform final testing in a Government-designated simulation environment. After identifying specific data types and classifications of airborne system data, demonstrate a fully capable multi-level security cross-domain solution in a live fly event. Continue work with the Government sponsor to gain NSA approval for provided approach and transition to applications across Naval airborne platforms.The control measures and techniques employed may benefit companies seeking to protect proprietary data while working with other organizations. This technology will apply beyond the contractors supporting the DoD. Medical, financial, and civilian electronics industries will benefit from a technology that allows networking with competitors for collaboration while preventing proprietary or personal data from spillage onto an improper domain.

KEYWORDS: Multi-level Security, Cross-domain Solution, Data Sorting, Adaptive, Small Form-factor, Modular

References:

1. Koelsch, Col. B. F. “Solving the Cross Domain Conundrum.” US Army War College, Strategy Research Project2013. https://pdfs.semanticscholar.org/26b3/0eab984c8c5c31e9a18e75b4ac4c52b1c14c.pdf 2. US Joint Staff. “Cross-Domain Synergy in Joint Operations, Planners Guide, January 2016.”https://www.jcs.mil/Portals/36/Documents/Doctrine/concepts/cross_domain_planning_guide.pdf?ver=2017-12-28-161956-230 3. National Security Agency/ Central Security Service. “Information Assurance Capabilities, Data at Rest Capability Package, Version 4.0. January 2018.” https://www.nsa.gov/Portals/70/documents/resources/everyone/csfc/capability-packages/dar-cp.pdf 4. National Security Agency/ Central Security Service. “Information Assurance Capabilities, Commercial Solutions for Classified, Harnessing the Power of Commercial Industry,,September 2018. https://www.nsa.gov/Portals/70/documents/resources/everyone/csfc/csfc-faqs.pdf 5. MIL-STD-810H, DEPARTMENT OF DEFENSE TEST METHOD STANDARD: ENVIRONMENTAL ENGINEERING CONSIDERATIONS AND LABORATORY TESTS (31-JAN-2019). http://everyspec.com/MIL-STD/MIL-STD-0800-0899/MIL-STD-810H_55998/

US Flag An Official Website of the United States Government