You are here

Red Team in a Box for Embedded and Non-IP Devices

Award Information
Agency: Department of Defense
Branch: Navy
Contract: N68335-19-C-0062
Agency Tracking Number: N182-131-0597
Amount: $124,863.00
Phase: Phase I
Program: SBIR
Solicitation Topic Code: N182-131
Solicitation Number: 2018.2
Timeline
Solicitation Year: 2018
Award Year: 2019
Award Start Date (Proposal Award Date): 2018-10-15
Award End Date (Contract End Date): 2019-04-18
Small Business Information
319 1st Ave North, Minneapolis, MN, 55401
DUNS: 103477993
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 David Musliner
 (612) 325-9314
 musliner@sift.net
Business Contact
 Linda Holje
Phone: (612) 226-5061
Email: lholje@sift.net
Research Institution
N/A
Abstract
Because Navy Cyber Physical Systems (CPSs) are often not connected to IP networks, yet still may be vulnerable to cyber attack, there is an urgent need for a portable device that can be connected to a variety of non-IP CPSs to assess their security posture. SIFT proposes to develop the CRIMSON Portable Red Team to automatically extract firmware from a target, analyze the firmware to find zero-day vulnerabilities, and then generate a report describing the vulnerabilities and possible mitigations. CRIMSON will be built on our state of the art NEO-Fuzz Cyber Reasoning System, which already includes capabilities to unpack, analyze, and fuzz-test embedded system software. CRIMSON will re-host the system on a portable computing platform and add components to connect to a wide variety of CPS targets, extract their firmware for analysis, and generate user interfaces and reports for use by non-experts.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government