OUSD (R&E) MODERNIZATION PRIORITY: Cybersecurity TECHNOLOGY AREA(S): Electronics; Information Systems The technology within this topic is restricted under the International Traffic in Arms Regulation (ITAR), 22 CFR Parts 120-130, which controls the export and import of defense-related material and services, including export of sensitive technical data, or the Export Administration Regulation (EAR), 15 CFR Parts 730-774, which controls dual use items. Offerors must disclose any proposed use of foreign nationals (FNs), their country(ies) of origin, the type of visa or work permit possessed, and the statement of work (SOW) tasks intended for accomplishment by the FN(s) in accordance with the Announcement. Offerors are advised foreign nationals proposed to perform on this topic may be restricted due to the technical data under US Export Control Laws. OBJECTIVE: To generate a unique capability with appropriate National Security Agency (NSA) approvals at Technology Readiness Level Eight (TRL-8), leveraging existing component technologies at TRLs 3-9. The proposed device would provide a small form factor computer with integrated classified data storage and transmission, meant for integration into small unmanned platforms, and would be interoperable with other standard NSA Type 1 encryption technologies. DESCRIPTION: Existing encryption solutions for Data at Rest (D@R) are bulky and require significant power availability to operate, making deployment on smaller platforms or in power-limited systems challenging. Much smaller Data in Transit (DiT) solutions are available but are designed for use over solid networking connections, making deployment in situations with limited bandwidth or intermittent connectivity difficult or impossible. The proposed device incorporates existing chips available from multiple vendors for implementation of cryptographic algorithms into a single box meant to optimize size, weight, and power (SWaP) for field implementations. SWaP objectives are a maximum of the following: 0.5 cubic feet volume, 20 lb, and 100 W. The device should be ruggedized, designed for leave behind operations with automated tamper detection and zeroization, and designed to meet NSA standards required for handling of TS/SCI. As Navy systems are increasingly small, unmanned devices in remote locations, securing of data collected and generated by these systems becomes more complex. Current devices require each system to devise custom implementations for handling of DiT over low bandwidth or inconsistent communications links. The only alternative to the existing devices is to develop a fully custom implementation, which requires NSA approvals of each specific use case. Enabling technologies are available, including OEM devices intended to host the level of encryption required, and small form factor data diodes which could be incorporated. Most chip-level encryption devices require NSA approval of the specific implementation, making implementation of these in each situation requiring encryption extremely cost prohibitive. Innovative approaches will be required to optimize SWaP, and to implement appropriate tamper-safety mechanisms for leave behind operation. The ideal solution is easily powered from a battery bank, can operate without need for ventilation, and is smaller and lighter when compared with existing D@R solutions. Work produced in Phase II may become classified. Note: The prospective contractor(s) must be U.S. owned and operated with no foreign influence as defined by DoD 5220.22-M, National Industrial Security Program Operating Manual, unless acceptable mitigating procedures can and have been implemented and approved by the Defense Counterintelligence Security Agency (DCSA). The selected contractor must be able to acquire and maintain a secret level facility and Personnel Security Clearances, in order to perform on advanced phases of this project as set forth by DCSA and SSP in order to gain access to classified information pertaining to the national defense of the United States and its allies; this will be an inherent requirement. The selected company will be required to safeguard classified material IAW DoD 5220.22-M during the advanced phases of this contract. PHASE I: In Phase I, a project plan and schedule will be developed. In these, the awardee should demonstrate a thorough understanding of the required processes and potential challenges of building an approved cryptography device and pursuing NSA approvals. Key enabling technologies should be identified and understood, including any necessary government support for procurement of approved crypto items. Basic data flow diagrams should be developed, showing interconnections and locations of all key components. PHASE II: In Phase II, specific key components will be identified, purchased, and integrated into two benchtop prototype solutions. Ruggedness of the designed unit should be confirmed through mechanical modeling. Data handling, zeroization, and network management should be tested using the benchtop prototypes. Successful keying of devices, development and sustainment of the necessary security associations across intermittent communications paths, as well as appropriate fail-secure mechanisms should be demonstrated. It is probable that the work under this effort with be classified under Phase II (see Description section for details). PHASE III DUAL USE APPLICATIONS: In Phase III, the device should be manufacturable at scale, with target uses in unmanned systems in a variety of environments. Validation testing should be performed by the awardee. Additional testing will be required for NSA authorization of the device; the awardee must accommodate testing and documentation requirements for NSA approvals. This concept is for an enabling technology for a variety of systems serving a wide range of purposes. Certification to the NSA standard provides authorization for use to the Navy and other government organizations. REFERENCES: Trinidad, J. M. Programmable encryption for wireless and network applications. MILCOM 2002 Proceedings, 2002, pp. 1374-1377 vol. 2. Yen, John. et al. "Cybersecurity for unmanned systems Proc. SPIE 10195, Unmanned Systems Technology XIX, 101950R, 5 May 2017. KEYWORDS: Encryption; Cryptography; Unmanned Systems; Leave Behind; Data at Rest; D@R; Data in Transit; DiT; Disadvantaged Communications
