PrintPrint

Awards

Topic Information Award/Contract Number Proposal Information Company Performance
Period
Award/Contract
Value
Abstract

12.1-007
Versatile Data Archive and Interfacing System

HSHQDC-12-C-00101 DNDOSBIR12-07-FP-001-ARCH
(HSHQDC-12-R-00052 Phase I)
Test & Evaluation Data Archival Repository (TEDAR)

ArchSmart, LLC
13603 White Stone Court
Clifton, VA 20124-2400

09/21/2012
to
04/20/2013
$150,000.00

TEDAR is an intuitive archival database and interfacing system that will serve as a centralized repository for results from testing and evaluation (T&E), modeling and simulation (M&S), and other analysis events sponsored by Federal agencies and other organizations in large-scale evaluation and analysis of radiation/nuclear (RN) detection instruments and procedures. The TEDAR will provide a repository for T&E event data, M&S event data, and other analysis event data, consisting of very large amounts of processed and raw structured and unstructured detection device data collected by T&E and M&S events and analyses of these data. Authorized users will be able to search for and access these data collections and retrieve data relevant to their business needs, such as performing engineering analyses and studies. This combination of raw and processed data is crucial, for example, to any replay capability to enhance algorithm sensitivity supporting the pre-deployment evaluation of algorithm enhancements based on previously collected data. TEDAR will support a variety of T&E/M&S and analysis data users and provide access to T&E/M&S data sources providing essential support to engineering, acquisition, and operational decision-making. The TEDAR will also provide each data collection and analysis organization a standard interface for sharing T&E data and lessons learned. There are a number of significant issues that must be addressed and resolved with effective solutions to successfully provide the required capabilities. The Phase I effort will be focused on developing and demonstrating highly innovative solutions to these issues that involve: (1) developing TEDAR such that it is easily customizable to meet the varying needs of a broad range of government and commercial applications beyond the immediate needs of DNDO; (2) significantly reducing the potential Operations and Maintenance (O&M) costs for a large repository system such as represented by the DNDO requirements; (3) providing a very flexible and intuitive interface for the system users; (4) providing an effective and efficient search mechanism via a rich and comprehensive set of metadata that is integrated and linked across the many disparate data collections in the repository; and (5) protecting the T&E/M&S data collections from unauthorized access, change, or corruption. Phase I will include loading of T&E data collections made available by DNDO to support development and demonstration, with a functional repository, user interface, data search and retrieval capabilities, demonstrating the innovative solutions described in this proposal. In the six months of Phase I, ArchSmart will provide a powerful system baseline with innovative solutions to the key requirements of a T&E/M&S repository, providing full confidence that the follow-on Phase II effort will result in a cost-effective and high performance system for DNDO needs, and will be well-positioned for commercial exploitation.

H-SB010.1-003
Precision Information Environments

N10PC20200 1011173
(FY10.1 Phase I)
DHS SBIR Program Phase I Program Solicitation FY 10.1 Science and Technology Directorate

Truestone, LLC
13873 Park Center Dr
Suite 300N
Herndon, VA 20171-3247

05/17/2010
to
11/30/2010
$99,988.09

The technical objective of this proposal is to design a Precision Information Environment framework for DHS that synthesizes current and envisioned operational requirements with the latest research and technology while maximizing DHS`s current investment in command and control systems. In partnership with DHS funded Centers of Excellence, Truestone aims to leverage our corporate, research, and employee experience, as well as the results of operations, exercise and workshops as recent as December 2009, to deliver a framework with the optimum balance of existing systems and new capabilities. Benefits of successful completion of Phase One PIE development will result if realized through Phase III award in a dashboard PIE framework that leverages academic and industry expertise to provide users with access to tailored information that serves their day to day and emergent precision information needs within DHS and partnering homeland security communities at the federal, state, and local levels. Potential commercial application of the resulting PIE can follow a model similar to DoD`s fielding of its Global Command and Control System, a Government Off the Shelf software system based on a Service Oriented Architecture that breaks complex processes into individual components as a framework for developing and delivering IT systems.

H-SB010.2-001
Detector for Smuggled Currency

D11PC20008 1021014
(FY10.2 Phase I)
Detector for Smuggled Currency

Lattice Government Services, Inc.
2411 Dulles Corner Park
Suite 220
Herndon, VA 20171-4645

10/22/2010
to
04/28/2011
$99,924.33

As U.S. financial institutions continue to improve legislation that reduces money laundering, criminals with large quantities of cash have shifted their focus to bulk currency smuggling, making deposits in foreign banks. Current DHS and law enforcement technologies catch only a fraction of the currency passing through the ports and borders. To date, a dedicated currency detector has never been developed. Lattice Government Services (LGS) will work with the University of Washington to define requirements and a Concept of Operations, research gaseous chemical detection, and physical spectral/magnetic detection technologies, and down select ideal systems. An open architecture reporting system based on the LGS SensorView and OneVoice platforms will be designed, along with an integration plan, and simulation of the proposed system with a Basic Operator Interface. This simulation will be delivered along with a Technology Roadmap and the Final Report. The new portable and concealable detector will identify the chemical odor and unique physical attributes of U.S. and Canadian dollars as well as Euros in hidden locations on individuals, in luggage, in vehicles, and in shipping containers. In addition to DHS and law enforcement, this technology is of interest in cash heavy industries like casinos for directed marketing purposes.

H-SB010.2-003
Large-Scale Network Survivability, Rapid Recovery, and Reconstitution

D10PC20038 1021010
(FY10.2 Phase I)
Network Survivability, Recovery & Reconstitution (NS2R)

Centripetal Networks, Inc.
P.O. Box 2040
Reston, VA 20195-2040

10/15/2010
to
04/28/2011
$100,000.00

This DHS SBIR Phase I project will contribute technology that enables packet filtering devices to rapidly switch between large security policies which are applied to high-speed packet interfaces. This technology is critical to a solution that secures the Internet: A network protection service that addresses the problem of network survivability, rapid recovery, and reconstitution during attacks. This protection service proactively eliminates attacks on the Internet, before they are launched and reach their targets. The service applies a sequence of packet security policies to the network. The initial security policy restricts packet traffic to communications between critical resources and identifies sources of adverse traffic. Each successive policy increases the scope of allowed communications until normal network operations are restored. The solution architecture enables carriers, service providers, and large enterprises to host the solution and similar network security services. This approach will be the basis of a new Network-Security-as-a-Service (NSaaS) business model. The NSaaS approach improves cyber security quality and effectiveness for critical U.S. networks. It also reduces cyber security costs for all users. This DHS-funded research project will be a catalyst enabling the NSaaS market, a secure Internet, and significantly improved national security.

H-SB010.2-007
Accelerating the Deployment of DHS Center of Excellence Research through Advanced Business Practices

D10PC20051 1021013
(FY10.2 Phase I)
Using Semantic Recommendation, End-User Programming, and an Ecosystem to Radically Shorten DHS Adoption Time

Harmonia Holdings Group
2020 Kraft Dr, Suite 1000
Blacksburg, VA 24060-6747

10/15/2010
to
05/28/2011
$99,997.71

This work contributes to the transition from visualization tools to the integrated environment envisioned in DHS S&T`s Precision Information Environment (PIE). We seek to enable DHS operating components and first responders to rapidly access and deploy new products from DHS Centers of Excellence (COEs) or other sources of countless visual and data analytics capabilities. In partnership with the VACCINE COE and with small business support from Pacific Northwest National Laboratory, we propose a system called DECIDE Discover, Educate, Compose, Integrate, and Distribute Ecosystem. Users often know what they want to do, but not how. Discover provides helps users pinpoint visual and analytic modules to answer how. Ideally users can find pre-built apps they can simply download from a DHS Apps Store. Otherwise Educate, Compose and Integrate allow users mash up modules with each other and to data to fill their needs. Distribute allows users to help other users by publishing their compositions back and annotating any module with the questions it helps answer. DECIDE addresses gap areas in the PIE vision by making analysis, decision support, and situational awareness software much more accessible to federal, state, local and tribal first responders.

H-SB011.1-005
Mitigation of Contact Lens, Eye Surgery, Pupil Dilation, and Other Challenges on Iris Recognition

D11PC20143 1111048
(FY11.1 Phase I)
Mitigation of Contact Lenses, Eye Surgery, Pupil Dilation, and Other Challenges in Iris Recognition

Progeny Systems Corporation
9500 Innovation Drive
Manassas, VA 20110-2210

05/15/2011
to
11/30/2011
$99,795.31

Iris recognition is an established and successful biometric technology. It is used in clearing travelers in the UK, for border control in the UAE, and as a part of India`s Unique ID program. However, there are still significant challenges to be addressed as iris recognition matures to successfully handle ongoing national-scale applications. Our recent work has documented challenges involving pupil dilation, the wearing of contact lenses, and other factors. We propose to conduct research that (a) creates a better understanding of the challenges that pupil dilation, contact lenses, and Lasik operations present for iris recognition performance, and (b) based on this understanding, develops algorithms and approaches to mitigate the effects of these challenges. We will conduct iris recognition experiments and analyze the results in order to document the effects of dilation, contact lenses and Lasik, and to understand how the range of how these factors present themselves in different instances. We will then develop and implement algorithms and approaches to mitigate the effects of these factors, and perform experiments that document and measure the improvement in iris recognition performance. We expect that solutions such as those that we develop will become a standard element of all commercial iris biometric systems.

H-SB011.1-006
Improved Firefighter Face Piece Lenses for Self-Contained Breathing Apparatus

D11PC20147 1111033
(FY11.1 Phase I)
Identification of Test Materials and Test Plan for Improved Self-Contained Breathing Apparatus Face Piece Lenses

MPR Associates, Inc.
320 King Street
Suite 400
Alexandria, VA 22314-3230

05/15/2011
to
11/30/2011
$99,702.06

Currently, SCBA lenses are made from high-heat polycarbonate with a maximum service temperature rating of 275 deg F to 383 deg F. However, first responders may encounter temperatures due to fire reaching 1000 deg F to 1400 deg F at face level with a heat flux density of about 2.2 W/sq-cm. Developing a more durable, high-heat resistant lens will significantly improve firefighter safety and enable firefighters to function effectively in more severe environments than with current SCBAs. MPR Associates, Inc. will work with Scott Health and Safety to identify candidate test materials based on the material`s ability to provide increased durability, clarity, resistance to impacts, and improved heat resistance. A test plan and test procedures will be developed based on current and future (i.e., planned) industry accepted standards (e.g., NIOSH, NFPA, EN). Testing will emphasize the ability of test materials to withstand the extreme heat generated by compartmentalized fires. Commercialization of a high temperature face piece will take advantage of the economy of scale due to the potentially large government and commercial customer base, thus providing a viable improvement for DHS and other users of SCBAs. The improved face piece also could be back-fit to SCBAs currently in use.

H-SB011.2-001
Low Power Tri-axial Acoustic Sensor

D11PC20237 DHS SBIR-2011.2-H-SB011.2-001-0023-I
(DHS SBIR-2011.2 Phase I)
Acoustic Vector Sensor

Progeny Systems Corporation
9500 Innovation Drive
Manassas, VA 20110-2210

10/15/2011
to
04/30/2012
$99,995.99

U.S. Customs and Border Protection wants to extend unattended ground sensor (UGS) functionality to provide a real-time capability to track targets of interest. Progeny will develop Acoustic Vector Sensor (AVS) as a low-cost and low-power augment sensor to track airborne targets, with a small covert form factor and connecting to other UGS with a standard serial data and power interface. AVS has a compact sensor head that comprises an assembly of waterproof MEMS low-power microphones with supporting electronics and an outer foam windscreen, with proven directional acoustic processing developed for underwater submarine detection and tracking. AVS provides a real-time detection trigger and a 3-D vector line of bearing and elevation pointer, and near-real-time classification and target solution computation including range, altitude, course, and speed. Our AVS development program will add a Z-channel and a tilt-compensated compass to the sensor and new elevation angle measurement, detection, and track algorithms. UGS have intrinsic power and size limitations requiring system design tradeoffs to maximize capability and operational life, so we will integrate a very-low power microcontroller to host our autonomous detect and target pointing algorithms, which wakes a Digital Signal Processor to complete the classification and tracking process. A full range of raw and processed target data would be available to the host UGS for multi-sensor data fusion processing and to transmit contact reports. AVS is currently at TRL3, will mature to TRL4 by end of Phase I, and TRL6 by end of Phase II.

H-SB011.2-003
Mobile Device Forensics

D12PC00301 DHS SBIR-2011.2-H-SB011.2-003-0008-I
(DHS SBIR-2011.2 Phase I)
Methods to Unlock PIN/PUK Codes from SIM Cards

EWA Government Systems, Inc.
13873 Park Center Road
Suite 500
Herndon, VA 20171-3251

04/01/2012
to
11/15/2012
$69,020.65

This SBIR Phase I project for subtopic 2 under topic H-SB011.2-003 will develop technology to successfully decrypt SIM cards by acquiring or bypassing personal identity number (PIN) and personal unlocking key (PUK) codes from locked SIM cards. Cellphones and other mobile devices play an increasing role in criminal and terrorist activity. SIM cards lock either with a PIN or PUK that disables direct access to, and examination of, data on the SIM. We will develop and design a small portable forensic system that will connect to a computer or PDA. The forensic system will perform two very different methods to extract or bypass the security codes: one method is based on side channel analysis and the other method is to modify the software on the card to read the data. The results from both methods are returned to the user for further analysis. The technical objectives of this Phase I project are to demonstrate a proof-of-principle measurement using these methods and to design a small, lightweight package for the system.

H-SB011.2-005
Iris Image Quality Tool Suite for Biometric Recognition

D11PC20253 DHS SBIR-2011.2-H-SB011.2-005-0005-I
(DHS SBIR-2011.2 Phase I)
Iris Image Quality Tool Suite for Biometric Recognition

Progeny Systems Corporation
9500 Innovation Drive
Manassas, VA 20110-2210

10/15/2011
to
04/30/2012
$99,978.76

Iris recognition is an established and successful biometric technology. It is used in clearing travelers in the UK, for border control in the UAE, and as a part of Indias Unique ID program. However, there remain significant challenges to be addressed as iris recognition matures into a viable technology which can successfully handle applications at a national level. One such important issue that the iris biometric community continues to address is the assessment and determination of iris image quality prior to analysis and enrollment of an individual. Partnering with domain experts at the West Virginia University and professors from the University of Notre Dame, Progeny Systems proposes to advance the state of iris quality metrics by developing mathematical models and algorithmic procedures which operate both in the spatial and frequency domain of segmented iris images. These metrics will be complimented with a number of new iris quality metrics that will be outlined in this proposal. When combined, the two sets of metrics are expected to provide a means to measure each quality factor listed in IQCE report. We expect that solutions that we develop will become standard elements of new commercial iris biometric systems.

H-SB011.2-006
Intelligent 'Object' Symbology

D11PC20256 DHS SBIR-2011.2-H-SB011.2-006-0027-I
(DHS SBIR-2011.2 Phase I)
Natural Language Processing and Prioritization for Contextual Symbolic Rendering

Digital Sandbox Inc.
8260 Greensboro Drive
Suite 450
McLean, VA 22102-4901

10/15/2011
to
04/30/2012
$98,804.10

With the desire to be prepared for possible threat scenarios, DHS has access to data, but it can be disparate with a mix of structured and unstructured data in very large quantities. Information from a variety of sources needs to be ingested and processed in order to determine the "what, when, where, and how bad", then presented geospatially for monitoring and analysis purposes. Constructing and maintaining a single representation of an incident ("object") which is updated over time as the details of the situation change is essential, along with the ability to prioritize the incidents being displayed to focus attention. To address these challenges, Digital Sandbox will conduct research and demonstrate software prototypes focused on the analysis, prioritization, and presentation of contextual symbolic information. The resulting capability will improve operational situational awareness at a fraction of the cost and time possible with existing technology and approaches, especially for organizations tasked with public safety operations and intelligence analysis.

H-SB012.1-002
Moving Target Defense

HSHQDC-12-C-00038 DHS SBIR-2012.1-H-SB012.1-002 -0006-I
(DHS SBIR-2012.1 Phase I)
Multi-layer Ever-changing Self-defense Service (MESS)

Endeavor Systems
1420 Spring Hill Rd
Suite 202
McLean , VA 22102-3026

06/01/2012
to
04/30/2013
$149,945.52

IT systems today are static and allow the adversary time to plan and launch attacks. Endeavor proposes to create a Multi-layer, Ever changing, Self-defense Service (MESS) that is both resilient and manageable. MESS significantly hinders an attacker's ability to exploit a target system by removing the static network & system attributes that simplify reconnaissance. It also continuously refreshes the target system to a new virtual instance with a known trusted state and random service attributes. This limited-time-use virtual instance is comprised of a single application and OS combination and significantly reduces system complexity During Phase I, Endeavor will build a prototype demonstrating the operational effectiveness of MESS in defending a web service. We will research the feasibility of secure live handoff of this web service by migrating specific process memory between virtual instances. We will prove that address obfuscation and/or virtual instance randomization through system attribute alteration (memory, credentials, shares, ports, etc.) will offer sufficient moving target defense. Upon successfully completing Phase I, we increase the TRL from 2 to 6. A complete field test ready MESS product will be developed in Phase II. MESS not only allows game changing cyber defense for enterprise systems, but also provides enhanced security to existing cloud computing services by eliminating known risks in virtual infrastructure. Future research could leverage MESS into an adaptive "honey pot" to provide advanced detection of zero day attacks by analyzing the retired image of virtual machine.

H-SB012.1-002
Moving Target Defense

HSHQDC-12-C-00027 DHS SBIR-2012.1-H-SB012.1-002 -0026-I
(DHS SBIR-2012.1 Phase I)
Scalable MTD Based on SCIT Technology

SCIT Labs Inc
13834 Springstone Dr
Clifton, VA 20124-2361

06/01/2012
to
12/03/2012
$99,991.20

SCIT Labs SBIR proposal is in response to the Department of Homeland Security (DHS) Office of Science and Technology call for new approaches to cyber defense using Moving Target Defense (MTD). SCIT Labs' is proposing a set of research tasks to enable organizations to evaluate the viability of MTD defense and the real world requirements for successfully deploying MTD into existing enterprise information systems. SCIT Labs, a George Mason University spin-out, designs, develops and deploys advanced cyber security products and solutions built on patented Self Cleaning Intrusion Tolerance (SCIT) technology. SCIT technology has been successfully deployed to deliver MTD cyber defense capabilities that address the specific issues defined by DHS. SCIT Labs seeks to undertake the research defined here to develop the empirical and quantitative information needed to address how proactive MTD defense can be successfully introduced into existing enterprise system architectures and coexist with current reactive, detection and remediation based cyber defense protocols and technologies. SCIT Labs has built SCITized webservers and DNS servers that exhibit MTD properties - we constantly change the servers that are exposed to the internet. In this proposal, we focus on increasing our system capability by integrating the SCIT servers with reactive systems that are currently deployed for cyber security. We focus on integrating with IDS/IPS, forensics and SIEM subsystems. SCIT approach significantly reduces ex-filtration losses, deletes malware without detecting and reduces the cost of incident management. This approach has application to virtualized environments, including cloud. Current TRL: 6. Project end TRL: 7.

H-SB012.1-004
Firearms and Ammunition Test Equipment

HSHQDC-12-C-00035 DHS SBIR-2012.1-H-SB012.1-004-0009-I
(DHS SBIR-2012.1 Phase I)
Realistic Firing Fixture

Adaptive Technologies, Inc.
2020 Kraft Drive
Suite 3040
Blacksburg, VA 24060-6569

06/01/2012
to
01/15/2013
$99,922.57

The proposed project will result in an anthropometrically realistic and viable simulator for the testing, evaluation, and validation of firearms and associated ammunition. The approach being taken to achieve the end device is to capture both the active and reactive system loads and dynamics of both the weapon system and the human tester. These data, along with their temporal inter-dependencies, will be analyzed using high fidelity modeling, empirical data collection, and high speed visual motion capture technologies to ensure the systems interface between the firearm and the electro-mechanical human firing system analog represent the realistic, time-dependent responses experienced by human testers. The TRL-4 high fidelity model resulting from the Phase I effort will be validated with real user loads and dynamics and will serve as the basis for generating the operational and design specification for the Phase II development effort. After the virtual model is refined using additional data during Phase II, a physical device will be designed, constructed, and validated against human testers. It is anticipated that the outcome of Phase II will be a TRL-8 device tailored for use by NFTTU. The Phase II device will enter service at the end of Phase II as the initial step toward final product transition to TRL-9.

H-SB012.2-001
Solid State Storage Investigative Tools for Law Enforcement

HSHQDC-12-C-00079 DHS SBIR-2012.2-H-SB012.2-001-0008-I
(DHS SBIR-2012.2 Phase I)
Method for a Comprehensive Memory Parser for Solid State Drives (SSDs)

S34A, Inc.
1532 N. Wakefield St
Arlington, VA 22207-2138

09/15/2012
to
04/05/2013
$96,999.94

S34A, Inc. proposes research into methodologies for creating a coherent Logical Block Address (LBA) space in order to produce comprehensive images of the contents of solid state drives. Solid state drives (SSDs) are increasing in popularity - replacing traditional hard disk drives - and proliferating across a wide range of portable consumer devices. Unfortunately for law enforcement and forensic examiners, traditional forensic approaches used with hard disk drives are inadequate and irrelevant when applied to SSDs given the unique firmware, wear leveling, garbage collection, and TRIM algorithms used by SSDs. An alternative to write-blocking tools developed for hard disk drives is essential. At the end of a successful Phase I effort, S34A, Inc. will have developed a methodology that allows for the parsing of data from SSDs from multiple SSD manufacturers. The result of Phase II will be the development of a common set of hardware and software tools for parsing of data from multiple SSDs. These tools will provide Federal, State, and Local law enforcement with a capability that simply does not exist today. With SSD shipments expected to top 200 million units by 2016, this innovation will be critical to the continued, effective performance of day-to-day law enforcement activities across the globe. Technology readiness level at beginning of Phase 1: "1" Technology readiness level at conclusion of Phase 1: "3"

H-SB012.2-005
Generation Textiles for Multi-Threat Personal Protective Equipment (PPE)

HSHQDC-12-C-00074 DHS SBIR-2012.2-H-SB012.2-005-0015-I
(DHS SBIR-2012.2 Phase I)
Multifunctional Textiles for Advanced Personal Protective Equipment

Luna Innovations Incorporated
1 Riverside Circle
Suite 400
Roanoke, VA 24016-4962

09/15/2012
to
03/14/2013
$99,999.57

Luna Innovations is addressing the Department of Homeland Security need to develop novel textiles for uniforms that provide multi-threat protection for first responders. Since first responders enter situations with unknown threats, their uniforms must be able to protect from multiple different hazards. Novel multifunctional textile technologies are required to protect from fire, chemical warfare agents, blast, ballistic, or sharp object penetration. Each of these novel textile technologies are currently under development by Luna's team. This program will combine these technologies into a lightweight garment with low thermal stress that provides chemical and biological protection from omniphobic surfaces, antimicrobial treatments, and advanced seam sealing combined with proven fire and blast/ballistic protection. All of these technologies will be combined to produce a garment that will be both comfortable to wear, and protect against numerous unknown hazards. Phase I will result in a TRL 4 prototype textiles demonstrating chemical agent defense, flame retardancy, and ballistic/knife protection. Phase II will result in design and manufacture of prototype first responder uniforms with the above properties for independent evaluation.

H-SB013.1-002
Hybrid Analysis Mapping (HAM)

HSHQDC-13-C-00045 HSHQDC-13-R-00009-H-SB013.1-002-0005-I
(HSHQDC-13-R-00009 Phase I)
Tool Output Integration Framework (TOIF) Upgrade for Hybrid Analysis Mapping

Data Access Technologies, Inc
12209 Kyler Ln.
Suite 104
Herndon, VA 20171-1624

05/01/2013
to
10/31/2013
$99,641.93

Building on the prior standards based work for the Tool Output Integration Framework (TOIF) and KDM - ISO/IEC 19506, this project will bring together dynamic and static analysis test results from multiple tools into a single solution that will provide a unified platform for security testing and application risk management. Software fault patterns (SFP) and Common Weakness Enumerations (CWE) will be leveraged to integrate information that typically resides in separate point products. The proposed solution will allow for detailed analysis and more precise results including correlation of results from dynamic and static assessments. The resulting integrated vulnerability reports provide more information about the discovered vulnerabilities, including actionable system-level information that links proof-of-exploit with line-of-code details and recommendations for mitigating them. A key element of this research is leveraging the past success of TOIF and the proven ability to combine and leverage the results of multiple tools. The initial TOIF work focused on static analysis, this work extends that to dynamic and penetration tools. More than combining data, the results from multiple tools is semantically integrated using KDM systems knowledge, formalized SFPs and CWEs into the TOIF knowledge base. Encompassing both static and dynamic analysis in a single knowledge framework encompassing overall systems knowledge provides a unique and formally unavailable capability.

H-SB013.2-003
Lost Person Locator for First Responders

HSHQDC-13-C-00107 HSHQDC-13-R-00032-H-SB013.2-003-0013-I
(HSHQDC-13-R-00032 Phase I)
Search and Rescue Initial Response Tools

dbS Productions LLC
1808 Rugby Pl
Charlottesville, VA 22903-1625

09/20/2013
to
03/19/2014
$99,999.59

This proposal doubles the size of the International Search and Rescue Incident Database (ISRID) from 50,000 to over 100,000 SAR incidents organized by incident type, subject category, terrain, ecoregion domain, and population density. The PI brings over 30 years of SAR field experience and over 20 years of SAR research experience to the problem including experience in creating ISRID. At the start the TRL is 3 and at the end of Phase I we estimate 4-5. The enhanced database with new data will provide the needed information to provide new models to predict the probability of area (POA) of missing people. Sending teams to the right area saves lives, resources, and time. New research into combining geographic models of behavior along with effective sweep width and searcher velocity will allow the calculation of Probability of Success Rate. This underlying factor along with initial response tasking algorithm will allow a graphic display of not only exactly where initial search teams should be tasked plus show the relative priority of tasks. This will allow the power of formal search theory to be placed into the hands of initial responders with little to no formal training. The research and development will allow a full suite of products to be developed. From durable plastic job aids, Lost Person Behavior smartphone Apps, paper and e-book field guides, training courses, to software aimed at the initial SAR response we are in a unique position to commercialize the effort, since SAR is our primary market since 1991.

H-SB013.2-006
Management of Mass Casualty Triage

HSHQDC-13-C-00087 HSHQDC-13-R-00032-H-SB013.2-006-0028-I
(HSHQDC-13-R-00032 Phase I)
MASS CASUALTY TRIAGE SYSTEM (MCATS)

InCadence Strategic Solutions
10432 Balls Ford Road
Suite 120
Manassas, VA 20109-2515

09/20/2013
to
03/19/2014
$92,543.34

For InCadence's SBIR Phase I effort for the Mass Casualty Triage System (MCATS) we will analyze the Management of Mass Casualty Triage problem set in the context of an end-to-end Solution Framework. The Solution Framework identifies key enablers of the overall solution including: Tagging or Identifying Victims; Support for one or more Mobile Hardware Platforms and Operating Systems; Design of the End User Application; Interface with one or more Sensors or Readers; Communications Options; Protocol Interoperability; Aggregation and Visualization of Casualty Status; and Back-end Server and Portal Options. For each enabler will evaluate options for the enabler in terms of: Cost Effectiveness, Universal Deployability, Ease of Use and Practicality. InCadence will repurpose components our several of our government-funded development efforts to rapidly prototype, evaluate and demonstrate proposed components of the end system. Repurposed components may come from our web-based near-real time Tactical Rapid Exploitation Portal (T-REX), our Multilingual Automated Registration System (MARS) which includes mobile biometric technology for fingerprint and iris collection and matching, and our Axon Cloud Broker for deploying and managing back-end server-based web services on the Amazon Web Services (AWS) platform. The final objective of our Phase I effort will be one or more feasible, effective Solution Paths for the end-to-end prototype MCATS that InCadence will produce during the Phase II effort. Our objective is to commercialize the objective system and its components for sale to first responder agencies. We will also pursue DHS SECURE Certification for the resulting product.

H-SB014.2-002
Automatic Detection and Patching of Vulnerabilities in Embedded Systems

HSHQDC-14-C-00054 HSHQDC-14-R-00035-H-SB014.2-002-0015-I
(HSHQDC-14-R-00035 Phase I)
Automatic Detection and Patching of Vulnerabilities in Embedded Systems

Power Fingerprinting, Inc.
1899 Preston White Dr.
Reston, VA 20191-5435

09/01/2014
to
02/28/2015
$99,955.53

Embedded devices are vulnerable to cyber attacks and their compromise can severely impair critical infrastructure and mission-critical systems. Power Fingerprinting (PFP) is a novel approach for integrity assessment of critical embedded systems which is capable of detecting malicious intrusions at all levels of the execution stack. PFP is based on fine-grained anomaly detection on the processor's power consumption profile, which allows it to leverage signal detection and classification principles to provide a quantitative metric of execution integrity. PFP enables security monitoring and integrity assessment on platforms that would otherwise not have the memory or processing resources necessary to do it. For this Phase I project we will demonstrate the feasibility of using PFP to perform automatic detection of exploited vulnerabilities and malicious intrusion in networked embedded systems. The specific technical objectives include: 1) Demonstrate the feasibility of PFP technology for automatic detection of exploited vulnerabilities and patching on networked embedded platforms; 2) Develop techniques to enable remote PFP monitoring; 3) Develop techniques to deliver patches and updates to the target device and PFP monitor. A PFP-based automatic vulnerability detection represents a dual-use opportunity with a broad range of applications within the military, the federal government, and several commercial enterprises.

H-SB015.1-003
Enhanced Distributed Denial of Service Defense

HSHQDC-15-C-00016 HSHQDC-15-R-00017-H-SB015.1-003-0008-I
(HSHQDC-15-R-00017 Phase I)
Border Gateway Protocol Distributed Denial of Service Attack Alert Extension (DDoS-AE)

Blue Ridge Envisioneering, Inc.
14450 Broadwinged Dr.
Gainesville, VA 20155-5932

05/01/2015
to
10/31/2015
$99,938.54

Our approach will be to design and develop a BGP extension called the DDoS Alert Extension (DDoS-AE) and a web-based central service (CS) that will leverage existing infrastructure and established protocols to enable real-time distribution of DDoS alert messages. A prototype unit running the DDoS-AE will be designed using innovative new hardware such as FPGAs and GPUs to aid in the detection and mitigation of DDoS attacks. The proposed alert messages will contain message classification information that can be used by routers to implement targeted filters to block and/or throttle DDoS traffic. The proposed system will provide routers and network operators with standard interfaces for generating DDoS alerts, allowing multiple sources and ever evolving techniques to facilitate DDoS traffic classification and identification. Additionally, this work will investigate techniques utilizing information already present in BGP to supplement the DDoS packet classifiers to aid in DDoS alert generation. Unlike other DDoS mitigation techniques, this proposed effort does not require network operators to replace existing network equipment; it also has the unique advantage of leveraging existing BGP peer knowledge and relationships. The CS allows DDoS-AE nodes that may not have BGP peers using the extension, to reap the benefits of the alert network, as well as providing a commercialization opportunity to allow human operators. CS will also provide network operators a robust interface for monitoring, reporting, and responding to attacks, greatly increasing the immediate effectiveness of the extension without requiring wide-spread adoption.

H-SB015.1-004
Privacy Protecting Analytics for the Internet of Things

HSHQDC-15-C-00021 HSHQDC-15-R-00017-H-SB015.1-004-0019-I
(HSHQDC-15-R-00017 Phase I)
Personally Indentifiable Information (PII) Guard

Progeny Systems Corporation
9500 Innovation Drive
Manassas, VA 20110-2210

05/01/2015
to
10/31/2015
$99,963.22

Progeny System proposes a Personally Identifiable Information (PII) Guard architecture solution that acts as a gateway for organizations that desire to access Social Internet of Things (SIoT) while needing to adhere to privacy protection policy with minimal loss of actionable information. Addressing SIoT is forward thinking of the evolutionary trend towards a ubiquitous computing paradigm where thing and human type sensors and embedded systems are interconnected. The technical approach is to PII protect information retrieved from both thing and human type sensors and embedded processors containing PII such as surveillance video, face recognition cameras, License Plate Recognition (LPR) cameras, databases and social networks. A guard architecture approach does not require institutionalized privacy protection across global SIoT to ensure privacy protection of information, providing 100% confidence in adhering to PII protection policies. PII protected analytics with temporal, spatial, geographical, group and customizable extent functionality is provided within the PII Guard, maintaining actionable information in the absence of PII. The ability to specify domain ontologies is provided to improve analytics performance by organizing and ranking information artifacts based on ontology correlation. Both PII anonymization and de-identification PII protection methods are supported where the latter can be re-identified as situations and policy permit. To address scalability, the Apache Hadoop architecture is used which is designed to provide distributed storage and processing of Big Data on computer clusters. Commercial applications include intelligence use-cases such as counter terrorism, disaster relief, public safety and security, and law enforcement.

H-SB016.1-001
Security Systems Video/Audio Interoperability Device

HSHQDC-16-C-00050 HSHQDC-16-R-00012-H-SB016.1-001-0013-I
(HSHQDC-16-R-00012 Phase I)
Security Systems Video/Audio Interoperability Device

MCQ INC.
1551 Forbes St.
Fredericksburg, VA 22405-1603

05/02/2016
to
11/01/2016
$99,974.37

Through this SBIR, a system will be developed to enable authorized users to access video and audio from existing surveillance systems, and rebroadcast the video/audio signals for use by authorized users such as first responders. McQ will leverage its extensive camera interface, video compression, cryptography, and product development experience to both perform the appropriate tradeoffs in designing the system and to successfully build and test a prototype system. Interoperability is a critical feature of the system to allow the system to operate on a variety of closed circuit and networked camera systems; each with different physical interfaces, communication standards, and architectures. McQ's plug-and-play camera interface experience developed through developing its vWatch product, and its extensive networking and communications experience based on over a decade of developing video streaming products, will be efficiently utilized. During Phase I, a detailed analysis will be performed to provide a camera interface standard which encompasses a large variety of existing surveillance camera products; and a complete system design will be developed. During Phase II, a prototype system will be assembled and tested.

H-SB016.1-001
Security Systems Video/Audio Interoperability Device

HSHQDC-16-C-00051 HSHQDC-16-R-00012-H-SB016.1-001-0015-I
(HSHQDC-16-R-00012 Phase I)
Security Systems Video/Audio Interoperability Device

Systems Engineering, Inc.
21351 Gentry Drive
Suite 100
Dulles, VA 20166-6510

05/02/2016
to
11/01/2016
$96,986.03

First responders are challenged by the lack of real-time information from surrounding video/audio sources when arriving at an incident and a forced to rely of information that is outdated or incorrect from secondary sources. In today's technological society, there is a plethora of video cameras; in homes, businesses, law enforcement and public areas that difficult to access. To gain access to this information requires level of technical expertise not readily available to first responders. The issues arise with disparate systems employing different standards, equipment types and quantities. The response details the research required in Phase I to design a self-contained device that will capture video and audio from closed-circuit television and networked video security systems commonly implemented by both public and private entities. The concept will address how to access the video and audio feeds with the approval of the system owners, and rebroadcast the data to first responders and incident command centers for improved situational awareness. and enhanced personnel safety. The concept will enable plug and play access, through hard-wired or wireless capabilities to the widest array of existing video security systems for use during an emergency or response operation. To optimize the ability for first responders to readily access on scene information, the concept will consider characteristics of typical video and audio security systems installed in public and private buildings or used to monitor large outdoor areas.

H-SB016.1-002
Applicability of Blockchain Technology to Privacy Respecting Identity Management

HSHQDC-16-C-00058 HSHQDC-16-R-00012-H-SB016.1-002-0026-I
(HSHQDC-16-R-00012 Phase I)
Credentials on Public/Private Linked Ledgers

Digital Bazaar, Inc.
203 Roanoke St W.
Blacksburg, VA 24060-7419

05/02/2016
to
11/01/2016
$99,512.89

A wide variety of applications could benefit from combining identity management technology with decentralized ledgers (aka blockchains). However, not every application uses the same data or requires the same consensus or authorization models. While a single solution is unlikely, we assert each application could benefit from a standard, configurable, decentralized ledger with flexible semantics. We will study the feasibility of this concept by building a proof-of-concept Linked Data ledger format and architecture. We intend to configure this architecture to demonstrate how to publish credentials (aka verifiable attributes) to address specific DHS use cases and to commercialize the created technology. The proposed architecture would enable ledgers to provide independently, cryptographically verifiable credentials with flexible semantics. This approach decouples issuing and verification services, reducing infrastructure requirements and costs for issuers. It also increases a ledger's utility and number of participants, resulting in cost sharing and increased incentives to provide the high availability now only required by the verification process. For example, fire and rescue organizations could publish credentials about personnel to a highly available public ledger. First responders could then be authenticated to gain access to protected sites or resources by demonstrating ownership over these credentials via their mobile device. Even if the credential issuers had experienced complete system failure, the verification process would be unaffected. This approach encourages shared infrastructure costs, highly available verification systems, and new forms of authentication and authorization for numerous applications, including those that would benefit the DHS.

H-SB016.1-002
Applicability of Blockchain Technology to Privacy Respecting Identity Management

HSHQDC-16-C-00059 HSHQDC-16-R-00012-H-SB016.1-002-0034-I
(HSHQDC-16-R-00012 Phase I)
Xcelerate Solutions Response to H-SB016.1-002

Celerity Government Solutions, LLC
8405 Greensboro Drive, Suite 930
McLean, VA 22102-5110

05/02/2016
to
11/01/2016
$99,000.00

Xcelerate proposes a project team of identity, security, privacy, and blockchain subject matter experts (SME) to perform research that determines the feasibility of a blockchain solution enabling users to establish and maintain trusted identity transactions with public and private organizations. Our solution will enable users to develop an immutable identity transaction history, including verified identity information, to be used as inputs to determine trust confidence levels based on past transaction history. It will provide an authoritative source of participant consumer identity attributes that Service Providers could use for attribute verification. A solution that is easily integrated with other technologies and leverages the advantages of blockchain technology will be valuable to the identity ecosystem and address key problems for which there are currently no viable solutions. This phase will produce a set of requirements, informed by privacy and security assessments of existing public and private blockchains, to be used in the design and prototype of a blockchain solution to be developed in Phase II. Security and privacy-by-design will be key tenets throughout Phase I to ensure the solution meets the requirements for Federal Government identity services. This feasibility study will evaluate blockchain implementations that meet these requirements. New concepts and methods will be developed to assess and design the security and privacy of blockchain technologies. We will develop a technical prototype to demonstrate its privacy, security, and technical capabilities and will complete a commercialization strategy to operationalize the solution for DHS as a deliverable of Phase I.

H-SB016.1-005
Internet of Things (IoT) Low-Cost Flood Inundation Sensor

HSHQDC-16-C-00076 HSHQDC-16-R-00012-H-SB016.1-005-0030-I
(HSHQDC-16-R-00012 Phase I)
Internet of Things (IoT) Low-Cost Flood Inundation Sensor

Progeny Systems Corporation
9500 Innovation Drive
Manassas, VA 20110-2210

05/02/2016
to
11/01/2016
$99,672.00

Progeny Systems proposes to develop a deployable, low-cost flood inundation sensor for alerts, warnings and notifications to responders and citizens using IoT Wireless Emergency Alerts. The sensor will be ruggedized, modular, deployable, GPS-enabled, and submersible. The sensor will be part of a scalable wireless mesh sensor network. The sensor network will consist of an array of wireless sensor nodes that can measure ever-changing flood conditions and report them back to an operations center through a gateway node. The data from all the nodes in the network will be collected and analyzed at the operations center so as to rapidly predict, detect and react to inundation of low-lying areas, underpasses, and critical transportation corridors. This critical data will allow for federal, state and local governments to make real-time decisions pertaining to flood response.

H-SB016.1-008
Using Social Media to Support Timely and Targeted Emergency Response Actions

HSHQDC-16-C-00062 HSHQDC-16-R-00012-H-SB016.1-008-0025-I
(HSHQDC-16-R-00012 Phase I)
Social media Triggers for Alerting and Response (STAR)

DECISIVE ANALYTICS Corporation
1400 Crystal Drive
Suite 1400
Arlington, VA 22202-4361

05/02/2016
to
11/01/2016
$99,992.89

Information present in social media is valuable to emergency response organizations which have a need to maintain situational awareness about the events and activities in a region of interest. Approaches to using social media to inform emergency personnel in rare and large-scale events such as earthquakes and hurricanes have been studied. However, the emergency response community has little experience with use of social media to improve the information available to first responders in more routine emergencies. The research proposed here applies Natural Language Processing and Machine Learning algorithms to the problem of extracting the signal of emergency incidents from social media data. In Phase I, the DAC team will identify a set of emergency incident types whose social media profile allows for incident detection, alignment with CAD incident data, and extraction of response-relevant information. At the conclusion of Phase I we will understand the tradeoffs between automated processing and manual analysis of social media and will be able to quantify the benefits social-media-sourced information can bring to the first responder. We will develop a prototype system that will demonstrate the feasibility of our approach, and define the requirements and touchpoints for integrating social-media algorithms into CAD systems. The technology developed under this effort can be transitioned into commercial emergency dispatch systems, and easily repurposed to address a variety of law enforcement and intelligence analysis scenarios. This work will be developed in partnership with the FDNY.

H-SB017.1-003
Do Not Spoof Services for Modern Telephony

HSHQDC-17-C-00036 HSHQDC-17-R-00010-H-SB017.1-003-0006-I
(HSHQDC-17-R-00010 Phase I)
Verification of Caller Ascertained Logically (VOCAL)

AnaVation LLC.
11654 Plaza America Drive
suite 500
Reston, VA 20190-4700

05/01/2017
to
10/31/2017
$99,893.19

AnaVation is proposing the development of two systems designed to solve the challenge of government to outside and government to government spoofing respectively, both of which would be integrated into a Comprehensive Investigate Dashboard to provide organizations with an expansive view into the types and frequencies of call spoofing attempts. The first system would be an on top, out of band solution that would enable reactive event-driven detection and notification of government to outside call spoofing. The second system would be a multi-factor authentication solution that, in the case of government to government call spoofing, would enable employees to vet communications to uncover malicious spoofing attempts and thus take action to cease communications before sensitive information could be conveyed and/or compromising actions undertaken. A key distinction between the two systems is while the first system is fully automated, the second requires human interaction and training.

H-SB017.1-004
Identity Verification & Validation for Mobile Networks Authentication Enhancement

HSHQDC-17-C-00029 HSHQDC-17-R-00010-H-SB017.1-004-0004-I
(HSHQDC-17-R-00010 Phase I)
SIM Forward: Leveraging Trusted Authentication for New 5G Services

NAND Technologies Inc
170 Shannon Woods Drive
Front Royal, VA 22630-9212

05/02/2017
to
11/01/2017
$100,000.00

Threats to mobile networks are pervasive and deep. Due to aging standards and an initial approach of minimum viable security significant risks persist. Spoofing, tampering, and denial of service are three primary vulnerabilities. Ultimately updating global standards to increase authentication and security is likely to be the terminal solution, however this is likely to take well over to a decade. The widely know SS7 vulnerabilities were first documented almost two decades ago yet the root problem has yet to be resolved or replaced. The best solution is to create a stop-gap measure for modern smart phones which relies on existing infrastructure to create a viable commercial solution to these vexing problems. NAND Technologies will research and develop new methods for mobile network authentication by deeply diving into the complex USIM toolkit that was created by the GMSA to enable mobile money deployments directly from the javaSIMcards also know as Java UICCs or simply Javacards. Without affecting the MNO secure domain, critical to all client account transaction, an established trusted service provider can also use over the air access (OTA) to retrieve data in their designated secure domain. This is the basis for this solution.

H-SB017.1-006
Wearable Chemical Sensor Badge

HSHQDC-17-C-00042 HSHQDC-17-R-00010-H-SB017.1-006-0007-I
(HSHQDC-17-R-00010 Phase I)
Wearable Chemical Sensor Badge

Morphix Technologies
2557 Production Road
Virginia Beach, VA 23454-5286

05/01/2017
to
10/31/2017
$100,000.00

First responders such as law enforcement, fire department and emergency service personnel are subject to hazardous environments, including Toxic Industrial Chemicals (TICs). Protecting first responder and their long term health is a priority of the Department of Homeland Security. The objective of the proposed SBIR project is to develop a wearable chemical sensor badge capable of detecting at least four of the targeted high priority Toxic Industrial Chemicals (TICs). The badge will be designed to be worn by first responders, and will provide a visible and auditory alarm if TICs are present at a dangerous level. To enable everyday use by first responders, the badge will be small, lightweight, low-cost and rugged. In phase 1, Morphix will develop a design for the badge, and will conduct proof-of-concept evaluation of the badge concept in a variety of environmental conditions. Morphix intends to market this wearable badge to federal, state and local law enforcement, emergency medical service and other first responders.

H-SB017.1-007
Over-the-air Authentication Technology for Messaging via Emergency Alerts

HSHQDC-17-C-00032 HSHQDC-17-R-00010-H-SB017.1-007-0001-I
(HSHQDC-17-R-00010 Phase I)
AlertPrime: Tokenizing WEA

NAND Technologies Inc
170 Shannon Woods Drive
Front Royal, VA 22630-9212

05/02/2017
to
11/01/2017
$100,000.00

Currently all callerID displays on all cell phones are totally unauthenticated. This means that with the right software or hardware voice spammers can impersonate any corporation, individual or location. Ultimately the solution to this problem is to update the 3GPP standards and require this field to be validated and authenticated. Until that time NAND Technologies proposes to use a combination of techniques already being successfully applied to spam in other areas. The unique adaptions to voice form the basis of this proposal and can serve as an effective stop gap measure until the root cause of the problem is resolved. These methods and the linked applications can also serve as a case study for the needed standards updates.

H-SB018.1-005
LMR-P25 and LTE Mission Critical Push to Talk Interface Service

70RSAT18C00000042 FY18.1-H-SB018.1-005-0005-I
(FY18.1 Phase I)
LMR-P25 and LTE Mission Critical Push to Talk Interface Service

Catalyst Communications Technologies Inc.
2107-D Graves Mill Road
Forest, VA 24551-4293

05/02/2018
to
11/02/2018
$149,882.19

In this Phase I project, we will determine the feasibility of building an interworking solution to provide interoperability between LTE and LMR systems for mission critical operations, while improving interoperability between current LMR systems. In Phase I we will build upon the requirements work already done by NPSTC to determine the feasibility of meeting requirements for interworking when standard interfaces are used. In Phase II, we will combine innovations created through this study with our interoperability products to deliver a software-based prototype LMR to LTE MCPTT solution and will commercialize this interworking service software product in Phase III. To support the transition to LTE MCPTT, we will create a scalable architecture that leverages Radio over IP technology that we have perfected over the last twenty years. As part of our research and development, we will summarize feasibility results by creating comprehensive solutions matrices of standards interfaces versus interworking requirements. We will focus on Project 25 standard interfaces such as ISSI and also evaluate other standards-based systems and proprietary LMR systems. The Catalyst team brings many years of real-world experience in delivering interoperability solutions, ensuring the successful completion of this SBIR program for DHS. The result for DHS and other critical communicators will be smoother transitions to LTE at a lower cost. We have identified a multimillion dollar market for the resulting product that would allow each Public Safety agency to independently route PTT voice between its existing LMR system, FirstNet's LTE network, and other LMR systems.

H-SB018.1-008
Automated & Scalable Analysis of Mobile & IoT Device Firmware

70RSAT18C00000025 FY18.1-H-SB018.1-008-0009-I
(FY18.1 Phase I)
SAFARI: Scalable Analysis of Firmware for AndRoid and IOS

Kryptowire, LLC
5352 Brandon Ridge Way
FAIRFAX, VA 22032-3282

05/02/2018
to
11/01/2018
$149,993.72

To address the supply chain threats that stem from vulnerable or malicious software distributed through firmware on mobile and IoT devices via binary firmware images, we propose a scalable, comprehensive, and automated framework to detect firmware-borne threats, both malicious and (un)intentionally insecure, present in Android and iOS devices. We use a workflow encompassing three analysis techniques: forced-path execution, static analysis, and dynamic analysis across multiple software modules and applications. The novelty of our approach is based on its capability to provide analysis of software across different vendors, operating system versions, and applications as opposed to single application testing that has been our aim for previous work on mobile application testing. Being able to identify and trace data and control flow between different applications, the operating system, and back-end services for Android and iOS devices (mobile and IoT) is necessary to uncover code vulnerabilities and threats in the presence of software bundles such as the firmware images. In addition, recognizing that no single binary code analysis approach is without its shortcomings, so we address and complement the shortcomings of each individual approach, by employing a more comprehensive analysis using a diversity of analysis techniques. We detail a feasibility study for the design and implementation of, a novel system that will automatically identify, trigger, and analyze vulnerabilities in firmware. Our goal is to uncover any code vulnerabilities and design errors and their effects by efficiently enumerating and null-fuzzing all statically and dynamically accessible software components on the firmware.

H-SB04.1-002
Chem-Bio Sensors Employing Novel Receptor Scaffolds

NBCHC040074 04110123
(FY04.1 Phase I)
Chem-Bio Sensors Employing Novel Receptor Scaffolds

BioTraces, Inc
13455 Sunrise Valley Dr., Suite 200
Herndon, VA 20171-3296

04/01/2004
to
10/15/2004
$99,723.00

The goal of this SBIR Phase I project is to develop supersensitive MPD enabled, binding assays for detection of BW agent using aptamers as the capture molecules instead of antibodies. Multi Photon Detection (MPD) is the most sensitive methods for protein detection and achieved a few zeptomole sensitivity. MPD enabled immunoassays will be developed first and from these Super-ELISA methods will be developed that will use not radioactive materials. Assays will be developed for one example of each type of BW agent: a protein toxin, botulism toxin, a bacterium, Bacillus anthracis, and a virus, Vaccinia as a surogate for smallpox. Sensitivities of about one virion per liter of air are expected, which is about 100-fold more sensitive than prior art P-chip-based detectors for multiple viral targets.<br><br>The broader impact of these activities lies in the application of proteomics methods to the detection of pathogens that have the potential to be used as biological weapons (BW) by armies or terrorists. The methods developed may deliver better tests for the rapid and sensitive detection of these pathogens. Such improved tests would improve the security of US troops in the field as well as the civilian population at home.<br>

H-SB04.1-004
Computer Modelling Tool for Vulnerability Assessment of U.S. Infrastructure

NBCHC040112 04111120
(FY04.1 Phase I)
Vulnerability Assessment Tool For Homeland Security

SPATIAL DATA ANALYTICS CORPORATION
1344 Carpers Farm Way
Vienna, VA 22182-1347

05/02/2004
to
11/16/2004
$98,958.98

Spatial Data Analytic Corporation`s (SPADAC) Vulnerability Assessment Tool For Homeland Security will be built on top of a Geospatial Information System (GIS) to provide a digital map that indicates areas of high concern. Spatial Feature Temporal Analysis will be used to allow for the capture and reuse of targeting signatures for any given group. The system will be built so that a signature can be generated for any set of spatial data, thereby offering commercial oppurtunities in other sectors. In addition to preparing a system conceptual design, SPADAC will derive initial signatures for two relevant terrorist groups. It will then be shown how these signatures can be applied to new areas of interest where historical events have not yet occurred.

H-SB04.1-007
Ship Compartment Inspection Device

NBCHC040117 04111094
(FY04.1 Phase I)
advanced ultrasonic inspection device

Ceres Biotechnology
800 East Clay Street
suite 16
Richmond, VA 23219-1534

04/19/2004
to
11/01/2004
$100,000.00

What is proposed is a listener analysis of ultrasonic echoes generated in fluid filled tanks. Ultrasonic hearing humans is possible and the firm has a SBIR on a related device for the blind. The company also has the rights to an ultrasonic hearing air patent. The brain is capable of extracting the ultrasonic signal from the tank

H-SB04.1-008
Advanced Secure Supervisory Control and Data Acquisition (SCADA) and Related Distributed Control Systems

NBCHC040068 04110895
(FY04.1 Phase I)
SCADA IDS

SNVC
12150 Monument Drive
Suite 510
Fairfax, VA 22033-4063

04/01/2004
to
07/31/2004
$99,850.00

Legacy Supervisory Control and Data Acquisition (SCADA) has no cyber security - messages are in clear text; messages are unauthenticated; management commands are issued via dial up ports protected by weak passwords and administered by poor password administration practices. This results in either inadequate security or a potential for denial of service. Based on the type of utility infrastructure involved, an intelligent attacker, or threat agent, would focus his/her efforts on the appropriate vulnerability to cause the most damage possible. In the case of electricity, attacks through the backdoor maintenance ports may be more devastating than attacks through the front door SCADA network; by changing protective relay settings, the attacker can effectively disable all built-in protective circuitry within a portion of the electrical grid. In liquids utilities, i.e.; gas, oil and water pipelines, attacks through the front door SCADA network may be more devastating; by repeatedly issuing 'open valve' and 'close valve' messages, a "hammer effect" can be created which could rupture pipelines or damage valves and pumps.

H-SB04.1-008
Advanced Secure Supervisory Control and Data Acquisition (SCADA) and Related Distributed Control Systems

NBCHC040081 04111216
(FY04.1 Phase I)
CKM-based Management System for SCADA/DCS operations

TecSec
1953 Gallows Road
Suite 220, VA 22182-4003

04/01/2004
to
10/15/2004
$99,960.00

TecSec's CKM technology and tool kit will be used to develop an effective, easy to use, Secure Cryptographic Management System (SCMS) to protect SCADA systems/network. The management scheme will be designed to meet all unique requirements for SCADA/DCS operations, and provide a seamless migration of future protection schemes. The SCMS facilitates an RBAC methodology that can be set up to reflect the organizational units operating rules and procedures of an end user, and extends seamlessly the security procedures for SCADA/DCS operations. CKM technology systemizes key creation, implementing dual control or split knowledge by using key components to construct the final working key. This working key may be used in several ways including a session key, for a store-and-forward application such as e-mail, and for file encryption applications such as archiving, or protecting file information until accessed by a user.

H-SB04.2-001
Cross-Domain Attack Correlation Technologies

NBCHC050006 0421204
(FY04.2 Phase I)
DECISIVE ANALYTICS Corporation Response to Cross-Domain Attack Correlation Technologies

DECISIVE ANALYTICS Corporation
1235 South Clark Street
Suite 400
Arlington, VA 22202-3264

11/01/2004
to
05/15/2005
$99,999.00

The DECISIVE ANALYTICS Team presents a suite of novel technique to perform distributed event correlation across distinct administrative domains while preserving privacy. Our approach for detecting attacks is based on the facts, prerequisites, and consequences of an attack. Such an approach allows us to detect well-known and stealthy attacks while also minimizing false alarms. Normal and suspicious activities are represented by graphs that are automatically constructed where nodes of the graph represent an event in the system, and arcs represent their relationships. We use data mining techniques such as clustering, classification, and frequent episodes mining to correlate events and attacks within an administrative boundary We perform event correlation across administrative boundaries by utilizing probabilistic statistical causality techniques, and preserve privacy by using Secure 2-Party Computational techniques such as multivariate statistical analysis to enable secure collaboration across domains. These techniques are implemented as a set of intelligent agents that collaborate across administrative domains and provide alerts to the security analyst as attacks against the Homeland's critical infrastructure are identified. We anticipate commercial benefits as we transition the technology to our partner, Cisco Systems, for deployment as part of their PIX Security Appliance. Potential spinoff applications include intelligence analysis and securities fraud.

H-SB04.2-002
Real-Time Malicious Code Identification

NBCHC050011 0421135
(FY04.2 Phase I)
A Heuristic Approach to Detecting Anomalous Protocol Payloads

Cigital, Inc.
Suite #400
21351 Ridgetop Circle
Sterling, VA 20166-6561

11/01/2004
to
05/15/2005
$94,027.00

Internet worms have become a common occurrence, but they have yet to inflict significant damage on our information infrastructure. Security experts predict the dawn of a new age of superworms that are far more dangerous than those we have encountered, and whose speed, stealth, and destructive power pose a significant threat. One promising approach to preventing the spread of future worms is to examine network traffic for unusual content. Certain types of content do not belong in particular application protocols, and yet such inappropriate content is often part of worm-based attacks. To combat the growing threat of Internet worms, Cigital proposes to develop a network traffic filtering capability based on the detection of anomalous data in network protocols. During this project we will validate our approach by applying it against known attacks and gathering information concerning its detection rate, false positive rate, and impact on system performance. The results will indicate the viability of expanding this approach to cover additional protocols and of extending our heuristics to cover additional categories of threats.

H-SB04.2-005
Innovative Techniques for Concealed Weapons or Explosive Detection at a Distance

NBCHC050016 0421199
(FY04.2 Phase I)
Distant Detection of Concealed Weapons

Luna Innovations Incorporated
1 Riverside Circle
Suite 400
Roanoke, VA 24016-4962

11/01/2004
to
05/15/2005
$99,955.93

Luna Innovations is investigating an ultrasonic/acoustic detection system for concealed weapons and explosives for the Department of Justice. Using ultrasonic beams to achieve a focal spot on the target, this device generates acoustics to probe under clothing. Acoustics, derived from nonlinear interactions of two beams with different frequencies, mix and penetrate clothing to hear what is inside. The DOJ project is for a small, portable device at shorter distances. Building on that success, we propose a scaled-up system optimized for relevant distances desired by HSARPA. Significant design issues must be resolved to make this step. This SBIR will determine source parameter designs analyzing parametric vs. crossed-beam generation optimizing the probing frequencies. These findings permit a systems-level design for a long-distance field prototype to detect and classify anomalous concealed elements carried on a human body. The benefits of this approach are that the data are derived from mechanical parameters such as impedance, resonance, and geometry which are hard to hide from a sound beam. This brings an independent view of a suspect. The measurement is non-injurious, potentially light-weight, low-cost and portable. Commercial applications include security, inspection, quality control and medical devices.

H-SB05.1-001
ADVANCED SAMPLE PROCESSING OF LIQUID, OR SOLID OR AEROSOL SAMPLES, OR A COMBINATION OF TWO OR THREE

NBCHC050115 0511129
(FY05.1 Phase I)
Electrostatic-magnetostatic Separation of Biological Samples During Electrospray Processing

American Research Corporation of Virginia
1509 Fourth Street
P.O. Box 3406
Radford, VA 24143-3406

06/01/2005
to
12/15/2005
$100,000.00

Recent events showing the willingness of terrorist organizations and rogue states to consider biological weapons of mass destruction have underscored the need for rapid means to identify these agents. In particular, first responders entering a scene where biological agents may have been dispersed must have the tools necessary to characterize bioweapons in aerosols and in complex liquid or solid matrices. Existing rapid methods of bioanalysis relying upon polymerase chain reaction (PCR), gene chips, and protein and antibody arrays require substantial sample preparation to provide consistent results in the face of interferences, contaminants and inhibitors that are present in ambient air and water and samples eluted from solid surfaces. This proposal suggests the use of atmospheric electrospray ionization in conjunction with nanoparticle enhancement of separation efficiency as a means of high-throughput sample preparation. The innovation of the proposed biological sample processing system is the combination of electrospray ionization in the presence of functionalized nanoparticles with downstream magnetic charge-based and mass-based separation to provide selective concentration and purification of biological materials. The Phase I Technical Objectives include design and fabrication of a laboratory electrospray processing system having downstream electrostatic and magnetostatic separation, evaluation of the effect of magnetic and high-charge density nanoparticle additives on the efficiency of biomolecule purification and concentration, and acquisition of families of test data using simulated biological samples for use in optimization of a proof-of-concept prototype system. In Phase II, test procedures will be automated and miniaturized for further development in the Phase III commercialization segment of the program. Successful completion of the Phase I program will result in the demonstration of electrospray techniques for processing biological samples from various matrices. The processing system will find commercial use in biomedical evaluation of infectious diseases, environmental chemical analysis and food processing.

H-SB05.1-002
IMPROVED SPECTROSCOPIC GAMMA RAY DETECTORS

NBCHC050131 0511098
(FY05.1 Phase I)
A Spintronic Room Temperature High Purity Germanium Gamma Radiation Spectrometer

Sentor Technologies Inc.
11551Q Nuckols Rd
Glen Allen, VA 23059-5565

06/01/2005
to
12/15/2005
$98,593.00

Recent breakthroughs in the emerging field of spintronics (short for spin-based electronics) suggest that it may be possible to develop a high purity germanium detector that operates at room temperature. This tantalizing possibility is due to the discovery that the resistance of a semiconductor device with anti-aligned spintronic front and back contacts is independent of the intrinsic carrier concentration and depends only on the alignment and polarization of the contacts. The objective of the proposed research program is to develop and demonstrate the world's first spintronic gamma-ray spectrometer. If successful, the proposed spintronic HPGe detector has the potential to provide a room temperature energy resolution far surpassing any existing instrument.

H-SB06.1-004
SIGNAL PROCESSING FOR A SOUTHERN BORDER SURVEILLANCE SYSTEM

NBCHC060115 0611032
(FY06.1 Phase I)
Sensor Suite and Signal Processing for a Southern Border Surveillance System

Vista Research, Inc.
2231 Crystal Drive, Suite 515
Arlington, VA 22202-3711

09/01/2006
to
03/15/2007
$99,960.00

Vista Research will develop and demonstrate the feasibility of an automated, integrated, and real-time sensor suite and a highly innovative approach to signal processing for a Southern Border surveillance system. Sophisticated algorithms enable the use of low-cost, COTS and GOTS sensors by shifting the surveillance burden from sensors to IBM CELL supercomputing technology. Our specific surveillance system uses tower-mounted, low-cost Radars and visible EO and LWIR sensors for automated, real-time, 360-degree, 24-h coverage. The wide area radar surveillance system will detect and track people and vehicles automatically at distances up to 12 km from the border and cue EO/IR sensors for high-resolution classification at distances up to 3 km. Vista's automated, real-time, Radar tracking algorithms provide powerful discrimination against false alarms, and enable effective operations in inclement weather. EO/IR sensors, which allow day/night operations, are automated and integrated with the radar, and enable stand-alone surveillance detection, tracking, and classification. Real-time, streaming LWIR and color images are presented to an operator for each suspected illegal person or vehicle for confirmation before deploying resources to an apprehension point. A low-cost tracker UAV can be launched to confirm classification and support apprehension.

H-SB06.1-006
INSTANTANEOUS REMOTE SENSING DATA RECEIVING AND PROCESSING FOR EMERGENCY RESPONSE

NBCHC060128 0611051
(FY06.1 Phase I)
Situation Awareness For Emergency Response

Trident Systems Incorporated
10201 Fairfax Boulevard, Suite 300
Fairfax, VA 22030-2222

09/01/2006
to
03/15/2007
$99,842.00

Modern communications and sensor technology holds great potential for providing rapid insight and understanding of complex events. This is particularly true in emergency response, given the importance of rapid response in minimizing the resulting damage to people, property, and national security in the event of natural disaster or terrorist attack. There are a variety of high-resolution airborne sensor platforms that can provide valuable multi-spectral imagery data of affected areas, along with emerging communications technologies to distribute this data, if only it can be done in a manner that allows global, yet secure, access. To fill this requirement, Trident Systems is leveraging its extensive experience in image/data/voice communications to develop the Situation Awareness For Emergency Response (SAFER), which will integrate this remote sensor data distribution capability with other types of situational awareness information. This connectivity will be implemented in a secure fashion, enabling the coordination of sensitive operations on the federal/state/local levels. Work on this effort will consist of detailed requirements analysis, architecture specification, and integration of existing and emerging remote sensing capabilities into a flexible NIMS-compliant network architecture. The SAFER will be implemented in a manner that allows rapid deployment, configuration, and operation to support first responders in emergency situations.

H-SB06.1-006
INSTANTANEOUS REMOTE SENSING DATA RECEIVING AND PROCESSING FOR EMERGENCY RESPONSE

NBCHC060129 0611062
(FY06.1 Phase I)
Intelligent Sensor Distribution Architecture (ISDA)

dFuzion, Inc.
21536 Iredell Terrace
Ashburn, VA 20148-5032

09/01/2006
to
03/15/2007
$99,987.19

dFuzion engineers have worked with soldiers in several military exercises, including Naval Warfare Development Command's (NWDC) Fleet Battle Experiments and the Joint Forces Command's (JFCOM) Forward Look Experiments. In these experiment sets, we designed and developed a lightweight intelligent bandwidth video dissemination architecture that allowed soldiers with limited bandwidth capabilities to receive video and telemetry information from operational UAVs. Although dFuzion engineers have proven the ability to transmit situational awareness information to the warfighter with unreliable and limited resources, the ability to adapt this capability for incident management has yet to be demonstrated. dFuzion proposes designing and demonstrating a lightweight, deployable, and scalable Intelligent Sensor Distribution Architecture (ISDA) that allows multi-spectral sensor information to be acquired and distributed to users at all levels of incident response (local, state, and federal). ISDA is envisioned to become an integral component of UICDS. The ISDA concept of intelligent delivery of source content to users in near real-time using multiple transmission means could significantly fit within the emerging streaming media market (video/audio on demand, etc).

H-SB06.1-007
NETWORK-BASED BOUNDARY CONTROLLERS

NBCHC060132 0611063
(FY06.1 Phase I)
Cross Domain Controller (CDC)

Trident Systems Incorporated
10201 Fairfax Boulevard, Suite 300
Fairfax, VA 22030-2222

09/01/2006
to
03/15/2007
$99,968.00

The current, dominant approach to implementing secure boundary controls across networks for information exchange is the use of secure Guards. This technology consists of a separate computer system using a trusted operating system and hosting the guarding software and appropriate filters. By definition, the use of a Guard requires that networks be defined as "high side" and "low side" and the Guard system itself must reside within the "high side" domain. While this approach satisfies Department of Defense and Intelligence Community requirements, it has proven to be unworkable and cost prohibitive in the commercial network environment. Trident Systems proposes to leverage the existing technologies from the distributed computing research community and Trident expertise with cross-domain collaboration to develop the Cross Domain Controller (CDC). The CDC will be installed on each network and will eliminate the need for traditional Guard systems. It will provide a secure execution environment for cross-domain information exchange by enforcing the domain specific policies. The CDC system will provide services required to secure the communication medium (authentication, confidentiality, and access control) and capabilities to manage and customize security policies. Additionally, Trident Systems will leverage open source products where possible to minimize the cost for end users.

H-SB06.1-008
BOTNET DETECTION AND MITIGATION

NBCHC060137 0611147
(FY06.1 Phase I)
Inline Botnet Extraction and Prevention

Endeavor Systems, Inc.
1420 Spring Hill Road, Suite 600
Mclean, VA 22102-3006

09/01/2006
to
03/15/2007
$100,000.00

Phase I of this project researches a new approach for collecting a higher degree of relevant bot executables by exploiting the infect vector weakness and by utilizing an inline device that both protects systems and captures the bot as it attempts to infect. Most recent botnet research relies on honeynets to collect bots. Reliance on a single collection mechanism, such as honeypots, creates a weakness where attackers can determine targets to avoid. Also, the effectiveness of dark space honeypots in an IPv6 type Internet is unknown. Endeavor proposes a technique that collects and prevents bot malware while infection is attempted against systems, bypassing the dependency on honeypots. Proving the feasibility of extraction in the infection vector in Phase I lays out the foundation for developing the inline botnet extraction and prevention system in phase II. Endeavor has created and operates a commercial decoy sensor grid, FirstLight, which collects and analyzes botnets. We propose leveraging FirstLight including an inline IPS for the proposed research in order to reduce time-to-deployment. The research results will be packaged as a part of our FirstLight commercial offering.

H-SB06.2-003
ADVANCED UNATTENDED GROUND SENSOR (UGS) TECHNOLOGIES

NBCHC070075 0621027
(FY06.2 Phase I)
Advanced Unattended Ground Sensor (UGS) Technologies for Disposable Sensors

MCQ INC.
1551 Forbes St.
Fredericksburg, VA 22405-1603

03/21/2007
to
10/06/2007
$99,845.00

The proposed SBIR will develop a network of imaging sensors that are extremely small (<12 cu in), lightweight (<8oz), inexpensive ($350) and very low power. The imaging sensors will communicate via a true mobile ad hoc mesh network (MANET) to a small long haul (>50 mi) communications node that will relay data into a TCP/IP network to a serve based graphical user interface. The imaging sensor nodes will perform internal image processing to extract target features. A schema of target features will be developed that is compatible with MANET operation. The sensor nodes will also perform distributed processing of the target features to enhance target identification and provide tracking. System level issues such as covertness, battery life and energy harvesting and environmental hardening will also be addressed. McQ has defined an approach for a Phase I program that will advance the technical concepts that are rooted in our prior research and project areas. McQ has over 15 years of experience with the research, design and development of high performance UGS systems that include imaging systems for border applications. During Phase I we will use our existing resources as a basis for experimentation to support the development of a preliminary design of a disposable imaging sensor node that is tailored for border monitoring applications.

H-SB06.2-006
AUTOMATED SCENARIO/SCRIPT BUILDER FOR SIMULATION-BASED TRAINING SYSTEMS

NBCHC070071 0621096
(FY06.2 Phase I)
Rapid Scenario Training and Evaluation for Responders (RaSTER) Tool

Continuity Solutions, LLC
10700 Parkridge Blvd Suite 410
Reston, VA 20191-5418

03/21/2007
to
10/06/2007
$99,922.00

Continuity Solutions (CS), LLC. proposes to apply our experience and capability in developing scenario scripting tools for training to ensure the Department of Homeland Security is prepared to decisively perform in demanding situations. CS proposes a holistic, easy-to-use approach to comprehend and evaluate emergency preparedness requirements and associated responses. Our approach extends the traditional table-top paradigm by allowing rapid integration of capabilities beyond organic facilities, personnel, and supply chains. CS proposes to develop a system that will: Apply an intuitive user interface to rapidly develop scripted scenarios to train emergency responders; Link diverse functions, infrastructures and entities internal and external to the DHS chain of responsibility; Create a state-of-the-art Web Services Oriented Architecture allowing web based collaboration and participation; Coherently inter-link data across diverse issues, infrastructure and functions; Leverage state of the art advances in architectural modeling and simulation.

H-SB07.1-006
Enhanced Project Safe-Cracker

NBCHC080023 0711053
(FY07.1 Phase I)
Accelerated Encryption Key Recovery Using FPGAs

Crucial Security Inc.
14900 Conference Cntr Dr
Suite 225
Chantilly, VA 20151-3831

10/22/2007
to
05/07/2008
$97,916.49

This proposal describes a system that would expedite the lawful decryption of encrypted containers by leveraging the computational speed of field-programmable gate arrays (FPGAs). The proposed system, which is partially hardware-based, will provide dramatic increases in speed when compared to purely software-based solutions. In addition to being able to increase speed, the solution is also highly scalable, as up to 28 of the recommended FPGAs can be used in parallel on a single desktop computer. During Phase I, Crucial Security will design and develop a proof of concept tool to recover data that has been encrypted with an open source encryption product. The work during this phase will involve comparing the performance of the proposed solution, using a single FPGA, against a pure software-based system. The work will form the foundation for subsequent development for decryption of multiple common encryption container formats. It will also open the door to using multiple FPGAs in parallel to achieve even greater performance gains.

H-SB07.1-006
Enhanced Project Safe-Cracker

NBCHC080013 0711070
(FY07.1 Phase I)
Distributed Project "Safe-Cracker" Network

Luna Innovations Incorporated
1 Riverside Circle
Suite 400
Roanoke, VA 24016-4962

10/22/2007
to
05/07/2008
$99,967.08

As the use of strong encryption techniques becomes more prevalent, the methods used by law enforcement to recover encrypted information need to change in order to keep pace. The days of cracking a ZIP file password within an hour are quickly ending as many modern algorithms, like AES, can require testing 2128 different keys. Even assuming a full decrypt operation on an arbitrary length file takes one second, testing all possible keys would require an astronomical amount of time. In the absence of sophisticated cryptanalysis attacks to reduce the complexity of key discovery the only method of decreasing the amount of time to crack a cipher is to speed up the brute force process. One method of decreasing the amount of time needed for a brute force attack is distributed computing. Luna Innovations Incorporated will develop the Distributed Project "Safe-Cracker" Network, a distributed computing environment for the existing Project "Safe-Cracker" project, which will allow a massively parallel effort to decrypt files intercepted by Department of Homeland Security Law Enforcement Agencies. Luna's unique combination of experience in security, web-enabled applications, and high performance computing will ensure that we will successfully complete and commercialize the efforts of this SBIR.

H-SB07.1-009
Improved Solid-State Neutron Detection Devices

HSHQDC-07-C-00121 0711040
(FY07.1 Phase I)
A process to enable large-scale manufacturing of solid-state neutron detectors

HY-Tech Research Corp.
104 Centre Court
Radford, VA 24141-5123

09/25/2007
to
03/24/2008
$149,990.00

The main objective of this DHS SBIR project is to enable large-scale and economical production of high-sensitivity, solid-state, thermal neutron detectors for use in radiological inspection. This will be done by testing a novel, high-density, energetic ion deposition technique for depositing the active material, boron-10, onto the patterned silicon, which forms the substrate for these devices. In particular, this process will be applied to the highly efficient neutron detectors, now under development at the Lawrence Livermore National Laboratory (LLNL). The substrates for these new devices feature a micron-scale topography that is very difficult to coat with existing boron deposition techniques. Therefore, the Phase I project will combine the unique expertise at HY-Tech on efficient boron deposition with LLNL's expertise on the development and testing of the devices to move this technology to manufacturing readiness. Testing at LLNL will include electron microscopy to verify the effectiveness of the coating and thermal neutron conversion efficiency measurements to test the quality of the deposited material. In the Phase II, devices will be optimized and a prototype of a commercial boron deposition system will be developed.

H-SB07.1-009
Improved Solid-State Neutron Detection Devices

HSHQDC-07-C-00125 0711185
(FY07.1 Phase I)
Low Power Compact Integrated Neutron Detector

Trojan Defense LLC
2417 Mill Heights Drive
Herndon, VA 20171-2983

09/25/2007
to
03/24/2008
$149,998.00

This SBIR focuses primarily on monitoring intermodal sea containers. The proposed solid-state detector is also suitable for other deployments, including embed in cell phones for a widely dispersed distributed detection network, or in planned devices such as the Intelligent Personal Radiation Locator. Furthermore other conveyances such as passenger and cargo planes, over-the-road trailers and rail cars can also be monitored with the proposed detector. This detector takes advantage of opportunities for long-term signal detection and integration to detect even low-level or well obscured threat signals. The proposed design uniquely meets the low power consumption, long battery life commercial requirements for tracking and monitoring of goods transported globally. The detector proposed will meet efficiency and sensitivity goals and be useful for real time monitoring of background neutron flux

H-SB08.1-003
Mapping of Long-term Threats, Vulnerabilities, and Impacts

HSHQDC0800079 0811216
(FY08.1 Phase I)
Current Event - Future Outcome (CEFO) Predictive Framework

High Performance Technologies, Inc.
11955 Freedom Drive
Suite 1100
Reston, VA 20190-5683

07/30/2008
to
02/13/2009
$99,990.00

Critical infrastructure is the backbone on which this country's success and prosperity are built. As a highly technically advanced nation, we rely heavily on our infrastructure to support all of the challenges of everyday life from providing power, heat, and water to communications, financial transactions, emergency services, and countless other functions without which this country would cease to operate. This foundation, however, is vulnerable. While a considerable number of tools exist to aid decision makers in examining the impact of well defined disaster events, little research has been done to provide real-time analysis and decision support for emerging, dynamic threats. Under this SBIR, High Performance Technologies Inc. proposes the creation of the Current Event - Future Outcome (CEFO) Predictive Framework, which will leverage modern advances in predictive capability with mathematical sensitivity and factor analysis to provide enhanced support for analysts and policy makers as events are occurring. Through the use of a three-layered architecture, CEFO will allow users to identify and prioritize key, event specific factors throughout all stages of the event chain and provide predictive insight into the potential impact and associated risks of emerging threats.

H-SB08.1-005
Smart Sensor System

HSHQDC0800069 0811231
(FY08.1 Phase I)
Semantic Mesh of Intelligent Sensors

Trident Systems Incorporated
10201 Fairfax Boulevard, Suite 300
Fairfax, VA 22030-2222

07/30/2008
to
02/13/2009
$99,831.00

Trident is proposing the development of a Semantic Mesh of Intelligent Sensors (SMIS), an intelligent wireless sensor network for use in improving the performance of surveillance and security in crowded environments-such as airports, shopping districts, and sporting events. This network will be based around Trident's existing suite of wireless sensor nodes, which offer dynamic meshing capabilities along with very flexible sensor interfacing options and long battery runtimes. Trident proposes to enhance the capabilities of this sensor network by integrating sophisticated multi-modal signal & image processing capabilities for feature extraction, while maintaining low-power operation. The metadata produced by feature extraction processing will then be input to a semantic processing layer, which will utilize standard OWL-based ontological methods to infer threat activities. A wiki-based data store/interface will be used to provide a flexible methodology for interface to all sensor data, metadata, and semantic results, and will allow straightforward interfacing to other users and systems. The Phase I effort will consist of a detailed requirements analysis, followed by the development of an overall architecture, top-level development of component technology solutions, and proof-of-concept testing and demonstration of key capabilities.

H-SB08.2-001
Engineered Building Materials

NBCHC090004 0821129
(FY08.2 Phase I)
Protective Panels for Bridge Supports

Cellular Materials International Inc.
1200 Five Springs Road, Suite 201
Charlottesville, VA 22902-8756

12/28/2008
to
06/15/2009
$99,910.00

CMI proposes to design, model, and manufacture blast and impactresistant panels for an efficient solution for protecting bridge supports against Light to Medium range IED threats and impact from vehicles, ships, and barges. The proposed solution is an energyabsorbing MicroTrussTM panel that will be retrofitted to bridge supports or pilings with sand between the panel and bridge support to further absorb energy and minimize potential damage to the bridge supports. For Phase I, CMI will demonstrate proof of concept through modeling and subjecting a curved subscale panel approximately 4x4x 6, without sand, to a blast event. By using this MicroTrussTM solution, DHS will provide key transportation bridges with a countermeasure designed to limit the damage caused by intentional or accidental incidents involving the bridges piers. When combined with other countermeasures, such as security and surveillance, these lightweight, stateoftheart blastresistant panels will provide a vital part of a multifaceted protection system for the Nations infrastructure.

H-SB09.1-001
Low-Cost and Rapid DNA-based Biometric Device

NBCHC090036 0911018
(FY09.1 Phase I)
SNP-based Desktop Biometric Device for Rapid, Low-cost Verification of Identity and Kinship and Confirmation of Identity by Physical Traits

Parabon NanoLabs Inc
11260 Roger Bacon Drive
Suite 406
Reston, VA 20190-5203

05/15/2009
to
11/30/2009
$99,037.00

DNA has the potential to provide vast amounts of biometric information. However, the current method of analyzing DNA - which produces biometric signatures from sequences of `junk` DNA called short tandem repeats (STRs) - falls far short of realizing this potential. STR signatures are information-poor and the technology required to produce them is terminally incapable of supporting fast, automated analysis. In particular, electrophoresis, an essential step in the readout of STRs, has inherent time, size and reproducibility limitations that prevent its use for rapid, low-cost biometric verification. Parabon NanoLabs proposes to overcome these limitations by using single nucleotide polymorphisms (SNPs - pronounced `snips`) to form biometric signatures. An easy-to-use, desktop biometric device is proposed, based on a novel `SNP chip,` that reads designated SNPs to produce information-rich biometric signatures. It uses these signatures to automatically verify identity and kinship in less than one hour at a cost of under USD 50. The resultant SNP signatures will also provide physical trait information, such as hair and eye color - a capability not possible with STRs. The proposed technology can be further miniaturized to produce a high-speed, handheld biometric device having enormous commercial value across the homeland security, law enforcement, and defense industries.

H-SB09.1-002
Submillimeter-wave Vector Measurements for Explosive Materials

NBCHC090037 0911049
(FY09.1 Phase I)
Modular Frequency Extenders for Vector Network Analyzers

Virginia Diodes Incorporated
979 Second Street SE
Suite 309
Charlottesville, VA 22902-6172

05/15/2009
to
11/30/2009
$100,000.00

Modular frequency extenders will be developed for Vector Network Analyzers to extend their frequency range throughout the band from 100 GHz through 1THz with excellent dynamic range (100dB) and the capability for full four port measurements. The extenders will rely on VDI`s full waveguide band frequency multipliers and mixers that utilize planar, integrated Schottky diode circuits. The modular nature of the system will allow rapid reconfiguration of the components for operation in any of the waveguide bands within a few minutes, while maintaining low cost through the use of the same driver components. In Phase 1 VDI will demonstrate one of the waveguide bands with the required level of performance and the modular nature of the system. This will include the development and demonstration of all of the critical components and the delivery of this extender to the sponsor. This system will serve as a prototype for the commercial sale of VNA extenders for the wider commercial market including national, industrial and university research laboratories that are developing new applications and technologies for this important frequency band.

H-SB09.1-005
Hard Drive Unlocking

NBCHC090043 0911041
(FY09.1 Phase I)
Evidence Preserving Hard Disk Unlocking System

Luna Innovations Incorporated
1 Riverside Circle
Suite 400
Roanoke, VA 24016-4962

05/15/2009
to
11/30/2009
$99,996.89

Luna Innovations will design and develop a hard disk unlocking system that is easily usable by forensic technicians while preserving evidentiary integrity. Our solution will be robust even against anticipated future drive features and drives modified by criminals to have certain anti-tamper properties. This is important as it is nearly certain that manufacturers or criminals will develop such countermeasures to a system that was not designed with such foresight. Examples in related technology include modern flash drives which employ encryption, authentication, and anti-tamper technologies, like the IronKey (www.ironkey.com) and others. We will design our system to be user friendly: specifically, it will illustrate to the user exactly what must be done with a given drive. The system will also optionally make a copy of the entire drive for exploration by LEOs for leads. Law enforcement personnel will be able to access and copy password-protected hard disk drives quickly and with confidence in maintaining evidence integrity for later prosecution. Our tool will provide an intuitive, pedagogical user interface that will allow departments to empower forensic technicians with a new capability in the field that hitherto had required engineers in a laboratory setting. Commercial applications include state and local forensic teams as well as federally approved sales to foreign police services. This expanded market will benefit communities by placing the resource close to more searches in order to obtain timely clues to related criminal efforts. Indeed, such functionality will be needed in the future as more sophisticated criminals use computers to organize their enterprises.

H-SB09.1-007
Autonomous (or alternative) In-Liquid Survey Vehicle

NBCHC090048 0911059
(FY09.1 Phase I)
Tanker Survey Vehicle

Progeny Systems Corporation
9500 Innovation Drive
Manassas, VA 20110-2210

05/15/2009
to
11/30/2009
$99,720.47

The Department of Homeland Security is responsible for maintaining the integrity of our borders and preventing attacks within our country through the use of trade and immigration laws coupled with various tools to monitor for the threat of illegal cross-border activity. This includes numerous points of entry over land, air, and sea. As the threat grows increasingly sophisticated and innovative, so, too, must the tools that monitor those points of entry. One weakness in particular involves tanks filled with fluid in commercial shipping vessels. These areas are not easily searched without offloading content which can be costly, time consuming. Progeny Systems Corporation proposes to perform a detailed system engineering analysis to clearly define the requirements for a tanker survey vehicle and user interface. The requirements analysis will include definition of tankers and the liquids that they carry and define the user interface. Our conceptual autonomous vehicle will be light weight and agile to freely move within the tank and survey the tank for targets. We will incorporate imaging sonar onto the tanker survey vehicle with on-board image processing and detection algorithms to identify anomalies for the user.

H-SB09.2-002
Human-Animal Discrimination Capability for Unattended Ground Sensors

N10PC20007 0921154
(FY09.2 Phase I)
Collaborative Human-Animal Discrimination for Unattended Ground Sensors

Innovative Wireless Technologies, Inc.
1047 Vista Park Drive
Forest, VA 24551-4362

11/01/2009
to
05/15/2010
$99,893.10

Effective human-animal discrimination happens collectively at all levels of an UGS system. The ability to classify a target from footsteps alone as human versus non-human given a single modality and sensor is challenging, thus a collaborative network effort increases the system Probability of Detection (Pd) and minimizes Probability of False Alarm (Pfa). IWT proposes leveraging inter-UGS communication to both increase local classification probabilities and provide a system level indication of target intent. Humans crossing the border, cross with a purpose. This trait differs from animals loitering or stationary vegetation swaying in the wind. Correlation of information between UGS nodes provides strong target behavioral information on location, rate, and direction of travel as well as enhancing the alarm statistics of individual UGS units.

H-SB09.2-004
Software Testing and Vulnerability Analysis

N10PC20012 0921099
(FY09.2 Phase I)
Virtualization and Static Analysis to Detect Memory Overwriting Vulnerabilities

Zephyr Software LLC
2040 Tremont Road
Charlottesville, VA 22911-8635

11/01/2009
to
05/15/2010
$96,155.10

Memory overwriting vulnerabilities (buffer overflow, format string, double free, integer overflow, etc.) continue to plague commercial and government software, providing avenues for attackers to gain unauthorized control over computer systems. Testing tools are needed that will find vulnerabilities so that fixes can be applied before deployment. Existing vulnerability analyses often rely exclusively on either static or dynamic analysis tools, each of which has its strengths and weaknesses. Many defenses require source code for the application being tested, which is not practical for final acceptance testing by software consumers, who are often not allowed access to the source code of the software vendor. The proposed research will enhance and integrate prior static and dynamic analysis tools to enable software producers and consumers to accomplish two important objectives: (1) To strengthen software testing with respect to exercising potentially vulnerable code, and (2) to identify and fix memory overwriting vulnerabilities before software deployment. Only the binary form of the tested software will be needed. The result of the eventual Phase II effort will be an acceptance testing tool that will be commercialized for Linux and Windows systems.

H-SB09.2-004
Software Testing and Vulnerability Analysis

N10PC20013 0921152
(FY09.2 Phase I)
Run Time Tools` Output Integration Framework

Data Access Technologies, Inc
8605 Westwood Center Drive
Suite 503/505
Vienna, VA 22182-2231

11/01/2009
to
05/15/2010
$94,141.00

This proposal addresses the key issue in the normalization of software assurance information: how to integrate the vulnerability findings reported by multiple vulnerability detection tools. The normalization will provide normalized, consistent reporting on type of identified weakness (alignment with CWE) as well as normalized, consistent reporting on location and trace of identified weakness within code (source or binary). The project will build upon and extend the results of several recent government-funded programs in the area of software assurance. Once completed the project will develop an open-standard-based Run Time Tool Output Integration Framework (TOIF) and deliver the integration of several existing open source vulnerability detection tools into this framework. This will mitigate one of the major practical gaps with today`s software assurance tools: the non overlapping findings of the current tools and will enable cross examining the vulnerabilities reported by different tools, something that is currently very dependant on human verification and therefore very laborious. This would enable using multiple vulnerability detection tools in a coordinated manner. The anticipated results will be made available to the community (as open source) of tools vendors, leading to further improvements in vulnerability detection tools through normalization of their outputs, better alignment with existing standards, and better exchanges of software assurance information.

H-SB09.2-007
Enhancing Training Effectiveness through Cognitive State Assessment

N10PC20025 0921121
(FY09.2 Phase I)
Intelligent Bio-Adaptive Team Training System

Human Bionics
190 N 21st Street, Suite B
Purcellville, VA 20132-3077

11/01/2009
to
05/15/2010
$100,000.00

As we face new formidable challenges in the area of global asymmetric warfare, the DHS must be able to rapidly train and test those individuals responsible for screening of persons that may wish to bring harm to the U.S. and its allies. Thus there is a vast need to train individuals faster and to improve training outcomes, possibly by training in teams of screeners working together to improve their operational and situational readiness. Training of personnel to ensure requisite job preparedness with the appropriate operational experience is crucial for mission success. Today`s training environment relies on traditional classroom type sessions utilizing lectures, videos, and web-based methods to communicate the information that screeners need to adequately perform their job. To this end, new methodologies and ideas for training include Team Training Scenarios, which are being presented and awaiting validation under real-world conditions. Team Training allows social interactions among participants, which may reinforce training content uptake and retention through cross associations with other team members. Human Bionics (HB) is leveraging three year`s experience collecting and examining changes in psychophysiological signals from volunteers performing a host of militarily relevant tasks under simulated and real-world conditions. The overall purpose of this work has been to test human-computer mitigation methods and identify an appropriate set of physiological signals and features capable of improving the current state of Screener Training. In Phase I we will determine the feasibility of extending an existing prototype distributed training architecture to meet DHS S&T Training needs.