Topic Information Award/Contract Number Proposal Information Company Performance

Mobile Network Resiliency Research and Development

70RSAT18C00000060 DHS SBIR-2018.OATS-18.OATS-002-0001-II
(DHS SBIR-2018.OATS Phase II)
Mobile Network Resiliency Research and Development

Akamai Physics, Inc
1725 Marquess Street
Las Cruces, NM 88005-3383


There is a requirement to reduce the vulnerability of commercial voice and data networks. These vulnerabilities include cyber-attacks such as SS7, or that which would occur after an EMP event. The cellular network is also vulnerable to external monitoring and tracking. This effort will design, develop, and implement a resilient 4G LTE / First Net cellular capability. To accomplish this, the effort will address security design parameters (detection/alert against SS7, SMS attacks, IMSI catchers, and similar situations. This effort also demonstrates a 4G LTE capability to operate without commercial cellular network or power. As part of that effort, the system will be demonstrated that the system can provide full voice, text, and conferencing over an SBU bridge. The cyber phone effort addresses near-term events (one week). A technology road map that addresses the survivability and sustainability of the communication network will be developed. The key issues are power (and then fuel, provided by a system that can operate autonomously for one year or longer. Issues addressed will include the type of power generation, fuel, and source of fuel, and maintenance. Long-range secure laser communications for high data rates (10 GB: +/sec) will be explored.

Rogue Base Station Situational Awareness R&D

70RSAT18C00000061 DHS SBIR-2018.OATS-18.OATS-003-0001-II
(DHS SBIR-2018.OATS Phase II)
Rogue Base Station Situational Awareness Reseach and Development

Akamai Physics, Inc
1725 Marquess Street
Las Cruces, NM 88005-3383


There is a critical need to detect rogue cellular tower base stations (fake cell towers). Rogue towers are a growing threat to the national cellular phone infrastructure. Initial exploratory tests using 2G and 3G GSM detectors discovered illegal cellular activity in the National Capital Region. Our effort will use both fixed and mobile methodologies to geo-locate rouge cell towers. This process to be developed is to operate in the 2G, 3G, and 4G/LTE, 5G networks to include First Net. By using the encryption systems (oversight detection) to locate illegal cellular activates (both from the rogue cell tower and its clandestine receiver) this information can then be used to neutralize a cellular trigger, confirm illegal monitoring of cell phone traffic, counter denial of service, and stop tracking of personnel. The information on the rogue cell operations will be integrated into a data collection and characterization base which will then able to be shared through a government controlled web portal. This process will be developed to perform with assessment and mitigation strategies, especially tailored against espionage and potential physical events (IEDs, critical infrastructure hacking, etc.).

Alternatives to Cl2 in Municipal Water Purification

NBCHC060059 0423002
(FY04.2 Phase II)
On-Site Generation - The Safe, Effective, and Low Cost Disinfection Strategy

MIOX Corporation
5500 Midway Park Place NE
Albuquerque, NM 87109-5800


The objective of the research presented in this Phase II proposal is to extend and understand the success of the Phase I work and to conduct the work plans developed in the Phase I activities. The primary objective of this research is to develop answers that will remove barriers to implementation of on-site generation technology as a replacement for chlorine gas, and to provide scientific answers that will help implement application of on-site generated mixed-oxidants to a wider variety of water treatment applications. The four areas of research will be Cryptosporidium parvum inactivation, oxidant speciation, electrolytic cell coating optimization, and biofilm removal.

Improved and Innovative Cooling Garments for Emergency Responders

D06PC75391 (formerly NBCHC060012) 0422008
(FY04.2 Phase II)
Modular, lightweight microclimate cooling system

NanoPore Incorporated
2501 Alamo SE
Albuquerque, NM 87106-3220


The availability of a lightweight microclimate cooling system will dramatically improve performance and comfort for first-responders operating in HAZMAT environments. In this project, we will continue the development, testing and demonstration of adsorption-based microclimate cooling systems which can be configured for a range of first-responder mission profiles. The cooling system can provide 150 watts of cooling for a minimum of one hour and have a weight of 4-5 pounds. Cooling can be provided as either recirculating chilled water or dry air through a vest worn by the user.


NBCHC070016 0522001
(FY05.2 Phase II)
Hardware Assisted Security Platform

Kennen Technologies, LLC
209 Dartmouth Drive SE
Albuquerque, NM 87102-2219


Hardware Assisted Security Platform - HASP Brief Technical Abstract of Project The HASP (Hardware Assisted Security Platform) is a multi-purpose high-performance low-cost security engine that can enable significant improvement and innovation in a large variety of current and future security applications. HASP value comes principally from five features: - It can control host access to the network connection -- meaning it can selectively prevent the host from receiving and sending information through the network -- enabling a higher level of security assurance. - It can be impervious to data stream content -- meaning it cannot be compromised by data-stream born attacks, such as buffer overflow -- enabling a higher level of security assurance. - It can accomplish arbitrarily complex signature detection with no effect on pattern detection time -- which means added detection complexity can be employed to reduce false positives and false negatives, to detect increasingly sophisticated attack signatures, to verify the integrity of entire blocks of host code, and to enable new protective and preventive measures -- enabling a higher level of security assurance. - It has a fully scalable and general-purpose pattern detection architecture that can keep pace with increasing stream-speed and pattern-capacity needs -- meaning it can provide a compatible forward migration over time -- reducing the cost of application upgrade and migration and provide more affordable security. - It can be implemented as a stand-alone ASIC/SoC (e.g., on a desktop/server NIC board) or integrated inside the host`s network-interface SoC (e.g., in a laptop/mobile LOM device) -- which means very low cost (under $20 retail possible) , with no trade off in speed or detection-pattern capacity -- providing compelling high-performance security and become ubiquitous in both stationary and mobile computing resources. Certain realities of the current situation shape both the commercialization-enabling activity during Phase 2 and the post-Phase 2 commercialization strategy: - HASP provides a new pattern-detection processor architecture that requires rethinking and reformulation of traditional pattern-detection approaches, and enables new detection approaches impractical with existing processors. Therefore application prototyping that learns how to employ these new capabilities should be instigated and enabled by this Phase 2 project as early as possible. - HASP provides a general-purpose security platform that can facilitate a wide range of end-point security applications such as IDS, IPS, firewall, anti-malware, information leakage prevention, root-kit detection, web-access attacks , and SCADA-controlled equipment protection. Therefore a variety of security application prototyping activities should be instigated and enabled as early as possible. - Lead times for ASIC/SoC devices are in the neighborhood of 18 months. The Phase 2 project will create a development platform for applications that will want to take advantage of ASIC/SoC costs as FPGA costs are generally too high for an affordable end-point HASP Therefore, ASIC/SoC development and commercialization channels must be engaged as early as possible during Phase 2. - Snort is a highly utilized open-source IDS system that benefits from a broad-based collaborative open community actively identifying new-intrusions, and then crafting and disseminating Snort-compatible detection-signatures. HASP can host an improved performance Snort processor for existing signatures, while opening the door to a new class of signatures that takes advantage of the USee complex-pattern capabilities. Therefore work during Phase 2 that guides and engages the Snort community in HASP application and signature development should be instigated and enabled as early as possible. - The DETER laboratory is an effort "to create, maintain, and support a collaborative and vendor-neutral experimental environment for cyber-security research. It is intended to provide a center for interchange and collaboration among security researchers and testbed builders." The nature of the new capabilities offered by HASP should appeal to DETER`s research community and result in innovative applications. Therefore, enabling access to HASP prototypes through the DETER lab should accomplished as early as possible during Phase 2. Proof is in the pudding -- so application must be prototyped during this Phase 2 project that show superior capability. - Get multiple security application suppliers developing prototype applications as early in the project as possible -- on an FPGA-based prototype-development board. - Get a broad variety of multiple application started in prototype, such as IDS/IPS, firewall, extrusion prevention, possession detection, Internet access/content control, etc. Work with established security majors: eg, Cisco, McAfee, and Symantec. They have update and support services in place, market presence, and leading edge performance problems to solve. Microsoft is a new entry in the security application space and a prime candidate to pursue as well -- because of their dominance in related markets and their need to find an entry edge. Seek and engage established NIC/LOM suppliers (eg, Broadcom, Intel). The goal is to have NIC/LOM suppliers include an ASIC/SoC HASP as part of their offering. The strategy relies on their interests in finding new non-commodity-product values, and leverages the natural fit with HASP and the trends toward integrated security functions. The network connection device/card is both the most natural location as well as the most affordable location for HASP capability to reside. This eliminates duplication of network interfacing and traffic normalization, and offers the potential for co-location inside the same SoC chip. NIC/LOM suppliers are already moving into the security application space, and should find the HASP concept both a natural extension of current business strategy and an opportunity to rise above commodity-product status. Also seek and engage ASIC/SOC and multi-core processor suppliers: eg, Intel, AMD, IBM. Though multi-core generally means duplicate general purpose processors, these suppliers also employ "IP core" with special functionality in their multi-core processor chips. The ultimate objective is a multi-purpose security processor integrated with the network interface and populated by applications from a variety of security application vendors. This project lays the foundation for that eventuality by building a functional prototype, engaging application developers, and engaging ASIC/SoC commercialization channels. The project focuses on four goals: 1. Prototyping a HASP implementation on an OTS (off the shelf) FPGA board that paves the way for a production ASIC/SoC implementation. 2. Prototyping a functional application development capability for security applications. 3. Engaging five security application developers in using beta versions of 1 and 2. 4. Engaging ASIC/SoC developers in HASP-device commercialization preparation. 5. Engaging NIC/LOM suppliers in HASP-device commercialization preparation.