alert image
  • The DHS S&T SBIR Portal website will be undergoing scheduled maintenance and will not be available on the following dates and times:
    • 11:00 PM Saturday, April 27, 2019 EDT - 06:00 AM, Sunday, April 28, 2019 EDT
    We apologize for any inconvenience. If you need assistance, please contact the help desk at dhssbir@reisystems.com.

Abstracts of HSHQDC-16-R-00012 Phase II Awards
Back to Award List

H-SB016.1-001

Company

MCQ INC.
1551 Forbes St.
Fredericksburg, VA 22405-1603

Proposal Information HSHQDC-16-R-00012-H-SB016.1-001-0013-II - MEGASCOP: Multi Interface Secure Audio/Video Rebroadcasting (SAVR) System
Topic Information H-SB016.1-001 - Security Systems Video/Audio Interoperability Device
Award/Contract Number HSHQDC- 17-C-00012
Abstract

Through this SBIR, a system will be developed to enable authorized users to access video and audio from existing surveillance systems, and rebroadcast the video/audio signals for use by authorized users such as first responders. McQ will leverage its extensive camera interface, video compression, cryptography, and product development experience to both perform the appropriate tradeoffs in designing the system and to successfully build and test a prototype system. Interoperability is a critical feature of the system to allow the system to operate on a variety of closed circuit and networked camera systems; each with different physical interfaces, communication standards, and architectures. McQ's plug-and-play camera interface experience developed through developing its vWatch product, and its extensive networking and communications experience based on over a decade of developing video streaming products, will be efficiently utilized. During Phase I, a detailed analysis was performed to identify the dominant camera interface standards which encompass the largest variety of existing surveillance camera products; and a complete system design was developed to discover, interface with, and stream video from these devices. During Phase II, a prototype multi interface secure AV rebroadcasting system will be built and tested. The necessary hardware and software will be implemented to achieve the goals of the program. The technologies derived from Phase II development can be used to improve the ease of use of remote camera systems and allow operators to dynamically manage their video consumption, resulting in reduced costs of streaming video.

Back to top

H-SB016.1-002

Company

Digital Bazaar, Inc.
203 Roanoke St W.
Blacksburg, VA 24060-7419

Proposal Information HSHQDC-16-R-00012-H-SB016.1-002-0026-II - Verifiable Claims and Fit-for-Purpose Decentralized Ledgers
Topic Information H-SB016.1-002 - Applicability of Blockchain Technology to Privacy Respecting Identity Management
Award/Contract Number HSHQDC-17-C-00019
Abstract

Blockchain technology shows promise when applied to identity management ecosystems. However, current blockchain technology stacks have been designed and optimized such that they are tightly coupled to a specific application area. More often than not, they focus on the transfer of financial value, not identity management. If ledger technology is going to be used to solve a wide variety of problems, a more generalized, modular design for producing many different ledgers may be a better alternative to trying to solve many problems using the same ledger instance, such as Bitcoin. Digital Bazaar therefore proposes to build a blockchain technology stack that is capable of producing many instances of "fit for purpose" decentralized ledgers. During Phase I, Digital Bazaar created a proof-of-concept for a generalized, configurable ledger technology stack from which many different ledgers can be instantiated, each narrowly-tailored for their own use case, while using a common, extensible core data model. In Phase II, Digital Bazaar intends to build upon the results of Phase I by creating a core commercial ledger product and additional technology to support three identity management use cases: Privacy-enhanced Credential Revocation, Privacy-aware Checkpoint Tracking, and Publishing Public Credentials for Status Checking. Digital Bazaar has successfully acquired and included letters of interest from multiple organizations that have demonstrated their commitment to running pilot programs in these areas for Phase II. The result of these pilot programs should be a commercial product with an initial set of customers.

Company

Evernym Inc.
13816 Carnoustie Ct.
Herriman, UT 84096-

Proposal Information HSHQDC-16-R-00012-H-SB016.1-002-0029-II - Decentralized Key Management using Blockchain
Topic Information H-SB016.1-002 - Applicability of Blockchain Technology to Privacy Respecting Identity Management
Award/Contract Number HSHQDC-17-C-00018
Abstract

The purpose of this SBIR Proposal is to conduct the research needed to enable blockchain technology to serve as serve as a decentralized foundation for privacy-respecting identity management. In this phase, Evernym will research and develop a decentralized key management system (DKMS) based on the DID (Decentralized Identifier) specification developed in Phase I. The DID specification has already been embraced by the leading developers of blockchain identity solutions and is currently being implemented for Bitcoin, Ethereum, and Sovrin. The combination of DIDs for identity and DKMS for public key discovery and verification will enable a decentralized identity management (DIDM) infrastructure that will empower people and organizations to securely and confidentially manage and assert their identities. Open standards and established industry protocols will permit identity owners to selectively disclose identity claims and manage their privacy and digital relationships. Evernym's thesis is that the combination of DIDs, DKMS, and DIDM architecture, using public and/or private blockchains as "trust anchors", can meet traditional information security principles of confidentiality, integrity, availability, non-repudiation and provenance as well as privacy-by-design principles of user control, selective disclosure of information, and pseudonymity. This proposal presents the basic research challenges that need to be accomplished to adapt traditional PKI technologies to blockchains, simplifying both identity management and key management for individuals and institutions while at the same time enhancing both security and privacy. Our proposed effort and deliverables will enable the development and release of commercial products in Phase III for Homeland Security Enterprise applications and enterprise customers.

Back to top

H-SB016.1-003

Company

BlueRISC, Inc.
28 Dana St
Amherst, MA 01002-0000

Proposal Information HSHQDC-16-R-00012-H-SB016.1-003-0004-II - Cyber Attack Prediction for Situational Understanding and Preemptive Cyber Defense
Topic Information H-SB016.1-003 - Malware Prediction for Situational Understanding and Preemptive Cyber Defense
Award/Contract Number HSHQDC-17-C-00008
Abstract

BlueRISC's proposed solution provides a fundamentally new approach to predicting the presence of malware in a network based on a novel graph-theoretical framework. Unlike traditional approaches that are reactive, it builds on a predictive capability that is flexible, adaptive, and is not relying on signatures or strict rule based malware definitions. The approach captures system motion as a predictive surrogate for malicious activity. This occurs based a concise graph-based forensics representation of a system's state and associated space-time correlation algorithms which use graph theory.

Company

Red Balloon Security
336 West 37th Street Suite 1024
New York, NY 10018-4592

Proposal Information HSHQDC-16-R-00012-H-SB016.1-003-0020-II - Hybrid Prediction for Embedded Malware
Topic Information H-SB016.1-003 - Malware Prediction for Situational Understanding and Preemptive Cyber Defense
Award/Contract Number HSHQDC-17-C-00007
Abstract

Predicting malware trends and designing defenses to defeat the next generation of malware is difficult but necessary in order to significantly increase the cost to attackers of developing malware and executing successful attacks. Without such malware trend predictions, we will continually be defending against yesterday's attacks and will remain unprepared for new threats. Embedded devices are becoming the next target for attackers as traditional workstations and servers become more secure. We will create a hybrid approach toward embedded device malware trend prediction. Our approach targets both long-term malware trend prediction utilizing attack graphs and short-term approaches monitoring malware and capturing forensic data to provide real-time predictions. A hybrid of short-term and long-term approaches offers many benefits. Captured samples would confirm or better inform the long-term predictions of what evasions and attack paths malware uses. Long-term predictions would enable advanced defenses to be prepared to capture malware samples. Our hybridized predictive malware trending scheme will significantly increase situational awareness into both short-term and long-term attack trends. Furthermore, our output will enhance embedded attack incidence response capabilities at an enterprise level and predict future attack trends at both tactical and strategic time scales.

Company

ZeroPoint Dynamics, LLC
130 Hamilton Hedge Pl
Cary, NC 27519-9144

Proposal Information HSHQDC-16-R-00012-H-SB016.1-003-0021-II - InnerAwareness: Preemptive Cyber Defense and Situational Understanding Through Memory-Oriented Cyber Genomics and Physiology
Topic Information H-SB016.1-003 - Malware Prediction for Situational Understanding and Preemptive Cyber Defense
Award/Contract Number HSHQDC-17-C-00044
Abstract

Motivated by a real operational need to tackle threats posed by the onslaught of constantly evolving exploits and malware, this proposal describes techniques for dynamically analyzing malware that addresses weaknesses in the status quo by (i) focusing on memory-oriented artifacts without the use of traditional sandbox hooks, while at the same time (ii) providing operators with enhanced situational understanding and preemptive malware and exploit defenses. Specifically, we will explore the design and implementation of novel memory-oriented techniques for conducting automated analysis of malware binaries (i.e. so called cyber-physiology techniques) to not only assist analysts in understanding the their function and intent, but also produce a novel set of outputs (i.e. artifacts, behaviors, code constructs) that, combined, concisely represent human understandable malware and exploit fingerprints. Second, we will design and implement so called cyber-genomics techniques for both individually using and collating a multitude of these malware fingerprints over time to not only aid in determining their identity, lineage, and provenance, but also identify trends in fingerprint components to pinpoint key distinguishing characteristics of malware that are likely to be utilized in future waves of attack.

Back to top

H-SB016.1-004

Company

Oceanit Laboratories, Inc.
828 Fort Street Mall #600
Honolulu, HI 96813-4314

Proposal Information HSHQDC-16-R-00012-H-SB016.1-004-0018-II - FIND (First responder INdoor Determination)
Topic Information H-SB016.1-004 - Autonomous Indoor Navigation and Tracking of First Responders
Award/Contract Number HSHQDC-17-C-00014
Abstract

Oceanit proposes to develop a wearable capability for autonomous indoor navigation and tracking of first responders indoors in various types of building structures.

Back to top

H-SB016.1-005

Company

Physical Optics Corporation
1845 West 205th Street
Torrance, CA 90501-1510

Proposal Information HSHQDC-16-R-00012-H-SB016.1-005-0018-II - Real-time Flood Forecasting and Reporting
Topic Information H-SB016.1-005 - Internet of Things (IoT) Low-Cost Flood Inundation Sensor
Award/Contract Number HSHQDC-17-C-00020
Abstract

To address the DHS need to rapidly predict, detect, and react to ever-changing flood conditions, Physical Optics Corporation (POC) proposes to develop a new Real-time Flood Forecasting and Reporting (RAFFAR) system based on a combination of commercial off-the-shelf (COTS) wireless networking technologies and existing proprietary POC sensors. The system will offer a means to deploy a scalable mesh network across a broad area that allows sensors to relay information through open data exchange standards to an operation center for monitoring of both flood conditions and heavy rain conditions that serve as predictors of floods. After collection, the information will be relayed to handheld devices through wireless emergency alerting. In Phase I, POC demonstrated the feasibility of RAFFAR by building and testing a preliminary prototype network and performing an analysis of a full-size network roll-out. At the end of the Phase I effort, the RAFFAR system reached TRL-6. In Phase II, POC plans to manufacture sufficient sensors to deploy a 100+ unit network for extensive outdoor testing. The successful completion of this project at the end of Phase III will benefit the nation in both government and commercial sectors by providing real-time disaster data so that first responders can react appropriately based on the best possible information. Commercial applications for this technology include applications in disaster prevention and recovery, manufacturing and equipment monitoring, and irrigation management.

Company

Progeny Systems Corporation
9500 Innovation Drive
Manassas, VA 20110-2210

Proposal Information HSHQDC-16-R-00012-H-SB016.1-005-0030-II - Internet of Things (IoT) Low-Cost Flood Inundation Sensor
Topic Information H-SB016.1-005 - Internet of Things (IoT) Low-Cost Flood Inundation Sensor
Award/Contract Number HSHQDC-17-C-00022
Abstract

Progeny Systems proposes to design and build 100 units of a deployable, low-cost flood inundation sensor for alerts, warnings and notifications to responders and citizens using Internet of Things (IoT) Wireless Emergency Alerts. The sensor will be ruggedized, modular, deployable, GPS-enabled, and submersible. The sensor will be part of a scalable wireless mesh sensor network. The sensor network will consist of an array of wireless sensor nodes that can measure ever-changing flood conditions and report them back to an operations center through a gateway node. The data from all the nodes in the network will be collected and analyzed at the operations center so as to rapidly predict, detect and react to inundation of low-lying areas, underpasses, and critical transportation corridors. This critical data will allow for federal, state and local governments to make real-time decisions pertaining to flood response.

Company

Evigia Systems, Inc.
3810 Varsity Drive
ANN ARBOR, MI 48108-2224

Proposal Information HSHQDC-16-R-00012-H-SB016.1-005-0038-II - Wide-Area Flood Alert Sensor Network
Topic Information H-SB016.1-005 - Internet of Things (IoT) Low-Cost Flood Inundation Sensor
Award/Contract Number HSHQDC-17-C-00021
Abstract

The proposed SBIR Phase II project continues the development of a highly-reliable, modular, and cost-effective wide-area flood sensor network system. The senor nodes operate on IEEE802.15.4 wireless physical layer, and an enhanced energy-efficient 6LoWPAN (IPv6 over Low power Wireless Personal Area Networks) open-standard mesh protocol. The sensor network operates for over 10 years in the field monitoring water-levels without requiring battery replacement. The proposed system addresses the present gap in cost-effectively monitoring and projecting water-levels and flooding, and generating early warnings in all terrains including urban and remote rugged areas.

Back to top

H-SB016.1-007

Company

InferLink Corporation
2361 Rosecrans Ave., Suite 348
El Segundo, CA 90245-2901

Proposal Information HSHQDC-16-R-00012-H-SB016.1-007-0008-II - OpenWatch: An Architecture for Scalable Resiliency Assessment
Topic Information H-SB016.1-007 - Real-Time Assessment of Resilience and Preparedness
Award/Contract Number HSHQDC-17-C-00015
Abstract

In this project, we propose to develop software that employs open source information to assess factors related to resilience. The goal is challenging because current technology does not scale well due to the heterogeneity of the problem. Specifically, the heterogeneity of the data, as well as the heterogeneity of the assessment process makes it time-consuming to develop extractors for harvesting relevant data, as well as to develop decision methods for performing resiliency/preparedness assessments. Our work in phase II will produce an end-to-end working system, called OpenWatch, that can use real-time, open-source data to assess resilience, and provide the results to end users. The system will make it simple and fast to aggregate data from multiple Web sources, and also assist in the development of sophisticated risk assessment models. The results of the project will include an open-source software system for risk assessment. In addition, we will use the system to develop applications that address important resiliency issues. This will include an application to a produce a neighborhood-level heat vulnerability index for cities throughout the United States, and an application for predicting CVSS scores based on cyber vulnerability announcements, which can be employed commercially.

Back to top

H-SB016.1-008

Company

Physical Optics Corporation
Electro-Optics Systems Division
1845 West 205th Street
Torrance, CA 90501-1510

Proposal Information HSHQDC-16-R-00012-H-SB016.1-008-0010-II - Real-time Information Contextual Correlation and Analysis Software System
Topic Information H-SB016.1-008 - Using Social Media to Support Timely and Targeted Emergency Response Actions
Award/Contract Number HSHQDC17C00016
Abstract

To address the DHS need for a new data analytics engine to correlate social media comments and activity with incident command data, Physical Optics Corporation (POC) proposes, in Phase II, to advance a new Real-time Information Contextual Correlation and Analysis (RICCA) software system proven feasible in Phase I. RICCA is based on unstructured data analysis and integration and event context modeling. Its advanced contextual analytics engine enables automated processing flow to retrieve social media data from multiple outlets (Facebook, Twitter, YouTube), extract environmental, social, meteorological, political, economic, and other factors relevant to an event of interest, correlate them in geo-space and time with data stored in a computer-aided-dispatch (CAD) system, and generate alerts for first responders and emergency/incident/crisis management. The innovation in unstructured data processing and integration and multi-resolution event context modeling can improve incident command's situational awareness and understanding. In Phase I, POC demonstrated the feasibility of RICCA by developing a set of operational scenarios, identifying the external factors in social media and operational incident data, developing core analytics modules, and implementing algorithms to measure performance and improvements. In Phase II, POC plans to mature the RICCA prototype and its correlation and analysis algorithms for the target scenario established in Phase I and support a pilot protocol by which a social media feed is correlated with operational incident data. Validation and trust algorithms will also be developed to support more timely and targeted response actions and allow for escalation preparedness.

Back to top

H-SB016.1-009

Company

BlockCypher
652 Sea Anchor Dr #2202
Redwood City, CA 94063-2894

Proposal Information HSHQDC-16-R-00012-H-SB016.1-009-0009-II - Blockchain Platform for Multiple Blockchains, Applications, and Analytics Phase II
Topic Information H-SB016.1-009 - Blockchain Applications for Homeland Security Analytics
Award/Contract Number HSHQDC-17-C-00011
Abstract

The purpose of this proposal is to continue work done in Phase I on a platform for multiple blockchains, applications, and the analysis of blockchain transactional data. BlockCypher has built a blockchain infrastructure that supports a multitude of applications, e.g., identify management, internet-of-things (IoT), notary, embeddable assets, predictive analytics, etc. - and runs both closed and open blockchains on the same infrastructure. BlockCypher's platform currently supports the ability to embed encrypted data on any blockchain, predict which transactions will be accepted, and hosts a multitude of security measures that can provide a significant value proposition for homeland security applications. BlockCypher also stores and handles larges amounts of public blockchain transaction data (multiple terabytes) in distributed and redundant data stores. In Phase I, we built a blockchain analytical framework and an Analytics API on top of our data store so we would see if any useful information and patterns could be extracted. Phase II will build upon the framework of Phase I and will dive deeper into broader-scale use cases for analytics (e.g. identity, law enforcement, compliance).

Back to top

H-SB016.1-010

Company

CardSmart Technologies
17 Normandy Court
Basking Ridge, NJ 07920-1905

Proposal Information HSHQDC-16-R-00012-H-SB016.1-010-0006-II - Composite Identity for High Assurance Remote Identity Proofing
Topic Information H-SB016.1-010 - Remote Identity Proofing Alternatives to Knowledge Based Authentication/Verification
Award/Contract Number HSHQDC-17-C-00017
Abstract

Remote identity proofing is the process of uniquely verifying an individual that is a party to an online transaction. The degree of difficulty is compounded when attempting to authenticate for the first time a previously unknown individual. This presents an enormous challenge to the secure delivery of online commerce and Government services. In Phase I CardSmart Technologies introduced the novel concept of a "Composite Identity Model" which is an identity enrichment process through which multiple identity verification methods are aggregated to exponentially strengthen the confidence and assurance level of the identity. Phase II will build on the momentum and enthusiasm generated by the functional prototype which demonstrated that the strategic combination of multiple non-KBV verification technologies will out perform any single technology. Additionally, the architecture embraces a flexible and decidedly vendor-agnostic approach that encourages state-of-the-art implementations, highly customizable to a specific client or industry, with a competitive pricing structure that greatly increases its commercial appeal. Targeted use cases include: compliance with KYC and AML mandates, C2C marketplaces, Government services and privileged identity management. The Phase II project plan is to: 1. Integrate third party verification services; finalize scoring with enhanced rules engine 2. Complete design and development; test and deliver production-ready version 3. Expand appeal with supporting Web services and APIs for easy integration with other systems; adapt commercial solution to meet DHS or other Government customer requirements 4. Package the solution and launch as a subscription service (includes flexible pricing, building brand awareness, promotion in trade channels)

Back to top
Back to Award List