alert image
  • The DHS S&T SBIR Portal website will be undergoing scheduled maintenance and will not be available on the following dates and times:
    • 11:00 PM Saturday, June 29, 2019 EDT - 06:00 AM, Sunday, June 30, 2019 EDT
    We apologize for any inconvenience. If you need assistance, please contact the help desk at dhssbir@reisystems.com.

Abstracts of DHS SBIR-2016.OATS Phase II Awards
Back to Award List

16.OATS-001

Company

Hypori Federal Incorporated
1420 Beverly Road
Suite 310
McLean, VA 22101-0310

Proposal Information DHS SBIR-2016.OATS-16.OATS-001-0001-II - Process Level Security for Mobile System Assurance
Topic Information 16.OATS-001 - Process Level Security for Mobile System Assurance
Award/Contract Number D16PC00129
Abstract

The Department of Homeland Security (DHS) Science and Technology Directorate Cyber Security Division has initiated the Mobile Technology Security Research & Development (R&D) program to focus on innovative security technologies needed to address the challenges impeding the adoption of mobile technology. To facilitate this need, Hypori will devise, produce, deploy and test a Virtual Mobile Infrastructure (VMI) solution. This solution will include new functionality supporting access control for Bluetooth peripheral devices. Additionally Hypori will produce an authentication scheme which will achieve Level of Assurance 3 or higher integrated with the DHS Identity management systems. This implementation will be cloud based and will be validated to achieve Federal Risk and Authorization Management Program (FedRAMP) compliance. Achieving FedRAMP compliance will significantly ease the implementation and adoption challenges which have faced previous mobile solutions in the US Federal government. The implementation will be tested as both an on-premise and off-premise solution (software as a service) in order to provide the greatest possible flexibility for future agency needs and implementation goals. Each of these options will be evaluated and reported independently in order to provide a clear picture of deployment options and capabilities. The commercial application for this technology is particularly visible in the financial and healthcare industries. As both highly regulated spaces, those companies will benefit greatly from the security enhancements and testing performed as a part of this research and development. Additionally, both industries are already moving to mobile applications which incorporate Bluetooth peripheral devices.

Back to top

16.OATS-002

Company

Michigan Engineering Services, LLC
2890 Carpenter Road, Suite 1900
Ann Arbor, MI 48108-1100

Proposal Information DHS SBIR-2016.OATS-16.OATS-002-0001-II - Development of Blast Event Simulation
Topic Information 16.OATS-002 - Development of Blast Event Simulation
Award/Contract Number HSHQDC-16-C-00091
Abstract

Similar to Army ground vehicle applications, there is a strong interest in being able to conduct vulnerability assessment for buildings and other infrastructure due to explosive threats. Buildings and facilities can be subjected to blast pressure loads and fragments from a threat positioned either outside the building or in its interior. The new developments will provide a simulation capability for computing the loads and the damage induced on buildings due to pressure waves and high velocity projectiles created by the detonation of an explosive. The areas which are shielded from the projectiles will also be identified as "safe" zones. BEST was originally developed and utilized for simulating the response of ground vehicles and its occupants to the loads from a buried explosive. It has been validated through comparison to test data and it has been used for increasing vehicle survivability. The new developments will enable utilizing BEST in building force protection applications. The new tool will be used for designing new buildings or retrofitting existing ones for increased blast worthiness. It will also be used for developing blast mitigation strategies that reduce the damage and increase the "safe" zones.

Back to top

16.OATS-003

Company

GrammaTech, Inc.
531 Esty Street
Ithaca, NY 14850-4201

Proposal Information DHS SBIR-2016.OATS-16.OATS-003-0001-II - Multi-Abstractions System Reasoning Infrastructure toward Achieving Adaptive Computing Systems
Topic Information 16.OATS-003 - Multi-Abstractions System Reasoning Infrastructure toward Achieving Adaptive Computing Systems
Award/Contract Number HSHQDC-16-C-00099
Abstract

Software is a critical part of modern infrastructure. The nation's industry and government bear significant costs due to cyber attacks that steal data or otherwise disrupt operations. Software-based systems are too complex to be protected by a single layer of defense such as a perimeter firewall. Instead, operators need layered defenses that detect, inhibit and even block attackers who breach the perimeter. GrammaTech proposes to develop a tool for protecting and monitoring systems subject to cyber attack. This tool uses a combination of binary rewriting and system-wide event tracking to both harden systems and detect sophisticated attacks. Once complete, it will allow Government and Industry users to detect and block cyber attacks that exploit software vulnerabilities not anticipated by the original software developers. The first key advance of this approach is that we use binary rewriting to insert protection and monitoring directly into programs that are vulnerable to attack. This gives us complete access to program state and behavior in contrast to other techniques that have limited access to what a program does. The second advance is a system-wide monitor that takes low level events and generates a picture of mission health. GrammaTech will draw on its significant technology and expertise in program analysis and security. GrammaTech has successfully transitioned many projects from research to market over its history. Its latest transition is CodeSonar, a bug-finding analysis tool that is used by government, prime defense contractors and others for software assurance.

Back to top

16.OATS-004

Company

METRONOME SOFTWARE, LLC
25241 PASEO DE ALICIA
STE 200
LAGUNA HILLS, CA 92653-4643

Proposal Information DHS SBIR-2016.OATS-16.OATS-004-0001-II - Cloud Based Secure Handhelds for Missions requiring Mobility
Topic Information 16.OATS-004 - Cloud Based Secure Handhelds for Missions requiring Mobility
Award/Contract Number HSHQDC-17-C-00013
Abstract

Mobile devices have become the predominant commercial and enterprise product for consumers to access the Internet, and these Internet of Things (IoT) devices and sensors are at risk from adversarial cyber attacks. DHS S&T's NGFR Apex program is currently using mobile, net-enabled sensors to connect their First Responders. Metronome Software proposes to utilize its eCLOAK (AFRL SBIR Phase II) technology, while also integrating Enterprise MDM products from its other team members, to develop the SENsor Secure Enterprise Infrastructure (SENSEI). SENSEI will provide the security overlay and device management system for NGFR. Using eCLOAK, sysadmins provision Android-based mobile devices to end-users, and system health checks are run on the device (they can be scheduled). The metrics gathered from the health checks are sent back to the server where they are analyzed against established policies that dictate a range of expected behavior. Should any device report an anomaly, the threat is weighed and action is taken. This provides a secure method of device and application attestation, authentication and integrity checks. Metronome's team members, MobileIron Inc. and KryptoWire LLC provide additional MDM and privacy analysis capabilities. Altogether, the proposed capabilities integrated into SENSEI and applied to NGFR will provide the Government the solution to defend its sensor network and other smart, net-enabled IoT devices in the future, such as: wearables, sensory aids, drones, municipal devices (such as cameras), and even transportation.

Back to top
Back to Award List