Topic Information Award/Contract Number Proposal Information Company Performance

Bulk Currency Vapor Detection in Confined Spaces

D14PC00159 HSHQDC-13-R-00032-H-SB013.2-001-0005-II
(HSHQDC-13-R-00032 Phase II)
Bulk Currency Vapor detection in Confined Spaces

Nevada Nanotech Systems, Inc.
1315 Greg Street
Suite 103
Sparks, NV 89431-6091


The proposed goal of Nevada Nanotech Systems Inc for the Phase II program is to adapt a commercially available gas chromatograph-mass spectrometer instrument for the problem of detecting U.S. currency via unique vapor signature in confined spaces and then field test three prototype units, operated by government personnel, during a 6-month field test. After this test, we will provide detailed documentation of the performance. The anticipated results for Phase II are: 1)Fabrication of at least three prototype systems for full evaluation. 2)Development and implementation of adapted sample collection, data analysis and user interface hardware and software. 3)Initial field-simulation evaluation of the prototypes in a laboratory setting. 4)The enabling and support of a 1-week initial field trial at a border checkpoint with government personnel operating the system. 5) Modification, as necessary, of the prototype systems based on performance data and information gathered during the 1-week initial trial. 6)The enabling and support of a 6-month evaluation of these systems in the field with government personnel operating the system. 7) Completion of a comprehensive assessment of the system's performance, including changes to the Con-Ops, instrument performance (capabilities and shortfalls), recommended changes to the instrument, and recommendations for the revalidation/ qualifications testing if changes are required.

Software Based Roots of Trust for Enhanced Mobile Device Security

D14PC00178 HSHQDC-13-R-00032-H-SB013.2-002-0009-II
(HSHQDC-13-R-00032 Phase II)
Software-based Dynamic Mobile Trusted Module (SW-dMTM)

BlueRISC, Inc.
28 Dana St
Amherst, MA 01002-0000


The proposed SW-dMTM mobile security solution is lean and fully-software-based. The goal is to provide the required Roots of Trust (RoTs) and trusted security services via a fully software implementation while maintaining the heightened level of assurance typically only achieved through additional, security-centric hardware. This will be achieved by building a solution that is not only compatible with the Trusted Computing Group's (TCG) MTM mobile device security specification but also by supporting government use cases and providing additional dynamic trust verification. The solution has the following key benefits: (i) a cumulative chain of trust via a secure boot methodology, (ii) dynamic RoTs through the runtime verification and persistence achieved by stealth Trusted Agents, (iii) MTM trusted services and extensions. In addition to trusted services they provide the foundation for both static and dynamic data and application protection and attestation. The Phase I effort was successful in proving feasibility of key components through a proof-of-concept demonstration. The expected result of a Phase II proposal is a prototype that could be piloted by DHS. The TRL at the start of the Phase I effort was 2. This was brought to a level 4 through the completion of a proof-of-concept demonstration during Phase I. The expected TRL upon completion of the Phase II effort is 6. A Phase IIB/Cost Match opportunity would increase the TRL to 8 or 9.

Software Based Roots of Trust for Enhanced Mobile Device Security

D14PC00179 HSHQDC-13-R-00032-H-SB013.2-002-0016-II
(HSHQDC-13-R-00032 Phase II)
Practical Roots of Trust for Mobile Devices

Galois, Inc.
421 SW Sixth Avenue
Suite 300
Portland, OR 97204-1662


To meet the critical security needs of the Department of Homeland Security and others, we propose two methods for providing a secure root of trust for mobile devices. One method is designed to integrate as easily into existing systems, while the other requires deeper integration but provides correspondingly stronger security. The keys to our work are practicality and integration: practicality to ensure our system applies to current and near-term mobile devices, and integration to allow for a smooth transition path to mobile device manufacturers. In the proposal we describe not only the technical path to implementation for these two approaches, but also the business, legal, and political steps required to bring root of trust technology to market. Once in place, root of trust technology can be used as a strong basis for implementing other key mobile security solutions, such as secure data at rest, secure data in transit, secure authentication, and mobile device management.

Software Based Roots of Trust for Enhanced Mobile Device Security

D14PC00177 HSHQDC-13-R-00032-H-SB013.2-002-0025-II
(HSHQDC-13-R-00032 Phase II)
Physical Unclonable Functions for Mobile Device Roots of Trust

10010 San Pedro
Suite 510
San Antonio, TX 78216-3847


Beginning with the release of the iPhone in 2007 and continuing with the increasing popularity of tablet computers, there has been an ever increasing desire to connect "unsecure" mobile devices to secure enterprise networks. Although several pieces of technology exist to meet this need, these devices lack a firm foundation upon which to build trust and security. This paper proposes development of Roots-of-Trust for mobile devices using Physical Unclonable Functions (PUF) and the ARM TrustZone trusted execution environment. Using these two basic technologies we propose building a Root of Trust for Storage (RTS), a Root of Trust for Integrity (RTI) and a Root of Trust for Verification (RTV). We will implement this capability on a selected mobile device platform without hardware modification. Because of the use of a PUF, our technology will make it nearly impossible to steal or clone a device's credentials. The new roost of trust will be used to implement a sample application that performs strong data-at-rest encryption and will make it impossible to decrypt the sample data if it is moved to a new device, or if the device's software is tampered with.

Lost Person Locator for First Responders

D14PC00153 HSHQDC-13-R-00032-H-SB013.2-003-0013-II
(HSHQDC-13-R-00032 Phase II)
Search and Rescue Initial Response Tools

dbS Productions LLC
1808 Rugby Pl
Charlottesville, VA 22903-1625


This proposal will result in innovative and life-saving software enabling first responders to easily see a heat map showing the probability of area for the missing person. Sending teams to the right area saves lives, resources, and time. New research into geographic models of subject behavior, detectability (effective sweep width), and search speed will for the first time provide planners with good estimates of search effectiveness (Probability of Success Rate). Using that information, an initial response tasking algorithm will map exactly where search teams should be tasked. Color coding will also show the relative priority of tasks. This will allow the power of formal search theory to be placed into the hands of initial responders with little to no formal training. The PI brings over 30 years of SAR field experience and over 20 years of SAR research experience to the problem including the creation of ISRID. At the start the TRL is 3 and at the end of Phase II we estimate 6-7. The research and development will allow a full suite of products to be developed. From durable plastic job aids, Lost Person Behavior smartphone apps, Survival apps, paper and e-book field guides, training courses, further enhancement to the International Search & Rescue Incident Database (ISRID), data collection tools, and a database of SAR agencies to software aimed at the initial SAR response (FIND), we are in a unique position to commercialize the effort, as SAR is our primary market since 1991.

Commodity Goods Counterfeit Detection

D14PC00160 HSHQDC-13-R-00032-H-SB013.2-005-0007-II
(HSHQDC-13-R-00032 Phase II)
Detection of Counterfeit Commodity Goods

35 Hartwell Avenue
Lexington, MA 02421-3102


In the Phase I program, TIAX LLC developed a detection methodology that was able to measure significant differences between pairs of counterfeit and authentic products in four different product categories. Establishing the proof-of-concept of this technique creates the potential for a new detection methodology that can be utilized at a port of entry by U.S. Customs and Border Protection (CBP) to identify shipments of counterfeit goods. The objective of the Phase II program is to further develop and optimize the detection methodology developed in the Phase I program. In the Phase II program, we will develop a prototype detection system and demonstrate it under field conditions in a U.S. port of entry. When fully developed, the methodology will allow for the rapid and accurate screening of closed containers for counterfeit products. It will be designed to work outdoors in a port environment in extreme weather conditions. The TIAX methodology will use instruments that are rugged, mobile and can be operated by personnel with minimal scientific training.