SBIR-STTR Award

Integrity and Authentication of Real-Time Data in Navy Combat Systems
Award last edited on: 11/12/2018

Sponsored Program
SBIR
Awarding Agency
DOD : Navy
Total Award Amount
$1,099,937
Award Phase
2
Solicitation Topic Code
N102-156
Principal Investigator
Gerardo Pardo-Castellote

Company Information

Real-Time Innovations Inc (AKA: RTI)

232 East Java Drive
Sunnyvale, CA 94089
   (408) 990-7400
   info@rti.com
   www.rti.com
Location: Multiple
Congr. District: 17
County: Santa Clara

Phase I

Contract Number: N00167-11-P-0011
Start Date: 10/14/2010    Completed: 4/14/2011
Phase I year
2011
Phase I Amount
$149,406
Real-Time Innovations (RTI) proposes a set of Information Assurance extensions to the DDS standard and the RTI product that provide the necessary support for Authentication, Access Control, Confidentiality, Integrity, and Non-repudiation for all the real-time data sent over DDS. Our approach will enforce Mandatory Access Control (MAC) on all applications that join a DDS Global Data-Space, requiring them to be authenticated and have the necessary credentials. Beyond access to the DDS Global Data Space, our approach will provide fine-grain Role-Based (or more generally, policy-based) Access Control (RBAC) to specific DDS Topics and even to specific fields within DDS Topics. It will ensure confidentiality of the information (via encryption), integrity, pedigree, and non-repudiation (via digital signatures). Finally, we are proposing key innovations in the area of publish-subscribe one-to-many (multicast) distribution of encrypted information; these innovations will be critical to maintain the real-time QoS in the distribution of information to multiple subscribers. The proposed Security Architecture will be configurable via newly added QoS polices, while remaining open and extensible via plug-in 0x9D APIs so that Navy or Navy Primes can integrate with pre-existing Identity Management Mechanisms, Access Control Policy repositories, or cryptographic libraries which might be program or project specific.

Benefit:
We expect all of the proposed work done for this SBIR effort will have broad applicability to both commercial and government sectors. Over 300 Aerospace and Defense programs have adopted our DDS technology in the last 3 years; we expect more than half of these users will be interested in the Security Extensions. We have interest in this SBIR from multiple Prime contractors, including some of the largest and most important PEO IWS system integrators. Their letters of support, attached to this prosasal, outline the information assurance/security benefits they see resulting from this effort. The developed technology will have broad impact on distributed computing infrastructure software where it is important to establish fine-grained trust between data producer and data consumer. This includes the banking, securities, telecommunications, power, medical and transportation industries.

Keywords:
DDS, DDS, Data Distribution Service, Information Assurance, provenance, authentication, security, real-time, integrity

Phase II

Contract Number: N00024-12-C-4140
Start Date: 3/5/2012    Completed: 3/5/2014
Phase II year
2012
Phase II Amount
$950,531
Following Navy Objective Architecture and NESI guidance, most US Navy Surface Combat Systems are integrated using real-time publish-subscribe middleware based on the OMG Data Distribution Service specification (DDS). In order to harden the DDS framework, Real-Time Innovations (RTI) designed a set of Information Assurance extensions to the DDS standard and RTI product with necessary support for Authentication, Access Control, Confidentiality, Integrity, Non-repudiation, Data Tagging, and Auditing. We began the process at OMG to develop a Security addition to DDS, successfully issuing an RFP. RTI prototyped the main aspects of the system: plug-in interfaces, authentication, access control and encryption. In Phase II, RTI will implement the secure plug-in interfaces in its DDS product, and build a plug-in solution for each Information Assurance capability. The RTI solution will integrate the technologies typically used in Navy programs and will allow the Navy and Navy Primes integrate with program-specific security mechanisms.

Benefit:
We expect the work done for this proposed SBIR effort will have broad applicability to both commercial and government sectors. Over 300 Aerospace and Defense programs have adopted our DDS technology in the last 3 years; we expect more than half of these users will be interested in the Security Extensions. We have interest in this SBIR from multiple Prime contractors, including some of the largest and most important PEO IWS system integrators. The information assurance/security benefits they see resulting from this effort include having, for the first time, a data-centric international secure DDS standard, a secure DDS data model, and a secure DDS product which they can incorporate into their existing combat systems. Because the solution is minimally intrusive, the solution will not require they re-architect their existing networks to accommodate the new security features. The developed technology will have broad impact on distributed computing infrastructure software where it is important to establish fine-grained trust between data producer and data consumer. This includes the banking, securities, telecommunications, power, medical and transportation industries.

Keywords:
data pedigree, Information Assurance, publish-subscribe security, data integrity, data-tagging and labeling, data distribution service security, secure multicast, authentication