SBIR-STTR Award

Direct to Phase II

Cyber threats facing Aircraft Systems and related DoD advanced information technology systems requires cyber infrastructure matching their enormity and complexity, accompanied by Risk Assessment capabilities for understanding intricate hostile attack options, assessing vulnerabilities and facilitating decision-making. This decision making capability should include those related to investment into appropriate security controls. Currently, understanding, assessing and managing risks of such systems in cyberspace is a very costly and challenging task that requires the expertise of seasoned security professionals, a scarce resource. Due to these challenges, majority of current assessment practices are mostly ad hoc, relatively informal and subjective. As a result, assessments are riddled with inaccuracies and do not justifiably represent the true nature of the system risks and vulnerabilities. Consequently, risk analysis and risk mitigation of interdependent elements of these systems are too often done in isolation, making these systems vulnerable to multi-stage cyber-attacks, with the potential to wreak havoc on government and/or military missions. To address these challenges, a comprehensive, systematic and technology supported Risk Assessment process is required - one that is structured, one that is meticulously systematic in understanding risks and designing security mechanisms, one that is supported by effective, sustainable and affordable automated solutions. Additionally, this technology should be supported by state of the art tools, such as hardware mediators, to probe and analyze these systems.