SBIR-STTR Award

Current Navy Cybersecurity solutions often employ complicated or unique interfaces to use and manage the various capabilities. They also typically require frequent updates to maintain their effectiveness against threats. This poses serious problems for the fleet when any update to a cybersecurity tool requires integration, testing, and redelivery of the combat systems Operating System and software applications. Additionally, once that redelivery process completes it still requires an availability window on every ship of sufficient duration to support an upgrade or reinstall of the combat system. We intend to design an open and modular framework that will enable rapid updates by removing that tail-end redelivery of the combat system. As new threats are identified and new rulesets and definitions are released for existing tools, we will be able to update the configuration of the combat system servers directly from the cybersecurity framework. This framework will enable faster and easier deployment of new cybersecurity tools including those developed by third parties. It will provide the ability to select a subset of tools from a larger superset of available cybersecurity clients, making surface cybersecurity software deliveries universally applicable as well as customizable.

Benefit:
The slowest and most expensive piece of maintaining up to date cybersecurity protections is the iterative cycle of integration, test, and redelivery by combat systems. Removing that tail end of the update cycle and handling all upgrades and updates at the centralized cybersecurity server will provide a huge cost reduction for the fleet. The creation of an open cybersecurity framework will help to reduce vendor-lock and enable rapid deployment of new capabilities regardless of the developer. This framework can easily be incorporated into other deployments of CSTK throughout the NAVY and would be applicable to any DoD installation with limited windows for software updates.

Keywords:
Tactical, Tactical, Modular, cybersecurity, open, Updateable, Framework, Combat, extensible

Progeny is prototyping several components of a more extensible Cybersecurity System with a focus on modularity and updatability. The first is a self-updating Cybersecurity client that will enable faster updates as well as deployment of new Cybersecurity capabilities to the platform without the need for the Combat System to integrate, redeliver, and install. The second component in our design is a Modular Cybersecurity Installer that allows for custom deployments of a subset of tools from a larger superset of available options. Current Cybersecurity installations deliver a static set of capabilities based on ship type, hull number, etc. More flexibility can be provided by allowing the installer to choose the precise set of tools desired for that deployment. The final component is intended to address the issue of proprietary messaging between the end-point tools/sensors and the management software necessary to control and collect results from them. Any time a new tool or client is to be integrated, either new messages are added to the existing framework or existing messaging requires updates. Progeny is working to create a messaging framework that is static and tool independent.

Benefit:
The proposed architecture is intended to apply solutions associated with deploying new and updating existing Cybersecurity capabilities: 1) Reducing the time and cost required for Cybersecurity capabilities to get deployed in the fleet, and 2) Simplifying the many complicated and unique interfaces, as well as their provisioning, use, and management.

Keywords:
combat systems, Cybersecurity framework, cybersecurity, Cybersecurity Challenges, Defense-In-Depth approach, Vendor-lock