Back to news

May 13, 2020 | International, C4ISR, Security

DIU awards $45M contract for weapon systems cybersecurity

The Defense Innovation Unit awarded a $45 million to a Silicon Valley-based tech startup to perform cybersecurity testing on Defense Department weapon systems' applications, the company announced May 11.

The company, ForAllSecure, has been prototyping its cybersecurity testing platform, known as Mayhem, with DoD components for more than three years. DIU made the award on the five-year contract April 23, a ForAllSecure spokesperson said.

ForAllSecure is working with the Air Force 96th Cyberspace Test Group, the Air Force 90th Cyberspace Operations Squadron, the Naval Sea Systems Command (NAVSEA) and the U.S. Army Command, Control, Communication, Computers, Cyber, Intelligence, Surveillance and Reconnaissance Center (C5ISR).

The same DoD users have worked with ForAllSecure throughout the prototyping process for the company's platform, which finds bugs in applications and shows the user how they can be triggered. The platform will allow for a continuous testing for vulnerabilities in weapons systems.

“One of the problems that [the department] run[s] into is this idea that there's a point in time when you're done" with cybersecurity," said David Brumley, chief executive officer of ForAllSecure. "It all comes down to how quickly can you test and retest.”

In the last few years of prototyping, the company went through 10 iterations of Mayhem. One significant piece the company added to those iterations were cybersecurity tutorials for users.

ForAllSecure's work on Mayhem started before a troubling report from the Government Accountability Office that highlighted several cybersecurity challenges and shortfalls that the Defense Department's weapons systems faced in light of potential advanced cyberattacks.

“If you look at the GAO report, they simply weren't embedding cybersecurity testing in the process at all," Brumley said. “So this is adding this common sense measure and it's automating it.”

In 2016, the company's Mayhem platform won the Defense Advanced Research Projects Agency's Cyber Grand Challenge, an automated defensive cybersecurity competition. That victory came with a $2 million prize.

Since that victory, Brumley said that the company has run into a few unique challenges working with other DoD components, particularly around installing the platform.

“When DARPA has their contest, it really only has to work for the developers,” Brumley said. “When you go to a product, you have to go to an unknown site, you have to install. You have to repeatedly do that.”

https://www.fifthdomain.com/dod/2020/05/12/diu-awards-45m-contract-for-weapon-systems-cybersecurity/

On the same subject

  • Contract Awards by US Department of Defense - February 24, 2019

    February 25, 2020 | International, Aerospace, Naval, Land, C4ISR, Security

    Contract Awards by US Department of Defense - February 24, 2019

    NAVY The Boeing Co., St. Louis, Missouri, is awarded a $93,000,000 cost-plus-fixed-fee, firm-fixed-price indefinite-delivery/indefinite-quantity contract. This contract incorporates the next three planned configurations of the operator flight program/system configuration set into the Royal Australian Air Force F/A-18 F and EA-18G aircraft training systems. Additionally, this contract procures spares, support equipment, technical manual updates and on-site training. Work will be performed in St. Louis, Missouri (85%) and Amberley, Australia (15%) and is expected to be completed in February 2025. No funds will be obligated at the time of award. Funds will be obligated on individual orders as they are issued. This contract was not competitively procured pursuant to 10 U.S. Code 2304(c)(4). Naval Air Warfare Center Training Systems Division, Orlando, Florida, is the contracting activity (N61340-20-D-0003). Arwi JV LLC,* National City, California, is awarded an indefinite-delivery/indefinite-quantity contract with a maximum amount of $10,000,000 for roofing repair and maintenance at Naval Base Point Loma, California. Initial task order is awarded at $350,180 for re-roofing at Buildings 260 and 262. Included is the requirement to repair and maintain roof components that are incidental to the main roof structure, such as scupper drains, downspouts, gutters, as well as roof-mounted hardware that may require to be removed and reinstalled by reason of the primary roof repair requirements. Work for this task order is expected to be completed by June 2020. All work on this contract will be performed in San Diego, California. The term of the contract is not to exceed 60 months with an expected completion date of February 2025. Fiscal 2020 operations and maintenance, Navy (OMN) contract funds in the amount of $350,180 are obligated on this task order and will expire at the end of the current fiscal year. Future task orders will be primarily funded by OMN. This contract was competitively procured via the Navy Electronic Commerce Online website with four proposals received. The Naval Facilities Engineering Command, Southwest, San Diego, California, is the contracting activity (N62473-20-D-0041). Raytheon Co., Missile Systems, Tucson, Arizona, is awarded a $7,992,944 cost plus fixed-fee modification to previously awarded contract (N00024-17-C-5405) for design agent engineering and technical support services for the Phalanx Close-In Weapon System, SeaRAM, and Land-based Phalanx Weapon System. Only one responsible source and no other supplies or services will satisfy agency requirements. Phalanx Close-In Weapon System (CIWS) is a fast-reaction terminal defense against low and high-flying, high-speed maneuvering anti-ship missile threats that have penetrated all other defenses. CIWS is an integral element of the Fleet Defense In-Depth concept and the Ship Self-Defense Program. Operating either autonomously or integrated with a combat system, it is an automatic terminal defense weapon system designed to detect, track, engage and destroy anti-ship missile threats penetrating outer defense envelopes. Work will be performed in Tucson, Arizona, and is expected to be completed by January 2022. Fiscal 2020 weapon procurement (Navy) funding in the amount of $7,992,944 will be obligated at time of award and will not expire at the end of the current fiscal year. In accordance with 10 U.S. Code 2304(c)(1), this contract was not competitively procured. The Naval Sea Systems Command, Washington Navy Yard, District of Columbia, is the contracting activity. ARMY Griffon Aerospace Inc.,* Madison, Alabama, was awarded a $49,957,259 order-dependent contract to procure MQM-170 "Outlaw" Remotely Piloted Vehicle Targets, MQM-171 "Broadsword" Unmanned Aerial Systems - Targets, depot level repair and maintenance, storage of government furnished equipment, base operations services, field operations services, qualification training execution, and inventory and transfer support for targets management office and other Department of Defense customers. Bids were solicited via the internet with one received. Work locations and funding will be determined with each order, with an estimated completion date of Feb. 23, 2022. U.S. Army Contracting Command, Orlando, Florida, is the contracting activity (W900KK-20-D-0006). L-J Inc.,* Cayce, South Carolina, was awarded a $13,456,000 firm-fixed-price contract for furnishing plant, equipment, labor, transportation, fuel, lubricant, supplies and materials, and performing all operations in connection with raising dikes and berms, installation of geotextile, and installation of new spillway systems in Clouter Creek, Berkeley County, South Carolina. Bids were solicited via the internet with four received. Work locations and funding will be determined with each order, with an estimated completion date of June 18, 2021. U.S. Army Corps of Engineers, Charleston, South Carolina, is the contracting activity (W912HP-20-C-0001). *Small business https://www.defense.gov/Newsroom/Contracts/Contract/Article/2092565/source/GovDelivery/

  • How Army network modernization efforts ensure equipment works with allies

    August 6, 2020 | International, C4ISR

    How Army network modernization efforts ensure equipment works with allies

    Andrew Eversden A critical piece of the U.S. Army's network modernization push is ensuring its systems work with allies. In future battles, the Army will not fight alone; it will be joined by coalition partners, as well as other U.S. services. As the Army moves to improve its integrated tactical network, it must ensure that its network tools work with coalition and service partners The Army recently completed a critical design review of Capability Set '21 a set of new network tools that will be delivered to soldiers next year. The service is in the first phase of procuring the new capabilities. A “key factor” involved in delivery to soldiers at the battalion level and below is a move to a 75 percent “secure but unclassified” network that provides improved communication between coalition partners, said Col. Garth Winterle, project manager for tactical radios at the Army's Program Executive Office Command, Control, Communications-Tactical. “We're moving off of an all-secret network to one that's a lot more flexible and actually encourages coalition interoperability,” Winterle said. One opportunity to test interoperability was Defender Europe 2020, which was meant to be one of the largest European exercises involving both the U.S. Army and NATO allies, but had to be scaled down due to the coronavirus pandemic. Still, the Army was able to test interoperability There were a series of pre-Defender Europe exercises to assess capabilities “to inform future network design,” according to Justine Ruggio, director of communications for the Network Cross-Functional Team at Army Futures Command. These assessments included several pieces of Capability Set '21, including communications exercises and validation exercises with the Army's fielded Command Post Computing Environment software, Tactical Server Infrastructure and Commercial Coalition Equipment “to enable the use of the Mission Partner Environment, which allowed all participants to share classified information during the exercise, including the Polish and U.K.,” Ruggio said. During the pre-Defender Europe tests, “we were able to bridge the Polish and U.K. unit into an integrated command structure using our secret releasable network and create that common command-and-control picture,” Col. Lesley Kipling, the mission command lead and Army National Guard liaison officer to the Network CFT, said in an interview with C4ISRNET. Secret but releasable information is classified at the secret level and can be released to certain coalition partners who have sufficient clearance from their home country. An exercise scheduled for next year, called Warfighter 21-4, will allow for additional interoperability assessments with U.K. and French forces. According to Ruggio, one focus area will be on interoperability using the Network CFT's DevOps model to iterate the Command Post Computing Environment, continue to assess Commercial Coalition Equipment and evaluate the Mission Partner Environment. The event will be aligned with Capability Set '23, the next iteration of network tools. Kipling added that the cross-functional team and its partners are “continuing” to work on policies and training for properly connecting to a coalition network “so that it's not learning on the fly, but that these procedures and policies are codified in a way that they can be standardized and any user can execute whenever they're put in a situation,” she said. Brig. Gen. Joseph Papenfus, chief Information officer and deputy chief of staff of the G6 of U.S. Army Europe, said that the scaled-back nature of Defender Europe did affect network interoperability testing because soldiers were unable to come over from the United States. That means that U.S. Army Europe will focus heavily on European partners during the smaller exercises, Papenfus said, including validating network integration and establishing a secret but releasable network with NATO. “Every opportunity that we have to see how a piece of equipment works within the larger set of the network, we take advantage of that,” Ruggio said. https://www.c4isrnet.com/yahoo-syndication/2020/07/29/how-army-network-modernization-efforts-ensure-equipment-works-with-allies

  • Industry readies for key US Army Bradley replacement decision

    December 22, 2022 | International, Land

    Industry readies for key US Army Bradley replacement decision

    The five teams who competed in the previous phase of the Optionally Manned Fighting Vehicle are evolving to be ready for what's next in 2023.

All news