MODIFICATION
A -- Capabilities for Cyber Resiliency
- Notice Date
- 5/18/2016
- Notice Type
- Modification/Amendment
- NAICS
- 541712
— Research and Development in the Physical, Engineering, and Life Sciences (except Biotechnology)
- Contracting Office
- Department of the Air Force, Air Force Materiel Command, AFRL/RIK - Rome, 26 Electronic Parkway, Rome, New York, 13441-4514, United States
- ZIP Code
- 13441-4514
- Solicitation Number
- BAA-AFRL-RIK-2015-0016
- Point of Contact
- Gail E. Marsh, Phone: 315-330-7518
- E-Mail Address
-
Gail.Marsh@us.af.mil
(Gail.Marsh@us.af.mil)
- Small Business Set-Aside
- N/A
- Description
- Amendment 1 to BAA AFRL-RIK-2015-0016 - Capabilities for Cyber Resiliency The purpose of this amendment is to add some supplementary information to the Focus Area entitled "AUTONOMOUS DEFENSIVE CYBER OPERATIONS". No other changes are being made. _____________________________________________________________________________________ SUMMARY OF CHANGE: Section I - FUNDING OPPORTUNITY DESCRIPTION, first focus area entitled "FY16-FY18 SPECIFIC FOCUS AREA: AUTONOMOUS DEFENSIVE CYBER OPERATIONS" is supplemented as follows. This information is added at the end of this area's technical description prior to the point of contact information. Advances in the effectiveness of tools and technologies to detect and respond to attacks on operating systems have provided capabilities against many threat actors. While these operating system based defenses are effective against certain adversary tactic, techniques, and procedures (TTPs), this has driven persistent adversaries to research, develop, and employ capabilities that exploit vulnerabilities in Unified Extensible Firmware Interface (UEFI). Current tools for monitoring and preventing compromises on UEFI are typically applicable to a specific UEFI manufacturer, version, and/or configuration, do not actively monitor for attempted compromises, and are not adaptive to new and unknown attack types. This topic area is looking for concepts to monitor and prevent attempts to compromise UEFI that are applicable across many device types in both legacy and new systems. Concepts that would be effective in defending BIOS in addition to UEFI are of interest, but concepts that only consider BIOS are not. Identification or remediation of adversary activity is not expected to be signature based, but is expected to behave autonomously and adapt to new and unknown attacks. Specific concepts that are of interest to this topics area are those that: - Identify when other firmware (video card, NIC, USB controller) has been compromised or are under attack and autonomously apply remediation in order to prevent a successful attack from completing - Identify and remediate vulnerabilities that are either intentionally or unintentionally inserted into the system during develop and manufacturing processes - Identify and block remote or local attempts to remotely compromise BIOS/UEFI during system operation - Identify and block adversary attempts to exploit features within System Management Mode and Software Guard Extensions. Concepts would be expected: - For new systems, to be applied in a trusted setting when received from supply chain - For legacy systems, to be applied by local support personnel In either case, it is expected that normally trained client support personnel would be capable of applying the concept and that it would not require substantial, unique skills, experience, or education. This necessitates the requirement to autonomously adapt to new UEFI versions and configurations that may not have been previously considered, but does not require remote installation.
- Web Link
-
FBO.gov Permalink
(https://www.fbo.gov/spg/USAF/AFMC/AFRLRRS/BAA-AFRL-RIK-2015-0016/listing.html)
- Record
- SN04121073-W 20160520/160518234639-f864f517f2560b1e7a9d1d772d90462b (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |