Managed by S&T’s Mobile Security R&D Program, the project addresses CISA’s top priorities: securing the mobile supply chain as well as critical mobile network infrastructure, including the newly launched fifth generation (5G) mobile network.
“The innovative solutions and technologies developed by SRMNI awardees will help to protect legacy, current and 5G mobile network communications, services and equipment against various risks and vulnerabilities,” said Acting Under Secretary William N. Bryan. “These solutions will address current and emerging challenges that are impacting the government’s adoption of mobile technologies.”
“These awards will further CISA’s efforts to support the security of existing mobile networks as well as emerging 5G networks being rolled out by carriers across the country,” said Brandon Wales, CISA’s acting director. “We look forward to working with S&T and the project awardees on the development of innovative solutions that will take mobile security to the next level for a more secure and resilient nation.”
This initial round of seven awards is focused on developing protections for legacy cellular networks—2G, 3G and 4G, building security into the newly launched 5G network, and developing end-to-end protection of network traffic, including a standardized secure voice capability for unclassified government communications. The awardees, total dollar amount of each award, title and a brief overview of each R&D project are as follows:
4K Solutions, LLC (Midland, Ga.) – $1.6 million
Project GoSecure and EchoPTT Pro: Secure Voice and Messaging Threat Mitigation from Backend Protocol and Over-the-Air-Attacks. Through this project, 4K Solutions will develop an integrated set of functional capabilities and security solutions that will defend users against having their calls, text messages, location and other metadata monitored over susceptible phone networks.
Commdex, LLC (Smyrna, Ga.) – $2 million
Fifth Generation (5G) Network Security. Under its project, Commdex will develop and evaluate varying end-to-end security controls for 5G devices, 5G Radio Access Network, core, and transport network architectures.
Texas A&M University (College Station, Texas) – $1.1 million
Government Secure Voice Architecture. Texas A&M will develop a secure-data and voice network architecture that supports secure landline-to-landline, landline-to-mobile, and mobile-to-mobile communications.
Aether Argus Inc. (Atlanta, Ga.) – $1.4 million
Protecting the Mobile Core Network Elements Via Air-Gapped Hardware Verification and Code Execution Tracking. The company will develop a firmware-anomaly detection system for 5G infrastructure components that will monitor device radio frequency emissions to detect operational irregularities.
University of Florida (Gainesville, Fla.) – $1.7 million
Deploying Defenses for Cellular Networks Using the AWARE Testbed. The university’s team will develop testbed prototype solutions for 4G Long Term Evolution (LTE)-capable calling devices with a secure distance bounding protocol, fuzzing infrastructure optimized for core LTE protocols, device link location measurements, and encryption.
Red Balloon Security (New York, N.Y.) – $750,000
Symbiote Integration for Mobile Network Infrastructure. Red Balloon will expand its Symbiote embedded defense technology to defend against mobile network infrastructure firmware attacks such as buffer/heap overflow, rootkits or attack chains involving any embedded or internet of things device. A key feature of this project will be development and testing of a new capability to modify firmware to add or remove functionality.
AdaptiveMobile Security Inc. (Frisco, Texas) – $1.2 million
Threat Detection and Protection of Networks. AdaptiveMobile will develop a solution that uses stateful communication protocols with security-focused advanced analytics algorithms and a global threat intelligence service to ensure mobile network borders are continually secured.
CISA leads the national effort to defend critical infrastructure against the threats of today, while working with partners across all levels of government and in the private sector to secure against the evolving risks of tomorrow. For more information, visit cisa.gov.
S&T’s cybersecurity mission is to enhance the security and resilience of the nation’s critical infrastructure and the internet by developing and delivering new technologies, tools and techniques to defend against cyberattacks. S&T conducts and supports technology transitions and leads and coordinates research activities among the R&D community, which includes DHS customers, government agencies, the private sector and international partners. For more information about S&T, visit scitech.dhs.gov.