Sunnyvale, Calif., March 6 – Real-Time Innovations (RTI) has announced that U.S. Air Force Research Laboratories (AFRL) has contracted with the company to research and develop a data distribution service (DDS) standards-based system to scan network nodes for security vulnerabilities. This Small Business Innovation Research (SBIR) effort will incorporate recent developments in active and passive network traffic sniffing, node security policy management, complex event processing (CEP), high-performance network data distribution and data persistence. A demonstration of the technologies is planned for mid-2008.
This project, entitled “Proactive Determination of Networked Node Vulnerability,” addresses a pervasive need for improved tools to actively seek out weaknesses in network security before and during a security intrusion event. The objectives are to automate vulnerability scanning of network nodes, analyze the impact these vulnerabilities have on the network and communicate the resulting information to other nodes and users for appropriate responses.
To address this requirement, RTI will integrate a number of innovative features that will rapidly provide a substantial capability within a very short time frame and with reduced cost. Following a common trend in agile product development, the project will take advantage of a combination of mainstream commercial products, open-source technologies and innovative research by select security partners.
Partners ObjectSecurity and Promiaprovide significant experience in network intrusion detection and security management. Partners Coral8, ANTS Software and SL Corporation are global leaders in commercial CEP, high-performance database management and real-time visualization solutions, respectively. Several traditional prime defense contractors will also be involved in the test and evaluation phase to independently validate results.
The end result of this effort, if the system is selected for follow-on development, will be a robust, broadly deployed vulnerability assessment capability well integrated with the U.S. Department of Defense (DoD) vision for its next-generation Global Information Grid (GIG) network infrastructure.
Joe Schlesselman, director of market development for aerospace and defense of RTI, noted that the original Air Force solicitation states: “The number of known vulnerabilities found in common operating systems, network appliances and applications on heterogeneous networks continues to grow as fast as fixes can be developed. To combat this threat, there are a large number of tools available for free and on the commercial market to detect specific sets of vulnerabilities on specific operating systems or types of devices. These tools are useful in detecting vulnerabilities on specific nodes, but lack an analysis of the risk to the overall system. This AFRL project seeks to address this widespread network security problem.”
John Mullen, CEO of Promia, added, “Promia is proud to be included in this project with RTI. We have a lot of hands-on experience from our work protecting global Navy networks against cyber attacks since 2002. We look forward to helping RTI and the Air Force with their cyber protection needs.”
RTI partner ObjectSecurity will also lend its significant experience in security management and network intrusion detection. Dr. Ulrich Lang, CEO of ObjectSecurity said, “ObjectSecurity is delighted to work with RTI on this innovative project. The benefits of integrating our OpenPMF 2.0 model-driven security management technology with RTI Data Distribution Service and Promia IASM will include simplified management and improved cyber protection.”
“We appreciate RTI as a key partner in this project and equally U.S. Air Force's selection of Coral8's CEP technology as a strategic component of the Air Force's network security solution,” said Gayatri Patel, Coral8's co-founder and VP of business development. “Coral8 Engine enables sophisticated CEP-based applications to instantly detect and analyze high volumes of varied vulnerabilities across any network security system in the instant of their occurrence.”
This program is managed by the U.S. AFRL Information Handling branch within the Information and Intelligence Exploitation Division as part of the AFRL Computer Defense Immune System (CDIS) initiative.