DHS helps new tech survive research lab growing pains
The Department of Homeland Security has launched a program designed to help ensure technologies developed in the national lab system and other public sector research facilities find their way to active use in government and industry.
DHS’s Transition to Practice (TTP) program involves circulating nascent technologies in a series of scientific demonstrations across the country and testing new technologies to determine thier readiness for pilot testing or commercialization.
So far, the program has helped cybersecurity technologies developed at Sandia and other federal labs survive the so-called “valley of death,” the often fatal gap between the research phase of high tech development and technology adoption.
"Moving technologies from the laboratory into actual practice is difficult," Steve Hurd, a cybersecurity researcher who helped lead Sandia's TTP effort, told the lab’s public affairs office. He said the program is “opening doors that will get new innovative cyber defense technologies from Sandia and other laboratories into the hands of industry, academia and other research institutions that can really use them."
Sandia uses a wide range of tools for testing in real world environments, including red-teaming, which provide an objective view of technologies' weaknesses from the perspectives of a variety of potential adversaries.
For test and evaluation, Sandia also uses its Forensics Analysis Repository for Malware, or FARM, a set of malware samples to test technologies for enhanced malware analysis, according to Sandia project manager Susanna Gordon.
Now in its third year, the program is showing results. Sandia’s CodeSeal, a year-one TTP-selected technology, is a program that protects critical software from malware and a variety of security gaps. The software is gaining interest from Vir2us, a Bay Area computer security company, and it may soon see real-world use scenario at the Energy Department’s GridSTAR research and education center. Other Sandia technologies previously selected by TTP were:
- SecuritySeal, a combined hardware and software solution that enables cryptographically secure authentication of a seal and any object it is affixed to. SecuritySeal is remotely readable and the level of security is scalable to the application.
- WeaselBoard, a device that connects to modular Programmable Logic Controllers (PLC) to capture traffic between modules. It connects directly to the PLC backplane, allowing access to all traffic at a low (hardware) level.
- Cyber Omni Tracker, and open source Incident Response collaboration and knowledge capture tool focused on flexability and ease of use.
- Network Randomization Tool for Integrated Computer Solutions.
“As a Federally Funded Research and Development Center, one of our main objectives is to partner with DHS to improve the nation's cybersecurity posture in whatever capacity we can best serve," Hurd said.
Connect with the GCN staff on Twitter @GCNtech.