www.sbir.gov
Release Date:
April 20, 2022
Open Date:
May 18, 2022
Application Due Date:
June 15, 2022
Close Date:
June 15, 2022
Description:
OUSD (R&E) MODERNIZATION PRIORITY: Artificial Intelligence/ Machine Learning; Cybersecurity; Nuclear
TECHNOLOGY AREA(S): Information Systems; Nuclear
OBJECTIVE: To develop proof of concept and demonstrate feasibility for a customized application development platform and database management integrated with intelligent, self-learning cybersecurity control monitoring system prototype. As envisioned, the capability will use industry leading technologies, such as Machine Learning (ML), Artificial Intelligence (AI) and Data Science (DS) capabilities, to recognize normal usage patterns for Nuclear Logistics management and reporting application, then apply data analytics and reporting to identify, report and suspend anomalous activities that may represent a cybersecurity threat or operating environment deviation from normal. NL goal is to develop customized applications and database management system using no-code or low-code application environments and commercial of the shelf database software. While these tools incorporate proven components implementing secure coding best practices, we expect incorporating AI/ML/DS technologies and analytics with the low-code environment will enable developing more intelligent monitoring capabilities directly within the applications. The amount of data inherent within custom Nuclear Logistics applications is relatively small by contemporary standards, but usage data from module and database field access is orders of magnitude greater and significantly more dynamic. Automatically incorporating big data analytics and reporting capabilities into low-code developed applications to warrant Surety and Accountability of the nation’s deterrence stockpile. AI/ML/DS capabilities will be integrated into application usage and database access patterns to learn “normal” expected behavior and quickly identify, alert and block anomalous actions.
DESCRIPTION: Nuclear Logistics Technical Division (NLT) is directly responsible for providing application and database services to the DoD customers as part of their mission to maintain the national nuclear stockpile databases. NLT requires next generation systems that will provide the capabilities to securely maintain the integrity of mission essential applications and databases by applying cybersecurity protections through the application AI/ML/DS technologies. To support future requirements and nuclear system modernization, NLT is interested in developing a next generation rapid application development platform and database management prototype integrated with intelligent cybersecurity protection measures. NLT’s goal is to prototype and demonstrate an enhanced NL Application development platform and Database Service using AI/ML/DS and low-code generated custom applications to support robust and secure user applications for NL needs. The application development platform will be configured to use COTS no-code or low-code platforms, and deliver the prototype system using innovative which can effective make use of AI/ML/DS techniques for both user application data and system collected usage and access patterns. As the Restricted Data aspects of the NLT information systems necessitate a cryptographically isolated environment, this prototype system will leverage AI/ML/DS capabilities within a relatively closed environment to support enhanced analytics, monitoring and reporting for Nuclear Logistics and enhance nuclear logistics management capabilities and system modernization as the foundation for future applications beyond current capabilities. This proposal allows development teams to become part of a paradigm that introduces an end-user application design that creates a fundamental connection between the user, mission essential tasks, business operations procedures and the software that directly impacts department specific productivity. This innovation also facilitates a custom application design from idea to an operational reality within a few weeks, perhaps even days.
PHASE I: Design a concept for enhancing low-code application development platforms to automatically incorporate capabilities for reviewing all logged system, module and database access events, identifying patterns representing “normal” system usage over a period of time, which will account for monthly, quarterly and annual data entry and reporting activities, as well as ad hoc activities, such as emergency operations exercises. Using this growing collection of event data, the low-code application development platform enhancements will continually monitor the cyber-health of the application environment using AI/ML/DS services and alert system administrators as to anomalous conditions. If possible, the AI/ML/DS services will also be able to identify and alert operational anomalies, such as network, storage or processing issues before actual system failures occur. In addition to identifying concepts and methods for accomplishing these intelligent system monitoring capabilities, analyze additional processing, storage and network loads to support these capabilities. The analysis should include identifying typical cybersecurity monitoring services and controls that may be able to be replaced by the intelligent system monitoring capabilities.
PHASE II: Design, develop, demonstrate and validate a proof of concept technology demonstration for one or more representative modules incorporating the AI/ML/DS services for enhanced intelligent monitoring in parallel with developing the new module(s). Provide a detailed project plan for developing such a capability, and benchmarking against a similar complexity low-code developed module to quantitatively and qualitatively identify specific operational improvements. Conduct formal acceptance testing with user community stakeholders on the module to confirm its correct operation, then monitor the ability to enhanced capability to collect system events, identify normal usage patterns, and alert when repeated anomalous events occur outside the normal range. Once fielded to a select group of operational users, test the system effectiveness for intelligently adapting to changing usage events by introducing specific anomalies. Document the comparison of the representative baseline module against the enhancement intelligent monitoring module, including benefits, weaknesses and opportunities for improvement. Prior to completion of Phase II, perform typical software maintenance and functional enhancements, as would be typical of user reported problem reports and new / improved functionality change requests, and analyze how the intelligent monitoring capabilities respond to a modified software codebase.
PHASE III DUAL USE APPLICATIONS: Working with NL and the low-code application development platform software vendor, jointly develop functional requirements, specifications, high level designs for incorporating the AI/ML/DS techniques, services and capabilities. Document lessons learned from the Phase II proof of concept capability and identify suggested improvements. Identify changes necessary to generalize the AI/ML/DS service enhancements for the COTS low-code application development platform, including approximate estimates of complexity to accomplish. For NL, identify necessary actions to incorporate the intelligent monitoring capabilities into existing low-code based applications. Also identify actions necessary to extend the AI/ML/DS based intelligent monitoring capabilities from being able to alert system administrators regarding anomalous conditions to enhancements necessary for the intelligent cyber monitoring capabilities to proactively take actions to automatically shut down identified threats. It is assumed identified network, storage and system identified anomalies will need to be manually addressed by system administrators at the end of Phase III. If there are opportunities for commercializing corrective actions in response to system failure modes identified, these should be documented and communicated to NL and the COTS low-code application development platform vendor as well.