DHS cyber division opens up on R&D

While the Department of Homeland Security regularly spins off other federal agencies’ technologies into the private sector for further development, it has also been doing the same – with less fanfare -- for DHS-developed cybersecurity technologies.

That quiet approach is changing.

The department’s Science and Technology Directorate his hosting its first R&D Showcase and Technical Workshop this week for technologies developed and fostered by the Cyber Security Division. The Dec. 16-18 event in Washington, D.C., is aimed at moving DHS-funded cyber projects out of the lab and into the commercial marketplace, where companies can take them up and spread their use, CSD Director Doug Maughan said in a Dec. 17 interview with FCW.

The project is a close cousin of S&T's Transition to Practice efforts to commercialize promising technologies drawn from a wider pool of federal agencies, including the Department of Energy's national research laboratories, according to Maughan.

The technologies showcased at the event stem from S&T’s Small Business Innovation Research (SBIR) program and 36 Broad Agency Announcement awards rolled out in 2011. The results of the BAA efforts "are coming out of the pipeline now," Maughan said, in varying stages of final development. Where the CSD had historically kept its core research and development close, it's looking to "making it more open" in the coming years in hopes of gaining wider exposure and use. "Of the 600 attendees at the showcase," he said, "about 100 are from industry."

The first day of the event on Dec. 16 was the most public. The second and third days were restricted to researchers and not open to the press because the technologies weren't as far along in development and the agency was looking for input, according to DHS spokespeople. Maughan said he's aiming to make the next event more accessible, with all presentations open to the public.

Among the projects highlighted at the event were:

• Linebacker, an information sharing technology that crosses enterprises and between critical infrastructures to detect threats.
• Mobile forensics and security software.
• A multi-functional Bluetooth and biometric mobile smartcard reader that plugs into the audio jack of mobile devices.
• An intrusion detection functionality, developed by Columbia University and commercialized by Red Balloon Security, that injects detection capabilities into any embedded device.

Terry Benzel, deputy director of the computer networks division at the University of Southern California's Information Sciences Institute, said the showcase provided a venue for the institute's Cyber Defense Technology Experimental Research (DETER) project, an advanced test bed that allows researchers to experiment with cybersecurity threats in a realistic simulated environment.

The project, backed by DHS CSD, has been used by a wide array of university and federal researchers, including some from the Defense Advanced Research Projects Agency. The test bed, she said, consists of 500 physical machines that can be configured virtually to create realistic networks using the facilities to see how cyberattacks -- particularly theoretical or emerging varieties -- behave in a uniform environment.