SBIR Phase I: Dynamically Assessing Network Security Policy Compliance with NP-Live

Period of Performance: 01/01/2014 - 12/31/2014

$150K

Phase 1 SBIR

Recipient Firm

Network Perception, Inc.
60 Hazelwood Dr
Villa Grove, IL 61820
Principal Investigator, Firm POC

Abstract

The broader impact/commercial potential of this Small Business Innovation Research (SBIR) Phase I project results from its potential to significantly strengthen the ability of network operators and security administrators to implement the correct set of rules to keep critical assets out of reach of cyber adversaries. The power grid has been said to be the most important engineering achievement of humankind. Modern civilization depends on electricity at such an intrinsic level that we cannot imagine a world without it. In fact, disruptions of power infrastructures quickly lead to chaotic situations in which human lives are at risk. Now that power grid control centers are relying on IT infrastructures, it has become of the utmost importance to ensure the resiliency of systems and networks through methodical IT security protection, monitoring, and response. Through automated continuous verification technologies, this project has a direct impact on the capabilities of our nation to improve its resiliency. The benefits to the power industry, to computer science security, and for society at large are realized through a technological advance that will improve the security of our most important resources. This Small Business Innovation Research (SBIR) Phase I project plans to develop a constructive approach to providing network security. Cyber security tools are often driven by the necessity to respond to market demand without having the time and resources to develop the proper formalisms and algorithms to solve long-term issues. The innovation proposed here is uniquely positioned to change this paradigm thanks to having roots in both a fundamental academic background and an extensive collaboration with industry partners. Consequently, this project responds to critical customer needs while providing innovations in science, technology, and engineering of critical infrastructure security. The approach the company is taking to compliance assessment has been evaluated in the field and provides a basis for new research leading to theoretically sound solutions to network security modeling, and further development of innovative and provably correct algorithms and tools for accurate and scalable cyber security assessment under real industry constraints.