The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and Science and Technology Directorate (S&T) are seeking development of new standards to improve the security and resilience of critical mobile communications networks through a new Broad Agency Announcement (BAA) Solicitation 70RSAT19RB00000001 published April 22 on FedBizOpps.gov.
The BAA establishes a research and development (R&D) project for a Secure and Resilient Mobile Network Infrastructure (SRMNI). The solicitation specifically seeks innovative approaches and technologies to protect legacy, current and 5G mobile network communications, services and equipment against all threats and vulnerabilities.
“The deployment of 5G technologies offers opportunities for innovation, efficiency, and economic growth, but it may also present risks we’re not currently positioned to manage,” said Chris Krebs, CISA Director. “This BAA solicitation and SRMNI R&D will help DHS work with industry to identify threats and vulnerabilities to mobile network infrastructure, and inform the development and adoption of security standards.”
These risks were identified in the DHS Study on Mobile Device Security, which called for government-funded R&D to address current and emerging challenges impeding the government’s adoption of mobile technologies. The study also called for developing cooperative agreements with private-sector entities such as mobile network operators and associations and enhanced U.S. Government participation in development of consensus-based voluntary mobile security standards and best practices to protect the confidentiality, integrity and availability of U.S. government communications.
“The newly created SRMNI R&D project will lead the government’s development of innovative solutions and technologies to protect legacy, current and 5G mobile network communications, services and equipment,” said William N. Bryan, Senior Official Performing the Duties of the Under Secretary for Science and Technology. “The project will provide a comprehensive approach to S&T’s Mobile Security R&D focus on securing all aspects of mobile communications through public-private partnerships.”
CISA and S&T will hold a joint SRMNI Industry Day on May 16, from 12 p.m. to 4:30 p.m., at the Washington Marriott at Metro Center to introduce the BAA solicitation to mobile security leaders and experts and to answer questions posed by attendees. Interested organizations are encouraged to have its representatives attend this important Industry Day and submit a project proposal. Registration for the event will be limited to 200 attendees.
The BAA solicitation seeks proposals that address any or all three of the presented Technical Topic Areas:
TTA #1 focuses on 2G, 3G and 4G network protections.
TTA #2 focuses on building security in to 5G networks and leveraging 5G to demonstrate solutions that meet government security requirements and also seeks end-to-end protection of network traffic, including a development of a standardized secure voice capability for unclassified government communications.
TTA #3 seeks innovative approaches to improve government visibility of network traffic from mobile devices to identify potential malware, attacks or attempts to exfiltrate data from or through the device.
Proposals will be due June 26 and proposal selections will be announced September 24.