DON26BZ03-NV062 TITLE: Secure Tasking of Commercial Assets

OUSW (R&E) CRITICAL TECHNOLOGY AREA(S): Contested Logistics Technologies (LOG)

COMPONENT TECHNOLOGY PRIORITY AREA(S): Integrated Sensing and Cyber; Space Technology

PROJECTED CMMC LEVEL REQUIREMENT: Level 2 (Self)

The technology within this topic is restricted under the International Traffic in Arms Regulation (ITAR), 22 CFR Parts 120-130, which controls the export and import of defense-related material and services, including export of sensitive technical data, or the Export Administration Regulation (EAR), 15 CFR Parts 730-774, which controls dual use items. Offerors must disclose any proposed use of foreign nationals (FNs), their country(ies) of origin, the type of visa or work permit possessed, and the statement of work (SOW) tasks intended for accomplishment by the FN(s) in accordance with the Announcement. Offerors are advised foreign nationals proposed to perform on this topic may be restricted due to the technical data under US Export Control Laws. 

OBJECTIVE: Develop a capability for intercommunication between Government and commercial satellites.

DESCRIPTION: Maritime Targeting Cell-Afloat/Expeditionary (MTC-A/X)’s purpose is to provide weapons-quality tracks to support over-the-horizon targeting by using multi-intelligence capabilities across all domains and deliver direct sensor data downlink capability. To maintain a tactical advantage, the Navy requires the ability to task commercial satellites at Controlled Unclassified Information (CUI)/Information Level-5 (IL-5) and Secret Level (IL-6) to ensure tasking is not discoverable by adversaries.

The Navy could task commercial satellites for missions requiring secure handling of sensitive information, like targeting; however, commercial satellite providers typically do not offer the security levels required for classified Government operations [CUI impact levels (IL)-5 or Secret IL-6]. They could modify existing military systems for commercial use but that is prohibitively expensive and impractical for commercial vendors. Nothing that is commercially available can fulfill this communications need.

The Navy needs a capability to securely task commercial satellites at the required classification levels. This requires a solution leveraging both Government and commercial technologies, such as implementing end-to-end encryption within existing commercial tasking interfaces, secure data transfer protocols, and blockchain-based solutions for verifying the authenticity and integrity of tasking requests. The performer must evaluate the feasibility of integrating commercial security technologies like secure cloud platforms and Virtual Private Networks (VPNs) and explore emerging technologies such as quantum-resistant cryptography for enhanced long-term security.

The solution must establish a baseline for data security with an initial focus on establishing secure methods for tasking commercial satellites at the required CUI levels. Subsequent efforts will focus on solutions that demonstrate measurable reductions in tasking latency - measuring the speed and efficiency of the tasking process, verifying a targeted 90% reduction in tasking time compared to current methods, for which standard tasking can take up to 14 days from order to delivery. Seamless integration across different cybersecurity requirements will further contribute to more timely tasking, increased tasking opportunities, and a stronger overall cybersecurity posture.

The developed technology will be evaluated in a simulated environment against National Institute of Standards and Technology (NIST) standards for secure communications and data handling at the specified classification levels. This performer will also leverage existing Navy contracts, such as those managed by the Commercial Space Program Office (CSPO), to ensure rapid transition and widespread adoption across the DoW.

Work produced in Phase II may become classified. Note: The prospective contractor(s) must be U.S. owned and operated with no foreign influence as defined by 32 U.S.C. § 2004.20 et seq., National Industrial Security Program Executive Agent and Operating Manual, unless acceptable mitigating procedures can and have been implemented and approved by the Defense Counterintelligence and Security Agency (DCSA) formerly Defense Security Service (DSS). The selected contractor must be able to acquire and maintain a secret level facility and Personnel Security Clearances. This will allow contractor personnel to perform on advanced phases of this project as set forth by DCSA and NAVSEA in order to gain access to classified information pertaining to the national defense of the United States and its allies; this will be an inherent requirement. The selected company will be required to safeguard classified material during the advanced phases of this contract IAW the National Industrial Security Program Operating Manual (NISPOM), which can be found at Title 32, Part 2004.20 of the Code of Federal Regulations.

PHASE I: Develop a concept for a secure satellite tasking system that meets the parameters in the Description. Demonstrate the feasibility of this concept by providing a detailed concept design, including system architecture, security protocols, integration plans with existing commercial tasking interfaces, and modeling and simulation to show the system's potential to meet Navy performance goals in the Description. (Note: If modeling and simulation alone cannot sufficiently demonstrate feasibility for specific aspects of the concept, propose and justify the use of simulations or subscale demonstrations to illustrate key aspects of the concept, particularly related to security and integration. For example, a simulation demonstrating the secure transfer of encrypted tasking data between a mock commercial interface and a simulated secure government network would be beneficial.)

Specify the number and delivery schedule of any prototype articles provided to the Government for testing in the Phase II SOW based on the specific approach proposed by the performer.

The Phase I Option, if exercised, will include the initial design specifications and capabilities description to build a prototype solution in Phase II.

PHASE II: Develop a prototype secure satellite tasking system based on the results of Phase I. Demonstrate the core functionality of the secure tasking system, including secure communication channels, data encryption/decryption, authentication and authorization mechanisms, and integration with representative commercial tasking interfaces.

(Note: If full prototype development is deemed too costly within the Phase II budget, the contractor may propose alternative evaluation methods, such as detailed simulations or analytical modeling, to demonstrate the prototype meets Navy performance goals. These alternative methods must be clearly justified and provide sufficient evidence to support the claims.

It is probable that the work under this effort will be classified under Phase II (see Description section for details).

PHASE III DUAL USE APPLICATIONS: Support the Navy in transitioning the secure satellite tasking system to operational use within the Navy. The prototype will be developed and integrated within the Maritime Targeting Cell program and seamlessly integrated with commercial satellite providers.

Support the transition process by refining and hardening the system: addressing any remaining bugs or vulnerabilities identified during Phase II testing and optimizing performance for operational use; developing comprehensive documentation and training materials to provide Navy personnel with the necessary resources to operate and maintain the system effectively; providing ongoing technical support; and assisting the Navy with system integration, deployment, and troubleshooting.

While developed for military applications, this secure satellite tasking technology has significant potential for dual use in the commercial sector. Many industries rely on satellite imagery but face challenges protecting sensitive or proprietary information. This technology could be adapted to provide secure tasking and data transfer for secure commercial applications and safeguard proprietary information from unauthorized access. Other potential applications include precision agriculture to protect sensitive crop data from competitors; environmental monitoring to secure data related to pollution or resource exploration; and urban planning to protect sensitive infrastructure information.

REFERENCES:

1. Enright, Kevin. "What is Satellite Tasking and How Does it Work?" UP42, 23 June 2022. https://up42.com/blog/what-is-satellite-tasking-and-how-does-it-work
2. Morisse, Barry. "Simplifying the Process of Tasking a Satellite." GEO AWESOME, 29 May 2024. https://geoawesome.com/eo-hub/simplifying-the-process-of-tasking-a-satellite/
3. Cloud Information Center. "Cloud Security." https://cic.gsa.gov/basics/cloud-security
4. National Industrial Security Program Executive Agent and Operating Manual (NISP), 32 U.S.C. § 2004.20 et seq. (1993). https://www.ecfr.gov/current/title-32/subtitle-B/chapter-XX/part-2004

KEYWORDS: Commercial Satellite Tasking; Blockchain-Based Authentication; End-to-End Encryption; satellite tasking classified information; Secure Data Transfer; Quantum-resistant cryptography

TPOC 1: Emily Arquesa
(703) 984-0666
emily.a.arquesa.civ@us.navy.mil

TPOC 2: John Hudson
(202) 781-3752
john.k.hudson3.civ@us.navy.mil