AM Presentation slides from the latest CDE Innovation Network Event 'Security for the internet of things' hosted in London on 01 October 2015

1. Innovation Network event
1 October 2015

2. Innovation Network event
1 October 2015

3. Jim Pennycook
CDE Head of Operations

4. Military capability
Advantage
Persistent

5. The aim of CDE

6. Rapid technology change
Defence
Other markets
Utilisation

7. CDE Evolution
Years

8. CDE directive
Prove the value of innovative,
high-risk, high-potential-benefit
research to enable
development of cost-effective
military capability advantage
Defence White Paper – National Security Through Technology Feb 2012

9. Defence and security

10. First point of contact
‘CDE remains our first point of
contact for those who wish to
submit a research idea to the
MOD.’
Defence White Paper – National Security Through Technology Feb 2012

11. Support to SMEs

12. Routes to market

13. CDE operating principles

14. Engage with innovators

15. Funded opportunities

16. Participation costs

17. Risk

18. Intellectual property

19. Compliance
Regulated
Transparent
Auditable

20. Managing innovation
Proof of
concept
Development
Innovation Future capability
CDE MOD + investors

21. CDE competition space

22. Technology innovation lifecycle
Original idea Capability

23. Technology innovation lifecycle
Uptake /
commercialisation
Pre-commercial
development
TRL 1 TRL 2 TRL 3 TRL 4 TRL 5 TRL 6 TRL 7 TRL8 TRL 9
Experimental
research
Technology
implementation
Applied research
Curiosity
driven
research

24. CDE competition space
Pre-commercial development
TRL 3 TRL 4 TRL 5 TRL 6
Applied research
Solution exploration Prototyping/test products
Phase 1 Phase 2

25. Phase 1
TRL
7
TRL
2
CDE competition space
Phase 2
TRL
3
TRL
4
TRL
5
TRL
6

26. Two routes to funding
Enduring
Themed
Not classified
Enduring
competition
Themed
competition
£ 7M

27. Enduring competition

28. Enduring challenges

29. Challenge framework
ProtectionLethality
Human performance
Mobility
Situational awareness
CommunicationData
Power
Lower cost of ownership

30. Themed competition

31. Competitions this year
Theme Value
Open-source big data insight £2.25M
Persistent surveillance from the air £2.25M
Agile, immersive training £2.25M
What's inside that building? £1.15M
Understand and interact with cyberspace £1.00M

32. Current competitions
Theme Value
Security for the internet of things £2M
Autonomy and big data for defence £4M

33. Online bid submission

34. Portal upgrade

35. How has CDE performed?

36. CDE in numbers
5933
proposals received 57%

37. CDE in numbers
17%
of proposals funded
20%13%
E T

38. CDE in numbers
934
contracts placed 43%

39. CDE in numbers
£57.9M
invested
1 2 3 4 5 6 7 8

40. What’s next for CDE?

41. Innovation Network events

42. Innovation Network events
Next event: 21 October 2015
Sign up to get updates

43. www.gov.uk/dstl/cde

44. A successful proposal

45. A successful proposal

46. Innovation Network event
1 October 2015

47. The security challenges
of the internet of things
1

48. Relentless growth
2
Connected devices growth graphic by HP forecasting

49. Government working online
3

50. IoT vulnerabilities
4

51. The challenge
5
There are a number of
routes into the SIA, this
campaign is just one:
The SIA invests well over £10m per year in research and innovation through industryand
academicpartnerships
The SIA must cast
the net wide, from
blue-sky thinking
to mature ideas, to
tackle today’s
problems
Other innovationand research contract competitions
Through ourPrime industry partners
Direct relationships

52. External engagement
6
This is the 3rd SIA open competition to reach out to new suppliers.
Importantly, this competition is about building relationships,
20 new organisations now have an ongoing relationship with the SIA
2012
‘Finding the Threat’, saw the
biggest response to a CDE
competition:
• 24 proposals funded at phase 1
• 9 projects taken to phase 2
• 3 projects successfully made it onto
the SIA business baseline
2014
‘Secure Working in Insecure
Environments’ resulted in:
• 14 proposals funded at phase 1
• 5 projects taken to phase 2
• 2 projects hoped to make it onto the
SIA business baseline

53. Innovation Network event
1 October 2015

54. Encouraging
innovation and the
internet of things
future
55

55. Innovation is hard
• “Innovation is hard because ‘solving problems people didn’t
know they had’ and ‘building something no one needs’ look
identical at first ” - Aaron Levie, CEO at Box
• “You can't solve a problem on the same level that it was
created. You have to rise above it to the next level" - Albert
Einstein
• Innovation in the national security area is even harder:
- tradition
- high cost of failure
- security culture
56

56. But strong imperatives
• “My sharpest concern as Director General is the growing
gap between the increasingly challenging threat and the
decreasing availability of capabilities to address it” –
Andrew Parker
• Move towards ubiquitous encryption
• Nimble adversaries
eg ISIL’s strategic use of social media
57

57. Need to be outward looking
58
• Innovation relies on being
receptive to ideas from outside
• In particular, we need to engage
with non-traditional partners and
this CDE competition is an
important part of that

58. Connected future
59

59. Connected future
60

60. The IoT’s significance
61
“The internet of things is a transformative development.
We are on the brink of a new industrial revolution.
I want the UK to lead it.”

61. Exciting capabilities
62
Smart cities Smart home Wearable tech
Smart
parking
saving time
and cutting
congestion
Neurio sensor
capable of tracking
and controlling the
power of every
device in a home
Tzukuri sunglasses
capable of notifying
an owner when
they’ve left them
behind

62. Emerging risks
63
Smart cities Smart home Wearable tech
In increasingly
computer-controlled
cities, critical
infrastructure has a
growing
vulnerability to
cyberterrorism
Hacking smart home
security systems can
facilitate criminal
entry
Perceived threat to
pacemakers/
defibrilators

63. This competition: security for the IoT
• Increasing product security without reducing
capability
• Connecting diverse data into a coherent
whole
• Defence of critical national infrastructure
64

64. Innovation Network event
1 October 2015

65. Security for the internet of
things
1

66. To improve the security of devices and sensors, that connect to one or more
physical and/or virtual hubs, in either a critical infrastructure or consumer
environment
To know when this security has been threatened and the impact this may have
on the authenticity, integrity and availability of data
Solutions must demonstrate:
• how to manage the security of IoT devices
• how to manage the privacy of data collected by devices
While enabling the management of systems and the protection of privacy of the
data shared beyond the network, you should consider protocols that provide:
• authentication
• integrity
• availability supervisory control
Challenge 1: security of IoT devices

67. Challenge 2: linking and understanding
IoT data
To understand what’s happening from apparently unrelated data. How to gather
and visualize data from a diverse, sensor-rich, loosely connected environment
that operates across different protocols and standards
Demonstrate how, based on the data gathered, 2 or more events/users/devices
could be linked and how to indicate a level of confidence in that connection
Demonstrate how you might identify malicious activities from the behaviour
and/or performance of the network nodes themselves. Where wireless is used,
you should demonstrate the vulnerabilities it presents and how this can be made
more secure at the physical layer

68. Challenge 2: linking and understanding
IoT data
You should consider:
• gaps in dissecting and analyzing protocols
• how value can be brought from auditing IoT devices
• how data from IoT devices could enhance existing security, eg the presence of
an IoT device as an additional authentication factor, using sensor monitoring to
build patterns of life to inform security decisions
• how vulnerable to attack are the IoT devices in different markets, eg medical,
financial, automotive etc
• what value could be gained by attackers from IoT devices, eg payment details,
location

69. What we want
We are looking for innovative proof-of-concept technology developments, at
technology readiness level (TRL) 3 to 4
Phase-1 project deliverables must be completed by 31 March 2016
A successful proposal will clearly demonstrate how the new techniques and
methods could provide a more comprehensive solution
Proposals should be for novel research and innovation that result in a
demonstration and have a realistic exploitation route. Solutions can either be
software or hardware

70. What we don’t want
The SIA don’t want paper-based studies, consultancy work, proposals that aren’t
innovative, or demonstrations of mature technologies, ie TRL 6 and above
The SIA don’t want technologies that can only be used for gathering intelligence

71. Gemma Moxham
Competition Manager

72. Security for
the internet of things
How will it work?

73. What’s different?

74. Assessors

75. Technical Partners

76. Up to £1 million
Up to 3 months
Proof of concept
CDE contract with Dstl
Phase 1
Cost
Scope
Time

77. £1 million
Longer research
projects
Not Dstl contracts
Phase 2

78. What’s the same?

79. www.gov.uk/dstl/cde

80. Funded opportunities
Awareness
Network
Funding
Fair
Accessible
100%

81. Compliance
Regulated
Transparent
Auditable

82. Intellectual property
Defcon 705
Rights of use

83. Online bid submission
CDE portal
Only route
Low overhead

84. A successful proposal
Clear
Concise
Evidence based

85. What do we want?

86. Challenge 1:
security of IoT devices

87. Challenge 2:
linking and understanding
IoT data

88. What we want
Innovative proof-of-concept
Software or hardware
Completed by 31 March 2016.
Demonstrations

89. What we don’t want
Studies
Consultancy
Incremental
Mature technologies

90. Technical queries
ogdinnovation@dstl.gov.uk

91. Dates
Webinar:
8 October 2015

92. Dates
Contract placement initiated:
Early December 2015

93. Dates
Phase-1 research deadline:
31 March 2016

94. Competition deadline

95. 29 October 2015 at 5pm

96. www.gov.uk/dstl/cde

97. Innovation Network event
1 October 2015