8. CDE directive
Prove the value of innovative,
high-risk, high-potential-benefit
research to enable
development of cost-effective
military capability advantage
Defence White Paper – National Security Through Technology Feb 2012
10. First point of contact
‘CDE remains our first point of
contact for those who wish to
submit a research idea to the
MOD.’
Defence White Paper – National Security Through Technology Feb 2012
31. Competitions this year
Theme Value
Open-source big data insight £2.25M
Persistent surveillance from the air £2.25M
Agile, immersive training £2.25M
What's inside that building? £1.15M
Understand and interact with cyberspace £1.00M
51. The challenge
5
There are a number of
routes into the SIA, this
campaign is just one:
The SIA invests well over £10m per year in research and innovation through industryand
academicpartnerships
The SIA must cast
the net wide, from
blue-sky thinking
to mature ideas, to
tackle today’s
problems
Other innovationand research contract competitions
Through ourPrime industry partners
Direct relationships
52. External engagement
6
This is the 3rd SIA open competition to reach out to new suppliers.
Importantly, this competition is about building relationships,
20 new organisations now have an ongoing relationship with the SIA
2012
‘Finding the Threat’, saw the
biggest response to a CDE
competition:
• 24 proposals funded at phase 1
• 9 projects taken to phase 2
• 3 projects successfully made it onto
the SIA business baseline
2014
‘Secure Working in Insecure
Environments’ resulted in:
• 14 proposals funded at phase 1
• 5 projects taken to phase 2
• 2 projects hoped to make it onto the
SIA business baseline
55. Innovation is hard
• “Innovation is hard because ‘solving problems people didn’t
know they had’ and ‘building something no one needs’ look
identical at first ” - Aaron Levie, CEO at Box
• “You can't solve a problem on the same level that it was
created. You have to rise above it to the next level" - Albert
Einstein
• Innovation in the national security area is even harder:
- tradition
- high cost of failure
- security culture
56
56. But strong imperatives
• “My sharpest concern as Director General is the growing
gap between the increasingly challenging threat and the
decreasing availability of capabilities to address it” –
Andrew Parker
• Move towards ubiquitous encryption
• Nimble adversaries
eg ISIL’s strategic use of social media
57
57. Need to be outward looking
58
• Innovation relies on being
receptive to ideas from outside
• In particular, we need to engage
with non-traditional partners and
this CDE competition is an
important part of that
60. The IoT’s significance
61
“The internet of things is a transformative development.
We are on the brink of a new industrial revolution.
I want the UK to lead it.”
61. Exciting capabilities
62
Smart cities Smart home Wearable tech
Smart
parking
saving time
and cutting
congestion
Neurio sensor
capable of tracking
and controlling the
power of every
device in a home
Tzukuri sunglasses
capable of notifying
an owner when
they’ve left them
behind
62. Emerging risks
63
Smart cities Smart home Wearable tech
In increasingly
computer-controlled
cities, critical
infrastructure has a
growing
vulnerability to
cyberterrorism
Hacking smart home
security systems can
facilitate criminal
entry
Perceived threat to
pacemakers/
defibrilators
63. This competition: security for the IoT
• Increasing product security without reducing
capability
• Connecting diverse data into a coherent
whole
• Defence of critical national infrastructure
64
66. To improve the security of devices and sensors, that connect to one or more
physical and/or virtual hubs, in either a critical infrastructure or consumer
environment
To know when this security has been threatened and the impact this may have
on the authenticity, integrity and availability of data
Solutions must demonstrate:
• how to manage the security of IoT devices
• how to manage the privacy of data collected by devices
While enabling the management of systems and the protection of privacy of the
data shared beyond the network, you should consider protocols that provide:
• authentication
• integrity
• availability supervisory control
Challenge 1: security of IoT devices
67. Challenge 2: linking and understanding
IoT data
To understand what’s happening from apparently unrelated data. How to gather
and visualize data from a diverse, sensor-rich, loosely connected environment
that operates across different protocols and standards
Demonstrate how, based on the data gathered, 2 or more events/users/devices
could be linked and how to indicate a level of confidence in that connection
Demonstrate how you might identify malicious activities from the behaviour
and/or performance of the network nodes themselves. Where wireless is used,
you should demonstrate the vulnerabilities it presents and how this can be made
more secure at the physical layer
68. Challenge 2: linking and understanding
IoT data
You should consider:
• gaps in dissecting and analyzing protocols
• how value can be brought from auditing IoT devices
• how data from IoT devices could enhance existing security, eg the presence of
an IoT device as an additional authentication factor, using sensor monitoring to
build patterns of life to inform security decisions
• how vulnerable to attack are the IoT devices in different markets, eg medical,
financial, automotive etc
• what value could be gained by attackers from IoT devices, eg payment details,
location
69. What we want
We are looking for innovative proof-of-concept technology developments, at
technology readiness level (TRL) 3 to 4
Phase-1 project deliverables must be completed by 31 March 2016
A successful proposal will clearly demonstrate how the new techniques and
methods could provide a more comprehensive solution
Proposals should be for novel research and innovation that result in a
demonstration and have a realistic exploitation route. Solutions can either be
software or hardware
70. What we don’t want
The SIA don’t want paper-based studies, consultancy work, proposals that aren’t
innovative, or demonstrations of mature technologies, ie TRL 6 and above
The SIA don’t want technologies that can only be used for gathering intelligence