Knot Vulnerable- Locking Down Cybersecurity on Naval Vessels

Competitive Projects

Up to $1.2M in phased development funding to propel technology forward


The Royal Canadian Navy is seeking innovative solutions to identify risk, protect naval assets, and detect, respond and recover from cyber security incidents in Her Majesty’s Canadian (HMC) platforms to ensure the safety and security of ships, boats and crew and to ensure the RCNis able to execute full spectrum operations within a contested cyber environment.

Results

Project Title Innovator Amount
Cybersecurity Monitoring, Diagnosis,Mitigation & Resilient Operation of Naval IT/OT/PT Systems Against Malicious Attacks Concordia University $229,908.00
On-board Naval Smart Cybersecurity Appliance CCX Technologies Inc. $227,744.00
Rapid Compartmentalization and Remediation of Shipborne Cyber Attacks General Dynamics Land Systems-Canada $229,979.00
Lock down cybersecurity (LDC) Akimbo Technologies Inc. $230,000.00
A Threat Detection System for Shipboard Defense Menya Solutions Inc. $229,940.00
Building Cybersecurity Resilience through Strong Asset Discovery Lockheed Martin Canada $228,614.30

Challenge: Knot Vulnerable - Locking Down Cybersecurity on Naval Vessels

Challenge Statement

The Royal Canadian Navy is seeking innovative solutions to identify risk, protect naval assets, and detect, respond and recover from cyber security incidents in Her Majesty’s Canadian (HMC) platforms to ensure the safety and security of ships, boats and crew and to ensure the RCNis able to execute full spectrum operations within a contested cyber environment.

Background and Context

The execution of naval operations rely on capabilities provided by Operational Technologies (OT) and Platform Technologies (PT). These technologies include machinery and weapons control systems and the communications networks through which these systems operate. These systems often require closed proprietary protocols and software which often limits the use of Enterprise Information Technology (IT) products in support of cybersecurity. As the RCN Future Fleet comes online, some integration of IT, OT and PT systems is inevitable and an integrated cybersecurity solution will be required to protect and defend HMC platforms and crew.

A significant concern for the Navy is that ship OT and PT systems used to automate ship electromechanical processes were not engineered to meet modern cybersecurity standards required of Enterprise IT systems, nor do these standards always make sense for non-Enterprise IT systems. Many Enterprise IT cybersecurity products are simply not designed to address cybersecurity concerns of OT and PT systems in maritime platforms, either military or civilian. When assessed against modern cybersecurity standards and threats, legacy systems should be hardened further, however few commercial options are available to address the gap.

Desired Outcomes

The Royal Canadian Navy is looking for innovative research, tools and/or technologies that address, but are not limited to, the following:

    • Network Discovery: the ability to maintain a current and accurate picture of known cyber-physical assets, including the hardware, firmware, software, versioning, protocols, logical and physical locations, as well as any unknown devices connected to those systems;
    • Vulnerability Assessment: the ability to conduct automated vulnerability scanning of ship OT/PT systems, and to assess whether cyber-physical assets are vulnerable by comparing them to unclassified and classified common vulnerabilities and exposures (CVE), or similar databases;
    • Decision support workflows to support risk decisions associated with the prioritization and remediation of vulnerabilities; and
    • System Monitoring: the ability to monitor an OT / PT system for anomalous activity and categorize / prioritize any abnormal activity based on severity and frequency

Page details

Date modified: