Open Source Software: Structured Threat Intelligence Graph: Revolutionizing Cybersecurity Data Management
Type: Special Notice
Overview

Buyer

ENERGY, DEPARTMENT OFENERGY, DEPARTMENT OFBATTELLE ENERGY ALLIANCE–DOE CNTRIdaho Falls, ID, 83415, USA

PSC

IT AND TELECOM - SECURITY AND COMPLIANCE SUPPORT SERVICES (LABOR) (DJ01)

Original Source

https://sam.gov/opp/46f1fbcc2f374dcea90590d084d1fd52/view
Timeline
    Description

    Special Notice ENERGY, DEPARTMENT OF Open Source Software: Structured Threat Intelligence Graph: Revolutionizing Cybersecurity Data Management. The Department of Energy is seeking an open source software solution called Structured Threat Intelligence Graph (STIG) to enhance their cybersecurity data management. STIG is a groundbreaking software that offers a comprehensive, graphical approach to threat intelligence by leveraging the capabilities of STIX data through an innovative graphical interface. It simplifies the creation, management, querying, and visualization of threat information, making it easier for analysts to track, analyze, and mitigate threats efficiently. STIG's visualization capabilities allow for explicitly depicting complex object graph structures, enhancing understanding and strategic planning. It is ideal for cybersecurity analysis, incident response, customization and integration, and research and development purposes. Join the forefront of cybersecurity management by embracing the Structured Threat Intelligence Graph today. Download now to discover how this innovative approach can transform your threat intelligence processes.

    Point(s) of Contact
    Andrew Rankin
    andrew.rankin@inl.gov
    Files
    No associated files provided.
    Similar Opportunities
    Open Source Software: EMV Scoring Application: Tailored Cybersecurity Threat Evaluation
    Active
    Energy, Department Of
    Special Notice: ENERGY, DEPARTMENT OF is seeking an Open Source Software: EMV Scoring Application for Tailored Cybersecurity Threat Evaluation. This application is designed to assess cybersecurity threats against specific configurations, allowing organizations to fortify their defenses. It offers a highly customizable and user-friendly graphical interface that simplifies the scoring process and integrates seamlessly with STIX objects. The application enables users to create their scoring schema, streamlining the evaluation process and enhancing cybersecurity posture. It has applications in critical infrastructure protection, corporate security, government defense, and healthcare data security. Download the EMV Scoring Application now to customize your cybersecurity threat assessment.
    Other Transaction Solicitation Call: Software Artifact Dependency Graph Generation at Scale
    Active
    Homeland Security, Department Of
    The Department of Homeland Security's Science and Technology Directorate seeks innovative solutions through its Silicon Valley Innovation Program (SVIP) for the "Software Artifact Dependency Graph Generation at Scale" project. DHS aims to enhance software vulnerability management by implementing intrinsic identifiers, improving the identification of software components across its operational units. Applicants are invited to submit proposals online, including technical and cost/schedule details, with a focus on enabling public correlations across graphs and creating value-added services. Intellectual property rights will be retained by the successful applicant, while the government gains certain usage rights. With a budget of up to $1.7 million for all phases and a submission deadline of December 16, 2024, this non-FAR-based procurement process offers a comprehensive nine-month schedule and detailed cost breakdowns. Potential vendors should carefully review the specified prohibitions and representations related to federal contracting.
    Open Source Software: ICSNPP: Advanced Industrial Control System Protocol Parsing for Zeek
    Active
    Energy, Department Of
    Special Notice: ENERGY, DEPARTMENT OF is seeking Open Source Software: ICSNPP: Advanced Industrial Control System Protocol Parsing for Zeek. This service is typically used to enhance network security and monitoring in industrial control systems (ICS). ICSNPP is a collection of Zeek plugin protocol parsers tailored for the industrial control sector, providing detailed insights into network activities and enabling more effective monitoring, threat detection, and incident response. The service supports four major ICS protocols: BACnet, DNP3, Ethernet/IP, and Modbus. It offers unmatched depth in parsing ICS-specific protocols, quick and easy integration, open-source accessibility, proactive threat hunting, and CISA-tested reliability. The applications of this service include optimizing renewable energy integration, securing manufacturing processes, protecting water treatment facilities, and enhancing the resilience of critical infrastructure. Elevate your industrial control system's security posture with ICSNPP. Visit the GitHub page for more information and to download the plugin suite.
    Open Source Software: EMRALD: Pioneering Dynamic Risk Assessment for Enhanced Reliability and Safety
    Active
    Energy, Department Of
    Special Notice: ENERGY, DEPARTMENT OF is seeking Open Source Software: EMRALD for Pioneering Dynamic Risk Assessment for Enhanced Reliability and Safety. This software, developed by the Idaho National Laboratory (INL), sets a new standard in dynamic probabilistic risk assessment (PRA), offering unparalleled capabilities to model and analyze complex system interactions in real-time. EMRALD bridges traditional PRA with dynamic modeling, providing a more intuitive and comprehensive risk assessment process. It features a user-friendly interface, dynamic integration with other simulation applications, comprehensive modeling capturing the sequence and timing of events, flexible application across industries, and supports nuclear safety analysis, industrial risk management, simulation enhancement, and operational decision making. Discover how EMRALD can elevate your risk management strategy to new heights.
    Tech Licensing Opportunity: Generative Adversarial Networks for EM Signature Generation
    Active
    Energy, Department Of
    Special Notice: ENERGY, DEPARTMENT OF is seeking a Tech Licensing Opportunity for Generative Adversarial Networks (GANs) for EM Signature Generation. This technology aims to synthetically generate electromagnetic (EM) signatures from assembly instructions using GANs, enhancing software security analysis. Traditionally, firmware and software verification involves side-channel analysis, which is a labor-intensive method that captures analog signals to detect vulnerabilities or unauthorized changes in software. However, this method can be complex and time-consuming, leading to high costs and extended timelines. The proposed technology automates the generation of EM signatures directly from code using GANs. By automating this process, it simplifies and accelerates the detection of vulnerabilities in software, especially in embedded devices. This technology promises to significantly reduce the cost and complexity of side-channel analysis, potentially revolutionizing software security verification before deployment. Key advantages of this technology include automating the generation of EM signatures, facilitating rapid and reliable anomaly detection in software, reducing the overall cost and time required for side-channel analysis, enabling offline verification of software for side-channel vulnerabilities, and improving the robustness of security analysis against environmental and equipment variability. This technology solves the problems of time-consuming and error-prone manual capturing of EM signals for side-channel analysis, limited applicability of traditional side-channel analysis methods due to their dependency on physical signal capturing, high cost and complexity of ensuring software security in embedded and mission-critical systems, and difficulty in detecting firmware and software-level modifications through conventional methods. Potential market applications for this technology include software security verification, vulnerability identification in embedded devices, and education and research in cybersecurity. It is ideal for companies and organizations looking to secure their software against side-channel attacks before deployment, industries deploying embedded systems in mission-critical environments, and academic institutions and research centers focusing on advanced cybersecurity solutions. The technology is currently at Technology Readiness Level (TRL) 3 and has a US Provisional Patent Application. The contact person for further discussions and licensing opportunities is Andrew Rankin at andrew.rankin@inl.gov. For more information, visit https://inl.gov/technology-deployment/.
    Open Source Software: Unlocking Operational Efficiency in Nuclear Power Plants with DIAMOND
    Active
    Energy, Department Of
    Special Notice: ENERGY, DEPARTMENT OF is seeking Open Source Software for unlocking operational efficiency in nuclear power plants with DIAMOND. The DIAMOND software is a pivotal solution in the complex operational environment of nuclear power plants. It integrates disparate data sources into a cohesive data warehouse, streamlining processes, fostering productivity, and enabling advanced analytics and machine learning applications. Traditionally, the nuclear industry has struggled with managing vast amounts of data scattered across various applications and systems. This fragmentation has led to inefficient manual data integration efforts, hindering cost savings and operational improvements. DIAMOND addresses this challenge by introducing an ontology-based data model specifically designed for the nuclear domain. Advantages of DIAMOND include significant cost savings, increased productivity, reduced errors, enhanced process control, and the ability to leverage advanced analytics and machine learning. The applications of DIAMOND include enhancing operational efficiency, reducing operational expenses, integrating data for analytics and decision support, and leveraging unified data for machine learning and AI-driven tools. Transform your nuclear power plant's data management landscape with DIAMOND and unlock the potential of your data. Visit the website to learn more and download DIAMOND today for operational excellence.
    Open Source Software: MASTODON: Pioneering Multi-Hazard Analysis for Critical Infrastructure
    Active
    Energy, Department Of
    Special Notice: ENERGY, DEPARTMENT OF is seeking Open Source Software: MASTODON for pioneering multi-hazard analysis for critical infrastructure. MASTODON is a cutting-edge software tool that offers a comprehensive solution for modeling stochastic nonlinear soil-structure interactions (NLSSI), bringing a new level of sophistication to dynamic probabilistic risk assessments. It is designed to simulate how structures like nuclear facilities, dams, and bridges respond to external hazards, including seismic events. MASTODON excels in the numerical modeling of seismic soil-structure interaction and sets a new benchmark in risk assessment tools. It offers advanced NLSSI modeling, enables precise risk analysis for critical infrastructure against multiple hazards, simulates the entire process from earthquake fault rupture to structural response with high fidelity, enhances the reliability of risk assessments by accurately quantifying uncertainties, and leverages the MOOSE framework for computational efficiency and flexibility. MASTODON is applicable to nuclear facilities, critical infrastructure, and facilitates dynamic probabilistic risk assessments for various external threats. Visit the GitHub page to learn more and download the software for evaluation.
    Open Source Software: Enhancing Software Reliability with CIVET: Continuous Integration and Testing Solution
    Active
    Energy, Department Of
    Special Notice: ENERGY, DEPARTMENT OF is seeking Open Source Software: Enhancing Software Reliability with CIVET: Continuous Integration and Testing Solution. This solution aims to maintain code integrity and quality in the rapidly evolving software development world. CIVET is a comprehensive continuous integration, verification, enhancement, and testing framework designed to streamline and secure the software development process. It automatically tests code changes, ensuring only verified code progresses to production. CIVET operates on an event-based model, reacting to notifications from Git servers like GitHub, GitLab, and BitBucket. Advantages include automated testing workflow, event-based test management, centralized script repository, and direct Git server updates. This solution is ideal for software development teams, project managers, quality assurance teams, and education and research purposes. Elevate your software development process with CIVET for seamless, automated testing and integration.
    Open Source Software: BlackBear: Advanced Simulation for Structural Integrity
    Active
    Energy, Department Of
    Special Notice: ENERGY, DEPARTMENT OF is seeking Open Source Software: BlackBear: Advanced Simulation for Structural Integrity. This software is used in civil engineering to predict the behavior of materials in structures over time. BlackBear offers a comprehensive solution by simulating degradation phenomena and structural response under various loading conditions. It models the behavior of materials such as concrete and steel, providing a comprehensive view of structural response to thermal, mechanical, wind, and earthquake loadings. The software is applicable to optimizing the design and maintenance of buildings, bridges, and dams, conducting safety assessments, advancing material science, and managing nuclear power plants. Download now to transform your civil structure analysis and design approach.
    Open-Source Software: Transforming Integrated Energy Systems Analysis with FORCE
    Active
    Energy, Department Of
    Special Notice: ENERGY, DEPARTMENT OF is seeking Open-Source Software for transforming Integrated Energy Systems Analysis with FORCE. FORCE is a unified, user-friendly platform that revolutionizes the analysis of integrated energy systems (IES). It offers comprehensive technoeconomic evaluations, from macro analysis to transient process modeling, to fuel smarter and sustainable energy solutions. This open-source software simplifies the complexity of IES analysis through automation and provides a unified interface, eliminating the need for ad-hoc solutions and reducing errors. FORCE is designed for technical experts, decision-makers in renewable energy and integrated energy systems, energy companies, national laboratories, academic institutions, policymakers, economic analysts, software developers, and data scientists in the energy sector. It is available for download at no cost from the product's GitHub page.