Technology Today - Home
Raytheon Partnerships Enhance Cyberdomain Research
Can game theory be applied to help us make smarter decisions in protecting critical infrastructure? Could it also help plan automated responses to deter attacks? Can intelligent software agents watch ad-hoc network nodes to catch untrustworthy behavior? Those are just a few areas in which Raytheon is sponsoring research at universities and small businesses.

Many past and current advances in the cyberdomain come from research started at universities or small businesses. Partnering with organizations involved in government science and technology research is a natural fit — they and their customers want strong transition partners to integrate promising technologies. Raytheon benefits by being among the first to pilot innovative cybertechnologies well before they enter the commercial mainstream. Raytheon recently sponsored a mini-symposium day, where many of the universities we sponsor in cyberdomain research shared their accomplishments with us and their peers.

George Mason University
Raytheon and George Mason University are working together on several projects. Elsewhere in this issue, you can read a description of CAULDRON, a software suite developed by GMU to help designers make smarter decisions about where to begin to secure a complex system. Raytheon is also evaluating an array of innovations from GMU, including their Self-Cleansing Intrusion Tolerance (SCIT) technology and Uninterruptible Server. Through different approaches, each of these technologies protects against successful intrusion by novel malicious code.

Raytheon has also worked to extend GMU's "Battle Management Language," exploring the use of natural language commands that can be interpreted by computer. While the time-tested system of military orders, tasks, requests and reports continues to provide positive control over forces, the pace of battle possible in the cyberdomain necessitates advances in automated tasking of both cyber and conventional forces. A battle management language (BML) formalizes command and control (C2) messages using unambiguous terms, rules and semantics. BML captures the prescribed rules and well-defined verbs and terms that are meaningful to each domain. For CyberBML, Raytheon is extending BML to include verbs, terms and structures that extend C2 into the cyberdomain. This approach is based on a generalized C2 model called Joint Consultation, Command and Control Information Exchange Data Model (JC3IEDM), developed by the NATO Multilateral Interoperability Programme.

Massachusetts Institute of Technology
Beyond the C2 cybermodel, there is the more practical challenge of moving information between IT and C2 databases. Raytheon accomplishes this by partnering with a team from the Massachusetts Institute of Technology and using its "M Language," which offers a technology-neutral dictionary, store and binding mechanism between databases. M Language also serves another purpose. Natural language orders, requests and reports are a key ingredient in any C2 system. With M Language, MIT has pioneered advanced natural language processing techniques that could eventually automate knowledge extraction from ongoing message traffic. This could be presented in CyberBML format for enhanced situational awareness and speed of command. The final, keystone component for a CyberBML capability is the CyberBML parser, written to adhere to the defined language and terms stored in the M Language dictionary. An initial version of the CyberBML grammar, terms and parser was developed at Raytheon in 2008.

University of Texas at Austin
Raytheon has partnered with The University of Texas at Austin's Center for Information Assurance and Security (CIAS) on research for new and innovative cybersecurity solutions. The 21 faculty members in CIAS, a research unit in the university's Department of Computer Science, bring significant technical knowledge specific to cybersecurity. During the next 10 years, Raytheon will provide funding for CIAS faculty working on computer security and information assurance projects. Initial efforts are focused on formal verification methods, and researchers there are addressing increasingly critical issues such as privacy, password cracking, network security, intrusion detection, verification and wireless networking.

"Protecting our nation's computing systems that control critical cyber infrastructure is crucial," said Dr. Fred Chang, lead investigator and director of the CIAS. "The partnership with Raytheon will allow us to expand our capabilities to address the rapidly changing problems in cybersecurity with a great deal of agility and flexibility."

University of Arizona
Understanding and measuring trust is an integral component of mastering information assurance. In order to model and create a metric for trust as it applies to information assurance, Raytheon is collaborating with Dr. Sudha Ram at the University of Arizona. Raytheon began working with Ram in 2005 when she won an National Science Foundation grant to model provenance in the context of complex material properties. She is a McClelland Professor of Management Information Systems in the Eller College of Management, and she is researching interoperability among heterogeneous database systems, semantic modeling and automated software tools for database design, among other topics.

Raytheon used this collaboration to create a knowledge management tool called the Material Property Management System to compile material property information and track complex provenance. Raytheon and an organization called Science Foundation Arizona funded continuing research as Ram began investigating how to measure data quality with the help of provenance.

Raytheon identified the applicability of this research to information assurance and trust metrics, which led to collaboration on data provenance and the use of provenance metadata to derive a trust value associated with the data product from a sensor. Raytheon is also exploring provenance metadata associated with entities (human users, services, software agents and devices) as they produce, transform or consume data.

Carnegie Mellon University
Raytheon is a partner of Carnegie Mellon University's CyLab Sustainable Computing Consortium. CyLab was founded in 2003 and is one of the largest university-based cybersecurity research and education centers in the U.S. It is is a National Science Foundation CyberTrust Center, a key partner in NSF-funded Center for Team Research in Ubiquitous Secure Technology, and a National Security Agency Center of Academic Excellence in Information Assurance Education and a Center for Academic Excellence in Research.

Raytheon and Carnegie Mellon collaborate on government, commercial and international opportunities and on advancing the state of cybertechnology. In current research, Raytheon is working with CyLab to anticipate the security challenges posed by the rapid adoption of virtual reality environments and to explore innovative technology solutions to identity management, rights management, and detection of untrustworthy behavior. Raytheon participated in the Sixth Annual CyLab Corporate Partners Conference in Pittsburgh.

University of Southern California
University of Southern California's Information Sciences Institute was formed with DARPA support in 1974 as an outgrowth from Rand Corporation. ISI helped to build the original Internet, developed the domain naming service, and the protocols Kerberos and RSVP. ISI currently leads the DETER (Cyber Defense Technology Experimental Research) test bed effort for the U.S. Department of Homeland Security. Raytheon has sponsored research at USC-ISI on context-aware analysis for detecting social cybersignatures and social network analysis. This builds on USC's work in natural language processing and artificial intelligence. Some challenging problems ISI is tackling include:

  • Detection and characterization of hidden actors and groups
  • Techniques to model and discern social patterns, detect informal groups and roles of group members as they cluster around topics of interest, or detect when someone is talking "around" a subject
  • The tracking of attitudes and levels of interest in a topic over time, and finding interesting patterns out of networks with more than one million nodes
ISI's research helps answer questions such as: Who is infiltrating? What are they looking for? Why are they doing this?

University of Illinois at Urbana-Champaign
The University of Illinois at Urbana-Champaign has established the Information Trust Institute, with more than 90 professors and staff exploring the challenges of critical infrastructure security. Through this partnership Raytheon can model and simulate the behaviors of the largest and most complex elements of critical infrastructure, including the public land mobile network, power systems and industrial control systems. With the university's Real-time Immersive Network Simulation Environment, it's possible to evaluate vulnerabilities of smart power grid architectures, predict performance of mobile applications over the national telephony network, and develop repeatable attack simulations.

Johns Hopkins University
Systems engineering provides the foundation for secure and reliable solutions to challenges in the cyberdomain and all others. Familiar systems engineering concepts such as risk management, independent testing, design validation and configuration control take on special importance within the world of cybersecurity engineering. Raytheon Engineering has partnered with Johns Hopkins University (JHU) to offer an onsite Master of Science in Systems Engineering degree program that began in January 2009. Its purpose is to assist students in developing the systems engineering knowledge, skills and tools necessary to successfully lead the planning, development and engineering of large, complex systems.

JHU was selected after a comprehensive eight-month study of national university programs, which considered the relevance of curricula, industry experience of instructors, the flexibility to incorporate Raytheon-specific content into curriculum, measures to encourage and simplify employee participation, and the university's reputation within our customer acquisition community. Raytheon's five-course certificate program comprises basic systems engineering courses with a capstone project. The master's degree requires five additional courses, among them several with value in cybersecurity: System of Systems Engineering, Systems Architecting, Management of Complex Systems, Modeling and Simulation in Systems Engineering and Advanced Technology.

Other Collaborative Relationships
Raytheon is participating in several other university partnerships.

  • Penn State University will support Raytheon in developing software to represent target tracking and hyperbolic browsing in 3-D immersive visualization environments.
  • Raytheon recently completed experiments with the University of Maryland's computer intrusion detection technologies. Their knowledge-based approach collects and analyzes information from some 40,000 campus computers to determine which are most likely compromised.
  • Raytheon is working with researchers at the State University of New York at Buffalo to incorporate their Information Fusion Engine for Real-time Decision-making into a large-scale cyberrange. INFERD is designed to provide real-time situational awareness and decision support to improve an analyst's ability to cope with the volumes and data rates possible in cybersecurity.
Small Businesses
Some of the more promising and mature technologies are spun out of universities into small businesses. Many of these companies compete for part of $2 billion in funding designated annually by the federal government, and administered through the Small Business Administration in its Small Business Innovation Research and Small Business Technology Transfer programs.

Raytheon hosted an industry day event where 22 small businesses specializing in cyberdefense technologies came to hear from Raytheon and our customers. Individual one-on-one sessions allowed each company to meet with experts from around Raytheon who had an interest in the company's technology. These partnerships have resulted in many letters of endorsement and successful joint pursuits of follow-on research contracts from government science and technology customers.

Jon Goding