Technology Today - Home
Raytheon's Cybercapabilities:
Raytheon is a world-class provider of cybercapabilities. In order to maintain a robust presence in this environment of rapidly changing technologies, Raytheon acquired five firms with well-established reputations for excellence in the cyberfield:

  • SI Government Solutions, which teaches us how to attack
  • Houston Associates, which understands network operations on a global scale
  • Oakley Systems, which is showing us how to defend
  • Telemus Systems, which brings total security architecture
  • BBN Technologies, which taps its research and development expertise for innovative solutions
The work of these companies highlights Raytheon's commitment to bringing comprehensive and innovative solutions to our customers.

Raytheon SI Government Solutions
In 1999, the looming threat of the Y2K bug generated renewed interest in software testing. At Florida Institute of Technology, Dr. James Whittaker, a nationally recognized thought leader in advanced software testing techniques, was creating a new paradigm and methodology that dramatically enhanced the ability to find bugs in software.

As companies vied to have their beta releases tested in Florida Tech's classrooms, the only bugs that were really noticed by the vendors' programs were the ones associated with security. This in turn drove the students to focus exclusively on security flaws. The new methodology that was emerging was a holistic view of software. It recognized that applications do not execute in isolation; rather, there is a complex interaction between the system and the applications it supports.

As part of this new direction, a need developed to "get under the hood" in order to gain the visibility necessary to reason about software in a dynamic execution environment. This meant that the standard tool set was entirely inadequate; a new set of powerful low-level system tools was required, and the students began to build them. Better tools translated to more bugs found. In fact, the students were so successful in finding bugs that the associated grants from industry funded the Center for Information Assurance at Florida Tech. These tools were so powerful that the users could literally bend software to their will.

For example, a tool was built to support expert witness testimony in a case involving a company's claim that firmware supporting RAM could be modified, causing unrecoverable damage. Specifically, the exercise demonstrated that the EEPROM (electronically erasable programmable read-only memory) single photon detector data area locked by the backside input/outputs could be overwritten. The tool successfully demonstrated that DRAM was vulnerable to unrepairable damage through software, and the company won its case.

By 2002, everyone was becoming aware of the sparks flying out of the Florida Tech Computer Sciences department. In an effort to capture this talented group of individuals, plans were made to start a company focused on application security, and in 2003 Security Innovation was formed. In 2005 SI Government Solutions spun from the parent organization with six core individuals, and within three years was making more than $14 million in sales.

Today at Raytheon SI Government Solutions, the excitement and high tempo of a startup remain and form an integral part of its success. The company remains focused on the original methodology that has served it well in this domain. It is a methodology that forwards one of the main tenets of the cyberlandscape: Real attackers attack software to gain the keys to the kingdom.

Houston Associates
In January 2006, Raytheon acquired Houston Associates, Inc. (HAI), then a 24-year-old company focused on network operations, coalition operations and command and control capabilities. Recently, HAI was renamed NetOps and Information Solutions (NIS) and continues to be intimately involved in championing, refining and implementing the U.S. Department of Defense's (DoD) NetOps vision for mission-critical coalition networks, through the delivery of advanced situational awareness capabilities for the Global Information Grid (GIG), and through research and development.

When HAI was established in 1982, the company provided PC-based decision support information systems to municipal governments and the Department of Health and Human Services, establishing a strong record of performance and reputation in a difficult market.

During the next 15 years, the company sought to broaden its client base, management and technical depth in the federal market. The Defense Information Systems Agency (DISA), DARPA, and FEMA became new customers with contracts for the Defense Simulation Internet and many broader-based engineering, deployment, installation, and network management support programs. On DISA's Leading Edge Services contract, NIS showcased advanced capabilities, including the first operational ATM network within the DoD and the first operational implementation of ATM over satellite.

NIS has grown to more than 250 employees and began to reach into higher end software and network-centric enterprise capabilities. NIS supported many advanced concept technology demonstrations. The company also provided technical support to network-centric enterprise services research and development as well as early prototyping of the Net-Enabled Command Capability through DISA pilot programs such as NCC and Horizontal Fusion. On the NCC pilot, NIS created the first application to consume and produce Net-Centric Enterprise Services-compliant Web services.

During this period, NIS also branched out into a new area for DoD: NetOps. This growth began with an innovative network performance forensics tool called RV+ that NIS engineered for DISA. Later, this tool became the basis for DISA Network Common Operational Picture and eventually the Global Information Grid Common Operational Picture program where NIS provides cyberenterprise situational awareness and correlation and fusion capabilities for all aspects of GIG operations from information assurance and defense to help desk operations and network performance management.

Meanwhile, Defense Information Systems Network–Leading Edge Services transitioned from a research network to an operational environment and NIS pursued another emerging set of warfighter requirements in the coalition space out of Multinational Information Systems. Under MNIS, NIS is responsible for engineering and operations of the Griffin, MICWAN, CFBLNet and portions of the CENTRIXS coalition networks — 24/7/365. NIS supports MNIS in hosting the Coalition Warfighter Interoperability Demonstration, or CWID, by planning the event, organizing participants, and providing all network services for the demo in a new location every year.

The mission and concept of NetOps became the primary mission for NIS in the mid-2000s. Through existing programs, NIS leaders like Dr. Sailaja Raparla, director for NIS and also a member of the Air Force Scientific Advisory Board, became highly visible supporters with DISA, OSD, JTF-GNO leadership, gaining public customer praise for championing the vision as a corporation. NIS produced original research and patents on various topics, including papers on end-to-end enterprise management, on multilevel precedence forwarding and others that have furthered the state of the art to include service-oriented architecture and Web service management and monitoring.

Raytheon Oakley Systems
In October 2007, Raytheon acquired Oakley Networks, Inc., an eight-year-old company focused on scalable end-point monitoring solutions for information assurance purposes. Oakley's products are used for combating insider threats ranging from counterintelligence to vendor collusion, and advanced persistent threats ranging from detection of external manipulation of insiders, to detection of forensic artifacts left behind by attackers.

Although nearly every organization has secrets it wants to protect, those secrets are so diverse that insider threat solutions need to be robust and extensible. Secrets range from customer lists to secret formulas, or even classified locations of undercover agents. The secrets can be electronic or physical, or both, and when the secrets are not digital, technology solutions need to be sensitive enough to look for digital indicators of their physical misuse. Other insider threats include violence, sexual harassment, damage or destruction of information and property, faulty business processes or decisions, and other actions that can threaten an organization's continuity and viability.

Oakley's solutions provide organizations visibility into the range of possible threats by providing a near-time policy-based monitoring framework that allows customers to look for new threats they previously had no ability to anticipate, and measure the rate and severity of those threats. Organizations need better monitoring and auditing tools. The world has moved from the analog age, where accurately judging trustworthiness was accomplished through constant face-to-face interaction, to a digital age where we're lucky if we can attempt to judge trustworthiness based on a brief glimpse of an e-mail thread; and from an analog age where right-sizing permission consisted of a big combination lock on a paper-file cabinet, to digitally prescribing which of thousands of files a user should and should not have access to.

Raytheon defines insider threat management as a continuous process of assessment, policy definition, risk mitigation, situation analysis and remediation. Raytheon SureView™ is a host-based insider risk management solution that identifies and supports investigations of user violations so that organizations can proactively manage insider incidents. Collected data is viewed in video-like, near real-time replay that displays the user's activity, including keys typed, mouse movements, documents opened or Web sites visited. With video replay, man-hours are saved by quickly determining a user's motivation and intent.

Raytheon Telemus Systems
In July 2008, Raytheon acquired Telemus Solutions. Telemus has been a consistently reliable global provider of diversified security and intelligence solutions serving a variety of U.S. and international clients that include federal, state and local government, Fortune 500 companies, utilities, and professional associations.

Telemus products and services include private and public sector consulting, research and analysis, threat and vulnerability assessments, information security, independent verification and validation, reverse engineering, customized training, systems integration, and a variety of made-to-order information technology services.

Telemus originated as O-Tech International in 1990 to support U.S. companies operating overseas. In 2000, O-Tech merged with Security Management International and was renamed Telemus Solutions. After the events of Sept. 11, Telemus supported the priorities of counterterrorism organizations, the intelligence community, the DoD and the Department of Energy.

Telemus is primarily divided into three areas: Engineering, Research and Analysis, and Infrastructure Protection Services.

Telemus Infrastructure Protection Services delivers customized vulnerability assessments for air and sea ports, water and power utilities, natural gas systems, nuclear facilities, and private businesses. These assessments provide insight and direction to guard clients from intrusions or attacks. Telemus has developed emergency planning systems or sub-systems at the industrial, regional, state, county and municipal levels.

Telemus Research and Analysis has broad and deep expertise in open source and restricted source research for government and private sector clients. Projects include discretionary fact gathering, data collection and organization, information brokerage, in-depth intelligence review, and documented analyses and assessments. Telemus excels in source verification, analysis and forecasting.

Telemus Engineering executes in client-driven technical domains as we perfect our go-to-market capability-tailoring to a widening client spectrum. Key domains include: applied wireless technologies; device/component reverse engineering and analysis, hardware engineering, SCADA security solutions, vulnerability assessment, and penetration testing.

Raytheon BBN Technologies
In October 2009, Raytheon welcomed its newest addition, BBN Technologies — a world leader in research and development, and provider of critical solutions for national defense and security missions.

As Raytheon BBN Technologies, the organization leverages expertise spanning information security, speech and language processing, networking, distributed systems, and sensing and control systems. Through broad technology expertise and rapid development, it researches, develops, prototypes and delivers innovative solutions quickly to meet critical needs.

In the cyberdomain, Raytheon BBN Technologies conducts research, development and deployment of information security technologies and provides assured network solutions to complex operations and planning problems.

It helps protect national security interests by performing leading-edge research and development for U.S. government customers such as DARPA, NSA, DISA, and the service laboratories. Its capabilities and services include denial of service triage, designing protection and adaptation into a survivability architecture, high-speed encryption electronic board design, quantum cryptography, and security standards development.

Terry Gillette
J.P. Leibundguth
Ken Davis