The Cybersecurity Threats Technology Center (CT-TC) performs and sponsors core research to enhance future DHS capabilities, identify technological threats and vulnerabilities of the Homeland Security Enterprise, develop recommendations and approaches to cost-effectively manage risks, and inform industry standards and DHS best practices as needed. The CT-TC, as a cybersecurity resource center, provides research, development, and application of leading-edge cybersecurity techniques to support the DHS and Homeland Security Enterprise's critical missions and enhance the security and resilience of the nation's critical infrastructure.
The CT-TC's specific cybersecurity core research focus area include:
This focus area aims to increase the reliability and employability of data for homeland security missions.
- Technical Objective 1: Identify and evaluate new and emerging technological applications, such as post-quantum cryptography and homomorphic encryption, to ensure the confidentiality, integrity, and availability of data at rest, in process, and in transit.
- Technical Objective 2: Identify and evaluate new resilient machine learning approaches, explainable AI (XAI) and human-machine teaming capabilities, and generative adversarial attack identification and mitigation approaches to increase trustworthiness of advanced data science and analytics.
This focus area aims to ensure the resilience of the data, software, and hardware used to execute homeland security mission functions.
- Technical Objective 1: Ensure the confidentiality, integrity, and availability of data at rest, in process, and in transit across software and hardware platforms by researching and evaluating new and emerging applications such as post-quantum cryptography and homomorphic encryption.
- Technical Objective 2: Ensure advanced computing software and hardware applications are designed to rapidly adapt to the evolving security environment and future technologies. Example applications include but are not limited to sensors and IoT, operational technologies (OT), cyber physical systems (CPS); high performance computers (HPC); microelectronics, edge, cloud, fog, mobile, and quantum computing and civil space systems.
- Technical Objective 3: Leverage advances in emerging technologies such as memory-safe programming languages, zero trust architectures; infrastructure as code/pilot light (IaC/PL); augmented, virtual, and cross reality (AR/VR/XR) and adaptive secure-by-design architectures to increase cybersecurity across operations.
- Technical Objective 4: Increase assurance across the supply chain and lifecycle of key software and hardware employed in cybersecurity functions and critical infrastructure such as security orchestration and automated response (SOAR), software bill of materials (SBOM), and federated identity, credential, and access management (ICAM).
This focus area aims to protect and enhance the networks that transport the voice and data between devices/humans and the interconnected software and hardware systems (e.g., 2X).
- Technical Objective 1: Identify and understand new and emerging communications concepts and technologies such as spectrum agility, broadband virtualization, and software defined networking to enable communications resilience in the face of increasingly congested and contested operational environments (spectrum scarcity, intentional interference).
- Technical Objective 2: Investigate advanced communications technologies (i.e., 5G/XG mobile networks, optical interlinks across proliferated low- Earth orbit satellite (LEO) networks, and quantum sensing receivers) to identify and assess new risks and potential attack surfaces as well as enable new use cases to dramatically enhance capabilities and create efficiencies for DHS missions.
- Technical Objective 3: Create techniques to maintain security and communications in an environment where new complex architectures (everything-as-a-service) present more attack surfaces for adversarial exploitation.
- Technical Objective 4: Identify gaps in existing standards that result in non-interoperable, proprietary, or inefficient solutions, to inform and accelerate the development of new standards resulting in improved techniques to test and verify conformance to standards.
Current and Ongoing Core Research Activities
- Countering adversarial use of AI in zero-trust environments
- Cybersecurity community of interest
- Cybersecurity landscape analysis, roadmap and strategic plan
- Effect of central bank digital currency on law enforcement
- Human-AI teaming for cybersecurity
- Reduced order modeling of critical infrastructures
- Securing distributed algorithmic decision processes
- Shared intelligent resilience (SIR)
Key Activities
- Provide strategic support, research collaboration, and exchange to DHS international partners through the DHS International Cooperation Program Office.
- Work with federal interagency and international teams and working groups to formulate and promote cybersecurity research and development policy.
- Collaborate and perform research support to various DHS components such as CISA, HSI, and others.
- Identify potential new threats on the horizon as novel technologies emerge.
Technical Expertise and Subject Matter Expertise
- Expert level evaluation and review of LRBAA/SBIR/SVIP proposals
- Subject matter expert support to SBIR projects
- Critical Infrastructure Security & Resilience Research (CISRR)
Contact