Description
Objective: U.S. critical infrastructure—including power grids, water treatment facilities, and transportation networks—is increasingly targeted by sophisticated adversaries using coordinated cyber and physical attacks. The Operational Technology (OT) and Industrial Control Systems (ICS) governing this infrastructure present a complex, vulnerable attack surface. The current process for planning and executing defensive and responsive actions is often manual, stove-piped between different agencies and asset owners, and too slow to counter machine-speed threats. There is a critical need to automate and accelerate the planning and coordination of defensive and offensive effects to protect national critical infrastructure. Description: DoW, in partnership with homeland security stakeholders, seeks SBIR project opportunities for STRIKE AI, an AI-enabled mission planning system designed to automate the planning and synchronization of effects to defend Operational Technology (OT) infrastructure. This system will function as a rapid response planning tool, ingesting high-level commander's intent (e.g., "Ensure integrity of the regional power grid") and rapidly generating executable, deconflicted response plans for both cyber and physical assets. The proposed solution is a holistic, AI-driven planning engine that can reason across multiple domains (cyber, physical, intelligence) and orchestrate complex response operations at machine speed. Specific areas of interest for this framework include: Commander's Intent Interpretation: Processing high-level defensive objectives and translating them into specific tasks for cyber protection teams, law enforcement, and military response units. Modeling OT Environments and Assets: Maintaining a comprehensive model of friendly defensive assets (e.g., CISA incident response teams, National Guard cyber units, physical security teams) and a detailed model of the targeted OT environment, including its specific controllers (PLCs, RTUs), network topology, and known vulnerabilities. Threat Analysis: Ingesting intelligence data from multiple sources to model adversary tactics, techniques, and procedures (TTPs) against critical infrastructure. Automated Response Plan Generation: Utilizing advanced algorithms to generate, deconflict, and sequence defensive actions (e.g., network segmentation, honeypot deployment) and offensive responses (e.g., counter-cyber operations, interdiction of physical threats) to neutralize threats while minimizing collateral damage and service disruption. Human-on-the-Loop Oversight: Presenting generated response plans in an intuitive format for human commanders (e.g., at USNORTHCOM, CISA) to review, modify, and approve before execution. Keywords: Operational Technology (OT), Critical Infrastructure, Cybersecurity, Industrial Control Systems (ICS), Homeland Defense, AI, Mission Planning, Incident Response CMMC Level: Level 2 (Self)