The Department of Homeland Security (DHS) Science and Technology Directorate’s (S&T) Secure and Resilient Mobile Network Infrastructure (SRMNI) and Emergency Communications Research and Development (R&D) Program is providing direct R&D support for critical Cybersecurity & Infrastructure Security Agency (CISA) priorities related to its mission to secure and make resilient 5G infrastructure, mobility for government mission use, and emergency communications capabilities.
The solutions developed through these interrelated program R&D areas will help secure legacy and next-generation mobile network infrastructure for federal government missions and use-cases and help secure and enhance the capabilities of the critical communications systems used by the nation’s first responders.
Dual Project Foci
The wide-ranging SRMNI and Emergency Communications R&D Project is managed by S&T’s Office of Mission Capability and Support and is engaged in the following complementary R&D efforts:
The SRMNI and Emergency Communications R&D Program is aligned to overarching DHS strategies, CISA strategies, and Presidential Executive Orders. The following presents specific alignments organized by strategy document:
SRMNI Strategic Alignment to Department and Federal Government Strategies
DHS Strategic Plan, Fiscal Years 2020-2024
- Goal 3, Objective 3.1: Secure Federal Civilian Networks (Sub-Objective 3.1.3)
- Goal 3, Objective 3.2: Strengthen the Security and Resilience of Critical Infrastructure
- Goal 3, Objective 3.3: Assess and Counter Evolving Cybersecurity Risks
- Goal 5, Objective 5.2: Response During Incidents (Sub-Objectives 5.2.5 and 5.2.7)
DHS Quadrennial Homeland Security Review
- Mission 1, Goal 1.3: Reduce Risk to the Nation’s Critical Infrastructure, Key Leadership, and Events
- Mission 4, Goal 4.1: Strengthen the Security and Resilience of Critical Infrastructure
- Mission 4, Goal 4.4: Strengthen the Ecosystem
- Goal 1: Build trusted relationships with customers that support the delivery and adoption of mission-critical solutions
DHS S&T Strategic Goal Alignment
- Goal 2: Excel at a set of core offerings and capabilities that are aligned to customers’ mission needs
- Goal 3: Strengthen partnerships to advance homeland security priorities
- Goal 4: Create a unified and dynamic organizational infrastructure and culture
- CISA Mission: Protect the Nation’s critical infrastructure from physical and cyber-threats
- CSD: Leads efforts to protect the federal “.gov” domain of civilian government networks and to collaborate with the private sector—the “.com” domain—to increase the security of critical networks
- ECD: Supports and promotes communications used by emergency responders and government officials to keep America safe, secure, and resilient
- IOD: Integrates operations of CISA’s three primary organizations—ECD, CSD, and the Infrastructure Security Division (ISD)—to improve CISA’s ability to share cyber-threat data
NRMC: Ensures supply chain risk management is an integrated component of security and resilience planning for the nation’s infrastructure
DHS Component Mission
5G Infrastructure Security and Resiliency (5G-ISR)
ECD PSAP Cyber Security and Public Safety Identity, Credential, and Access Management (ICAM) Requirements
- Strategic Initiative 3: Partner with stakeholders to strengthen and secure existing infrastructure to support future 5G deployments
- Strategic Initiative 4: Encourage innovation in the 5G marketplace to foster trusted 5G vendors
CISA 5G Strategy—Ensuring the Security and Resilience of 5G Infrastructure in Our Nation, August 2020
- Line of Effort 2: Assess Risks to & Identify Core Security Principles of 5G Infrastructure
National Strategy to Secure 5G
- 5G and Post-5G Wireless Security and Resiliency
Networking & Information Technology Research & Development (NITRD) Federal Cybersecurity Research and Development Plan, December 2019
SRMNI R&D Project
The mission of the SRMNI project is to provide accurate, timely and useful 5G, mobile security, and emergency communications R&D solutions to support CISA’s mission. The DHS S&T SRMNI project will support CISA as it engages stakeholders to enable risk-informed decision-making (i.e., capability gaps, threat mitigations, operational and technical requirements, and investment prioritization) for 5G, mobile, and emergency communications security and resilience. In addition, the SRMNI project will use an interagency collaborative approach (e.g., Federal Mobility Group) to share information and coordinate and leverage other agencies’ investments in 5G, mobile security and emergency communications pilots, technology exploration, and initiatives. The SRMNI project also supports CISA’s 5G Strategy, which is aligned to the White House the National Strategy to Secure 5G.
The SRMNI project will be focused on identifying threats and vulnerabilities associated with 5G, gaps in existing mobile communication network protections, to include emergency communications and public-safety networks, and developing innovative technologies and approaches to mitigate the threats and enable decision-makers to more effectively deploy technologies. Specifically, the project is researching legacy and current telecommunications protocols (i.e., 4G Long-Term Evolution and below) protections and enabling security into 5G networks. It also is leveraging 5G to demonstrate solutions that meet government security needs, including secure voice and video capability for unclassified government communications. Last, the SRMNI project also supports improvements to government visibility and security of network traffic from mobile devices focusing on capability testing for Protective Domain Name System integration.
SRMNI’s R&D projects will inform and advance CISA’s mission/role as the nation’s 5G risk advisor through:
- Developing capabilities and approaches to mitigate vulnerabilities and improve resilience of communications network infrastructure—both 4G and 5G.
- Researching and prototyping innovative methods to address supply chain risk in the 5G ecosystem so an ecosystem of trusted 5G vendors is fostered.
- Prototyping technical capabilities and approaches and creating informational materials and best practice documents to enhance understanding of the current state of 5G security, capabilities, and standards so CISA can effectively promote security and resilience of 5G deployment to state, local, tribal and territorial (SLTT) government agencies.
- Researching and developing innovation solutions addressing management of enterprise mobile network traffic to ensure secure communications.
- Prototyping new capabilities to reduce risk to emergency communications systems (e.g., 911 and Next-Generation 911 systems [NG 911], Public Safety Answering Points [PSAP]) and enhance mobile authentication of public-safety government officials and support secure voice and data communications related to delivery of NCFs and NEFs.
Emergency Communications R&D Project Foci
Separately, but along similar lines, the Emergency Communications project is spearheading R&D to address three priority issues challenging the nation’s first responder community. These projects are focused on the following critical capability areas:
- Enhancing cybersecurity protections for Public Safety Answering Points/Emergency Communications Centers;
- Creating more effective and trusted Federated Identity, Credential, and Access Management capabilities for public safety community use
- Developing data interoperability standards for computer-aided dispatch systems to facilitate more efficient sharing of data and information across jurisdictional and responder boundaries
Like the SRMNI projects, these emergency communications-focused efforts are supporting CISA’s activities—specifically those of its Emergency Communications Division—to further development of operable and interoperable emergency communications for first responders.
- Automating National Information Assurance Partnership Requirements Testing for Mobile Apps Report
- DHS Study on Mobile Device Security
- Evaluating Mobile App Vetting Integration with Enterprise Mobility Management in the Enterprise
- Mobile App Security Study: Securing Mobile Applications for First Responders
- Secure and Resilient Mobile Network Infrastructure & Emergency Communications Program R&D Guidebook