Communications Security R&D

Abstract

The Information Systems Security Program (ISSP) Research Development Test & Evaluation (RDT&E) efforts extend our cybersecurity and resiliency, provide Defensive Cyberspace Operations (DCO), and cross domain solutions to protect data, Department of Defense (DoD) Information Networks (DoDIN), net-centric operations, the forward deployed, and other designated systems in order to protect cyberspace and critical warfighting capabilities. This project includes a rapidly evolving development, design and application integration effort to modernize cryptographic equipment and ancillaries with state-of-the-art replacements to counter evolving and increasingly sophisticated threats. Communications Security (COMSEC) and Transmission Security (TRANSEC) are evolving from stand-alone, dedicated devices to embedded modules incorporating National Security Agency (NSA) approved cryptographic engines, loaded with the certified algorithms and keys, and interconnected via industry-defined interfaces. This includes the DoDIN capability requirements document for the development of Content Based Encryption (CBE). Computer Network Defense (CND): The CND program provides cyberspace capabilities to secure the Cyber Domain. CND is a combination of hardware, software, sets of processes and protective measures that use computer networks to detect, monitor, protect, analyze and defend against network infiltrations resulting in service/network denial, degradation and disruptions. CND enables a government or military institute/organization to defend against network attacks perpetrated by malicious or adversarial computer systems or networks. Navy Cryptography (Crypto): Navy Crypto modernizes legacy cryptographic equipment which includes families of COMSEC and TRANSEC devices that are divided into crypto voice, crypto data, crypto products and associated ancillary devices. These devices provide modern cryptographic solutions to replace obsolete, legacy devices within the crypto categories in order to meet mandated National Security Agency (NSA) cease key dates for modernized encryption. Advanced Cryptographic Capabilities (ACC) will provide NSA mandated cryptographic security software modernization of various communications security devices by cease key dates (details held at a higher classification). Key Management (KM): KM monitors and tracks capability verification testing, designs and tests capabilities to provide a net-centric web based architecture, for the ordering, management, and distribution of all cryptographic key material to support Navy users. Public Key Infrastructure (PKI): The DoD PKI program, under the authority of the Under Secretary of Defense (USD) for Acquisition & Sustainment (USD(A&S)) develops and tests PKI equipment and is responsible for meeting statutory and regulatory requirements for the DoD PKI program. The Navy PKI program tests and implements products for afloat networks and ashore non-Navy Marine Corps Intranet (NMCI) networks and institutionalizes DoD PKI Increment 2 capabilities so that person and non-person entities can securely access all authorized DoD resources. SHARKCAGE: SHARKCAGE is the U.S. Navy's Defensive Cyberspace Operations (DCO) analysis enclave and means to achieve cyberspace detection-in-depth for maritime forces afloat and ashore. SHARKCAGE is the mechanism by which units, groups, and fleets will gain an attack sensing and warning (AS&W) capability and how Commander, Task Force 1020/Navy Cyber Defense Operations Command (NCDOC) will achieve unity of effort and economy of force across the Navy's DCO forces. SHARKCAGE is a Navy-specific platform to complement where existing and future theater, joint, and national capabilities are insufficient for detection of adversary activities onboard maritime warfighting platforms that are located at the tactical-edge and distributed across the globe. Navy Cyber Situational Awareness (NCSA): NCSA is a command and control infrastructure that provides Navy commanders with timely, trusted, and comprehensive Situational Awareness (SA) of the cyberspace domain to include tailored, near real-time visualization of network health, vulnerabilities, and operational readiness through the correlation of data from multiple sources. NCSA combines asset data, baseline configuration data, and real-time threat data which is critical for defending a fully-interconnected network infrastructure. NCSA enables early threat detection and timely decision making. The NCSA software suite includes the Navy Commander's Cyber Dashboard (NCCD), a single view into the platform's cyber readiness, providing better visibility into Information Warfare readiness trends and drivers, as well as current cyber risk to mission; this view is provided by the Readiness Analytics and Visualization Environment (RAVEN) capability. RAVEN is a visualization capability that ingests a variety of readiness and cybersecurity inputs to create visual dashboards. NCSA implements hybrid cloud based modernized Navy Big Data Platform (BDP) instances, including pre-production development and operational instances, that enable data sharing between Navy DCO data and analytics fabric and joint DCO and cyber situational awareness systems as described in the Joint Cyber Warfighting Architecture (JCWA). FY25 will focus on efforts that address the risk management of cyberspace, which provides capabilities to identify, protect, detect, restore and respond. The ISSP provides the Navy with the following cybersecurity elements: (1) defense of National Security Systems (NSS), including other mission requirements (details held at a higher classification), naval weapons systems, critical naval infrastructure for Command, Control, Communications, Computers, & Intelligence (C4I) afloat and ashore networks, joint time and navigation systems, and industrial control systems, using modern cryptographic solutions and cyber security tools; (2) technologies supporting the Navy's Computer Network Defense (CND) service provider that will help the Navy's ability to prevent, constrain, and mitigate cyber-attacks and critical vulnerabilities; (3) Navy Cyber Situational Awareness (NCSA) technologies that provide the operational context for cyber threat intelligence and Situational Awareness (SA), from external boundaries to tactical edge infrastructures; (4) assurance of the Navy's Crypto telecommunications infrastructure and the wireless spectrum; (5) sensing cyber threats across all Navy ashore and afloat networks to expand the capabilities of monitoring, assessing, and detecting adversary activities across multiple enclaves through the collection of tools in SHARKCAGE; (6) assurance of joint-user cyberspace domains, using a Defense-In-Depth (DiD) security architecture and its alignment with the Joint Information Environment (JIE)/Joint Regional Security Stack (JRSS), the Integrated Navy Operations Command and Control System (INOCCS), and Zero Trust Architecture (ZTA) concepts; (7) assurance technologies, including Key Management (KM) and Public Key Infrastructure (PKI).

Open PDF

Document Details

Document Type
Project
Publication Date
Oct 01, 2025
Source ID
0734_0303140N_7_1319_PB_2025

Tags

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.

Technology Areas

  • Cyber
  • Fully Networked C3
  • Fully Networked C3 - Command and Control

Related Documents