DoW is seeking proposals for innovative technologies that will lead to the improved cybersecurity of Facility Related Control Systems (FRCS) and the critical infrastructure they support. This solicitation targets specific, ongoing gaps in the cybersecurity posture of these essential systems. The objective is to develop and demonstrate novel solutions that enhance connectivity, improve threat detection, and empower personnel to defend against cyberattacks with the ultimate goal of improving mission resilience. 

Of particular interest are solutions that: 

• Are verifiably at Technology Readiness Levels (TRL) between 5 and 7 or Adoption Readiness Levels (ARL) between 5 and 7 (energy.gov/ARL).
• Have high potential to improve the cyber resilience of military installations.  

Proposers must address one of the following areas: 

• Critical FRCS often remain isolated from enterprise security stacks due to the high cost of fiber connectivity. This isolation prevents continuous monitoring and protection, leaving them vulnerable. The desired solution will be cost-effective, secure, and reliable alternative connectivity solutions that do not depend on external parties. The ideal solution will:
  • Provide at least 1 Gbps data throughput
  • Have a total cost of ownership below that of installing fiber, especially in the range of 1-50 miles
  • Enable information security comparable to fiber
  • Allow for utilization of quantum resistant encryption (if encryption is part of the security stack)
• Current honeypot technologies are often low-fidelity and easily identified by sophisticated threat actors. Once a honeypot is detected, adversaries abandon their efforts, preventing defenders from gathering critical intelligence on their tactics, techniques, and procedures (TTPs). The desired solution will be a realistic honeypot environment that can successfully deceive advanced adversaries. The next generation honeypot must:
  • Be able to learn the behaviors of a live network
  • Mimic the behaviors of the live network
  • Provide telemetry/logging to allow for detailed observation of adversary actions
• Cyberattacks occur at machine speed, far outpacing the ability of human analysts to manually triage alerts and isolate compromised systems. The desired solution will be the development and training of AI-driven "Agentic" systems for defensive cyber operations. Proposed solutions must:
  • Automatically analyze and triage Indicators of Compromise (IoCs)
  • Execute device isolation protocols to contain threats in realtime
  • Include a plan for demonstrating the safety and reliability of these agents in a controlled, isolated laboratory environment that is representative of live operational systems 

Proposals that will not be considered responsive are solutions that: 

• Are already broadly deployed across the DoW enterprise.
• Require access to large volumes of high-quality DoW data.
• Require significant modifications to existing FRCS or their supporting infrastructure.
• Solve a need for a particular installation but are not broadly applicable across the DoW enterprise.

These technologies are expected to improve the cyber resilience of military installation control systems and reduce the risk of system disruptions from unintended access within the system. This effort will demonstrably reduce the risk of a cyberattack that could disrupt or degrade energy and water systems that support military missions. 

ESTCP’s Installation Energy and Water (EW) program area supports the demonstration and deployment of innovative technologies that enhance energy security, improve water efficiency, and strengthen mission resilience across DoW installations. This program prioritizes cost-effective, scalable, and cyber-secure solutions that reduce operational costs while ensuring the reliability of energy and water systems critical to national defense. 

Most advanced technologies that promise to improve resilience of energy and water systems require a network connection to fully realize their potential. These network connections introduce risks of cyber-physical disruption; therefore, in order to successfully demonstrate and transition innovative energy and water technologies across the Department, ESTCP must find solutions to ensure the technologies remain cybersecure and maintain the security of networks upon which they rely. 

Proposers should be aware of the relevant UFCs, 4-010-06 Cybersecurity of Facility-Related Control Systems (ufc-4-010-06), and 3-550-04, Resilient Installation Microgrid Design (ufc-3-550-04). The proposed demonstrations are not required to comply with these UFCs. 

Keith Welch 

Program Manager for Installation Energy & Water (EW) 

Environmental Security Technology Certification Program (ESTCP) 

E-mail: keith.a.welch3.civ@mail.mil