Secure and confidential rule matching

From: Innovation, Science and Economic Development Canada

The Communications Security Establishment (CSE) is seeking a system that would evaluate the pattern matching signatures in insecure environments without revealing either the signatures themselves or the portions of the corpus matched by those signatures.

Challenge sponsor: Communications Security Establishment (CSE)

Funding mechanism: Contract

Opening date: January 27, 2020
Closing date: May 21, 2020, 14:00 Eastern Daylight Time

Please refer to the tender notice for this challenge on Buy and Sell.

Log in to view your submissions

 

Challenge

Problem statement

The security and intelligence (S&I) community have access to sensitive cyber-threat information that is not always publicly shareable. Often, this sensitive information will be classified (at least for a period of time) and will only be available on a need-to-know basis to individuals who possess the appropriate security clearances.

In the case of cyber-security, the classified information could describe the behaviours, methods and techniques used by actors whose identity is sensitive. It is possible for this information, or a portion thereof, to be encoded with enough precision to detect and monitor threat actors' presence in network traffic and system telemetry, and thereby identify them via their cyber modus-operandi. For this particular challenge, CSE is scoping the effort on detecting patterns of interest in network traffic by encoding signatures expressed using matching rules.

This challenge is to evaluate those rules in insecure environments without revealing either the signatures themselves or the network traffic matching those signatures.

Such a system would allow the provisioning of classified cyber-security signatures in appliances that could be deployed in unclassified networks such as government or national critical infrastructure networks.

Desired outcomes and considerations

Essential (mandatory) outcomes

Proposed solutions must:

  1. Have the capability of matching a collection of simple rules on a corpus of unencrypted text. 
  2. Have rules as simple character strings.
  3. Keep the rules confidential (encrypted) during the matching process.
  4. Keep it impossible to deduce the rules by analyzing the execution of the instructions of the matching system during run time.
  5. Keep the matching objects (objects that indicates which rule matched where in the corpus) confidential (encrypted). In other words, there is no way, for an unauthorized observer, to figure out what rule matched where in the corpus.
  6. Provide mechanisms to encrypt/decrypt the signatures and the corresponding "matching objects" with a key that will only be available to individuals with the appropriate security clearance.
  7. Provide a rule matching system that is running with integrity. The rules are matched without errors, exactly as the system would run without encryption.
  8. Fit in a reduced form factor equivalent to 4 unit spaces in a standard data center rack.

Additional Outcomes

Proposed solutions should: 

  1. Scale to support a higher number of signatures (target is 20 000).
  2. Allow for more complex rule specification. The objective is to be able to replicate the Suricata (open-source IDS) rule specification language.
  3. Increasingly demonstrate the ability to support more complex signatures. For example, string matching with wild-cards, simple multi-criteria Boolean rules and regular expressions.
  4. Be able to match signatures on unencrypted packetized network traffic (as opposed to a simple unencrypted text corpus).
  5. Have the performance, given the reduced form factor, to match 20 000 signatures at a rate of 1 Gbits/s of packetized network traffic.
  6. Have an algorithmic scalability relative to the number of strings, their length and the number of matches in the corpus has to match the complexity of the best multiple string matching algorithms that run without encryption. O(size_of_text + number_of_match_occurences_in_corpus).

Background and Context

CSE is aware of the state-of-the-art in the domain of cryptography, and especially homomorphic encryption. To our knowledge, no product exists that is able to perform an optimized multiple strings matching on a text corpus with the confidentiality and integrity properties described in this challenge.

In order to ensure all interested industry suppliers obtain common information, CSE will be hosting an online meeting by means of a video conference (WebEx meeting) on Friday February 21st 2020 from 1:00 p.m. to 3:00 p.m. (EST — Eastern Standard Time — UTC-5) to answer potential questions.

Note that interested industry suppliers must register to this video conference by sending an email to participate to TPSGC.SIC-ISC.PWGSC@tpsgc-pwgsc.gc.ca.

Industry suppliers have to provide full contact details (name, title, company, telephone and email address) by Close of business on Friday February 14th 2020 to register and to receive full video conference (WebEx meeting) details to join the online meeting. Attendance is limited to industry suppliers and media will not be permitted to attend.

IMPORTANT INFORMATION:

  1. In order for CSE to have sufficient time to prepare answers to questions received in both official languages and in time for the video conference; industry suppliers are to submit their questions regarding this CSE Challenge Notice solicitation to TPSGC.SIC-ISC.PWGSC@tpsgc-pwgsc.gc.ca no later than by Close of business on Friday February 14th 2020.
  2. ENQUIRIES - All enquiries must be submitted in writing to TPSGC.SIC-ISC.PWGSC@tpsgc-pwgsc.gc.ca no later than ten calendar days before the Challenge Notice closing date. Enquiries received after that time may not be answered.

Maximum contract value

Multiple contracts could result from this Challenge.

The maximum funding available for any Phase 1 contract resulting from this Challenge is $150,000.00 CAD excluding applicable taxes, shipping, travel and living expenses, as required, for up to 6 months (excluding submission of the final report).

Estimated number of Phase 1 contracts: 2

The maximum funding available for any Phase 2 contract resulting from this Challenge is $1,000,000.00 CAD excluding applicable taxes, shipping, travel and living expenses, as required, for up to 24 months (excluding submission of the final report). Only eligible businesses that have successfully completed Phase 1 will be considered for Phase 2.

Estimated number of Phase 2 contracts: 1

This disclosure is made in good faith and does not commit Canada to contract for the total approximate funding. Final decisions on the number of Phase 1 and Phase 2 awards will be made by Canada on the basis of factors such as evaluation results, departmental priorities and availability of funds.

Travel

The qualifying implementers will be invited to CSE headquarters to present their proof of concept at the end of phase 1. CSE headquarter is located at the following address:

1929 Ogilvie Rd.
Ottawa, On.
K1G 3Z4

Eligibility

Solution proposals can only be submitted by a small business that meets all of the following criteria:

  • for profit
  • incorporated in Canada (federally or provincially)
  • 499 or fewer full-time equivalent (FTE) employeesFootnote *
  • research and development activities that take place in Canada
  • 50% or more of its annual wages, salaries and fees are currently paid to employees and contractors who spend the majority of their time working in CanadaFootnote *
  • 50% or more of its FTE employees have Canada as their ordinary place of workFootnote *
  • 50% or more of its senior executives (Vice President and above) have Canada as their principal residenceFootnote *

Evaluation Criteria

The official source of the Evaluation Criteria for this challenge is the Government Electronic Tendering System (Buy and Sell) (https://buyandsell.gc.ca/procurement-data/tender-notice/PW-20-00899125)

In the event of a discrepancy between the information below and the information published on Buy and Sell, Buy and Sell will take precedence.

The Bidder must complete the Challenge Stream Electronic Submission Form with a degree of information sufficient to enable Canada’s assessment of the proposal against the criteria and the Evaluation Schema. The information must demonstrate how the proposal meets the criterion.

Part 1: Mandatory Criteria

Proposals must meet all mandatory criteria identified by achieving a “Pass” in order to proceed to Part 2. Proposals that do not meet all mandatory criteria will be deemed non-responsive and given no further consideration.

Mandatory Criteria

(Bidder's proposal must address)

Question 1 a: Scope

Describe the proposed solution and demonstrate how it responds to the challenge. Include in your description the scientific and technological basis upon which the solution is proposed and clearly demonstrate how the solution meets all of the Essential Outcomes (if identified) in the Desired Outcomes section in the Challenge Notice.

Evaluation Schema (Mandatory - Pass/Fail)

Pass

The Bidder's proposed solution is clearly articulated, within the scope for the challenge and addresses all Essential Outcomes (if identified) in the Challenge Notice.

Fail

The proposed solution is articulated as out of scope for the challenge.
OR
The proposal does not clearly demonstrate how the proposed solution addresses all Essential Outcomes listed in the challenge.
OR
The proposed solution is poorly described and does not permit concrete analysis.
OR
There is little to no scientific and/or technological evidence that the proposed solution is likely to meet the challenge.

Question 2: Current Technology Readiness Level (TRL)
  1. Indicate the current TRL of the proposed solution. (Drop Down Menu of the Challenge Stream Electronic Submission Form)
  2. Describe the research and development activities that have taken place to bring the proposed solution to the stated TRL.
Evaluation Schema (Mandatory - Pass/Fail)

Pass

The Bidder has demonstrated that the proposed solution is currently between TRLs 1 and 6 (inclusive), and provided justification by explaining the research and development (R&D) that has taken place to bring the solution to the stated TRL.

Fail

The Bidder has not provided sufficient evidence to demonstrate that the current TRL is between 1 to 6 (inclusive) including:

  1. There is insufficient/no evidence provided for TRL judgment.
  2. The solution involves the development of basic or fundamental research.
  3. The solution is demonstrated at TRL 7 or higher.
  4. Insufficient/unclear/no justification explaining the R&D that took place to bring the solution to the stated TRL.
  5. The explanation simply paraphrases the description of a given TRL level.
Question 3a: Innovation

Demonstrate how the proposed solution meets one or more of the ISC definitions of innovation below:

  1. An invention*, new technology or new process that is not currently available in the marketplace.
  2. Significant modifications to the application of existing technologies/components/processes that are applied in a setting or condition for which current applications are not possible or feasible.
  3. An improvement in functionality, cost or performance over an existing technology/process that is considered state-of-the-art or the current industry best practice.

* An "invention" is defined for the purposes of ISC as: "A manufacturing design or any other new and useful improvement that is new or novel, that is, not commonly known or not an obvious derivative of an existing way of doing things."

Evaluation Schema (Mandatory - Pass/Fail)

Pass

The Bidder has demonstrated that the proposed solution meets one or more of the ISC definitions of innovation.

Fail

The Bidder has not provided sufficient evidence to demonstrate that the current TRL is between 1 to 6 (inclusive) including:

  • Bidder has not provided sufficient evidence to demonstrate that the proposed solution meets any of the ISC definitions of innovation; OR
  • Bidder has demonstrated that the proposed solution is an incremental improvement, "good engineering", or a technology that would go ahead in the normal course of product development (i.e. the next version or release).
Question 3b: Advance on State of the Art

Describe in detail the competitive advantages and level of advancement over existing technologies. Where appropriate, name existing technologies as well as potential substitutes or competitors.

To demonstrate this, proposals should include the following information:

  • Improvements (minor or major) over existing technologies or substitutes. Use direct comparison.
  • How the proposed innovation will create competitive advantages in existing market niches or market spaces.
Evaluation Schema (Mandatory Criteria – Pass/Fail + Points)

0 points/Fail:

  • The Bidder has not demonstrated that the proposed solution advances the state-of-the-art over existing technologies, including available competing solutions; OR
  • The proposed solution improves minimally upon the current state of the art, though not sufficiently enough to create competitive advantages in existing market niches; OR
  • The stated advancements are described in general terms but are not substantiated with specific, measurable evidence.

5 points/Pass:

  • The Bidder has demonstrated that the proposed solution offers one or two minor improvements to existing technologies, including available competing solutions that have potential to create competitive advantages in existing market niches.

12 points/Pass

  • The Bidder has demonstrated that the proposed solution offers three or more minor improvements to existing technologies, including available competing solutions, that together are likely to create competitive advantages in existing market niches; OR
  • The Bidder has demonstrated that the proposed solution offers one significant improvement to existing technologies that is likely to create competitive advantages in existing market niches

20 points/Pass:

  • The Bidder has demonstrated that the proposed solution offers two or more significant improvements to existing technologies, including available competing solutions that are likely to create competitive advantages in existing market niches and could define new market spaces; OR
  • The Bidder has demonstrated that the proposed solution can be considered a new benchmark of state of the art that is clearly ahead of competitors and that is likely to define new market spaces

Part 2: Point-Rated Criteria

Proposals must meet the overall minimum pass mark of 50% to be deemed responsive. Proposals that do not achieve the minimum pass mark will be declared non-responsive and given no further consideration.

Point-Rated Criteria

(Bidder's proposal to address)

Question 1b: Scope

Demonstrate the scientific and technological basis of how the proposed solution addresses the Additional Outcomes (if identified) in the Desired Outcomes section in the Challenge Notice. If no Additional Outcomes are identified in the Challenge Notice, text entered in this section will not be considered.

If no Additional Outcomes are identified in the Challenge Notice, Bidders will receive 10 points.

Evaluation Schema (Point-Rated)
  1. Insufficient or no information provided to demonstrate that the solution will address any of the Additional Outcomes. 0 points
  2. Information provided clearly demonstrates that the solution will address some (<50%) of the Additional Outcomes. 3 points
  3. Information provided clearly demonstrates that the solution will address most (50% or more) of the Additional Outcomes. 6 points
  4. Information provided clearly demonstrates that the solution will address all (100%) of the Additional Outcomes. 10 points
Question 4: Phase 1 Science and Technology (S&T) Risks

Describe potential scientific and/or technological risks to the successful development of the proof of feasibility and how they will be mitigated in Phase 1.

Evaluation Schema (Point-Rated)
  1. Insufficient or no information provided to demonstrate that the Bidder has considered potential risks and mitigation strategies and/or information provided contains significant gaps. 0 points
  2. Information provided demonstrates that the Bidder has considered some potential risks and associated mitigation strategies but there are minor gaps in risks and/or associated mitigation strategies. 5 points
  3. Information provided clearly demonstrates that the Bidder has sufficiently considered the risks and defined associated mitigation strategies. 10 points
Question 5: Phase 1 Project Plan

Demonstrate a feasible Phase 1 project plan by completing the table.

  • Indicate if any milestones and activities will be completed concurrently
  • Indicate the estimated exit TRL at the completion of Phase 1. (Drop Down Menu of the Challenge Stream Electronic Submission Form)
Evaluation Schema (Point-Rated)
  1. Insufficient or no information provided to demonstrate a feasible project plan for Phase 1 and/or the project plan exceeds the maximum duration indicated in the Challenge Notice. 0 points
  2. Project plan for Phase 1 is conceivably feasible but not clearly demonstrated and/or includes gaps. 10 points
  3. Information provided clearly demonstrates a feasible project plan for Phase 1. 20 points
Question 6: Phase 1 Project Risks

Describe potential project risks to the successful development of the proof of feasibility and how they will be mitigated in Phase 1.

Bidders should address the following risks, as applicable:

  • Human Resources
  • Financial
  • Project Management
  • Intellectual Property
  • Other project-related risks

Note to Bidders: S&T risks should not be included in this section. Question 4 addresses S&T risks.

Evaluation Schema (Point-Rated)
  1. Insufficient or no information provided to demonstrate that the Bidder has considered potential risks and mitigation strategies and/or information provided contains significant gaps. 0 points
  2. Information provided demonstrates that the Bidder has considered some potential risks and associated mitigation strategies but there are minor gaps in risks and/or associated mitigation strategies. 5 points
  3. Information provided clearly demonstrates that the Bidder has sufficiently considered the risks and defined associated mitigation strategies. 10 points
Question 7: Phase 1 Implementation Team

Demonstrate how the project implementation team has the required management and technological skill sets and experience to deliver the project plan for Phase 1 by completing the table. A member of the implementation team can have more than one role.

Evaluation Schema (Point-Rated)
  1. Insufficient or no information provided to demonstrate that the project team has the required management and technological skill sets and experience to deliver the Phase 1 project plan. 0 points
  2. Information is provided but there are minor gaps in required management and/or technological skill sets and/or experience to deliver the Phase 1 project plan. 10 points
  3. Information provided clearly demonstrates that the project team has the required management and technological skill sets and experience to deliver the Phase 1 project plan. 20 points
Question 8: Inclusivity

If your business were to receive funding from Innovative Solutions Canada, describe what actions (e.g., recruitment strategy, internships, co-op placements, etc.) might be taken in Phase 1 to support the participation of under-represented groups (e.g., women, youth, persons with disabilities, Indigenous people, visible minorities) in the research and development of the proposed solution. Each Bidder in their response to this question must focus only on describing relevant programs, policies, or initiatives that it currently has in place or would put in place to support the R&D effort in Phase 1.

Note: Do not provide any personal information of individuals employed by your company or that of your subcontractors in the response.

Evaluation Schema (Point-Rated)
  1. No description and/or concrete examples of actions provided that would be taken to encourage greater participation of under-represented groups. 0 points
  2. A description and concrete examples of actions to encourage greater participation of under-represented groups provided. 5 points
Question 9: Phase 1 Financial Proposal

Demonstrate a realistic financial proposal for the Phase 1 project plan by completing the table.

Evaluation Schema (Point-Rated)
  1. Insufficient information provided and/or information provided significantly lack credibility. Does not demonstrate a realistic financial proposal for the Phase 1 project plan. 0 points
  2. Information is provided but some costs lack credibility and/or are unclear for the Phase 1 project plan. 7.5 points
  3. Information provided contains credible elements to clearly demonstrate a realistic financial proposal for the Phase 1 project plan. 15 points
Question 10: Phase 1 Financial Controls, Tracking and Oversight

Describe the financial controls, tracking and oversight that will be used to manage the public funds throughout Phase 1. Bidders should indicate if an individual or firm will be managing the public funds and provide their credentials and/or relevant experience.

Evaluation Schema (Point-Rated)
  1. Insufficient or no information provided to demonstrate the Bidder's ability to manage public funds in Phase 1. 0 points
  2. Information provided is vague and/or contains gaps. The Bidder has some controls, tracking and/or oversight in place to manage the public funds in Phase 1. 5 points
  3. Information provided clearly demonstrates that the Bidder has strong financial controls, tracking and oversight to manage public funds in Phase 1. 10 points
Question 11: Phase 2 Overview

Demonstrate a realistic overview for the prototype development plan if selected to participate in Phase 2.

Responses should include:

  • key tasks
  • estimated cost for materials
  • human resources
  • project risks and mitigation strategies

Note: A more detailed proposal will be requested if selected to participate in Phase 2.

Evaluation Schema (Point-Rated)
  1. Insufficient or no information provided to demonstrate that the Bidder has contemplated a realistic overview for the Phase 2 prototype development. 0 points
  2. Information provided demonstrates a conceivably realistic overview for Phase 2 prototype development, however there are gaps and/or the strategy is vague. 6 points
  3. Information provided demonstrates that the Bidder has a clear and realistic overview. 12 points
Question 12: Commercialization Approach

Demonstrate a realistic overall commercialization approach/business model that can successfully take the technology/service to market, and how the technology/service will help you develop and sell other products.

Responses should include:

  • Target markets (excluding Government of Canada)
  • Non-ISC funding sources
  • Transition to a commercially-ready product or service
  • Any other indicators of commercial potential and commercial feasibility

Note: A more detailed proposal will be requested if selected to participate in Phase 2 or the Testing Stream.

Evaluation Schema (Point-Rated)
  1. Insufficient or no information provided to demonstrate that the proposed solution has commercial potential. 0 points
  2. Some information provided to demonstrate that the proposed solution has commercial potential, however there are gaps in the commercialization approach. 6 points
  3. A realistic commercialization approach is provided that demonstrates that the proposed solution has commercial potential. 12 points
Question 13: Resulting Benefits to Canada

Describe the benefits that could result from the commercialization of the proposed solution. Bidders should consider the potential benefits using the following three categories and provide justification for each claim:

  1. Innovation Benefits: Expected contribution towards the enhancement or development of new industrial or technological innovations within your firm. Responses could include: potential spillover benefits, creation of intellectual property, impact on productivity of the new technology, etc.
  2. Economic Benefits: Forecasted impact on the growth of Canadian firms, clusters and supply chains, as well as its expected benefits for Canada's workforce. Responses could include: number of jobs created, number of high-paying jobs, investment in Canada's economy, etc.
  3. Public Benefits: Expected contribution to the broader public to the degree that the solution is expected to generate social, environmental, health, security or other benefits to Canada. Responses could include: solution-related environmental benefits, solution-related accessibility benefits, and solution-related impact on Indigenous communities.
Evaluation Schema (Point-Rated)
  1. Innovation Benefits
    Benefit not identified or insufficient claim of benefit. 0 points
    Benefit has marginal increment or limited justification. 1 point
    Benefit is significant and well justified. 2 points
  2. Economic Benefits
    Benefit not identified or insufficient claim of benefit. 0 points
    Benefit has marginal increment or limited justification. 1 point
    Benefit is significant and well justified. 2 points
  3. Public Benefits
    Benefit not identified or insufficient claim of benefit. 0 points
    Benefit has marginal increment or limited justification. 1 point
    Benefit is significant and well justified. 2 points

Questions and answers

Please refer to the tender notice for this challenge on Buy and Sell.

All incoming questions regarding this specific challenge should be addressed to SIC-ISC@pwgsc.gc.ca

You can also consult the Frequently asked questions about the Innovative Solutions Canada Program.

A glossary is also available.

 Report a problem
Date modified: