The Cybersecurity and Infrastructure Security Agency is asking researchers and entrepreneurs for information on developing a ubiquitous and robust 5G/IoT Situational Awareness System (5i SAS) that both enhances situational awareness of current platforms and identifies potentially dangerous 5G components and internet-of-things devices.
Without a way to distinguish normal 5G and IoT conditions from suspicious environments, exploits on personnel or systems could go undetected and cyberattacks would be untraceable, making the development of a 5i SAS capability essential, according to a June 24 request for information.
Modified 5G smartphones, for example, could serve as 5i SAS devices because they are common in populated areas and already outfitted with a variety of sensors that could detect anomalous activity, such as irregular heartbeats, gunshots or explosions, extreme heat or changes in acceleration. 5G-enabled devices could also be enlisted to detect suspicious electromagnetic activity in secure facilities, jamming or interference on 5G or IoT channels, unexplained device downgrades from 5G to 3G, sudden radio frequency energy spikes that can harm personnel as well as rogue networks, the RFI explained.
As the introduction of 5G will enable billions of devices connected to the network with direct communication to one another, a 5i SAS becomes especially important.
In support of CISA, the Department of Homeland Security’s Small Business Innovation Program outlined features it envisions in a 5i SAS mobile device:
- Secure containers running on a mobile operating system with enough memory and computational power to perform 5i SAS functions without significantly impacting the normal device functions.
- Capabilities that enable a mobile device to have several different functions, such as a 5i SAS sensor, an UNCLASS smartphone with defenses against compromised microphones and cameras, and a similar controlled unclassified information-use smartphone with secure voice and text apps.
- Separate 5i SAS virtual containers that operate autonomously, are centrally managed and whose data is sent to a cloud-based data analysis engine to determine if safety or security is potentially at risk.
Although the request for the technology has been made on behalf of CISA, other federal and state, local, tribal and territorial governments may need to use it.
If enough of 5i SAS devices are issued, they could not only detect unhealthy/insecure situations, they could also triangulate the physical location of suspicious IoT and 5G devices, or jamming sources or anomalous network behavior, the RFI said.
White papers are due July 30.