Tactical Data In Use Security

02/27/2025: Updated RFI Response Due Date to 19 March 2025.

See RFI Tactical Data in Use Security 20 Feb 2025 version in the attachments. Changes are highlighted in red.

__________________________________________________________

Request for Information (RFI) forTactical Data in Use Security

Sources Sought Notice: Tactical Data in Use Security (DUCES)

DISCLAIMER:

THIS IS NOT A SOLICITATION: No award will be made as a result of this request. This RFI is for informational and planning purposes only; this is not an Invitation for Bid, a Request for Proposal, or a Request for Quotation. No solicitation document exists, and a formal solicitation will not be issued by the Government after receiving responses to this RFI. The Government will not be liable for payment of any costs incurred in response to this RFI and is under no obligation to act in any way on the information received. No costs incurred by interested companies in response to this announcement will be reimbursed. The information provided may be used by the Army in developing a future acquisition strategy, Performance Work Statement, Statement of Objectives, and/or Performance Based Specification(s). Interested parties are responsible for adequately marking proprietary or competition-sensitive information contained in their response.

PURPOSE:

The U.S. Army Combat Capabilities Development Command (DEVCOM), Command, Control, Communications, Computers, Cyber, Intelligence, Surveillance and Reconnaissance (C5ISR) Center is surveying the market to locate/identify interested Business Concerns. For this RFI, the U.S. Army C5ISR Center, Engineering & Systems Integration (ESI) Directorate is interested in receiving information from companies that have solutions to integrate concepts of the Department of Defense’s (DoD’s) Zero Trust (ZT) capabilities, which are focused on the Data Pillar of the DoD ZT model (specifically on incorporation of data protection into tactical network architectures). The solutions should integrate seamlessly into our existing infrastructure while providing enhanced security for data in use protections against potential threats and vulnerabilities, and need to operate within a denied, degraded, intermittent, or limited (DDIL) contested communications, logistics, and information environment. This constrained, highly dynamic, and adversarial-susceptible tactical environment will be a challenge to implement ZT solutions that meet mission needs.

BACKGROUND:

Traditional network security models, which provide entities with implicit trust once inside the perimeter, are increasingly inadequate given the sophisticated nature of modern cyber threats. To address these challenges, ZT as a concept has gained prominence. ZT operates on the principle of “never trust, always verify,” emphasizing continuous risk assessment and real-time monitoring to ensure access to network resources is based on up-to-date information, and that trustworthiness is continually reevaluated.

Our goal is to identify cutting-edge technologies that can offer robust security measures for data in use protections. This includes, but is not limited to, leveraging advancements in encryption, anomaly detection, and secure communication protocols to protect against both current and emerging threats.

INFORMATION REQUESTED: Interested parties with the ability to prototype and demonstrate integration of Zero Trust principles into tactical network architectures should submit a response to the RFI not to exceed 15 pages in length. At a minimum, the response to the RFI should address one or more of the following areas:

1. Capability to offer data-in-use protection mechanisms for the most critical data.


2. Can you demonstrate your PET Technology? Additionally, how would you describe or categorize its performance?


3. In addition to the technical response to this RFI, please include a (estimated) Technology Readiness Level and pertinent information related to the risks to realization and/or maturation from a cost, schedule, and technical approach, including rationale.

Responses to this RFI are to be unclassified or CUI and received no later than 30 days after date of release. All responses to this RFI will be submitted via DoD SAFE. Please reach out to the technical POC at usarmy.apg.devcom-c5isr.mbx.esi-bus-ops-acq-rfi@army.mil in order to request the DoD Drop off Link when ready to submit your response to RFI. Your response to RFI submission should include a Cover Page (excluded from page count) that includes:

Note: All correspondence including the Request for the Reference Design Document and Whitepaper shall have correct CUI markings in accordance with DoDI5200.48 – Controlled Unclassified Information (CUI).

1. Point of contact information to include: company name, contact name, and company address.


2. CAGE Code and DUNS Number.