DLA26BZ02-NV007 — STRIKE AI - AI-Enabled Mission Planning for Defense of Operational Technology Critical Infrastructure

Award Maximum: $100,000 Period of Performance: 12 months Phase Type: Phase I

OBJECTIVE: U.S. critical infrastructure—including power grids, water treatment facilities, and transportation networks—is increasingly targeted by sophisticated adversaries using coordinated cyber and physical attacks. The Operational Technology (OT) and Industrial Control Systems (ICS) governing this infrastructure present a complex, vulnerable attack surface. The current process for planning and executing defensive and responsive actions is often manual, stove-piped between different agencies and asset owners, and too slow to counter machine-speed threats. There is a critical need to automate and accelerate the planning and coordination of defensive and offensive effects to protect national critical infrastructure.

DESCRIPTION: DoW, in partnership with homeland security stakeholders, seeks SBIR project opportunities for STRIKE AI, an AI-enabled mission planning system designed to automate the planning and synchronization of effects to defend Operational Technology (OT) infrastructure. This system will function as a rapid response planning tool, ingesting high-level commander's intent (e.g., "Ensure integrity of the regional power grid") and rapidly generating executable, deconflicted response plans for both cyber and physical assets.

The proposed solution is a holistic, AI-driven planning engine that can reason across multiple domains (cyber, physical, intelligence) and orchestrate complex response operations at machine speed. Specific areas of interest for this framework include:

• Commander's Intent Interpretation: Processing high-level defensive objectives and translating them into specific tasks for cyber protection teams, law enforcement, and military response units.

• Modeling OT Environments and Assets: Maintaining a comprehensive model of friendly defensive assets (e.g., CISA incident response teams, National Guard cyber units, physical security teams) and a detailed model of the targeted OT environment, including its specific controllers (PLCs, RTUs), network topology, and known vulnerabilities.

• Threat Analysis: Ingesting intelligence data from multiple sources to model adversary tactics, techniques, and procedures (TTPs) against critical infrastructure.

• Automated Response Plan Generation: Utilizing advanced algorithms to generate, deconflict, and sequence defensive actions (e.g., network segmentation, honeypot deployment) and offensive responses (e.g., counter-cyber operations, interdiction of physical threats) to neutralize threats while minimizing collateral damage and service disruption.

• Human-on-the-Loop Oversight: Presenting generated response plans in an intuitive format for human commanders (e.g., at USNORTHCOM, CISA) to review, modify, and approve before execution.

PHASE I: Not to exceed a duration of 12 months and cost of $100,000.

Phase I will demonstrate the feasibility of the STRIKE AI concept by developing a proof-of-concept prototype capable of generating a simple, integrated defensive plan for an OT scenario. Key activities will include: designing the system architecture and data models for OT assets and threats; developing a foundational planning engine for basic task allocation; creating a mock-up scenario involving a notional critical infrastructure target (e.g., a municipal water utility) under a simulated multi-pronged attack; and demonstrating the prototype's ability to automatically generate a deconflicted response plan coordinating cyber and physical defensive actions. A final report on feasibility and a detailed Phase II plan will be delivered.

PHASE II: Not to exceed a duration of 24 months and cost of $1,000,000.

Depending on Phase I results, Phase II will consist of developing a more robust prototype capable of planning for more complex, large-scale scenarios (e.g., a regional power grid). This will involve expanding the planning engine to ingest real-time threat intelligence and asset status feeds. The prototype will be enhanced to model cascading effects across interconnected infrastructure sectors. The effort will focus on creating a high-fidelity user interface and testing the system's ability to rapidly re-plan in response to dynamic threat activity. A key goal will be demonstrating the prototype in a relevant environment, such as a joint exercise with CISA and USNORTHCOM.

PHASE III DUAL USE APPLICATIONS: The STRIKE AI system has significant dual-use potential for protecting national security interests. The mature system would be transitioned for operational use by DoW entities responsible for homeland defense (e.g., USNORTHCOM) and civilian partners like the Department of Homeland Security's CISA. The platform would provide a critical capability for national-level incident response, enabling rapid, coordinated protection of the nation's most vital assets. The modular architecture would allow for continuous integration of new defensive tools and intelligence sources, ensuring the system remains effective against evolving threats to U.S. critical infrastructure.