San Diego, Calif. – June 24, 2024 – ObjectSecurity, a leader in solving complex, evolving defense and industrial cybersecurity and supply chain risk challenges, today announced that it has been awarded a contract [1] for a Small Business Innovation Research (SBIR) grant from the National Institute of Standards and Technology (NIST) [2].

The project entitled “Operational Technology Artificial Intelligence — NIST Compliance Tool (OTAI-NCT)” is “a new tool that streamlines and automates cybersecurity analysis and maps vulnerabilities directly to NIST standards, making it easier for industry to address risks without modifying physical devices.” [1] OTAI-NCT is designed to enhance the resilience of critical infrastructure by addressing significant security gaps in Operational Technology (OT) and Industrial Control Systems (ICS).

Drawing on the NIST OT Security Project and Risk Management Framework (RMF), the project aims to simplify vulnerability analysis through automated binary code scans from industrial asset owners, device manufacturers, and other contributors. The platform seeks to enable the OT/ICS cybersecurity community—including facility managers, red teams, and compliance providers—to integrate their existing tools and align scan results with NIST controls automatically. OTAI-NCT strives to automate the determination of NIST controls from cybersecurity analyses, facilitate consensus and historical analysis, and improve control mappings and patch assessments. It aims to provide intelligent risk mitigation suggestions and foster collaboration within the OT/ICS community by allowing for automatic detection, sharing, and analysis of cybersecurity compliance issues, prioritizing actions based on risk to ensure national security and public safety.

“This SBIR grant award is an important milestone for ObjectSecurity and underscores the strength of our science innovation that underwent rigorous peer review. It allows us to prioritize research efforts into needed features for the Government and commercial sectors,” said Ulrich Lang, CEO of ObjectSecurity. “SBIR contracts allow us to research and develop advanced concepts that feed into rapid product development, enabling us to commercialize next-generation innovative products that will bring tremendous value to our customers across the Government and all industries. The OTAI-NCT project will directly contribute to our ObjectSecurity OT.AI™ Platform (TRL9 product), which has received financial support from the Navy, DARPA, Army, DTRA, and others.”

ObjectSecurity OT.AI™ Platform is a binary vulnerability analysis product for embedded systems, which includes ECUs. Most of our solutions leverage state-of-the art approaches such as dynamic analysis, microexecution, rehosting, simulation, Artificial Intelligence and Machine Learning (AI/ML) and more. We are committed to leading this initiative with DARPA to protect COTS devices from adversaries by delivering advanced next-generation security technology solutions.” [3]

“The Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) programs are highly competitive programs that encourage domestic small businesses to engage in Federal Research/Research and Development (R/R&D) with the potential for commercialization. Through a competitive awards-based program, SBIR and STTR enable small businesses to explore their technological potential and provide the incentive to profit from its commercialization. By including qualified small businesses in the nation’s R&D arena, high-tech innovation is stimulated, and the United States gains entrepreneurial spirit as it meets its specific research and development needs.” [4]

About ObjectSecurity

ObjectSecurity LLC is a leader in solving complex, evolving defense and industrial cybersecurity and supply chain risk challenges that threaten national security and production downtime. Our novel research and development are applied to commercial solutions proactively addressing the core source of cyber vulnerabilities and risk – software code and data. Our holistic, proactive approach prevents cyber attacks and disruptive production downtime across industries that support global citizen communities, including military defense, municipal smart cities, public and private transportation, energy, wastewater treatment, power utilities, manufacturing, and the life sciences. For more than 20 years, ObjectSecurity has been delivering cybersecurity and supply chain risk management solutions, including to U.S. defense and federal government agencies. These advanced technologies are now commercially available for government and private sector use. ObjectSecurity is privately-held with headquarters in San Diego, CA, with global representation. [5]

More Information

  1. NIST Awards Over $1.2 Million to Small Businesses to Advance Cybersecurity, Biopharmaceuticals, Semiconductors and More,
  2. NIST SBIR Program,
  3. ObjectSecurity OT.AI Platform
  4. The SBIR and STR Programs:
  5. ObjectSecurity

Media Contact

  • Dan Mathews
  • 1 650 515 3391 (office)
  • Contact

“This work is performed under the following financial assistance award 70NANB24H070 from U.S. Department of Commerce, National Institute of Standards and Technology.”

ObjectSecurity OT.AI Platform automates binary reverse engineering and vulnerability analysis. Click here if you are interested to learn more: