Attollo Enables CONFIRM PROJECT with DoD COTS UAS Ban Waiver

On May 14th, 2018, the Department of Defense banned the purchase and use of all commercial-over-the-shelf (COTS) unmanned aerial systems (UAS) while on DoD owned property. Senator Chris Murphy cited security risks from foreign-made drones prompting an investigation by the DoD Inspector General. The IG found that the DoD had not implemented an adequate process to assess cyber-security risks associated with using COTS unmanned systems.

Attollo works directly with DoD installation partners to support Small UAS integration to enhance the capability and efficiency of DoD land management and the “COTS Ban” presented a significant challenge to the approach of this project.

With the backing of Marine Corps Installation Camp Lejeune, Attollo submitted a request for exemption to the DoD CIO and USD (A&S) which address the two primary concerns of the COTS ban: adequately assessing and mitigating the cyber security risk of COTS drones.  To address assessment of cyber risks Attollo developed a Risk Management Framework (RMF) for the aircraft to be utilized for the Coastal and Fire Management (CONFRIM) project. This RMF dictates the mitigations or controls to limit impact and likelihood of cyber threats and is designed to be continuously monitored for effectiveness and to capture changes to the system and environment in which it is used.

On Friday, 21 September 2018, this framework was signed and accepted by USD (A&S) and Attollo/Duke University will be able to capture critical data regarding the response and recovery of Camp Lejeune training areas after the severe impacts of Hurricane Florence.

As a small business comprised of military veterans, we take pride in providing solutions that are rooted in past experiences with these same challenges and look forward to assisting Camp Lejeune installations in their recovery efforts from the storm.