Belleau Labs
Back to contracts

Zero Trust for Machines from Shop Floor to Cloud and Back Again

AFWERX · AFWERX TACFI · AFWERX

AI-Readiness Score
14/25
Pathway Speed
4/5
Timeline Realism
3/5
Problem Framing
3/5
AI / ML Fit
1/5
Award + Transition
3/5

Award

$1,898,747
Award ceiling
CORSHA, INC
Awardee
Posted June 20, 2024

Description

Corsha's Identity Provider for Machines is a highly innovative solution for Machine and API Identity, Credential and AccessManagement (ICAM) that provides next-generation authentication security, connection visibility, and control of APIs and otherM2M protocols. Our system provides the first and only dynamic, automated dynamic identity provider (IdP) for machines.Corsha is designed to be dual-use and implemented principally as a security platform for the public sector and regulatedcommercial industries such as financial and banking services, health care providers, and utilities, as well as companies withSaaS and automated manufacturing enterprises.With this TACFI effort, Corsha will leverage recent Series A private funding to advance it’s dual-use Identity Provider forMachines and will adapt and extend Corsha’s platform for the AFSC mission needs to securely and efficiently connect OT andIT systems across network boundaries. The key goals for Corsha’s Identity Provider for Machines will be to scale and deploythe platform in different settings across multiple Air Logistics Complexes as well as integrate seamlessly with existingtechnologies and programs such as ATHENA and the AFSC Zero Trust Data Fabric.In addition, through the successes and knowledge that Corsha has acquired in its engagement with AFSC, its end-users,leadership, and cybersecurity teams, Corsha has been asked to help develop a cybersecurity blueprint to help AFSC introduceand adopt digitization and new technologies across the shop floor. AFSC end users are consistently finding it difficult to obtainInterim-Authority-To-Test (IATT)’s and Authority-to-Operate (ATO) accreditations for new technologies to demonstrate thatthey adhere to the necessary high cybersecurity standards to operate on Air Force networks. Corsha has been very successfulto date in obtaining IATT’s and ATO’s for this platform and AF Customers have requested Corsha to work closely with the AFSCAODR and security ISSMs to help develop a blueprint for vendors as well as a reference architecture for secure connectivity andoperation in OT settings.

Score Rationale

TACFI is a legitimate fast-track OT instrument and the award ceiling (~$1.9M) with an identified production deployment across multiple Air Logistics Complexes earns mid-range transition credit, but the problem is fundamentally a cybersecurity/identity infrastructure play — machine ICAM, ATO/IATT process consulting, and Zero Trust integration — with no meaningful AI or ML component despite the 'AI-readiness' lens. The lowest score goes to AI/ML fit because this is plainly a PKI/credential management and compliance architecture effort; 'AI' is not mentioned and the core work is network security plumbing and bureaucratic blueprint development, not perception, language, or anomaly detection. Problem framing is moderate: end-users and integration targets (ATHENA, Zero Trust Data Fabric) are named, but a significant portion of scope drifts into ATO consulting work that dilutes technical focus.

Source

View original posting
Back to all contracts