Skip to main content

Direct to Phase II SBIR - Cybersecurity of Operational Technologies

Quantum Resistant Cybersecurity for ICS-SCADA, IoT, Military IoT, and Medical IoT

E
Written by Eric Adolphe
Updated over 2 weeks ago

January 01, 2024

Air Traffic Control - 1C1X1 > Air Force > Fact Sheet Display

Executive Overview

The convergence of Operational Technology (OT) and Information Technology (IT) has transformed critical infrastructure and defense systems—but it has also dramatically expanded the attack surface. U.S. military installations, utilities, and industrial control environments are under escalating threat from advanced nation-state actors, ransomware affiliates, and quantum-enabled cyber operations. Iranian-affiliated groups, for instance, have repeatedly targeted U.S. water systems, energy grids, and industrial networks, exploiting unpatched PLCs, default passwords, and remotely accessible HMIs.

In parallel, the arrival of Cryptanalytically Relevant Quantum Computers (CRQCs) within the decade threatens to obsolete RSA and ECC encryption schemes that secure most ICS/SCADA environments today. A global “Harvest Now, Decrypt Later” (HNDL) campaign is already underway, aimed at collecting encrypted data for future exploitation.

The U.S. Air Force (USAF) and Department of the Navy (DON) have both issued strategic guidance calling for Zero Trust architecture, ICS/SCADA hardening, and quantum-resistant communications as immediate cybersecurity priorities. Forward Edge-AI’s Isidore Quantum solution is directly aligned with these mandates.


The Threat Landscape

According to CISA, NSA, and FBI joint alerts, Iranian-aligned actors continue to conduct targeted cyber campaigns against U.S. critical infrastructure, including:

  • Exploit of Israeli-made PLCs and HMIs across U.S. water, energy, food, and healthcare sectors.

  • Ransomware + exfiltration + defacement campaigns that target outdated OT with weak security postures.

  • Use of engineering and diagnostic tools to disrupt performance and vendor-maintained systems.

A Fortinet-commissioned Forrester study further reports:

  • 56% of ICS operators experienced a breach in the last year.

  • 45% do not use basic role-based access controls.

  • 100% have vulnerable IoT devices on shared networks with SCADA environments.


Department of the Air Force Requirements

The U.S. Air Force’s June 2025 RFI and industry calls for solutions to:

  • Provide Zero Trust enforcement in hybrid OT/IT environments.

  • Secure ICS/IoT components in contested or expeditionary settings.

  • Integrate with existing infrastructure while reducing manual configuration.

  • Deliver AI-driven anomaly detection, secure remote access, and real-time encrypted telemetry across weapon systems and mission-critical OT assets.


Department of the Navy Requirements

The June 2025 DON CTO Memo emphasizes SCADA/ICS cybersecurity as a Level 2 technology under its “Cyberspace Operations / Zero Trust” priority area. Specifically, DON seeks:

  • ICS/SCADA protection and secure remote access.

  • Quantum-ready encryption to support NC3 modernization and maritime control systems.

  • Alignment with CNSA 2.0 cryptographic standards and DoD Zero Trust principles.


The Isidore Quantum Solution

Forward Edge-AI, Inc. was awarded a Phase II SBIR to develop Isidore Quantum, a quantum-resistant cybersecurity platform purpose-built to secure ICS/SCADA environments. Developed in close collaboration with the National Security Agency (NSA) and leveraging a patented architecture, Isidore Quantum eliminates traditional PKI and enables zero-trust enforcement at the physical layer. The system uses autonomous, ephemeral keying based on CNSA 2.0 algorithms—CRYSTALS-Kyber and Dilithium—to deliver post-quantum cryptographic protection without relying on certificates, passwords, or centralized key authorities.

Now at Technology Readiness Level 8 (TRL-8), Isidore Quantum has been validated across diverse operational environments, including classified SCADA testbeds, naval infrastructure, and forward-deployed Air Force systems. Field deployment is underway across mission-critical platforms, offering real-time encrypted telemetry, self-healing key rotation, and AI-driven anomaly detection.

Isidore Quantum® Gen 2.1 for Operational Technologies/SCADA

Designed for rugged use and rapid integration, Isidore ensures resilience against both current cyber threats and future quantum-enabled adversaries—safeguarding national infrastructure at the tactical edge:

Key Features

  • Quantum-Resistant Cryptography: Compliant with NSA CNSA-2.0, ensuring long-term security against quantum threats.

  • Autonomous Key and Channel Management: Supports periodic rekeying, key recovery, and zeroization without manual intervention, reducing the risk of key compromise.

  • Protocol, Device, and Network Agnostic: Seamlessly integrates into existing infrastructure without requiring modifications.

  • Multi-Topology Support: Enables point-to-point, mesh, hub-and-spoke, and other network architectures with independent link keying, ensuring resilience.

  • Zero-Trust Security Model: Prevents unauthorized access and lateral movement through continuous authentication and verification.

  • AI-Powered Threat Detection: Machine learning and a highly performant rules engine automatically detect, respond to, and adapt against cyber threats.

  • Obfuscation and Anonymization: Black traffic randomization ensures secure communication by masking underlying traffic structures.

  • Compact and Efficient: Weighing only 270g (9.7oz) and consuming 8W of power, Isidore Quantum® is significantly more portable and power-efficient compared to legacy cryptographic devices.

  • AI-powered threat detection trained on over 8 trillion Microsoft security signals.

  • Drop-in hardware form factor, compatible with Ethernet, SATCOM, Wi-Fi, cellular, and MIL-STD-1553 links.

  • Validated in SCADA labs at NSA Ft. Meade, deployed across land, sea, air, and space platforms.


SBIR Phase II Objectives

This Direct-to-Phase II SBIR effort:

  • Delivered a field-deployable prototype integrated into live ICS/SCADA networks at a USAF or DON installation.

  • Demonstrated real-time, post-quantum encrypted OT telemetry with autonomous key rotation and breach containment.

  • Provided a secure operator dashboard, anomaly detection engine, and secure software/firmware update pipeline.

  • Generated quantitative resilience metrics against simulated HNDL, ransomware, and nation-state intrusion campaigns.


Conclusion

As CISA warns of imminent SCADA/ICS targeting by Iranian and other state-aligned adversaries, and NSA mandates migration to CNSA 2.0 before 2027, the urgency to secure critical infrastructure has never been greater. Isidore Quantum represents a low-cost, exportable, mission-ready solution that meets USAF and DON priorities for OT cybersecurity, Zero Trust enforcement, and post-quantum resilience.

Q-Day is not a myth—it’s a countdown.

The evolving cyber threat landscape, coupled with the rise of quantum computing, presents unprecedented security challenges for critical infrastructure and operational technologies (OT). The National Institute of Standards and Technology (NIST) estimates that approximately 20 billion devices will require an upgrade to post-quantum cryptography (PQC) by 2027.

Forward Edge-AI’s Isidore Quantum® is at the forefront of this transition, offering a Commercial National Security Algorithm Suite (CNSA-2.0) compliant cryptographic solution that ensures resilient and quantum-resistant data security. See Quantum Risk White Paper here.

Why Isidore Quantum®?

Unlike traditional cryptographic solutions, Isidore Quantum® provides zero-trust, autonomous, and scalable security, specifically designed for data-in-transit protection across diverse operational environments.

Sample Applications

One-Way Diode

Configuring the Isidore Quantum device as a one-way data diode provides a robust cybersecurity solution for critical infrastructure sectors such as water utilities, energy systems, and defense installations. In this mode, Isidore Quantum enforces unidirectional data flow, allowing real-time sensor and process data to stream out from ICS networks to monitoring platforms, while completely preventing any external commands or cyber threats from reaching sensitive controllers like PLCs.

This secure one-way transfer acts like a digital air-gap – it physically blocks 100% of inbound traffic into operational networks but still enables remote analytics and situational awareness. The result is a significantly hardened network where critical processes can be observed without exposing control equipment to attack, aligning with industry best practices and regulatory mandates for infrastructure protection.

U.S. cybersecurity authorities have long recommended such data diode architectures to safeguard utilities and critical operations, and certain regulations even require them (for example, the Nuclear Regulatory Commission mandates one-way gateways for nuclear plant systems). By deploying Isidore Quantum as a unidirectional gateway, operators in the water, energy, and defense sectors achieve secure sensor data exfiltration and isolation of their ICS/SCADA environments, meeting stringent cyber-regulatory standards while greatly enhancing resilience against external intrusions.

Additional Applications:

Securing Data-in-Transit for Critical Infrastructures

Isidore Quantum® is purpose-built for securing critical infrastructures such as:

  • Defense and Intelligence Networks

  • Smart Grids and Energy Infrastructure

  • Aerospace and UAV Communications

  • Secure Mobile and Tactical Communications

  • Financial and Healthcare Systems

  • Industrial Control Systems (ICS) & SCADA Networks

Scalable Deployment

Isidore Quantum® supports multiple deployment scenarios:

  • Unmanned Aerial Systems (UAS) to Ground (Point-to-Point)

  • Encrypted Analog Radios

  • Reaper to Ground Communications

  • Signals Intelligence (SIGINT) Platforms (Mesh)

  • Satellite Communications (Starlink)

  • Multiple Encrypted Phones Over Cellular (Hub and Spoke)

Comparison: Isidore Quantum® vs. Traditional Solutions

Feature

Legacy Cryptographic Devices

Isidore Quantum®

Quantum Resistance

Vulnerable to quantum attacks

CNSA-2.0 compliant (Quantum-resistant)

Traffic & Geolocation Security

Exposed

Obfuscated and anonymized black traffic

Topology Support

IP-specific, rigid

Protocol and network agnostic

PKI Dependence

Requires certificates & PKI

No PKI/KMI or certificates required

Forensic Footprint

Detectable

No forensic footprint

Power Consumption

30W+

7W

Throughput

1 Gbps

50 Mbps (scalable to 100 Gbps)

Size & Portability

Half-brick size, 4.4 lbs

Credit card-sized, 0.2 lbs

Ease of Use

Requires specialized training

Plug-and-play, minimal training required

Cost

$7,600 - $75,000

$1,600 ($500 estimated once Full Rate of Production is achieved)

A Future-Proof Cybersecurity Solution

Isidore Quantum® is a next-generation cybersecurity solution, licensed from the NSA and developed by Forward Edge-AI to address the most pressing challenges of post-quantum cryptography. Its scalable, AI-enhanced, zero-trust framework ensures that organizations can proactively harden their infrastructure against emerging threats while maintaining operational continuity.

By deploying Isidore Quantum®, governments, enterprises, and critical infrastructure operators can protect their communications, prevent unauthorized access, and ensure long-term cybersecurity resilience in an era where quantum computing poses a serious threat.

Project Partners

Awards and Recognition

Award a Phase III Sole Source Contract

A Federal Agency may enter into a Phase III SBIR/STTR agreement at any time with a Phase I OR II Awardee. A subcontract to a Federally funded prime contract may be a Phase III award.

  1. Step 1 Requirements Document: Prepare a Statement of Work (SOW), Statement of Objectives (SOO), or Performance Work Statement (PWS), or use our automated tool to generate a document

  2. Step 2 Market Research: Use this page as your market research, or view a list of other eligible projects, then request a ROM from Forward Edge-AI

  3. Step 3 Funding: Performed by the government

  4. Step 4 Sole Source Justification: A Memorandum for the Record is required in lieu of a J&A or SSJ

  5. Step 5 Provide Requirements Package to Contracting Officer: Performed by the government

  6. Step 6 Solicitation: Performed by the government

  7. Step 7 Pre-Negotiation Memorandum: Use GSA CALC as a benchmark to determine fair and reasonableness of our ROM

  8. Step 8: Contract Award: Performed by the government

Language for Step 4 (Determination and Finding):

  • Artificial Intelligence (Anomaly Detector), Counter Adversarial AI, Encryption, cybersecurity, ICS/SCADA, IoT, IIoT, Military IoT, physics-based models, quantum resistant, Zero Trust

  • Operational Technologies, Industry 4.0, Utilities (power, water, energy), Expeditionary Environments

List of Phase III contracts awarded so far

  • Come back soon

© 2024 Forward Edge-AI, Inc. All rights reserved.

SBIR DATA RIGHTS:

Awarding Agency: US Air Force

Contract Number: FA864923P0006

Contractor Name: Forward Edge-AI, Inc.

Contractor Address: 10108 Carter Canyon, San Antonio, TX 78255

Expiration of SBIR Data: 21 December 2042

Protection Period: 20 years from award of contract on 21 December 2022

The Government's rights to use, modify, reproduce, release, perform, display, or disclose technical data or computer software marked with this legend are restricted during the period shown as provided in paragraph (b)(5) of the Rights In Other Than Commercial Technical Data and Computer Software–Small Business Innovation Research (SBIR) Program clause contained in the above identified contract. After the expiration date shown above, the Government has perpetual government purpose rights as provided in paragraph (b)(5) of that clause. Any reproduction of technical data, computer software, or portions thereof marked with this legend must also reproduce the markings.

Did this answer your question?