By Shaun McDonnell, Bryan Knight, Jeremy Turbyfill, Nikki Sewall, and Hillary Hester

In the era of software-defined defense, classified data generated by Department of War (DoW) weapons system platforms is a strategic asset that must be safeguarded against adversary exploitation. Any software or hardware capability integrating with these platforms must achieve rigorous standards of security to maintain the integrity of the missions and people they support. The National Information Assurance Partnership (NIAP), managed by the National Security Agency (NSA), was founded to certify commercial software before deployment into sensitive mission environments and weapon system platforms.

To meet these requirements, Shift5 is currently the first and only NIAP-certified provider of operational technology (OT) edge compute, collection, and detection devices capable of handling classified data.

Protecting Classified Data at the Edge

We achieved NIAP certification for our Data-At-Rest Protection (DARP) software under the Software Full Drive Encryption (SDE) Protection Profile for our Manifold edge devices as an added security measure to protect classified data on DoW weapons system platforms. These platforms – from aircraft, maritime vessels and land vehicles – frequently operate in contested environments where speed and agility are critical. Since our Manifold devices frequently operate in mission environments with unique requirements, the DARP software adds an additional layer of security to support data protection at the edge. Supported mission scenarios include:

• Automatic power synchronization for DARP to activate and shut down automatically as the platform powers on and off,
• Field-level provisioning, enabling operators to configure, update, and manage security, or
• Cryptographic updates, allowing operators to rapidly refresh or replace crypto keys if a platform appears to be compromised.

Shift5 partnered with Gossamer Security Solutions, an independent third-party certification lab, to perform rigorous testing and evaluation of DARP against NIAP’s SDE Protection Profile requirements.

Operational Benefits of NIAP Certification

Shift5’s DARP security software is available for added protection with any platform using a Shift5 Manifold edge device. With DARP, customers can now:

• Enhance security for classified data handling,
• Eliminate the need for complex (and often, costly) Type-1 encryption solutions,
• Reduce timelines for Authority to Operate (ATO),
• Accelerate the integration of Shift5 capabilities into mission environments,
• Decrease overhead with flexible encryption key management,
• Transport data without onerous requirements, and more.

The NIAP certification is also a prerequisite to a Commercial Solutions for Classified (CSfC) listing, which would enable Shift5 devices to handle data at additional classification levels.

Advancing Software Modernization, Zero Trust Principles

Our investment in this certification, as well as our commercial software development practices, align directly with several DoW priorities, including its Data Strategy (2020), Zero Trust Strategy (2022), and Executive Order 14028 (2021). Our NIAP-certified enforcement of encryption, access control, configurations, and more, helps the DoW protect its data across the most critical platforms operating at the edge. Our Secure by Design approach also ensures that security remains a central tenet throughout our software development lifecycle, from inception to deployment.

As the federal government increases expectations for commercial technologies to meet stringent security and compliance standards, this certification demonstrates our ability to meet the highest standards of security and deliver trusted capabilities to the warfighter’s most sensitive missions.