Artificial Intelligence Tools for Autonomous Counter-Countermeasures

Navy SBIR 24.2 - Topic N242-078
NAVAIR - Naval Air Systems Command
Pre-release 4/17/24   Opened to accept proposals 5/15/24   Closes 6/12/24 12:00pm ET    [ View Q&A ]

N242-078 TITLE: Artificial Intelligence Tools for Autonomous Counter-Countermeasures


OBJECTIVE: Develop novel methods to identify and mitigate vulnerabilities in autonomy agents designed to carry out Department of Defense (DoD) missions and develop software tools to automatically assess and identify vulnerabilities prior to deployment in government systems.

DESCRIPTION: Rapid advancements in Artificial Intelligence (AI) have resulted in increased development of autonomous agents that perform complex tasks previously requiring human operators. In the academic domain, AI agents have been used to defeat world-class experts in games such as Go and Shogi, and more recently, multiplayer games such as Quake III, Starcraft II and DOTA II. The DoD has rapidly adapted these technologies for a variety of tasks including mission planning, air combat operations, missile defense, and so forth. As with any rapidly advancing technology, identifying the weakness and vulnerabilities of the technology are as important as advancing the technology itself, which exploit the fragility of AI models often underpinning these autonomy solutions. However, these efforts typically focus only on perturbation in input data received by an AI model and not the autonomy system as a whole.

In this effort, the Navy intends to analyze the entire autonomy development, integration, and deployment process to develop methods that can identify strategies to counter opponent autonomous systems, as well as development of red-teaming methods to mitigate the effectiveness of potential counter autonomy techniques developed by adversaries.

Work produced in Phase II may become classified. Note: The prospective contractor(s) must be U.S. owned and operated with no foreign influence as defined by 32 U.S.C. § 2004.20 et seq., National Industrial Security Program Executive Agent and Operating Manual, unless acceptable mitigating procedures can and have been implemented and approved by the Defense Counterintelligence and Security Agency (DCSA) formerly Defense Security Service (DSS). The selected contractor must be able to acquire and maintain a secret level facility and Personnel Security Clearances. This will allow contractor personnel to perform on advanced phases of this project as set forth by DCSA and NAVAIR in order to gain access to classified information pertaining to the national defense of the United States and its allies; this will be an inherent requirement. The selected company will be required to safeguard classified material during the advanced phases of this contract IAW the National Industrial Security Program Operating Manual (NISPOM), which can be found at Title 32, Part 2004.20 of the Code of Federal Regulations.

PHASE I: Analyze existing autonomy approaches for relevant air combat missions. Identify potential attack surfaces in which counter autonomy could potentially be employed to defeat the autonomy and determine the risk potential of these vulnerabilities. Using information from all missions and analysis develop a counter autonomy ontology and suggested approaches. The Phase I effort will include prototype plans to be developed under Phase II.

PHASE II: Extend the research toward government provided reference scenarios. Develop and refine prototype algorithms for identifying high-risk vulnerabilities in autonomy agents. Demonstrate the ability to identify multiple types of vulnerabilities in deployable agents. Ensure that developed prototype can be integrated with Navy systems in Phase III.

Work in Phase II may become classified. Please see note in Description section.

PHASE III DUAL USE APPLICATIONS: Develop operational capability for use in Navy DevSecOps air worthiness framework including user and design documentation.

This research on decomposing the Autonomy and AI software supply chain aims to identify vulnerabilities from a security perspective, offering significant dual-use potential for both the DoD and private sectors. Industries such as telecommunications, transportation, and critical infrastructure can leverage these insights for enhanced cybersecurity measures. The findings will inform improved software development practices, aiding tech companies in creating more secure AI systems. Additionally, sectors handling sensitive data, like finance and healthcare, can benefit from advanced risk management strategies. While the research has broad commercial applications, particularly in AI safety and ethics, the dissemination of sensitive findings will be carefully managed to maintain a balance between public sector innovation and national security. This approach ensures the strategic advantages of the research are preserved while supporting technological advancement in various industries.


  1. Bookman, L., Clymer, D., Sierchio, J., & Gerken, M. (2022, June). Autonomous system identification and exploitation through observation of behavior. In Artificial Intelligence and Machine Learning for Multi-Domain Operations Applications IV (Vol. 12113, pp. 76-85). SPIE.
  2. Gupta, A., & Krishnamurthy, V. (2022). Principal–Agent Problem as a Principled Approach to Electronic Counter-Countermeasures in Radar. IEEE Transactions on Aerospace and Electronic Systems, 58(4), 3223-3235.
  3. Maybury, M., & Carlini, J. (2020). Counter autonomy: Executive Summary. Defense Science Board, Washington, D.C.
  4. National Industrial Security Program Executive Agent and Operating Manual (NISP), 32 U.S.C. § 2004.20 et seq. (1993).

KEYWORDS: Artificial Intelligence; A.I.; Machine Learning; Counter-counter measures; Autonomy; Reinforcement Learning


The Navy Topic above is an "unofficial" copy from the Navy Topics in the DoD 24.2 SBIR BAA. Please see the official DoD Topic website at for any updates.

The DoD issued its Navy 24.2 SBIR Topics pre-release on April 17, 2024 which opens to receive proposals on May 15, 2024, and closes June 12, 2024 (12:00pm ET).

Direct Contact with Topic Authors: During the pre-release period (April 17, through May 14, 2024) proposing firms have an opportunity to directly contact the Technical Point of Contact (TPOC) to ask technical questions about the specific BAA topic. Once DoD begins accepting proposals on May 15, 2024 no further direct contact between proposers and topic authors is allowed unless the Topic Author is responding to a question submitted during the Pre-release period.

SITIS Q&A System: After the pre-release period, until June 5, 2024, at 12:00 PM ET, proposers may submit written questions through SITIS (SBIR/STTR Interactive Topic Information System) at by logging in and following instructions. In SITIS, the questioner and respondent remain anonymous but all questions and answers are posted for general viewing.

Topics Search Engine: Visit the DoD Topic Search Tool at to find topics by keyword across all DoD Components participating in this BAA.

Help: If you have general questions about the DoD SBIR program, please contact the DoD SBIR Help Desk via email at [email protected]

Topic Q & A

05/13/24  Q. Are specific approaches mentioned in the topic required for a proposal to be considered (e.g. blockchain and digital twins)? Or will other solutions that address the core problems of data integrity/IP protection, cybersecurity, and real-time quality control be considered as well?
   A. Any sample approaches mentioned within the topic should not be considered as a limitation. All solutions that provide identification, demonstration and resolution of vulnerabilities sufficiently significant to impair or impede mission effectiveness are of interest.
05/13/24  Q. Will this topic consider approaches that focus on one aspect of counter-autonomy (e.g. cyber vulnerabilities)? Or will proposals be expected to investigate multiple classes of autonomous agent vulnerabilities?
   A. Phase I proposals are expected to consider all categories of attack vectors against autonomous capabilities in naval aviation as can be reasonably determined by the performer. Phase II responses are expected to narrow these results to a single area for further investigation and analysis.

[ Return ]