Illumination Works (ILW) is proud to announce the award of a Small Business Innovative Research (SBIR) Phase I contract to advance our Odin™ Risk Management Framework (RMF) solution for the Navy. Odin-RMF provides artificial intelligence (AI)-driven automation in executing RMF/authority to operate (ATO) processes and generating ATO documents. For this effort, ILW will advance existing Odin capabilities to provide assisted intelligence in RMF/ATO package creation and perform user interface (UI) design and system architecture definition.
Evolving Cyber Risk Management with Enabling Tech
The Department of Navy (DON) and its Naval Warfare Center Training Systems Division (NAWCTSD) seek artificial intelligence (AI) to assist the cybersecurity workforce in developing and maintaining Authority to Operate (ATO) packages via the Risk Management Framework (RMF). The current RMF/ATO process, which is based on the National Institute of Standards and Technology (NIST) series 800 documents, is time and manpower intensive and provides few enabling technologies to ease the burden on cybersecurity personnel. Illumination Works (ILW) offers DON/NAWCTSD our Odin-RMF solution to provide AI-driven automation in executing RMF/ATO processes and generating ATO documents.
Fast-Track to Compliance & ATO Document Generation
ILW’s Odin-RMF applies cutting-edge AI techniques, including large language models (LLMs) and retrieval augmented generation (RAG) to input data, coupled with expert knowledge from the cybersecurity team to speed identification of baseline security controls, perform guided software risk assessments, develop security implementation guides, and generate initial text for completing ATO documents. Through the Phase I activities, ILW will determine the feasibility of Odin-RMF’s modular components in meeting DON/NAWCTSD’s need for assisted intelligence in RMF/ATO package creation to include UI design and system architecture definition. ILW will experiment with LLMs, prompt engineering, and RAG constructs to identify the optimal approach to automatically identify baseline controls and generate the associated sections for the System Security Plan (SSP) ATO document.
Odin-RMF’s novel use of LLMs combined with traditional NLP techniques will generate tailored content aligned with NIST frameworks, bringing together structured data, regulatory knowledge, and human expertise without sacrificing precision or strict security standards.
With the help of AI, the RMF process can be significantly shortened while still retaining all the security of a manual RMF review.
Key Benefits of Odin-RMF
Odin-RMF’s automation and decision support capabilities will benefit all DoD services that are responsible for cybersecurity RMF/ATO processes by significantly reducing the time, manpower, and costs associated with creating and maintaining an ATO package. Odin-RMF provides the cybersecurity team with a fast and efficient method to determine relevant security controls and assign controls in alignment with industry standards. Odin-RMF’s human-in-the-loop functionality ensures the cybersecurity professionals remain the decision makers, and their workflow is simply enhanced via Odin-RMF’s AI. Odin-RMF implements robust AI and software engineering approaches that apply across the complexity spectrum of information systems undergoing RMF/ATO, promoting standardization and scalability of the RMF/ATO process across the enterprise.
Contact Information
- Jan Turkelson | Senior Vice President | Illumination Works | [email protected] | LinkedIn
- Janette Steets | Director of Data Science | Illumination Works | [email protected] | LinkedIn
About Illumination Works
Illumination Works is a trusted technology partner in user-centric digital transformation, delivering impactful business results to clients through a wide range of services including big data information frameworks, data science, data visualization, and application/cloud development, all while focusing the approach on the end-user perspective. Established in 2006, the Illumination Works headquarters is located in Beavercreek, Ohio, with physical operations in Ohio, Utah, and the National Capital Region. In 2020, Illumination Works adopted a hybrid work model and currently has employees in 20+ states and is actively recruiting.
