General Dynamics Information Technology (GDIT) won the one-year contract with four one-year options through USPTO‘s Intelligent Automation and Innovation Support Services blanket purchase agreement.

Tools USPTO plans to pilot under the contract will expedite patent and trademark applications and requests, predict fraudulent transactions and reduce backlogs — cutting costs in the process.

“With this new work, we will bring our AI, ML and robotic process automation expertise to help USPTO develop solutions that accelerate the patent and trademark process to benefit American innovators,” said Christopher Hegedus, a vice president and general manager at GDIT, in the announcement.

USPTO Chief Information Officer Jamie Holcombe said his agency was already developing a new patent examiner search tool leveraging ML algorithms in February. And he expressed interest in applying the technology to trademark image searches and detecting fraudulent imagery.

The pilots stand to create new professional functions within USPTO.

“This contract represents an important step in helping USTPO advance the broader federal government goal to advance the adoption of AI and the way it can be applied to enhance machine potential and expand human capacity,” said Paul Nedzbala, a senior vice president at GDIT, in a statement.

The post USPTO expands use of machine learning with $50M contract appeared first on FedScoop.

Blockchains function as tamper-evident, digital ledgers implemented in a distributed fashion, and in this case the technology allows CBP to protect sensitive information on U.S. imports.

Personally identifiable information and trade secrets can be transmitted between the agency, manufacturers, retailers, rights holders, and importers via encrypted keys on a single platform.

“We strongly believe blockchain will help the United States maintain a competitive edge in the worldwide competition to grow stronger, better, and more reliable ways of protecting our country from illegal imports and exports,” a CBP spokesperson told FedScoop.

CBP completed its first-ever test of the technology in September 2018 within the North American and Central American free trade agreements — proving multiple blockchain programs could integrate seamlessly. Since then, the agency has explored additional use cases with a total of seven unnamed companies.

No real products were tracked, companies instead submitting fictitious transactions during piloting. But using a single access point in the blockchain, CBP was able to connect data to products and licenses correctly — necessitating fewer physical examinations.

The companies communicated with CBP and other transaction participants using unique blockchains, regardless of their software. That way new trade partners can be added to the interoperable system quickly without blockchains needing to be rebuilt, which saves everyone involved money.

The Department of Homeland Security Science & Technology Directorate funded the pilot — run by the Office of Trade — as part of its blockchain portfolio.

“This pilot represents great potential for marrying new technology with our traditional trade mission: to protect the U.S. economy,” said Brenda Smith, executive assistant commissioner of the Office of Trade, in a statement.

While many in government are eager to try blockchain to solve complex issues, many also resist that urger, worried that the technology doesn’t fit well in the government context. FedScoop reported last year about what it is about blockchain in government that irks many people. 

The post CBP successfully tested an ‘interoperable’ blockchain system for protecting intellectual property appeared first on FedScoop.

When Jamie Holcombe joined USPTO a year ago, one of the agency’s major applications still ran on an HP 9000, affectionately named “T-Rex” because the Unix-based machine was a dinosaur. Holcombe had T-Rex replaced as part of ongoing, multi-year efforts to stabilize and modernize critical IT systems and infrastructure supporting more than 8,000 patent and trademark examiners nationwide, around the clock.

Filings are at an all-time high — new patent applications reached 665,231 in fiscal 2019 and trademark applications increased 5.4%.

“Based upon our fees and based upon the velocity of the patents and trademarks that come through, our economy either flourishes or it doesn’t,” said Jamie Holcombe at an ACT-IAC event Thursday. “If we can get dependency — the time it takes to award a patent — down significantly, that frees up venture capital.” The office, unlike most federal agencies, is fully funded by the fees it charges.

USPTO has one of its 14 agile DevSecOps teams working on a replacement for a patent examiner search tool created in the ‘90s. Those teams are collocated and span the full development pipeline, with plans to increase their number to 30 or 40 in 2020.

As for the new search tool being developed, it leverages machine learning algorithms and will eventually make use of artificial intelligence.

“My opinion and my opinion only — I am not speaking for PTO — is there’s no such thing as artificial intelligence. There really isn’t,” Holcombe said. “I have not met Mr. Singularity, yet. Skynet doesn’t exist.”

For now, Accenture and Google have partnered with USPTO to identify search algorithms for “supervised learning” sessions with patent examiners. The algorithms learn what’s good and bad to improve searches, as well as how applications are classified for routing and evaluation — a “top priority,” Holcombe said.

Machine learning may also be able to improve trademark image searches and flag improper trademark activities and fraudulent imagery.

“I’m hoping that machine learning can help us find some of those data sources that we’re not using,” Holcombe said. “And I’m also hoping that we can simplify the ability to search by giving citizens search, so they can actually get in and figure out if the patent exists or not.”

Acting more like USPTO’s own customers

In the past, USPTO worked through about 200 to 300 systems across 150 to 200 projects at any given time. That number has been consolidated into 30 products across four business lines: patents, trademarks, enterprise and infrastructure.

The change comes in response to vendor complaints that USPTO did too many small task orders and instead needed more agile contracting focused at the portfolio, rather than project, level.

“We were stifling innovation at the agency for innovation,” said Kristin Fuller, chief of the Procurement Systems Division.

Functional testing is now included in development task orders, as are better metrics. And USPTO is moving to a new paradigm where — instead of every project having multiple orders for infrastructure, development, operations, cybersecurity and testing — there will be one contract per product addressing those various areas.

The timeline for implementing the product catalogue isn’t finalized and will coincide with how USPTO coordinates contracts, said Debbie Stephens, deputy CIO.

Ultimately, USPTO plans to remain in compliance with the Federal Acquisition Regulation but increase contracting speed, Holcombe said.

Even though contracts will be larger, USPTO will remain mindful of small businesses when making awards.

“We do have to be sure that we’re not a bull in a china shop, and I say that because I could have come in and wrecked everything, blew it up and started again — the Army way,” said Holcombe, a former Army officer. “Instead I’m trying to be more like the Air Force and actually have some thought about it before I blow it up.”

The post Faster patents require faster IT and contracting, and USPTO’s CIO has goals in place appeared first on FedScoop.

Shell companies the government mistakenly contracts with could sabotage or spy on systems containing sensitive information, according to intelligence officials the Government Accountability Office consulted for its report released Monday.

DOD accounts for two-thirds of federal contracting activity, and companies with murky ownership could be run by foreign adversaries, it says.

“These entities could infiltrate DOD’s supply chain to introduce components, such as circuit-board chips and routers modified to fail, facilitate state or company espionage, or compromise the integrity of DOD’s information-technology systems,” reads the GAO report. “According to [chief information officers], adversarial entities could also potentially gain access to sensitive information through their relationship with DOD contractors.”

Companies struggling financially are particularly vulnerable to exploitation by adversaries, who might quietly acquire a domestic contractor, Defense Intelligence Agency officials told GAO.

In 2017, an Office of the Director of National Intelligence background paper detailed how supply chain complexity allows adversaries — operating through companies, hackers and organized crime — entry at multiple points. Those adversaries target sensitive research and development programs, steal intellectual property and personally identifiable information, and insert malware into critical components.

DOD also identified the risk of adversaries gaining access to military bases to harm deployed troops in countries like Iraq or Afghanistan.

GAO reviewed 32 cases of contractors with murky ownership and found many received contracts they shouldn’t have or let foreign manufacturers obtain sensitive information and produce faulty equipment. That’s in addition to entities using the multiple companies they own to inflate prices and create the illusion of competition.

Four cases involved shell companies masking foreign manufacturers that bid on contracts meant to be awarded domestically. The manufacturers received contract payments with one supplying DOD with defective parts that grounded 47 aircraft and another supplying unusable parts.

Perhaps more troubling, three of the manufacturers exported military technical drawings and blueprints to foreign countries in violation of the Arms Export Control Act.

DOD revised the Federal Acquisition Regulation in 2014 to require contractors to self-report some ownership information and seeks it during the supply chain risk analyses conducted when acquiring critical components. The department also has a fraud risk management program but has yet to assess contractor ownership risks across all its agencies, according to GAO.

“Assessing risks arising from contractor ownership would allow DOD to take a strategic approach to identifying and managing these risks, make informed decisions on how to best use its resources, and evaluate its existing control activities to ensure they effectively respond to these risks,” reads the report.

DOD agreed with GAO’s recommendation, but its response was deemed sensitive and omitted from the public version of the report. The sensitive version was released internally in September.

The post Murky contractor ownership masks national security threats to IT appeared first on FedScoop.

USPTO’s active directory maintains a domain from which to manage all network resources: users, workstations, servers, printers, databases, and system configuration. As a result, the directory holds sensitive information like credentials and network topographies “making it a prime target for cyberattacks,” reads the audit conducted by the Department of Commerce Office of Inspector General.

A breach could lead to intellectual property theft, jeopardizing USPTO’s mission of examining patent and trademark applications in a timely fashion to foster innovation and economic competitiveness.

DOC found an “inadequate” configuration of USPTO’s active directory allowed “excessive” access permissions, credentials were not securely stored, weak passwords were used, and multi-factor authentication was not enforced.

Additionally, vulnerability scanning practices failed to identify and remediate some vulnerabilities, authorized ports and services lacked a baseline, and critical vulnerabilities were not patched fast enough, per the audit.

“USPTO immediately began to take action during our audit to remediate some of these security deficiencies,” reads the audit. “However, we remain concerned with USPTO’s commitment to prioritizing improvement of its security posture.”

That’s because DOC flagged the same security deficiencies with critical IT assets two years ago.

The audit recommends the undersecretary of commerce for intellectual property and the director of USPTO have the chief information officer reevaluate the active directory’s configuration and reorganize user groups based on job functions — removing unneeded privileges.

Other recommendations include eliminating weak credential encryption, strengthening passwords, ensuring personal identity verification cards are compatible with future systems, verifying vulnerability scanners are regularly updated, and establishing an authorized open port baseline.

USPTO concurred with the audit’s recommendations, but an action plan is required of the agency within 60 days of the report’s publishing.

In its response, the agency said it reduced a sizable container of administrator accounts by more than 55 percent with a new vetting process introduced in January.

Legacy USPTO applications are incapable of supporting strong encryption, so the agency established a watch list for such accounts. USPTO has also updated its cyber scanning process.

The post Audit: USPTO’s mismanagement of active directory poses ‘significant’ cyber risk appeared first on FedScoop.

But Jill Leyden, customer experience administrator for trademarks at the United States Patent and Trademark Office, wants to make that a little bit easier.

Speaking Saturday at South by Southwest in Austin, Leyden outlined a big pain point for the trademarks side of USPTO: figuring out how to create a better front door for customers into the agency, with “very clear, concise and consistent information at the baseline.”

“About 30 to 40 percent of our applicants are coming to access our services on the trademark side without attorneys,” she said. “So they could be a mom and pop shop, it could be a startup without legal counsel yet, and they are coming to us to access our services but they don’t have a baseline understanding of what trademarks really are, how to work that into a business strategy, things like that.”

They need basic information to help them understand what trademarks are and to help them navigate the agency’s filing system, Leyden said.

But while making improvements to its website and simplifying, the agency is also negotiating a tricky balance, she explained.

“When you’re applying for a trademark you’re beginning essentially a legal proceeding. And it’s very complex,” Leyden said. “So we have that challenge of no matter what it’s going to be that thing, right?”

But the goal is to at least make it clear to customers “what that end-to-end process looks like, and what they can expect.”

When people begin to use the agency’s trademark services, Leyden wants them to be able to make educated decisions on if they want to continue with the process or if they need legal counsel.

As an example, Leyden told the audience in Austin about one thing her team did to make it easier for people to watch the agency’s videos about the trademark process. They created a landing page for people to watch how-to videos so they would be all in one spot, rather than “scattered about,” as they were before

The trademarks office has big changes on the horizon, Leyden said, one being the move to mandatory electronic filing in 2019.

That will allow staff to focus on electronic end-to-end processing.

“We’re also going to begin building our new filing system, our public-facing filing system,” Leyden said.

The filing system is “our largest self-service customer tool that we have,” she said.

“And right now the one we have was built in the 90s,” Leyden said. “And we’ve been sort of maintaining it, but it’s a little bit clunky and it’s not what I think most customers would expect if they were new to doing business with our office.”

The post How USPTO’s Jill Leyden helps the trademarking process walk the line between legal and personable appeared first on FedScoop.

3D printers, the new frontier in industrial production, are vulnerable to so-called side channel attacks from smartphones (Getty)

Smartphones equipped with special programming can become a sophisticated spy sensor capable of stealing designs from a 3-D printer — just by measuring the noise and electromagnetic radiation the printer emits.

Researchers from the University at Buffalo recently discovered how a smartphone on a bench about 8 inches away from a 3-D printer could allow someone to reconstruct a simple object being printed with 94 percent accuracy. Complex objects can be copied with 90 percent accuracy.

The researchers don’t give details of the application they wrote to record the acoustic and electromagnetic energy the printer is putting out, but say it uses the regular sensors of a typical smartphone.

The attack is significant, the researchers say, because 3-D printing, also known as additive manufacturing, is the next frontier in industrial production — and poised to become a multi-billion dollar business within the next few years.

This week, for instance, General Electric bought two 3-D printing companies for a total of $1.4 billion.

Moreover, although 3-D printers are often equipped with sophisticated defenses to protect them against hacking and other online threats, they are vulnerable to these so-called “side-channel” attacks in the physical realm.

“Many companies are betting on 3-D printing to revolutionize their businesses, but there are still security unknowns associated with these machines that leave intellectual property vulnerable,” said Wenyao Xu, assistant professor in the University of Buffalo’s Department of Computer Science and Engineering.

“Many IP-protected products [like cases and packaging] are prototyped with 3-D printing” and would be vulnerable to illicit reproduction by forgers or copyright thieves using this technique, Xu told FedScoop.

He’s the lead author of the study, “My Smartphone Knows What You Print: Exploring Smartphone-based Side-channel Attacks Against 3-D Printers,” which will be presented at the Association for Computing Machinery’s 23rd annual Conference on Computer and Communications Security next month in Austria.

The attack basically reverse-engineers the printing blueprint by reconstructing the movement of the nozzle from the electromagnetic and acoustic energy it generates while working.

Most information came from electromagnetic waves, which accounted for about 80 percent of the useful data. The remaining 20 percent came from acoustic waves.

“The tests show that smartphones are quite capable of retrieving enough data to put sensitive information at risk,” added Buffalo’s Kui Ren, a co-author of the study.

The post Smartphones can steal 3-D printing plans by listening to the printer appeared first on FedScoop.

A pact of 12 pacific rim nations — Brunei, Chile, New Zealand, Singapore, Australia, Canada, Japan, Malaysia, Mexico, Peru, the United States and Vietnam, with the notable exception of global superpower China — the TPP establishes an enhanced legal framework for trade, cutting up to 18,000 international tariffs on made-in-America products in signatory nations, while simultaneously raising concerns about the implications of new rules on international data flows and the activities of white hat cybersecurity researchers.

“The Asia-Pacific … presents critical challenges from an IP policy perspective,” the U.S Trade Representative’s office wrote in the “Intellectual Property” chapter summary. “Regional piracy rates remain high, and cyber theft of trade secrets is rapidly growing.”

The summary claims that TPP has taken a “robust” stance on intellectual property issues, addressing patents for medicine and technology, trafficking of counterfeited goods and trademarks in “generic terms.” Notably, TPP requires signatories to establish copyright “safe harbors” for Internet service providers, a method that the summary says has in the past “contributed to the flourishing of the most vibrant Internet, entertainment and e-commerce industries in the world.” It is also the “first Free Trade Agreement to require criminal penalties for trade secret theft, including by means of a computer system,” an addition to the most recent TPP draft which reflects mounting concerns about cybersecurity and nation-state hacks.

Some industry representatives, including the Information Technology Industry Council, have lauded what they call the TPP’s progress toward a more open technological world.

“It is clear that the agreement addresses new issues critical to the continued growth of, and innovation by, the tech sector,” said Dean Garfield, ITI president and CEO, in a release. “For the first time in a trade agreement, there are provisions that prohibit restrictions on cross border data flows and local data storage, permit companies and individuals to use their choice of cybersecurity and encryption tools, and ensure the protection and enforcement of trade secrets.”

Other organization, however, have been quick to condemn the TPP as favoring large corporations over national interests. In a comprehensive review of the TPP text, Public Citizen, a left-wing lobbying organization, says the agreement “undermines internet freedom.”

“The text threatens to lock The United States into its current broken copyright rules that undermine access to knowledge, creativity, and autonomy over digital devices and content, and … export these rules around the world,” the report states.

The “prioritization of trade interests over privacy rights pervades the … chapter [on e-commerce] also,” stated the Electronic Frontier Foundation.

The text of the TPP itself, despite criticism, retains a tone resonating optimism.

“Resting both on America’s long-held commitment to the free flow of ideas and on the value of the future digital economy to American growth, prosperity, and employment, [TPP] will address the emerging challenges to the integrity and efficiency of the global Internet, ensuring that it remains an open space for commerce, that consumers and Internet users have confidence in regulation for privacy and security, and that electronic commerce achieves its vast future potential.”

The post Asia trade deal impacts cybersecurity, telecoms and open Internet policy appeared first on FedScoop.

“The office needs a more advanced IT infrastructure that is specifically dedicated to the office and can better support the needs of its users,” Keith Kupferschmid, Software & Information Industry Association’s general counsel and senior vice president of intellectual property, testified at a House Judiciary Committee hearing.

While the Copyright Office does deal with intellectual property, it doesn’t fall under the purview of the U.S. Patent and Trademark Office. Instead, it lies within the Library of Congress and must use its IT systems, Kupferschmid said. His association’s recent report on reforming the Copyright Office characterized the LOC system as “antiquated and intended for a very different purpose than the IT systems needed by the Copyright Office.”

Lisa Dunner, a partner at Dunner Law PLLC who testified on behalf of the American Bar Association, agreed. She said minor changes to online forms can take months and the system lacks adequate security. She also said during the government shutdown in 2012, the Library of Congress’ IT department took the office’s website offline.

“It took the registrar of copyrights days to get restored,” she said. “This is unacceptable for a copyright office that serves a vital segment of the U.S. economy.”

The Library of Congress was unable to provide a response to the hearing by press time, though a spokeswoman directed FedScoop to a news advisory issued Oct. 1, 2012, and updated two days later that said Copyright.gov was available.

Kupferschmid encouraged Congress to authorize a study to determine the best long-term solution for the office. Referencing his group’s report on the Copyright Office, Kupferschmid listed three possible long-term solutions: giving the office more autonomy within the Library of Congress, making it an independent agency, or placing it within the Patent and Trademark Office.

“The one option that isn’t agreeable is the status quo,” Kupferschmid said.

The entire witness panel also emphasized the need to provide more funding to the Copyright Office to make immediate improvements. Funding for the office saw a 20 percent reduction in appropriations since 2010, according to the software industry group’s report.

A copyright protects “works of authorship,” like computer software, novels, songs and architecture. Patents cover inventions or discoveries, and trademarks cover words, symbols or drawings that differentiate one source of goods and services from others.

The committee did not invite a representative from the Copyright Office to testify at the hearing.

At the same time, members of the panel highlighted the contributions that copyrighted materials make to the U.S. economy, and some praised the office’s leadership for its efforts.

“I think the Copyright Office is doing the best it can with what it has,” Dunner said.

The post Aging IT threatens innovation at Copyright Office appeared first on FedScoop.

The Senate Judiciary Committee voted unanimously to OK the confirmation of Michelle Lee as undersecretary of Commerce for intellectual property and director of the patent office. Lee has served as the patent office’s deputy director since last year, but the agency has been without an official head since 2013.

“This position has been vacant for more than two years, which is far too long for an office that is so important to our nation’s innovators,” Vermont Sen. Patrick Leahy, the panel’s senior Democrat, said in a statement. “Ms. Lee has strong bipartisan support and I hope her confirmation will be taken up swiftly on the Senate floor.”

Many tech groups applauded Lee when the White House selected her for the post in October, and her nomination has seen support by key lawmakers. Even so, Lee went through two nearly identical confirmation hearings with the committee in as many months (one in December and one in January during the new session of Congress). At both hearings, she discussed the office’s efforts to address reports of fraud and abuse within its telework program.

Originally from the private sector, Lee worked as Google’s deputy general counsel, and head of patents and patent strategy between 2003 and 2012. She left Google to serve as USPTO’s first Silicon Valley office director.

Lee’s nomination now moves to the full Senate.

The post Patent office’s Lee clears Senate committee appeared first on FedScoop.