- Photodetector Project
The scope of this project is to develop the fabrication technology of photodetectors using the facilities and resources of BİLGEM, and then to fabricate these detectors needed inside our country.
The photo-detector (coded DDA-I) has four parallel PIN-diodes on the same silicon substrate. DDA-I has an active area diameter of more than 10 millimeters, very low dark current (<1nA/cm2), and higher impulse responsivity (0,44A/W) compared to commercially available sensors in its class. These detectors offer low capacitance per quadrant, wide dynamic range, high breakdown voltage, fast response and accuracy compared to similar products on the market.
Some of the applications of these photodetectors in several military and public areas are listed below:
- Pulse Detectors
- Optical Communications
- Bar Code Readers
- Optical Remote Control
- Medical Equipments
- High Speed Photometry
Various other photo-detector process development projects for several different applications are currently ongoing within BİLGEM.
- GÖKTÜRK-1 Reconnaissance and Survaillance Satellite National Crypto Sybsystem
GÖKTÜRK-1 is a reconnaissance and survaillance satellite system which aims the secure transmission of high-resolution images taken from any location in the world. Although the main objective of the system is to meet military needs, it is also planned to be used in the areas of civil activities such as forest control, illegal construction, crop management and casualty assessment after natural disasters.
The communication between GÖKTÜRK-1 Satellite and it’s Main & Mobile Ground Stations is carried out via S-Band and X-Band links. UEKAE has developed the crypto devices to be used over these links and the related key management system. Thus, the security of the commands sent to the Satellite and of the images received from the Satellite is provided by national means.
The equipment developed are:
1. Ground X-Band National Crypto Device
2. Ground S-Band National Crypto Device
3. Satellite X-Band National Crypto Device
4. Satellite S-Band National Crypto Device
5. Key Management Unit
6. Key Fill Device for ground equipment
7. Key Injector for satellite equipment
8. Electronic Ground Support Equipment (EGSE)
Additonally, Cryptographic Security, TEMPEST, COMSEC, and NETSEC test and evaluation services are provided for Satellite and it’s Main & Mobile Ground Stations by BİLGEM.
Within the scope of the management, UEKAE works as a sub-contractor of Telespazio S.p.A collaboration with Thales Alenia Space – France and DSI GmbH.
Network systems are being linked in an unique network technology nowadays. In the future, network systems will be based on “Everything Over IP” concept which helps to transfer all data traffic over IP networks.
IP Crypto Devices acting as a security gateway are located between local network and edge router to establish VPN (Virtual Private Networks). IP Crypto Devices are the latest solution for high speed secure communications. In this way, many physical lines (cabled, wireless, satellite and hybrid networks) and applications can be secured with only one technology. IP Crypto System provides data confidentiality, authentication and integrity of these networks.
IP Crypto System consists of IP Crypto Devices and Management Center. IP Crypto Devices link confidential networks and provide secure communication. Management Center supplies remote management of keys and devices. Many IP Crypto Devices have been developed for different requirements and speed (from 34 Mbps to 9 Gbps) since 2000. Moreover, IP Crypto Projects are in progress now.
The software and hardware of IP Crypto System have national design. IP Crypto System secures many of the critical Military and Government networks in Turkey.
- National Public Key Infrastructure Project (MA3)
Public Key Infrastructure (PKI) is used by companies to provide security services required in IT environment. This infrastructure comprises one or more Certification Authorities (CA) and some other auxiliary software. Users are registered to CA’s according to predefined policies. After registration, electronic documents are issued to users for proving their identities and achieving information security. These electronic documents are called electronic certificates which can be used for creating e-signature, data encryption and authentication. Since e-signature features present in many IT applications act as legal signatures, the management of electronic certificates and their cryptographic keys is very important.
ESYA (Electronic Certificate Management Infrastructure), developed under MA3 project, comprises features required by a PKI system. ESYA certification authority is the only national PKI product used in Turkish National ID Card project for generation and management of certificates. ESYA also has critical role almost in all e-government projects such as e-justice, e-invoice, e-prescription, new generation cash register, e-passport, and tachograph. Besides, ESYA with the latest implementation of PKI technology, is one of the several products in the world and the only national one which is certified with Common Criteria EAL 4+.
MA3 project also provides API’s and desktop security solutions for PKI based authentication, encryption and e-signature needs of companies. These products are being widely used in Turkish Armed Forces, in strategically important institutions and in many other public institutions.
- MAMSİS Project
National Military Messaging Handling System (MAMSİS) developed by TUBITAK BILGEM is suitable for use in military and corporate strategic, operative and tactical field messaging requirements. MAMSİS meet messaging requirements in an uninterrupted, fast, accurate, reliable and secure way through a single system. MAMSİS provides you integrated messaging of strategic and tactical environments which have low bandwidth and high data loss.
MAMSİS consists of Message Transfer Servers (MAS), Directory System Servers (DSS), Messaging Clients which can work in both strategic and tactical field, and also Gateway Software developed for a more efficient and integrated messaging.
The Messaging Server is responsible for signed/encrypted message transfer. The Messaging Server consists of a Message Store (MS), which is responsible for message storage and interaction with the messaging clients, and a Message Transfer Agent (MTA), which communicates with other messaging servers in order to accomplish message transfer task. Messaging functions are supplied by the cooperation of these two units.
Two different messaging servers that conform to ITU X.400 and SMTP/IMAP protocols respectively are developed for military and enterprise use, along with messaging clients that can operate with these servers, and administration tools to manage these servers. Full conformance to STANAG 4406 (Ed.2) is supplied for military messaging. In addition to strategic messaging, tactical messaging is also supported for X.400 users.
Directory System Server (DSS) has been developed with national sources and provides different range of opportunities.These opportunities are secure, consistent and hierarchical maintenance of user and certificate data. It also provides their uninterrupted, up to date and secure presentation. Thanks to these features of the server, institutions, which heavily depend on organizations in a certain hierarchical structure, units, users and devices, could have a rapid access to these data. Moreover, DSS maintains the application of high−level security policies. Thus, it determines access and messaging authorization of different users that are of various security levels on an institutional level.
Additionally, DSS has been developed in accordance with the national needs of the country (both on a military and institutional level) and the international standards. It does not only fully fits in with the ITU X.500, which is the most comprehensive standard set, but also has an easy access to the LDAP, which is a more simplified directory access protocol. Hence, it could accord to various military and commercial directory applications. Furthermore, since it is a national product not including commercial components, DSS could be rapidly specialized in line with institutional needs.
Messaging Client is a platform independent software component that is used for messaging and directory access. It allows the messaging in different security levels by sending signed and/or encrypted messages. Each defined user is able to see only allowed interfaces and commit related operations. Messaging client is developed for average bandwidth and also customized to operate under low bandwidth and so that way tactical messaging client is developed. So that a lightweight interface is provided by system that is free from burden and only necessary data is transmitted. It has customizable interface that provides military and corporate messaging.
Servers and clients of the Messaging System communicate over secure connection that is protected by TLS. All the system entities authenticate each other with strong authentication mechanisms based on smartcard and PKI certificates. Access to system entities and protected items are controlled by advanced and access control mechanisms. Secure messaging is possible with digital signing and encryption features.
Gateway solutions has been developed to work more effectively of messaging system and for working integrated with existing systems. These gateway solutions are SAGB (X.400 MTA/ACP 127 Gateway) that provides to communicate with ACP 127 systems, ALYB (Mail List Agent) that provides handling and expansion of address lists and HYB (Message Distribution Agent) that provides distribution of message to inside of headquarters according to SIC (Subject Indication Codes) header of messages.
- MİLCEP K2 - Crypto Mobile Phone
Since the GSM net work has serious securit y flaws, TÜBİ TAK BİLGEM UEK AE designed “MILCEP-K2 Cr ypto Mobile Phone” with the following features: Voice/dat a hardware based encr yption for end-to-end secure communication through GSM net work, Interoperabilit y with SCIP (Secure Communications Interoperabilit y Protocol) compatible
- Weight: ~151 gr
- Size: ~123 x 57 x 20 mm (height x width x depth)
- Talk Time: ≥ 9.5 hours
- Secure Talk Time: ≥ 8.5 hours
- Standby Time: ≥ 7 days
- EMI/EMC: ETSI EN 301 489-07
- User Protocol: SCIP
- Operating in GSM 850/900/1800/1900 MHz st andard
- GPRS Class 12, EDGE Class 12, CSD V.110, V.32
- Secure voice/ Dat a communication
- Plain Voice communication
- Plain SMS transmission/reception
- English and Turkish language options
- Personal Information Management Tools: Address book,
- Calendar, Notes etc.
- Applications: Clock, Calculator, System Information,
- World Time, Help Browser etc.
- PC synchronization
- Different ring profile options
- Key Generation: ECMQV
- True Random Number Generator
- For each session a new key is generated and at the end of the session it is erased
- Secure tactical communication up to “SECRET” level
- MİLSEC 4 - Secure IP Terminal
SECURE IP TERMINAL
MILSEC-4 secure IP phone provides state of the art capabilities for both secure and non secure calls over IP and PSTN networks, providing interoperability with legacy solutions while realizing the future of secure and reliable communications.
MILSEC-4 devices can be configured, monitored, and updated via the Secure Management Center (SMC) over IP networks using NATO SCIP protocol. Unlike older generation secure communication devices, MILSEC-4 is capable of Over the Network Keying (OTNK) via SMC.
MILSEC-4 devices are interoperable with MILSEC-1A, MILSEC-2, MILCEP-K1, and MILCEP-K2 secure phones. MILSEC-4 provides a smooth transition while replacing MILSEC-1A and MILSEC-2 legacy phones during the migration of PSTN to IP networks. MILSEC-4 terminal offers a new generation secure communication solution for IP and PSTN networks, at the same time compatibility with legacy phones, which assures seamless communication service.
- Secure communications over IP and PSTN networks
- Secure end-to-end voice, video, and data transfer
- NATO SCIP compliant
- Interoperable with commercial SIP products
- Interoperable with MILCEP and MILSEC secure phones
- National and AES crypto algorithms
- Remote configuration/software updates
- Easy-to-use interface with LCD touchscreen