Funds for Companies

Grants and Resources for Sustainability

You are here: Home / Awards and Prizes / Submit Solutions for Cyber Startup Challenge 2023 (Switzerland)

Submit Solutions for Cyber Startup Challenge 2023 (Switzerland)

Deadline: 31 August 2023

The Federal Office for Defence Procurement armasuisse is accepting applications for the Cyber Startup Challenge 2023 to explore the startup technology landscape around the topic of «smartphone security» and in doing so to present innovative technologies to the Federal Department of Defence, Civil Protection and Sport (DDPS).

Companies are invited to register for the challenge and submit their solutions. The three start-ups with the most promising solutions will be allowed to present their idea at the Cyber-Defence Campus Conference on 26 October 2023 in Bern.

This challenge is not a call for tenders but a market exploration. Promising technologies are identified that best meet the requirements of the Department of Defence.

Funding Information

  • A jury of experts and DDPS stakeholders will select one company as the winner of the Startup Challenge at the end of the conference. The selected startup will receive a contract worth up to CHF 100,000 for the integration of a proof of concept of their technology into the DDPS environment.

What they are looking for?

  • They are looking for novel solutions in the field of smartphone security. The technology does not have to be fully developed yet, but a convincing proof of concept (PoC) should be realisable within one year and with less than CHF 100,000.
  • The goal is for the technology to help efficiently and comprehensively analyse the security of third-party smartphone applications and their potential threats. It also aims to test applications running in an unmodified (non-rooted) operating system while providing dynamic testing capabilities.
  • Some examples of smartphone security technologies that are of interest. However, they are also happy to hear about related technologies that are not listed.
  • Example: Black box tests
    • Testing an application without decompiling, reverse engineering or looking into its internal code or structure. Testing is done by interacting with the user interface (UI) and observing how the application interacts with the network or device to detect malicious behaviour. One possible approach would be to use Deep Reinforcement Learning to predict application interactions, recognise UI elements or generate input for form filling or logins.
  • Example: User data protection with black box tests
    • Use black-box testing of applications to identify risks to user privacy such as detecting dangerous permissions granted to applications (e.g. reading phone status, pinpointing location, etc.). Black box testing could be used to determine whether an application’s permissions have been dangerously extended (by exploiting a legitimate application or by the malicious application itself) from the specified functionality.
  • Example: Dynamic application tests
    • The application is tested fully automatically while it is running. Besides black box testing, there are other ways to test applications dynamically with or without using the user interface. An example would be so-called fuzzing or other dynamic analysis techniques.
  • Example: Operating system tests
    • The aim could be to test the default operating system on a smartphone. This is to detect malicious or unintended behaviour of the operating system or the default installed applications. Testing could be done by interacting with the user interface or by detecting changes caused by applications, such as changing permissions or other properties.

Conditions for the challenge

  • The startup is younger than seven years as of October 2023
  • The founders are still investors and active
  • The company has at least three employees, including active founders
  • The finalist of the Challenge receives a contract to integrate the proof of concept of the technology in the DDPS
  • The contract won has a maximum value of CHF 100,000. The value is based on the amount of work required to integrate the proof of feasibility
  • The Proof of Concept is supported by the Cyber-Defence Campus
  • This challenge is neither a competition nor a tender. It is a market research challenge to find a promising technology that best meets the needs of the DDPS around the threat of cyber espionage. Participation by companies is voluntary.
  • The proof of feasibility does not aim to be effectively implemented in operation
  • Any acquisition will be through a tender process and proof of feasibility is not a guarantee of an additional mandate or purchase
  • All companies participating in the Challenge, i.e. not only the winning company, will be included in a tender and further challenges
  • The company accepts the General Terms and Conditions of the Swiss Confederation (GTC) without reservation. Suppliers who make changes (additions/adjustments) will be excluded from the Challenge.

Selection Criteria

  • Technology is related to smartphone security
  • Technological relevance and usability for for the Swiss Armed Forces
  • Feasibility of the project
  • Innovation factor and potential for impact for the Swiss Armed Forces
  • Viability of the technology concept
  • Dual use (civilian, military)
  • Companies from Switzerland are rated higher; however, the start-up can be international.

For more information, visit Cyber Startup Challenge.