Cybersecurity system design, vulnerabilities
To what extent can we trust things, such as intelligent industrial networked devices? Will they behave as expected with unlimited Internet access? To what extent can we manage and control them? Will our lives become unpredictable and uncontrollable with widespread use of the Industrial Internet of Things (IIoT) concepts?
Engineers generally assume that mechanisms serve their intended purpose. Is that always true? The "smarter" something is, the quicker we lose control and become fully dependent on it. As smart things demand greater attention, will they demand ongoing fine control and management?
To bring home the example, in managing a smart house today, information is transmitted as different messages (alarms, situational alerts, control options) to a user’s mobile device. Those capabilities are spreading to industrial applications as well.
Unfortunately, mobile phone immunity is weak. About 10 years ago, the main Russian "virologist" Eugene Kaspersky said that those who created computer viruses would "soon start modifying them for mobile phones. The situation is hard to predict. It all depends on how smartphone software developers will act: the positive scenario is possible only if they dive into the question of security. In the nearest future we may witness that malware will be able to call the other phones, record conversations, or even steal critical information using software exploits."
Then Nokia 6620 was considered the most vulnerable. The first virus for this phone (Cabir) appeared in 2004; however, it only affected Bluetooth-enabled devices. The virus didn’t seem to cause harm as it was developed to demonstrate that viruses affect mobile devices. Eugene Kaspersky thought then that "there is no point in developing any kind of protection against only one virus. The industry development strategy is unclear, and it is hard to imagine what kind of attacks malware developers" will create in a year or two. However, a CommWarrior (Comwar) virus already had been active then, transmitting itself via Bluetooth and in multimedia messages (MMS). With MMS popularity, forecasts about spread of Comwar looked very frightening. Mikko Hipponen, head of the antivirus research department from F-Secure, Finland, at that time compared MMS-viruses with mail worms like Bagle, Mydoom, Sobig: "MMS contagion can spread throughout the world in a few hours. Taking this into consideration, it’s much more dangerous."
When managing smart house [or smart factory] support systems with help from a mobile device, if the mobile device is infected, who can guarantee the integrity of control? Some malefactor could raise the temperature in the sauna [or industrial oven] to the critical levels or turn the sound volume [or machine speed] to maximum.
Beyond mobile devices, many other exploits can threaten flawless operation of intelligent systems, especially with IoT or IIoT connections. How might that influence control and operational reliability, especially as more devices add intelligence, complexity, and interconnectivity? Alexandr Bolshev, "Digital Security" information security auditor, said we need to define mobile and autonomous capabilities of intelligent devices, such as what we mean by system shutdown, inability to perform vital tasks, and performance errors. Smart systems are similar to other automated information systems, so why would they be less reliable? "When your car breaks down, it’s not a riot. The only difference is that smart systems are connected to the Internet and thus are externally accessible. Theoretically, due to systems’ software exploits, vulnerabilities, or user negligence (if a user sets weak passwords), any malefactor or computer virus could take control" over the connected system.
When considering IoT system reliability and security, Alexandr Meleshkin is sure that systems should be designed to avoid accidents in line with [science fiction author Isaac Asimov’s] first law of robotics stating that a robot may not injure a human being.
Alexandr Bolshev supports that idea that security should be inherent in design: "There is no need to use any special methods to secure the system reliability and performance. It will be enough to employ regular security measures that are used for all devices and services over a global network. Microsoft Secure Development Lifecycle (SLDC) should be used during project design and development."
In addition, Bolshev suggested, "quality control and obligatory verification with information security specialists are vital before releasing the product to the market. Strong password policies, firewall utilization, firmware updates, infrastructure auditing and online penetration tests should always be arranged when using the system."
In sensitive IoT applications (like telemedicine or security systems) that need secure performance reliability and may need to comply with codes, standards, and law, Bolshev and Meleshkin differ in opinion.
Meleshkin thinks that existing laws and rules suffice: "For example, if medical equipment or a security system collects any type of private data (health condition or recorded video), it is crucial to guarantee data safety on all stages of its existence, including transmission."
Bolshev thinks that devices and systems should be safe and secure in the first place, because errors in design or use may lead to health risk and life-threatening situations.
Future security, reliability
Future applications may differ. Innovation technologies presented at the AINL 2014 Conference show that very soon we will live side by side with things that possess intelligence. If robotic assistants can be trained with rewards and positive reinforcements, so-called "carrots," is it feasible to imagine that we can use "sticks" to train mechanical devices and computers. Who will be smarter tomorrow—a house or its owner [a factory or its operators]? And if or when this bright future arrives, will we be ready?
Safety is more than protection from outside threats, such as hacker attacks, viruses, or developer errors. Perfect system performance and proactive protection from human factors top the list of concerns.
Smart house projects engineer Julia Raevskaya ("Giprotransmost" JSC) discussed the challenges of managing intelligent systems. "Despite all the hardships, we can honestly say that a smart house is a huge move forward, not just a step," by providing voice and remote control, temperature response to outside weather, water filtration and quality, touch screens, and motion sensors ensuring "a whole new level of living comfort," she said.
Smarter systems will adjust
Furthermore, Raevskaya emphasized that intellectual system development needs to consider and adapt to changing circumstances. If a newborn appears in a smart house, for instance, the lighting system should understand not to fully illuminate a room when parents enter to check on a sleeping child. Just as when new situations arise in a factory, the average user at home wouldn’t be able to personalize the system on such a level. Thus, we need to develop interworking interfaces, so users will not need to call maintenance personnel for system personalization.
Widespread use of smart systems is hampered by complexity of use and infrastructure imperfections. Not every locality has energy, fiber-optics communications, and communication capabilities needed. Intelligent systems need a reliable, independent, electric energy source to support infrastructure and intelligent systems, decisions, actuators, and communications to enable function, monitoring, and remote control.
Smart houses may be more a technology demonstration than a practical item for widespread use. While interconnected supporting systems can reduce energy consumption, it may be easier and cheaper to insulate the house to become environmentally friendly. Without reliable power, intelligent systems will be of less use than candles, she suggested.
Risks beyond original designs
Progress continues as more smart devices and systems become available in homes and in the workplace. All information security officers recommend caution. Alexandr Meleshkin said, "Perils are possible since humans are prone to making mistakes," suggesting that if developers release products at the expense of reliability, software vulnerabilities and poor performance may result. Alexandr Bolshev agreed, pointing to many existing hazards requiring attention beyond initial consideration of developers, integrators, and users.
Author James Gunn, in a 1953 story, "Wherever you may be," said, "There was something about machines and things they made which were basically alien to the human spirit. They might disguise themselves for a time as willing slaves, but eventually, inevitably, they turned against their masters." Perhaps homes should be the last refuge from intelligent systems that may become pervasive elsewhere.
Ekaterina Trofimova (Екатерина Трофимова) wrote "A house on the edge of madness" (Дом на грани безумия), for Control Engineering Russia; it was edited here for the North American edition by Mark T. Hoske, content manager, Control Engineering, CFE Media, firstname.lastname@example.org.
See related cybersecurity stories linked below.