Saturday, June 17, 2017


This is a joint blog post with my food blog. A trip through St. Louis gave me a chance to catch up with my former student Jason Fritts, who is now a professor at St. Louis University.  Jason is well known for his work in multimedia computing and is the main organizer of the MediaBench benchmark series.  Over pizza he told me about his amazing project to builod accelerometers into a flycasting rod.  I think he said that the tip hits 30-40 Gs.  Very cool stuff.

Friday, June 16, 2017

EU Draft Report on Privacy and Electronic Communication

The European Parliament has released here a draft report on a proposed regulation on privacy and electronic communication.  This report is long and technical, but it does describe at least encouraging a variety of measures to protect the privacy of electronic communications, such as enryption.  It also specifically mentions metadata as worthy of privacy protection.

This report probably is intended to cover email, social media, etc. But it does seem to me that much of the language is general enough to cover all sorts of other communications. Messages and data samples from IoT devices are, after all, electronic communications. The data and control packets on a distributed control bus are also electronic communications.

Commuication within and between IoT and CPS devices and systems deserve privacy.   A large body of work has shown that quite a bit can be inferred about a person and their activities from a small number of samples.  However, these systems often run in real time and under power constraints.  The encryption and privacy techniques appropriate to IoT and CPS are, in general, quite different from those for information technology (IT) systems.  Let's hope that privacy protections cover all the bases and do so in a manner appropriate to the wide ranging ways in which we use computers.

US-CERT Warning on North Korean DDoS Botnet

The U. S. Computer Emergency Readiness Team (US-CERT) has issued this alert TA17-164A on North Korea's HIDDEN COBRA cyberwarfare unit and their efforts on building botnets for DDoS attacks.  This page includes links to indicators of compromise (IoC) to be checked by system administrators.  US-CERT that people who find evidence of these tools should be reported to either the DHS National Cybersecurity Communications and Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch). The alert identifies tools and capabilities including DDoS botnets, keyloggers, remote access tools, and wiper malware. It says that HIDDEN COBRA primarily targets older versions of Microsoft OSs as well as Adobe Flash.

Wednesday, June 14, 2017

Personal and Public in IoT Security

IoT devices present us with an interesting combination of concerns in the private and public spheres.  On the one hand, a poorly secured IoT device can present a safety hazard to its owner.  An insecure or poorly designed IoT garage door controller, for example, can lead to burglaries, improper operation of the door, etc.   Some of those same vulnerabilities can allow the device to be used in attacks on other parties, the recent Dyn attack being a prime example.  I am hard pressed to find a corresponding linkage between personal safety and public safety in non-computerized devices.  But even if other parallels exist, the scope of possible problems that can be caused by insecure IoT devices is troublesome.

Monday, June 12, 2017

Point-of-View Article on Safe and Secure CPS and IoT

The latest issue of Proceedings of the IEEE is out and it contains a short point-of-view article by Dimitrios Serpanos and me on safe and secure CPS and IoT.  We argue that safety and security are no longer separable.  We observe that best practices in both safety and security need to be applied to modern systems, but that new methods will also be necessary.  A special issue on this topic will appear in PIEEE a few months from now.  In the mean time, this article summarizes our vision for the design of these critical systems.

Thursday, June 8, 2017

IT Methodologies Should Learn from CPS

I have said on more than one occasion that Internet connectivity makes the CPS V methodology inadequate.  The V methodology works top down for design, then bottom up for implementation, forming a V.  It implicitly assumes that the specification is static, giving a known target for the end of the V.  The changing threat from the Internet undermines that assumption.
However, we should keep in mind that many CPS systems make use of software from the IT world, whether it be licensed or open source.  IT developers can no longer assume that their customers are solely from the IT world.  They need to take into account the requirements of cyber-physical systems.  To satisfy those requirements, they should adopt the more stringent verification and validation approaches embodied by the V methodology.
Many software IP modules are developed relatively independently of applications.  A V-methodology-based approach would condition the release of these modules on validation within some exemplary systems.  System-integrated testing from both IP and CPS domains would help to shake out bugs in both the implementation and specification.
Agile software development emphasizes fast development of disposable software.  That approach makes sense for some domains.  But long-lived modules require a different, more deliberate approach.  The confluence of IT and CPS encourages us to invest in the careful design and construction of building block modules.

Thursday, June 1, 2017

Criminal Gang Steals Jeeps Using Authentication Codes

Extremetech reports here on a motorcycle gang that stole 150 Jeeps using replacement key codes in a stolen database.

Wednesday, May 31, 2017

JetBlue Flight Diverted Due to Battery Fire

CBS News reports here on a JetBlue flight that diverted to an emergency landing due to a lithium battery fire.

Tuesday, May 30, 2017

Report on British Airways IT Failure

NBC News reports here that the recent British Airways IT failure and resultant operational problems were caused by a power surge.

Report on ExoMars failure

Extremetech reports here on a report from the European Space Agency on the failure of the first ExoMars spacecraft last fall.  The root cause of failure was saturation of the initial measurement unit due to high rotation rates.

Saturday, May 27, 2017

IT Outage at British Airways Causes Cancelled Flights

NBC News reports here on an information technology (IT) outage at British Airways that caused them to suspend operations at Heathrow and Gatwick.

Wednesday, May 24, 2017

Article on IoT Standards

Reader Arjun KV forwarded this interesting article on the large number of IoT standards now in the marketplace.

Saturday, May 20, 2017

Ninetieth Anniversity of Lindberg's Solo Transatlantic Flight

Thanks to Aviation Week for reminding me that this is the 90th anniversary of Charles Lindberg's solo flight across the Atlantic. 

Friday, May 19, 2017

Lessons from the Global Ransomware Attack, Part 6

Government guidelines and regulations have an important role to play in ensuring the safety and security of our computer systems.  That is particularly true for two classes of devices: IoT and industrial control. <p>
IoT devices are intended to be installed and used by non-experts with little or no setup.   Unfortunately, many manufacturers have tried to fulfill this goal by either not providing security features or by setting their defaults to little-to-no security.  Consumer protection mechanisms can be used to set minimum security standards for IoT devices.  IoT security can directly affect consumer safety if, for example, a hijacked device is used to enable a burglary.  IoT security also indirectly affects consumer safety given that IoT devices are easily hijacked for use in attacks on other structures.<p>
Industrial control systems are run by people whose responsibility is making stuff, not configuring secure computer systems.  A variety of regulatory mechanisms exist to manage safety of industrial systems.  We have already seen NIST promulgate guidelines for smart grid security; we could use similar efforts in other domains.<p>
Various agencies in the U. S. and Europe have made progress on guidelines for security of various types of computer systems.  But I think that a more unified effort that cuts across application areas will also be required.  While each application has its own characteristics, many CPS safety and security techniques are widely applicable.  Issuing separate standards across multiple domains results in wasted motion that could be used more effectively.  Stovepiped standards also could lead to less-than-best-practices being used in some domains.<p>
This will be my last post in this Lessons series.  But that doesn't mean the problems have been solved.  We all have a lot of work to do to ensure the promise of a computerized world.

Thursday, May 18, 2017

Lessons from the Global Ransomware Attack, Part 5

A common source of exploits and security holes is bad coding practices.  Wider use of software synthesis tools would help to reduce the frequency of these types of problems.  Software synthesis has been very successful in some domains.  Signal processing software is often synthesized from high-level algorithmic specifications.  Web site design tools make extensive use of synthesis.  Some of the synthesis tools out there, such as UML coding systems, provide little more than syntactic transformations but even limited forms of synthesis could help reduce coding-induced security problems.

Wednesday, May 17, 2017

Lessons from the Global Ransomware Attack, Part 4

IT and cyber-physical systems that support many companies and organizations are, to use a British term, bespoke---custom-made for the user.  These organizations may want to think about outsourcing certain functions to the cloud to be sure that they benefit from the best available practices for security and reliability.<p>
Many organizations assume that they keep their data most secure by keeping it to themselves.  But these organizations generally don't have computer security as part of their main mission.  Moving some functions to an outside provider could, if done properly, provide them with higher levels of security and reliability.<p>
Oursourcing some computer operations would be easier if we had better software patterns and architectures for industrial control, patient management, etc.  Much of the work on cloud services is motivated by transactions.  I encourage my colleagues to put some thought into software designs that can be customized to applications that operate on real-time data and signals.

Tuesday, May 16, 2017

Lessons from the Global Ransomware Attack, Part 3

The WannaCry attack reinforces a point that I have made before: we can no longer draw a clean distinction between information technology (IT) and cyber-physical (CPS) systems.  WannaCry targeted traditional IT systems but it disrupted the operation of hospitals.  Last year's IT failures at major U. S. airlines were caused by equipment failures, not attacks, but they disrupted flight operations.
Perhaps it's time for IT operations to design to higher levels of fault tolerance.  It seems that applying fault-tolerant methods to the system core isn't enough---we should apply those techniques to the entire distributed system.
Design diversity should be an important part of fault-tolerant design for critical systems.  We have put our eggs in a very small number of software baskets.  The Morris worm of the 1980s provided an early example of the benefits of design diversity when the original Unix lab was protected from the worm because they ran their own mailer.

Monday, May 15, 2017

Lessons from the Global Ransomware Attack, Part 2

As I wrote yesterday in Part 1 of this series, software updates are not an acceptable solution to security problems for many organizations that cannot shut down their systems.  A great deal of software is inadequately designed and tested before it is shipped.  Software companies (and open source groups) expect users to live with the consequences of their poor engineering methodologies.  The software industry needs to improve its practices and deliver more reliable products.

Unfortunately, the news media have relied on quotes from a mixed bag of people, most of whom recommend updates as the best method to battle Internet attacks.  CNN went so far as to publish an opinion piece from a lawyer and self-described hacker which provided this advice.  I'm disappointed that CNN didn't make an effort to find more a more qualified person to speak on this important topic.

Sunday, May 14, 2017

Lessons from the Global Ransomware Attack, Part 1

How should we protect against future attacks such as the ongoing worldwide ransomware attack?  There are no easy fixes but we can draw some lessons.<p>
The standard response from computer professionals for these types of problems is "update your system." Unfortunately, not all systems can be kept up-to-date.  Many operations can't be shut down because the physical plants that rely on those systems can't be shut down. Economics also limit the speed with which hardware and software can be updated.  And let's face it, software updates often require hardware updates.<p>
I have written before about the problems with relying on Moore's Law to fix your design problems.  Computer systems are maturing and will not be replaced as frequently in the future.  And relying on upgrades to eliminate your design problems is simply bad engineering.<p>
The designers of safety-critical systems have become used to creating software that works.  The rest of the software industry has not yet caught up.  Unfortunately, given the ubiquity of computers and the widespread use of both purchased and open-source software components, we can't make a clean distinction any more between systems that require high levels of reliability and those that do not.  The patients of Britain's National Health Service have learned that lesson.

Saturday, May 13, 2017

Ransomware Attacks Use NSA Exploits

Extremetech reports here that the worldwide ransomware attack---Britain's NHS is only one of its many targets---makes use of the Eternalblue exploit from the leaked NSA documents. This exploit seems to affect primarily older Windows systems.  However, both IT and cyber-physical systems are not easily updated so many systems are still vulnerable.

Friday, May 12, 2017

Ransomware affects British National Health Service

CBS News reports here on a ransomware attack that has affected many organizations, among them Britain's National Health Service (NHS).  Some hospitals have turned away patients due to the attack.  This event shows the blurry line between information technology (IT) and cyber-physical systems.  The ransomware attacked traditional IT computers but resulted in loss of service to hospitals, which are critical infrastructure.

Friday, May 5, 2017

Android Apps Use Ultrasonic Monitoring

Extremetech reports here on a Germany research study which found that 234 Android apps use ultrasonic monitoring to track your activities.

Tuesday, May 2, 2017

Intel AMT Vulnerability

Tom's Hardware reports here on a security advisory from Intel on a vulnerability in its Active Management Technology (AMT).

Thursday, April 27, 2017

AAMI TIR57 for Safety and Security of Medical Devices

Ken Hoyme pointed me to AAMI TIR57, found here, which describes a common safety and security approach for medical devices.  He also points me to this presentation.

Common Weaknesses Enumeration

The Common Weaknesses Enumeration, found here, is a list of common software security weaknesses as developed by the community.

Amazon Edge View

The Amazon Echo device now comes as a variant with a camera. Thanks to the program Stand Up with Pete Dominic for the tip.

Thursday, April 20, 2017

Article on Spying by Consumer Electronics Devices

Extremetech reports here on a lawsuit which claims that Bose requires users of its wireless products to use software that spiess on the listening habits of its users.

Monday, April 10, 2017

High Cost of Aircraft System Certification

Aviation Week reports here on the high cost of international certification of aircraft systems---some companies report that certification is now more expensive than design.

Emergency Warning System Hack

The New York Times reports here on a hack of the Dallas emergency warning system.

Thursday, March 16, 2017

Wednesday, March 15, 2017

Headphones Catch Fire During Flight

NBC News reports here on an incident in which a pair of headphones caught on fire while a woman was wearing them during a flight.

Article on Aircraft Display Systems

Aviationweek posts here a very interesting article on an incident involving, among other factors, the synthetic vision system of an aircraft.  This is a long article that clearly describes a complex situation. It bears careful reading.

Tuesday, March 7, 2017

WikiLeaks Release on Hacking

NBC News reports here on a release by WikiLeaks, which claims that the released document describe CIA hacking techniques.   According to the NBC News report, these techniques include a variety of techniques for hacking IoT and consumer electronics devices.

A Global Industry

I recently returned from a trip to Hong Kong where I met with several friends and colleagues.  A great many computer systems designers and researchers in Hong Kong trained in the United States; many also lived and worked in the U. S. after their education.  My friends continue to express and exhibit their appreciation and fondness for the United States. Many confess to have been changed by their experience living here.  America continues to be a beacon of hope for the world.

Thursday, March 2, 2017

IoT Shoes That Order Pizza

AV Club reports here on special Pizza Hut shoes with a pizza ordering button.  The report does not the wireless protocol used or the power consumption of the device.

Wednesday, February 15, 2017

A Hypothetical Analog vs. Digital Scenario

I have concocted a hypothetical situation in which analog beats out digital.  And it doesn't even require a zombie apocalypse.<p>
DPReview reports here on Nikon's significant financial problems.  They reported earlier that Sony's image sensor sales for smartphones are up but their camera sales are down.  So let's imagine a world in which the only cameras manufactured are smartphones---no large-sensor cameras.  We have a long way to go before we get to that point, but there is some small chance of that eventuality occurring.<p>
Smartphone cameras are quite good these days.  They now use high-quality sensors and optics coupled with sophisticated cameras running on the smartphone's high-performance embedded platform.  But small sensors have their limitations and for some applications, bigger is better.  We can expect some demand for large sensor cameras for the forseeable future.<p>
But how do you maintain these cameras?  Even ignoring firmware and driver updates, the hardware will fail eventually.  Both the image sensors and image processors are specific to the camera.  Once those chips go out of production, we are reduced to relying on a store of old chips stored in liquid nitrogen for replacement.<p>
Analog cameras, meanwhile are much easier to maintain.  Shutters are probably the hardest item to rebuild, but even those can be manufactured in a modest machine shop so long as the machinist understands how shutters work.  Otherwise, a camera is a box with a hole on one end. <p>
And although I can't make my own image sensor (even though I have access to a semiconductor fab line, it would be a very difficult and expensive process), I could make my own glass plates.  If Matthew Brady can make glass plates in a tent on a Civil War battlefield, I think that I can manage to make some for myself.
Digital systems have a lot of advantages.  Long-term maintenance is not one of them.  Specialized parts eventually fail.  The manufacturing systems used to build them also go out of service.  When we use computers to build long-lived systems, we need to think carefully about the future.

Thursday, February 9, 2017

Early Circuit Degradation in Atom

A post from Anandtech here describes what seems to be an early circuit degradation problem in Atom C2000.

Tuesday, February 7, 2017

Article on TVs that Spy on Viewing Habits

Extremetech reports here on the extensive spying on viewing habits and system configuration characteristics performed by Vizio TVs.

Friday, February 3, 2017

What Are You Buying?

A widely held principle in the law is that software is intangible; when you pay for software, you are purchasing a license to use that software. The law generally holds that software is fundamentally different from tangible goods.  Of course, we have discussed in an earlier blog post about the physical representation of software.  My book The Physics of Computing uses the computation of the mass of a bit as an example (Q = CV; m_bit = m_qQ).
But the line of reasoning of the legal profession has a more fundamental flaw.  When I buy a car, no one bothers to consider whether I am purchasing a license to make my own copies of the car.  Everyone agrees that I am buying a physical object, no questions asked.  In the 20th century, when building a car was a hard, long job, this scenario was a no-brainer.  But 3-D printing changes the equation.  We can assume that someone will, sooner or later, scan an entire car and 3D print a copy.  So where is that fundamental distinction between cars and software?

Friday, January 27, 2017

50th Anniversary of Apollo 1 Disaster

Fifty years ago today, January 27, 1967, a fire on the launchpad during a test killed the entire crew of Apollo 1: Virgil I. "Gus" Grissom, Edward H. White II, and Roger B. Chaffee.  Their sacrifice has not been forgotten.  You can find NASA's report on their Day of Remembrance here.

Monday, January 23, 2017

Article on Samsung Galaxy Note 7 Battery Fires

Anandtech reports here on Samsung's report on the casues of Galaxy Note 7 fires.  They found different manufacturing problems in the batteries from two different manufacturers. 

Friday, January 20, 2017

Monday, January 16, 2017

Reports on Galaxy Note 7 Battery Fires

Reuters reports here that a Samsung report will include that the main cause of Galaxy Note 7 fires was the battery, not computer hardware or software.

Saturday, January 14, 2017

US Department of Commerce Report on IoT Security

Reader K. V. Arjun passed along this news article on a report by the U. S. Department of Commerce that recommends the development of standards for IoT security.

Sunday, January 8, 2017

Movie on The Lousy State of IoT Security

My friend Dimitrios Serpanos introduced me to this new movie starring Pierce Brosnan of 007 fame on the subject of IoT and smart home security.

Thursday, January 5, 2017

Yet More Stupid Ideas in Consumer Electronics

Extremetech reports here on the new Bluetooth-enabled toaster announced at this week's Consumer Electronics Show.  The article is extremely funny but the product is all too real.