Wednesday, May 24, 2017

Article on IoT Standards

Reader Arjun KV forwarded this interesting article on the large number of IoT standards now in the marketplace.

Saturday, May 20, 2017

Ninetieth Anniversity of Lindberg's Solo Transatlantic Flight

Thanks to Aviation Week for reminding me that this is the 90th anniversary of Charles Lindberg's solo flight across the Atlantic. 

Friday, May 19, 2017

Lessons from the Global Ransomware Attack, Part 6

Government guidelines and regulations have an important role to play in ensuring the safety and security of our computer systems.  That is particularly true for two classes of devices: IoT and industrial control. <p>
IoT devices are intended to be installed and used by non-experts with little or no setup.   Unfortunately, many manufacturers have tried to fulfill this goal by either not providing security features or by setting their defaults to little-to-no security.  Consumer protection mechanisms can be used to set minimum security standards for IoT devices.  IoT security can directly affect consumer safety if, for example, a hijacked device is used to enable a burglary.  IoT security also indirectly affects consumer safety given that IoT devices are easily hijacked for use in attacks on other structures.<p>
Industrial control systems are run by people whose responsibility is making stuff, not configuring secure computer systems.  A variety of regulatory mechanisms exist to manage safety of industrial systems.  We have already seen NIST promulgate guidelines for smart grid security; we could use similar efforts in other domains.<p>
Various agencies in the U. S. and Europe have made progress on guidelines for security of various types of computer systems.  But I think that a more unified effort that cuts across application areas will also be required.  While each application has its own characteristics, many CPS safety and security techniques are widely applicable.  Issuing separate standards across multiple domains results in wasted motion that could be used more effectively.  Stovepiped standards also could lead to less-than-best-practices being used in some domains.<p>
This will be my last post in this Lessons series.  But that doesn't mean the problems have been solved.  We all have a lot of work to do to ensure the promise of a computerized world.

Thursday, May 18, 2017

Lessons from the Global Ransomware Attack, Part 5

A common source of exploits and security holes is bad coding practices.  Wider use of software synthesis tools would help to reduce the frequency of these types of problems.  Software synthesis has been very successful in some domains.  Signal processing software is often synthesized from high-level algorithmic specifications.  Web site design tools make extensive use of synthesis.  Some of the synthesis tools out there, such as UML coding systems, provide little more than syntactic transformations but even limited forms of synthesis could help reduce coding-induced security problems.

Wednesday, May 17, 2017

Lessons from the Global Ransomware Attack, Part 4

IT and cyber-physical systems that support many companies and organizations are, to use a British term, bespoke---custom-made for the user.  These organizations may want to think about outsourcing certain functions to the cloud to be sure that they benefit from the best available practices for security and reliability.<p>
Many organizations assume that they keep their data most secure by keeping it to themselves.  But these organizations generally don't have computer security as part of their main mission.  Moving some functions to an outside provider could, if done properly, provide them with higher levels of security and reliability.<p>
Oursourcing some computer operations would be easier if we had better software patterns and architectures for industrial control, patient management, etc.  Much of the work on cloud services is motivated by transactions.  I encourage my colleagues to put some thought into software designs that can be customized to applications that operate on real-time data and signals.

Tuesday, May 16, 2017

Lessons from the Global Ransomware Attack, Part 3

The WannaCry attack reinforces a point that I have made before: we can no longer draw a clean distinction between information technology (IT) and cyber-physical (CPS) systems.  WannaCry targeted traditional IT systems but it disrupted the operation of hospitals.  Last year's IT failures at major U. S. airlines were caused by equipment failures, not attacks, but they disrupted flight operations.
<p>
Perhaps it's time for IT operations to design to higher levels of fault tolerance.  It seems that applying fault-tolerant methods to the system core isn't enough---we should apply those techniques to the entire distributed system.
<p>
Design diversity should be an important part of fault-tolerant design for critical systems.  We have put our eggs in a very small number of software baskets.  The Morris worm of the 1980s provided an early example of the benefits of design diversity when the original Unix lab was protected from the worm because they ran their own mailer.

Monday, May 15, 2017

Lessons from the Global Ransomware Attack, Part 2

As I wrote yesterday in Part 1 of this series, software updates are not an acceptable solution to security problems for many organizations that cannot shut down their systems.  A great deal of software is inadequately designed and tested before it is shipped.  Software companies (and open source groups) expect users to live with the consequences of their poor engineering methodologies.  The software industry needs to improve its practices and deliver more reliable products.

Unfortunately, the news media have relied on quotes from a mixed bag of people, most of whom recommend updates as the best method to battle Internet attacks.  CNN went so far as to publish an opinion piece from a lawyer and self-described hacker which provided this advice.  I'm disappointed that CNN didn't make an effort to find more a more qualified person to speak on this important topic.

Sunday, May 14, 2017

Lessons from the Global Ransomware Attack, Part 1

How should we protect against future attacks such as the ongoing worldwide ransomware attack?  There are no easy fixes but we can draw some lessons.<p>
The standard response from computer professionals for these types of problems is "update your system." Unfortunately, not all systems can be kept up-to-date.  Many operations can't be shut down because the physical plants that rely on those systems can't be shut down. Economics also limit the speed with which hardware and software can be updated.  And let's face it, software updates often require hardware updates.<p>
I have written before about the problems with relying on Moore's Law to fix your design problems.  Computer systems are maturing and will not be replaced as frequently in the future.  And relying on upgrades to eliminate your design problems is simply bad engineering.<p>
The designers of safety-critical systems have become used to creating software that works.  The rest of the software industry has not yet caught up.  Unfortunately, given the ubiquity of computers and the widespread use of both purchased and open-source software components, we can't make a clean distinction any more between systems that require high levels of reliability and those that do not.  The patients of Britain's National Health Service have learned that lesson.

Saturday, May 13, 2017

Ransomware Attacks Use NSA Exploits

Extremetech reports here that the worldwide ransomware attack---Britain's NHS is only one of its many targets---makes use of the Eternalblue exploit from the leaked NSA documents. This exploit seems to affect primarily older Windows systems.  However, both IT and cyber-physical systems are not easily updated so many systems are still vulnerable.

Friday, May 12, 2017

Ransomware affects British National Health Service

CBS News reports here on a ransomware attack that has affected many organizations, among them Britain's National Health Service (NHS).  Some hospitals have turned away patients due to the attack.  This event shows the blurry line between information technology (IT) and cyber-physical systems.  The ransomware attacked traditional IT computers but resulted in loss of service to hospitals, which are critical infrastructure.

Friday, May 5, 2017

Android Apps Use Ultrasonic Monitoring

Extremetech reports here on a Germany research study which found that 234 Android apps use ultrasonic monitoring to track your activities.

Tuesday, May 2, 2017

Intel AMT Vulnerability

Tom's Hardware reports here on a security advisory from Intel on a vulnerability in its Active Management Technology (AMT).