This post's title is posed as a question, not as a declaration, as is the post itself. But I think that recent events highlight a conundrum in embedded system security that has been brewing for quite some time: our embedded devices can be used to attack our own computer systems.
<p>
The recent DDOS attacks against DNS provider Dyn were conducted by an army of zombie IoT devices. IoT devices, simple as they are, have enough capability to play roles in these sorts of attacks. And given that we have many more IoT devices than desktop or laptop computers, they are obvious fodder for attackers.
<p>
It is certainly true that many IoT devices are shoddily designed and constructed, making it easy for attackers to commandeer them. Some simple steps on the part of manufacturers could make these devices more secure. But it is also true that U. S. export control laws make it difficult to export security-related hardware and software that would allow an extra level of protection for these devices. And the vast majority of these inexpensive IoT devices are manufactured overseas.
<p>
If we allowed more computer security equipment to be exported, would it be used against us? Probably. Would the net threat be larger than the one we now face? I really don't know but I think we should have this discussion. I think that Congress and technical experts should work together to identify ways to make the United States and the world safer and more secure from IoT-based threats. Everyone should consider guidelines or regulations on how devices are certified at a given level of safety. As part of that process, we will probably end up considering what types of security devices, both hardware and software, we want to see more broadly used and what techniques we want to keep in reserve. An ounce of prevention is worth a pound of cure.
Showing posts with label CPS. Show all posts
Showing posts with label CPS. Show all posts
Friday, November 18, 2016
Monday, April 27, 2015
Imagination releases academic version of MIPSfpga design
As described by AnandTech in this article, Imagination has announced a university license for its MIPSfpga design.
Thursday, June 19, 2014
NIST CPS Public Working Group
NIST has announced the first webinar meeting of its Cyber-Physical Systems Public Working Group (CPS PWG). More details can be found here.
Sunday, December 15, 2013
CPS in the Clouds
Cloud computing for cyber-physical systems is in vogue; see, for example, this NSF-sponsored workshop on the topic. The idea behind cloud CPS is much the same as for information technology---move some important operations to remote server farms. This idea leverages both efficient servers and ubiquitous Internet.
However, the technical challenges behind cloud CPS are different and arguably harder than those for database-oriented operations. Control systems have deadlines. If your control system is in the clouds, then each control sample has to perform its complete round trip: to the cloud server through the Internet, computing in the cloud, then back to the physical plant. The basic physics of communication mean that we won't be able to put very high rate, low latency control loops in the cloud. Bandwidth isn't the only requirement---latency is ultimately determined by the speed of light. But there are a lot of control loops that are slow enough to allow them to be put in the clouds. Many hierarchical control systems have some very fast control loops and supervisory control that runs much more slowly. My favorite example is traffic control. The decisions required to time the lights could be performed in the cloud; rather than have each city buy and maintain its own traffic flow system, all cities could share a more sophisticated control system located in the cloud.
People often assume that cost savings is the primary motivation for putting cyber-physical systems in the cloud. In fact, reliability is an even greater motivation. Designing a highly-available server farm is a challenging task. A typical large server farm consumes the electricity of a city of 50,000 people, but it crams all that energy into a space the size of a large conference room. All the heat that is generated by those computers makes for a very challenging heat transfer problem. Not only does the heat cost money to eliminate with cooling systems, it's a major source of failures as components overheat.
If you run a safety-critical, high-reliability cyber-physical system, you should seriously think about putting your SCADA (supervisory control) system in the cloud, preferably run by someone who does it full time. The challenge of running a highly-reliable server system is big enough that it shouldn't be left to amateurs.
However, the technical challenges behind cloud CPS are different and arguably harder than those for database-oriented operations. Control systems have deadlines. If your control system is in the clouds, then each control sample has to perform its complete round trip: to the cloud server through the Internet, computing in the cloud, then back to the physical plant. The basic physics of communication mean that we won't be able to put very high rate, low latency control loops in the cloud. Bandwidth isn't the only requirement---latency is ultimately determined by the speed of light. But there are a lot of control loops that are slow enough to allow them to be put in the clouds. Many hierarchical control systems have some very fast control loops and supervisory control that runs much more slowly. My favorite example is traffic control. The decisions required to time the lights could be performed in the cloud; rather than have each city buy and maintain its own traffic flow system, all cities could share a more sophisticated control system located in the cloud.
People often assume that cost savings is the primary motivation for putting cyber-physical systems in the cloud. In fact, reliability is an even greater motivation. Designing a highly-available server farm is a challenging task. A typical large server farm consumes the electricity of a city of 50,000 people, but it crams all that energy into a space the size of a large conference room. All the heat that is generated by those computers makes for a very challenging heat transfer problem. Not only does the heat cost money to eliminate with cooling systems, it's a major source of failures as components overheat.
If you run a safety-critical, high-reliability cyber-physical system, you should seriously think about putting your SCADA (supervisory control) system in the cloud, preferably run by someone who does it full time. The challenge of running a highly-reliable server system is big enough that it shouldn't be left to amateurs.
Subscribe to:
Posts (Atom)