Page 4

EDNE MAY 2014

edn. comment IoT hits the risk radar I am indebted to Juerg Siegenthaler of Avnet Memec – which company has recently made an announcement around placing increased resources into servicing the development of connected-devices – for bringing to my attention an announcement from the Zurich Insurance Group. The insurer has recently issued a Cyber Risk Report, in which it identifies seven major categories of risk to the global economy in general, and to companies, organisations, and countries, of untoward happenings in cyberspace – whether these be maliciously-invoked, caused by natural phenomena, or an inadvertent consequence of our use of the IT space, or arising spontaneously from the complexity we have created. Of particular note for designers in the embedded systems space is that already – some might say, none too soon – the insurer already identifies the Internet of Things as a potential hazard. Before getting to that point, the report reflects on the similarities between the unappreciated instabilities of global financial markets that led to the 2008 ‘meltdown’ and the hidden complexities of the Internet and its associated systems. “Sub-prime” investments were bought, sold, divided, parcelled up, re-packaged and re-sold across the financial system, until no-one knew how much poor-quality debt was in the system, or where the liabilities really were. In a similar (at some level, at least) the Internet has grown piecemeal, and is extensively cross-connected, with an unknown – and, perhaps, unknowable – number of dependencies. The report acknowledges the contribution of a myriad of programmers and engineers who daily patch and repair emerging flaws and “keep the show on the road” - it alludes to, although it does not use the term, the “Swiss Cheese” model of causes of disasters. That is to say, an Emmental naturally has holes within it; individual systems failures are equated to holes; any single failure or even limited number of concurrent failures are within the capability of the system to recover. If, however, one day all the holes were to line up, you could see all the way through – and that is when a disaster occurs. The Internet, and our dependence on it, has all the characteristics of vulnerability to a failure after which we would say, “we knew about the individual issues: but no-one anticipated that a particular sequence of events would concatenate with catastrophic results.” Anyone involved in safety-critical systems design will identify with many of the points that the report makes; for example, about the problems of interdependence and “hyperconnectivity”. To quote, “In cybersecurity a similar process occurs when companies outsource functions or information, allowing them to focus on core competencies, freeing them from the worries associated with managing servers, IT processes and security. All too often these companies know nothing of the information security or business continuity measures of the company to which they’ve outsourced. Worse, portions of the outsourced work often get further outsourced as each individual company focuses on its core competencies, and so on. Alternatively, a company might seek to mitigate risk by diversifying its outsourcing by, for example, working with four separate providers, only to find that in turn, they all rely on the same cloud service provider, on the same operating system, or on the same internet service providers.” Accordingly, the Report identifies seven “Aggregations of cyber risk,” of which one is “Disruptive technologies.” Which it outlines as, “Risks from unseen effects of or disruptions either to or from new technologies, either those already existing but poorly understood, or those due soon.” And one of those is the Internet of Things; other examples used are embedded medical devices; driverless cars; and the largely automatic digital economy. This last is perhaps particular frightening when viewed from an engineering perspective at even the most superficial level. “Algorithmic” trading now dominates activity in the major Western stock markets such as the New York Stock Exchange, leading to the situation that, as one interviewee in Forbes magazine put it, “All this noise comes from market players trying to game each other or fool traders.” Any control systems engineer will look at such a poorly-characterised configuration of competing algorithms and say, “Instability. Oscillation.” (Of course, the financial authorities know this, and try to guard against it, but the potential for unpredictable behaviour is implicit.) The Zurich report notes that disruptive technologies, “generally include the range of innovations that increase our dependence in radical ways. The World Economic Forum calls this hyperconnectivity which “does not just allow us to do things more efficiently; it transforms how we do things and even what can be done.” “The goals and implications are staggering, as “the internet now connects anywhere from 10 billion to 15 billion devices. Even so, less than one percent of things are connected to the internet today.... When applied to the electrical grid, these technologies are referred to as the smart grid, a catch-all term for technologies “to bring utility electricity delivery systems into the 21st century, using computer-based remote control and automation.” “Internet shocks could ripple through systems in countless ways, because of the universe of unknown and unknowable dependencies. As systems get more complex and interdependent, more tightly coupled and with fewer workarounds, the shocks from these systems will have an impact on, and echo in the ‘normal’ internet.” An entirely reasonable response from the embedded-systems design community would be, “we knew that.” Nevertheless, it does no harm to realise that the other interested parties are also alert to the risks inherent in what we are creating. It is a safe, if unsettling, prediction that there will be major shocks to, and in, the system: and there will be allocations of blame, and potentially even searches for scapegoats. The wider world is already watching – also entirely reasonably, in the case of the insurers, as they will end up paying the bills – even before the IoT gets fully into its stride. As the paragraphs above confirm, it is in the nature of things that shocks will come “out of the blue”: but in any after-the-event analysis, being judged to have failed to anticipate something that could have been foreseen, will not be a comfortable place to be. 4 EDN Europe | MAY 2014 www.edn-europe.com


EDNE MAY 2014
To see the actual publication please follow the link above