In a previous column,
I discussed how
“cyberphysical” is an appropriate term to capture this new world we are
entering, where machines operate automatically and rapidly based on real-time
feedback. The next step is to understand why this cyberphysical matters to the
wider population that these machines will service. We can then assess levels of
risk in order to better develop a culture of cyberphysical security.
The most notable trend is
that critical services we rely on are increasingly dependent upon cyberphysical
interactivity. The scope of these critical services continues to broaden and
deepen across industries, especially as the functionality and speed of devices
is more widely understood.
To me, nothing offers a more
direct example of cyberphysical dependency than heart pacemakers. More than
three million people rely on these devices every day, and 600,000 new implants
are performed each year (American Heart Association). These cyberphysical
devices not only manage electrical impulses in the human body, but they can also
connect to external, remote systems for diagnosis and adjustments. Security
takes on new meaning when you consider how and where these cyberphysical systems
reside.
Another set of cyberphysical
interactions occur to deliver our electricity, which we ambitiously consume at
approximately 18,000 TerraWatts a year. How many of us can go 60 minutes without
an electrical charge to our cell phones? Smart meters, not to mention power
generation control systems, play a part in delivering this critical energy
service.
Moving forward, we can
envision a host of additional cyberphysical systems beyond these two examples,
managing and impacting our daily lives. Many have seen self-driving cars, which
are expected to grow at 134% CAGR in the next five years (not to mention
electric cars, another dependency back on our power generation systems). Or
consider home automation systems and maritime cargo monitoring.
As a security specialist,
while I anticipate great reward from these new types of cyberphysical systems, I
also envision the need for better protection. The dependency on cyberphysical
systems exposes the broader population to a variety of risks.
While I will outline here
some of these risks, be assured that my follow-on column will discuss solutions.
My intent is to help readers visualize the relevance of cyberphysical systems in
day-to-day lives, as background to why new approaches to security are required.
And while our researchers handle very targeted and device-specific
vulnerabilities behind closed doors, I will discuss in public only broad strokes
of exposure, rather than risk proliferating any attack specifics.
As an initial example, many
readers may be familiar with home automation systems that now include
thermostats
with remote control capabilities. Researchers have already performed “jail
break” attacks to take over such temperature-altering devices, building upon
prior attack lessons learned. Similar to information security holes in
enterprise devices, these consumer thermostats lack robust security measures.
Amidst pressures to be “first
to market,” it is not uncommon for manufacturers to trade off convenience and
price for limited protection. In some cases, it might not even be a conscious
design decision. Considering our growing dependency on cyberphysical systems,
however, security testing seems an obvious addition (but I will discuss
solutions further in my next column).
In other industries, it is
less a rush to the consumer market triggering risks than it is a status quo
regarding defining what constitutes “safe.” In the energy sector, offshore oil
rigs were once “air gapped” and not connected to other systems.
Today, devices from as far
afield as transportation and government services have typically been prioritized
by physical security implications first. Will seat belts cause more injuries or
save more lives, for example, or how will devices from state clinics affect the
medical condition of citizens? Today, as cyber merges with physical inside
vehicles and operating rooms, “safe” needs a new perspective. Has the system
been tested against remote control access? If a cyberphysical device receives
false commands, what are the implications?
These are just two examples
of different dimensions of risk we are exposed to as we enter the cyberphysical
era. The high level of machine-to-machine interactivity, the speed of sharing
real-time information automatically, and the trade off of convenience for
security in product lifecycle management will all contribute to new levels of
risk as cyberphysical systems emerge.
Considering our increasing
dependence on these critical systems, the onus is on our industry to devise new
and better security models. In my next column, I will illuminate options for how
we can move forward, including implementing security measures much earlier in
the design lifecycle.
From: www.securityweek.com
By Nate Kube