Internet Of Things (IoT)

[rrroberts]

Just want to throw this link out there regarding the Internet Of Things (sometimes called the Web of Everything; while it is from an IEEE e-zine, link should work for you all; if it does not, please let me know)

http://www.computer.org/web/prpl-ma...eriously&lf1=1191421147f482116102383b50370073

Article is about how researchers were able to hack a 2014 vehicle on-board network and take control of driver functions; also talks about net-connected drug infusion pump being remotely hacked.

This is not anything new - about 5 years ago (before IoT hype began), read in an IEEE publication about how researchers were able to hack a network connectable pacemaker - talk about an assassin's dream come true!

To add insult to injury, here in the U.S., thanks to DRM, DCMA, or whatever, researchers may not be allowed to openly publish their results regarding some of these flaws (if I remember correctly, this applies to commercially available routers and such).

 

[Yozora]

Scary stuff. Whenever I see someone announce another amazing futuristic device, I sometimes can't help but think "What could go wrong if/when it breaks?". The internet of things has the potential to make that thought a whole lot more disturbing. I like the idea of self-driving cars, but what might happen if someone were to hack into one could be terrifying. If people can already hack into cars now though, maybe things can't get much worse...

 

[rrroberts]

Yozora:

You have that right. IMHO, part of what brings on these problems is the rush to market and management who do not have any concept of what can go wrong and do not allow sufficient time for testing.

30 years ago the Therac-25 software controlled radiation therapy machine killed and injured several patients. It reused some software from earlier models that had hardware interlocks to prevent radiation overdose; the Therac-25 did not have these interlocks, instead relying purely on software. Due to a bug, safe limits could be exceeded under certain conditions; this was not an issue in earlier models due to hardware interlocks.

With the hacked vehicle, it would have to be drive by wire (I can not see any other way) to allow take-over of driver functions. Perhaps one lesson learned here from both Therac-25 and hacked vehicle would be retain mechanical/hardware control in life critical applications until the technology is FULLY mature.

While I do not know all the design details, aircraft uses fly by wire for years now and recently networked avionics. How is that for a scary scenario? The U.S. FAA is supposed to exercise due diligence on these new technologies before issuing Airworthiness Certificates. I hope the FAA has not been impacted severely by deregulation.

There is not anything wrong with "another amazing futuristic device" as long as it is tested and reviewed proportionately to its safety risk. Perhaps another question to ask, does society need this new toy?