As the Internet of Things (IoT) grows to an enormous scale, new security and scalability challenges are bound to emerge. According to the chief information officer (CIO) of the federal government, Tony Scott, the issues may be fixed by implemented self aware systems and lowering the amount of data analysed.
Speaking at the ICIT Forum 2016, Scott — who previously worked for Microsoft and VMWare under the same title — said that IoT components lack a few critical features that may lead to major issues.
See also: Rise in IoT pushes government agencies to rethink security
The first missing feature is self awareness; the ability for the component to ask questions like “Am I healthy? Am I still operating the way I was designed to? Have I been compromised? Can I call for help?” Self aware components might even be able to self diagnose, providing a report every few hours on its health to a centralized server.
Self awareness is not artificial intelligence, but provides the chip with enough “brain power” to know when it’s unhealthy or vulnerable to attack. This could save money by lowering the amount of analysis done on an IoT network.
This leads into Scott’s next point on the over analysation of a network. He calls for systems to be created that send only the most important pieces of information, rather than an entire network of info.
Security an “intractable problem?”
“I don’t believe we can collect logs and analyze them for everything that’s going to be a participant in the Internet of Things,” said Scott. “I don’t think there’s enough compute power or enough data science to do that effectively at really large scale. It’s just an intractable kind of problem.”
Scott believes that developers of IoT systems need to look at new ways of designing systems that differ from previous platforms. He suggests that developers rethink how a system is built and if every component is necessary to make IoT functional and secure.
Automation of systems is being tested by a few companies like Google and IBM, which want to use artificial intelligence to lower the amount of human input, but it is still in the early days. Other systems like the blockchain might help towards a more computer-orientated system of trust and security.