IoT and Smart Cities have become terms we are all too familiar with, but looking at the rate at which they grows, we cannot ignore the growth of the attack areas, writes PAUL WILLIAMS, Country Manager SADC, Fortinet.
Smart cities are being planned the world over. Technology development always goes through two phases for any new discipline: First – tools are developed, and infrastructure is built and enabled. And second – the technology is scaled up. In the case of smart cities, we are in the first phase, where many of the kinks and challenges are still being ironed out.
Here are some examples of services a smart city might provide:
· Coordinated energy control of air conditioners at homes during hot summer days to manage and preserve city power resources
· Directed local discounts in retail and restaurants to avoid city congestion
· An automatic fee for driving a vehicle during highly congested periods
· A smart directed parking app that automatically discounts congestion charges for parking in specific parking lots
· Real-time sensor data to warn citizens affected by allergens and irritants
· Real-time sensor data of standing water for mosquito breeding, etc.
· Vehicle-to-vehicle communication, autonomous driving technology, and infrastructure with embedded sensors to warn of things like imminent traffic jams, construction, best routes for navigation during emergencies, etc. based on real-time traffic patterns.
To enable such services, smart cities will need to deploy plenty of IoT devices and services for metering, sensing, and controlling.
The Attack Surface of Smart Cities
The increase in the size of a smart city’s IoT device footprint corresponds to an increase in the size of its attack surface.
As was seen recently in a series of IoT-based denial of service attacks, IoT devices can be compromised and hijacked into a Shadownet (an IoT-based botnet that can’t be seen or tracked using normal browsers or tools) and controlled by a command and control (C&C) center run by hackers. Alternatively, these devices and services may be attacked in order to deny services to legitimate users.
Here are some examples of what hackers and attackers can do:
· Take control of parking, traffic lights, signage, street lighting, and automated bus stops, etc. For example, changing highway signs to read “terrorist threat in area” or “danger, toxic spill ahead” could seriously disrupt traffic and cause panic among drivers.
· Direct all cars and buses to a specific area to create congestion and gridlock.
· Disable local transportation, thereby disrupting businesses and services, such as banking, because employees can’t get to work.
· Open causeways to spill sewage and untreated waste water into parks, rivers, and communities.
· Cut off access to drinking water.
· Send fake SMS directing to people to a specific location, such as a targeted business or government agency
· Remotely switching off air conditioners or furnaces during extreme temperature days
· Randomly turning on fire and burglar alarms throughout the city
Increasing the Security in Smart Cities from the Inside
While it’s not possible to secure every possible security breach in a totally connected environment, it doesn’t mean we need to go back to the Stone Age. Instead, it’s possible to take some key initial steps to strengthen the smart city’s security posture and architecture:
· Use strong encryption
· Design systems that have strong protection against tampering.
· Provide strong access control, authentication, and authorization
· Maintain detailed logging of activities
· Segment services for individual sub-systems, and then aggregate and pool data that you want to make publicly accessible
· Create centralized management, analysis, and control systems through segmented and secured administration channels to troubleshoot problems
· Set baseline standards that trigger alarms or require manual override when thresholds are crossed or anomalous behavior is detected, such as rerouting traffic or disabling water treatment.
Segmentation is the Key
With a complex smart city network, segmentation is the key. For example, the Smart Transportation network needs to be logically segmented from other smart networks, such as user services, websites, or energy networks, etc. This aids in isolating an attacks, and allows for the advanced detection of data and threats as attacks and malware move from one network zone to the other. This also divides the smart city network into security zones, which aids in compliance, monitoring internal traffic and devices, and preventing unauthorized access to restricted data and resources.
Such segmentation will ensure that the majority of the IoT components deployed across the smart city only communicate with those devices and systems they should, and only talk in the protocols they have been assigned. This will also ensure that the interior network doesn’t get hacked and can’t participate in a DDoS attack.
In a similar way, other smart networks in the city can be segmented and isolated from each other, thereby avoiding the spread of malware and reducing the impact of any hacks and attacks. Further, smart cities must make include the ability of IoT equipment to support and control such traffic an essential purchasing requirement.
Increasing the Security in Smart Cities from the Outside: DDoS Attacks
While network segmentation will ensure that the internal network is protected and its integrity and availability are preserved, we need to increase the availability of the smart city’s Internet facing properties. DDoS attacks can be easily used to overwhelm this infrastructure. Depending on the size of the pipe, and expected worst-case scenarios, city IT teams must develop and implement and effective DDoS attack mitigation strategy. This may be comprised of either an over provisioned appliance solution, or a hybrid solution consisting of appliances combined with a cloud based scrubbing center.
An over provisioned appliance solution enables you to manage DDoS attacks that are larger than your normal bandwidth usage. For example, if your normal user traffic is 1 Gbps, develop a plan for a 20 Gbps DDoS attack that includes deploying an appliance to mitigate such attacks, and provision for such potential bandwidth requirements from your service provider. If the actual attack is expected to be larger than your service provider bandwidth, however, you may need a hybrid solution that includes a cloud-based scrubber that works closely with your DDoS appliance solution.
From Smart to Smarter
As time passes, smart cities will become even smarter as they learn from researchers, from each other, and from incidents that are bound to happen.
Why your first self-driving car ride will be in a robotaxi
Autonomous driving will take longer than we expect, and involve less ownership than the industry would like, writes Intel’s AMNON SHASHUA
As we all watch automakers and autonomous tech companies team up in various alliances, it’s natural to wonder about their significance and what the future will bring. Are we realizing that autonomous driving technology and its acceptance by society could take longer than expected? Is the cost of investing in such technology proving more than any single organization can sustain? Are these alliances driven by a need for regulation that will be accepted by governments and the public or for developing standards on which manufacturers can agree?
The answers are likely a bit of each, which makes it a timely opportunity to review the big picture and share our view of where Intel and Mobileye stand in this landscape.
Three Aspects to Auto-Tech-AI
There are three aspects to automotive-technology-artificial intelligence (auto-tech-AI) that are unfolding:
- Advanced driver-assistance systems (ADAS)
- Robotaxi ride-hailing as the future of mobility-as-a-service (MaaS)
- Series-production passenger car autonomy
With ADAS technologies, the driver remains in control while the system intervenes when necessary to prevent accidents. This is especially important as distracted driving grows unabated. Known as Levels 0-2 as defined by the Society of Automotive Engineers (SAE), ADAS promises to reduce the probability of an accident to infinitesimal levels. This critical phase of auto-tech-AI is well underway, with today’s penetration around 22%, a number expected to climb sharply to 75% by 2025.1
Meanwhile, the autonomous driving aspect of auto-tech-AI is coming in two phases: robotaxi MaaS and series-production passenger car autonomy. What has changed in the mindset of many companies, including much of the auto industry, is the realization that those two phases cannot proceed in parallel.
Series-production passenger car autonomy (SAE Levels 4-5) must wait until the robotaxi industry deploys and matures. This is due to three factors: cost, regulation and geographic scale. Getting all factors optimized simultaneously has proven too difficult to achieve in a single leap, and it is why many in the industry are contemplating the best path to achieve volume production. Many industry leaders are realizing it is possible to stagger the challenges if the deployment of fully autonomous vehicles (AVs) aims first at the robotaxi opportunity.
Cost: The cost of a self-driving system (SDS) with its cameras, radars, lidars and high-performance computing is in the tens of thousands of dollars and will remain so for the foreseeable future. This cost level is acceptable for a driverless ride-hailing service, but is simply too expensive for series-production passenger cars. The cost of SDS should be no more than a few thousand dollars – an order of magnitude lower than today’s costs – before such capability can find its way to series-production passenger cars.
Regulation: Regulation is an area that receives too little attention. Companies deep in the making of SDSs know that it is the stickiest issue. Beside the fact that laws for granting a license to drive are geared toward human drivers, there is the serious issue of how to balance safety and usefulness in a manner that is acceptable to society.
It will be easier to develop laws and regulations governing a fleet of robotaxis than for privately-owned vehicles. A fleet operator will receive a limited license per use case and per geographic region and will be subject to extensive reporting and back-office remote operation. In contrast, licensing such cars to private citizens will require a complete overhaul of the complex laws and regulations that currently govern vehicles and drivers.
The auto industry is gradually realising that autonomy must wait until regulation and technology reach equilibrium, and the best place to get this done is through the robotaxi phase.
Scale: The third factor, geographic scale, is mostly a challenge of creating high-definition maps with great detail and accuracy, and of keeping those maps continuously updated. The geographic scale is crucial for series-production driverless cars because they must necessarily operate “everywhere” to fulfil the promise of the self-driving revolution. Robotaxis can be confined to geofenced areas, which makes it possible to postpone the issue of scale until the maturity of the robotaxi industry.
When the factors of cost, regulation and scale are taken together, it is understandable why series-production passenger cars will not become possible until after the robotaxi phase.
As is increasingly apparent, the auto industry is gravitating towards greater emphasis on their Level 2 offerings. Enhanced ADAS – with drivers still in charge of the vehicle at all times – helps achieve many of the expected safety benefits of AVs without bumping into the regulatory, cost and scale challenges.
At the same time, automakers are solving for the regulatory, cost and scale challenges by embracing the emerging robotaxi MaaS industry. Once MaaS via robotaxi achieves traction and maturity, automakers will be ready for the next (and most transformative) phase of passenger car autonomy.
The Strategy for Autonomy
With all of this in mind, Intel and Mobileye are focused on the most efficient path to reach passenger car autonomy. It requires long-term planning, and for those who can sustain the large investments ahead, the rewards will be great. Our path forward relies on four focus areas:
- Continue at the forefront of ADAS development. Beyond the fact that ADAS is the core of life-saving technology, it allows us to validate the technological building blocks of autonomous vehicles via tens of new production programs a year with automakers that submit our technology to the most stringent safety testing. Our ADAS programs – more than 34 million vehicles on roads today – provide the financial “fuel” to sustain autonomous development activity for the long run.
- Design an SDS with a backbone of a camera-centric configuration. Building a robust system that can drive solely based on cameras allows us to pinpoint the critical safety segments for which we truly need redundancy from radars and lidars. This effort to avoid unnecessary over-engineering or “sensor overload” is key to keeping the cost low.
- Build on our Road Experience Management (REM)™ crowdsourced automatic high-definition map-making to address the scale issue. Through existing contracts with automakers, we at Mobileye expect to have more than 25 million cars sending road data by 2022.
- Tackle the regulatory issue through our Responsibility-Sensitive Safety (RSS) formal model of safe driving, which balances the usefulness and agility of the robotic driver with a safety model that complies with societal norms of careful driving.
At Intel and Mobileye, we are all-in on the global robotaxi opportunity. We are developing technology for the entire robotaxi experience – from hailing the ride on your phone, through powering the vehicle and monitoring the fleet. Our hands-on approach with as much of the process as possible enables us to maximize learnings from the robotaxi phase and be ready with the right solutions for automakers when the time is right for series-production passenger cars.
On the way, we will help our partners deliver on the life-saving safety revolution of ADAS. We are convinced this will be a powerful and historic example of the greatest value being realized on the journey.
Professor Amnon Shashua is senior vice president at Intel Corporation and president and chief executive officer of Mobileye, an Intel company.
Sea of Solitude represents mental health issues through gaming
It’s a game that provides a tasteful visual representation of mental health issues. BRYAN TURNER dives into the Sea of Solitude.
Disclaimer: This review is based on four hours of gameplay.
Sea of Solitude, the latest adventure game by Jo-Mei Games and EA Games, takes a sobering look at loneliness. It represents this loneliness visually, using light and dark environmental changes, as well as creatures players must encounter. The main character, Kay, must make it through the sea without finding herself trapped in a sea of loneliness. She meets fantastical creatures along her journey, and she must help them solve their challenges while keeping herself in a sane environment.
The game is systematic in the way it represents its important aspects. It starts with a striking visual art style and a soft storyline, which gives characters a chance to absorb the beauty of the game. As one gets a hang of the controls and used to the art style, the story kicks it up a few notches to reveal the harrowing backstories of the creatures that reside in the sea Kay must travel.
In particular, it features a creature that keeps flying away from Kay. This was frustrating because the previous chapter of the game presents a backstory for the creature that was not only devastating to the main character, but also to the player. Once Kay meets this creature, players must be ready to cry. It’s a brilliantly crafted story and hats off to Jo-Mei Games for being great storytellers.
Cornelia Geppert, CEO of Jo-Mei Games, told EA: “Sea of Solitude centres on the essence of loneliness and tugs on the heartstrings of its players by mirroring their own reality. It’s by far the most artistic and personal project I’ve ever created, written during a very emotional time in my life. Designing characters based on emotions was a deeply personal achievement for our team and we’re so excited for players to soon experience Kay’s powerful story of self-discovery and healing.”
Generally, I steer clear of games that are metaphors about mental health issues because they tend to be crass in how they address mental health. Sea of Solitude is quite different because of its level of relatability. Other games about mental health tend to be about a specific disorder that not many people experience, while loneliness is something that so many of us experience. Additionally, the representation of how loneliness affects Kay in the real world is sharp but tasteful. The combination of relatability and respectful representation is what makes the game’s story so brilliant.
Another great aspect of this game is the music scoring. It uses sound and the absence of sound very carefully to invoke the right feelings expected from players. The game wouldn’t be as good with the sound off and subtitles on, so future players are recommended to turn up the volume or put on headphones.
The game is long for an indie game, at around three or four hours of gameplay until the end is reached. Several sources say there is a hidden ending, so players can look out for that in a second playthrough.
The game’s story isn’t perfect, though. The eventual sameness of creature encounters is a little disappointing. This may be down to the expectation of being extremely devastated by all the stories of the creatures, especially when one is less than devastated by the subsequent stories. One of the most affecting creature stories was also presented at the beginning of the game, which set the bar very high for the rest of the creatures.
One creature, in particular, tries very hard to have the greatest emotional impact, but this comes across as blunt and dampens the meaning of what it was supposed to represent.
While I didn’t mind sharp representation, the perception of themes like bullying, estrangement, and suicidal thoughts may vary in appropriateness from player to player. Prospective players with existing painful mental health issues should consult gameplay videos, like the one below, before purchasing the game, to gauge appropriateness.
Overall, the game is incredible at connecting with what it is to be human and what it means to be lonely. Dealing with issues as physical creatures is a great touch, as the main character tends to resolve the problems of the creature by understanding what the problems mean.