If ten years ago some­body told you that a teenag­er out­side of your house could access your email, bank­ing, and even your per­son­al health infor­ma­tion, through flaws in your home’s Internet-connected light­ing sys­tem you prob­a­bly think they were watch­ing too much sci­ence fic­tion. Unfortunately, this is becom­ing a real­i­ty in a world that’s increas­ing­ly pow­ered by con­nect­ed sen­sors. More specif­i­cal­ly, con­nect­ed sen­sors have three key prop­er­ties. First, they’re phys­i­cal objects like appli­ances. Second, they col­lect data from the envi­ron­ment around them. And third, they’re con­nect­ed to the Internet, so they can exchange infor­ma­tion with each oth­er, and oth­er systems.

A hand holding an iphone followed by several internet connected devices in a row: a smart light bulb, Nest thermostate, fitness band, and web cam

So, these sen­sors have a wide range of capa­bil­i­ties. Some can see, or record video, oth­ers can mea­sure tem­per­a­ture or count the amount of par­ti­cles in the air. With con­nec­tiv­i­ty, they form a col­lec­tive that’s greater than the sum of their parts. So when peo­ple are talk­ing about the Internet of Things, they’re talk­ing about con­nect­ed sen­sors. And as we know, there’s a direct rela­tion­ship between our reliance on tech­nol­o­gy and the detri­ment that can hap­pen if things go wrong.

Video still showing a car on a highway with a motorcycle following closely behind. Waves are illustrated emanating from the car,, red where they meet the motorcycle rider, indicating a detection of proximity

So for exam­ple, we all see the ben­e­fits of active safe­ty sys­tems in cars. In this pic­ture, we see an exam­ple of a car that avoids acci­dents by sens­ing the phys­i­cal envi­ron­ment around it and then wire­less­ly exchang­ing warn­ing mes­sages with oth­er near­by vehi­cles. But that same safe­ty tech­nol­o­gy, if attacked, can actu­al­ly allow you to immo­bi­lize a vehi­cle or even dis­able breaks while driving.

So, last year there was an exam­ple where two secu­ri­ty researchers showed how they are able to remote­ly access dash­board, steer­ing, trans­mis­sion, and even brakes of a car while it was dri­ving. Chrysler end­ed up hav­ing to issue a major recall which which cost them mil­lions of dol­lars. And these vul­ner­a­bil­i­ties affect even our most fun­da­men­tal infra­struc­ture, like the elec­tric grids that pow­er our cities and fuel our economies. And this ranges all the way from major cities to devel­op­ing nations. 

Two people walking in a rural area near a small building with solar panels on its roof

In this pho­to, we see an exam­ple of how con­nect­ed sen­sors can actu­al­ly help pro­vide elec­tric­i­ty in devel­op­ing regions of rur­al Haiti. So imag­ine if the elec­tric grid was attacked. Not only would we lose pow­er in our homes, but water treat­ment plants would stop func­tion­ing, oil refiner­ies wouldn’t be able to pro­duce gaso­line, stock mar­kets would grind to a halt. Billions of dol­lars in damage.

These types of attacks are already at the fore­front of cybert­er­ror­ism. So the ques­tion that we need to ask is why is secur­ing con­nect­ed sen­sors any dif­fer­ent than secur­ing the com­put­ers that we already know and trust for things like online bank­ing and shop­ping? If we look back at his­tor­i­cal­ly how we deal with flaws in secu­ri­ty, we often rely on remote updates or patch­es to fix things after the fact.

Probably the best exam­ple would be your smart­phone. I’m sure at one point or anoth­er you’ve all updat­ed the soft­ware on your smart­phone. You do it because you think it makes your phone more secure. It’s a good idea. And in fact, your phone is con­stant­ly check­ing for these updates. But what about tiny sen­sor devices? How can we secure some­thing that may only have enough ener­gy to send a cou­ple of mes­sages per day?

A photo of a living room overlaid with a large number of speech bubbles indicating all the devices which may be transmitting information.

Also, if you think…ten years in the future it’s esti­mat­ed there’ll be more than fifty dif­fer­ent con­nect­ed sens­ing devices per per­son. Who’s going to go around and update all of those dif­fer­ent sen­sors? What hap­pens if those updates fail? There a lot of soft­ware devel­op­ers that are afraid to put in live remote patch­ing for fears that that sys­tem in itself would actu­al­ly add secu­ri­ty vulnerabilities.

There’s also the con­spic­u­ous nature of these devices. They’re easy to steal because they sit out in the open. They’re hard­er to notice when they go miss­ing. They’re tricky to con­fig­ure, because often they don’t have key­boards or dis­plays. And if one of these devices gets infect­ed, it could spread through­out your entire house or your business.

And as is often the case with con­sumer appli­ances, the design­er of the next big thing, like this Internet-connected toast­er, is going to be rushed to ship units and meet dead­lines. They’re not going to stop to think about com­put­er secu­ri­ty. And even if they do, chances are they’re not going to be com­put­er secu­ri­ty experts. And what’s prob­a­bly most scary is even the very best com­put­er secu­ri­ty experts can’t make a sys­tem that’s secure for­ev­er. Every cou­ple of years we find flaws in our most deeply-rooted encryp­tion stan­dards. There was recent­ly one announced about Android, just a cou­ple days ago. There is in fact one axiom in com­put­er secu­ri­ty research that says there’s no such thing as a per­fect­ly secure com­put­ing system.

So at Carnegie Mellon University, we’ve been devel­op­ing and deploy­ing con­nect­ed sens­ing tech­nolo­gies for years. We’ve been trans­form­ing our cam­pus into a liv­ing lab­o­ra­to­ry so we can expe­ri­ence first-hand both the promise and the per­ils of con­nect­ed sens­ing tech­nolo­gies. So our goal is not only to improve their capa­bil­i­ties in terms of sens­ing and what they can do for us, but also increase our trust in the tech­nol­o­gy. We can see that there’s def­i­nite­ly ben­e­fit for con­nect­ed sen­sors to help stream­line our busi­ness­es, and improve our lives at home. But what we need to keep in mind is there’s also this bal­ance between risk and reward as we decide which devices should be con­nect­ed, and per­haps which should stay unplugged. 

So I’d like to leave off by ask­ing the ques­tion, do the ben­e­fits of con­nect­ed sen­sors out­weigh the risks, and where do we draw the line?

Further Reference

The WiSe (Wireless, Sensing and Embedded Systems) Lab, Anthony's group at CMU.


Help Support Open Transcripts

If you found this useful or interesting, please consider supporting the project monthly at Patreon or once via Square Cash, or even just sharing the link. Thanks.