No Arabic abstract
Increasingly, smart computing devices, with powerful sensors and internet connectivity, are being embedded into all new forms of infrastructure, from hospitals to roads to factories. These devices are part of the Internet of Things (IoT) and the economic value of their widespread deployment is estimated to be trillions of dollars, with billions of devices deployed. Consider the example of smart meters for electricity utilities. Because of clear economic benefits, including a reduction in the cost of reading meters, more precise information about outages and diagnostics, and increased benefits from predicting and balancing electric loads, such meters are already being rolled out across North America. With residential solar collection, smart meters allow individuals to sell power back to the grid providing economic incentives for conservation. Similarly, smart water meters allow water conservation in a drought. Such infrastructure upgrades are infrequent (with smart meters expected to be in service for 20-30 years) but the benefits from the upgrade justify the significant cost. A long-term benefit of such upgrades is that unforeseen savings might be realized in the future when new analytic techniques are applied to the data that is collected. The same benefits accrue to any infrastructure that embeds increased sensing and actuation capabilities via IoT devices, including roads and traffic control, energy and water management in buildings, and public health monitoring.
Recent advances in artificial intelligence (AI) have lead to an explosion of multimedia applications (e.g., computer vision (CV) and natural language processing (NLP)) for different domains such as commercial, industrial, and intelligence. In particular, the use of AI applications in a national security environment is often problematic because the opaque nature of the systems leads to an inability for a human to understand how the results came about. A reliance on black boxes to generate predictions and inform decisions is potentially disastrous. This paper explores how the application of standards during each stage of the development of an AI system deployed and used in a national security environment would help enable trust. Specifically, we focus on the standards outlined in Intelligence Community Directive 203 (Analytic Standards) to subject machine outputs to the same rigorous standards as analysis performed by humans.
The Internet of Things (IoT) is already transforming industries, cities, and homes. The economic value of this transformation across all industries is estimated to be trillions of dollars and the societal impact on energy efficiency, health, and productivity are enormous. Alongside potential benefits of interconnected smart devices comes increased risk and potential for abuse when embedding sensing and intelligence into every device. One of the core problems with the increasing number of IoT devices is the increased complexity that is required to operate them safely and securely. This increased complexity creates new safety, security, privacy, and usability challenges far beyond the difficult challenges individuals face just securing a single device. We highlight some of the negative trends that smart devices and collections of devices cause and we argue that issues related to security, physical safety, privacy, and usability are tightly interconnected and solutions that address all four simultaneously are needed. Tight safety and security standards for individual devices based on existing technology are needed. Likewise research that determines the best way for individuals to confidently manage collections of devices must guide the future deployments of such systems.
By exploiting the increasing surface attack of systems, cyber-attacks can cause catastrophic events, such as, remotely disable safety mechanisms. This means that in order to avoid hazards, safety and security need to be integrated, exchanging information, such as, key hazards/threats, risk evaluations, mechanisms used. This white paper describes some steps towards this integration by using models. We start by identifying some key technical challenges. Then we demonstrate how models, such as Goal Structured Notation (GSN) for safety and Attack Defense Trees (ADT) for security, can address these challenges. In particular, (1) we demonstrate how to extract in an automated fashion security relevant information from safety assessments by translating GSN-Models into ADTs; (2) We show how security results can impact the confidence of safety assessments; (3) We propose a collaborative development process where safety and security assessments are built by incrementally taking into account safety and security analysis; (4) We describe how to carry out trade-off analysis in an automated fashion, such as identifying when safety and security arguments contradict each other and how to solve such contradictions. We conclude pointing out that these are the first steps towards a wide range of techniques to support Safety and Security Engineering. As a white paper, we avoid being too technical, preferring to illustrate features by using examples and thus being more accessible.
Americas transportation infrastructure is the backbone of our economy. A strong infrastructure means a strong America - an America that competes globally, supports local and regional economic development, and creates jobs. Strategic investments in our transportation infrastructure are vital to our national security, economic growth, transportation safety and our technology leadership. This document outlines critical needs for our transportation infrastructure, identifies new technology drivers and proposes strategic investments for safe and efficient air, ground, rail and marine mobility of people and goods.
Intelligent reflection surface (IRS) is emerging as a promising technique for future wireless communications. Considering its excellent capability in customizing the channel conditions via energy-focusing and energy-nulling, it is an ideal technique for enhancing wireless communication security and privacy, through the theories of physical layer security and covert communications, respectively. In this article, we first present some results on applying IRS to improve the average secrecy rate in wiretap channels, to enable perfect communication covertness, and to deliberately create extra randomness in wireless propagations for hiding active wireless transmissions. Then, we identify multiple challenges for future research to fully unlock the benefits offered by IRS in the context of physical layer security and covert communications. With the aid of extensive numerical studies, we demonstrate the necessity of designing the amplitudes of the IRS elements in wireless communications with the consideration of security and privacy, where the optimal values are not always $1$ as commonly adopted in the literature. Furthermore, we reveal the tradeoff between the achievable secrecy performance and the estimation accuracy of the IRSs channel state information (CSI) at both the legitimate and malicious users, which presents the fundamental resource allocation challenge in the context of IRS-aided physical layer security. Finally, a passive channel estimation methodology exploiting deep neural networks and scene images is discussed as a potential solution to enabling CSI availability without utilizing resource-hungry pilots. This methodology serves as a visible pathway to significantly improving the covert communication rate in IRS-aided wireless networks.