The one where we discuss managing identities of industrial things with long lifespans and primitive capabilities


A portrait of WALL-E, the abandoned robot from the 2008 Pixar movie.
WALL–E (2008), abandoned by his makers and his owners.

Phil Wolff: So my mind kept going back to WALL-E, the robot from the 2008 movie who’s abandoned on Earth by the company that made him, by the government that owned him, by the people who were supposed to benefit from his services, and is left on his own to forage for whatever he needs to keep himself going, to keep pursuing his purpose and maybe discover new purposes and new ways to get to where he needs to go.

And it made me think about the challenges of managing industrial things that have been out in the field for years. We’ve talked a little bit in previous conversations about updating software to include new capabilities on devices for identity and authentication, and to improve data provenance and that kind of thing. But there are limits on a lot of this gear, especially older gear.

So when does lack of High Assurance Identity interfere with your ability to get any more return on your investment? When are those digital identity challenges enough of a reason to end of life some of or all your devices? How bad does it have to be?

Damian Glover: It might be when the shortcomings of your current setup lead to almost intolerable risk, or where the opportunity cost of not being able to move things forward because of this lack of efficient identity become too great. Those would be the sort of things that I could see being game changers.

Michael Shea: To force a rip and replace something has to make you say, even though this device may not be End-Of-Life, it’s still functional and has useful life in it, we have to replace it with something that is at a higher level. Perhaps a risk factor has grown by orders of magnitude and the exposure is so high that you don’t have a choice, you just have to replace it. In our ever-connected world the risks of massive systems being compromised is there. And when something malicious is done on that scale, you know, and sections of the power grid are shut off, when someone launches an attack like that, it may feel almost equivalent to an act of war.

Damian Glover: That only has to happen once somewhere in the world for people to get motivated.

Michael Shea: Correct. I think that’s when the game starts to shift. Or there’s a realization that we’re going to replace this kit, because if we update it, it gives us the ability to create all these new products and we can now make, you know, two or three times more. I don’t think we’re there yet in either case.

Phil Wolff: Well, we don’t know that actually. There might be companies that have already made the call. Like, hey, we deployed this stuff in 2010, we’ve had 10 years of life out of it instead of 20 but it’s sunk costs, let’s just go forward.

Michael Shea: Yep. Or it could be you take those gigantic power transformers, you know, the ones that look like a small house and last 30 to 40 years. And you say, maybe we can replace the control electronics on it.

Damian Glover: Are we assuming that the hardware we’re talking about would be able to support an upgrade of the digital identity system?

Michael Shea: I think it would depend on what the hardware is. It comes back to what’s the value of doing it, what’s the ROI? Is it about security, liability, risk mitigation? Or is there a new business opportunity?

Phil Wolff: So for instance if you’re being exposed to ransomware or cyber warfare, you might go, Wow, I need to make sure that all the things I have can be upgraded, you know, at least five times in their life. And so I need a stable operating system on the devices and lots of headspace for apps and data, beyond what’s needed for the devices to do their job. You should expect that there’s going to be demand for new defences, or new authentication methods or whatever. And that’s on the risk avoidance side.

On the Fear Of Missing Out side, it’s about future-proofing your devices for when the opportunity comes along to get your devices to co-operate or to make them smarter, because I can install machine learning apps on them. But many devices don’t have that kind of expandability or field upgradability. It’s like, we squeezed all this stuff onto this really tiny processor and eight meg of memory to keep the costs down.

Michael Shea: Or even less than that on a lot of devices.

Phil Wolff: Right, as opposed to going, Let’s pack everything we can into this and make it as smart as we can. And, you have to pay extra for that future-proofing.

Damian Glover: So manufacturers could offer a choice of kind of specs where the same device could come in a future-proof version?

Phil Wolff: Right. So if I’ve got an agricultural sensor, right now, it only has a simple processor and some basic functions like ‘call home’. But if you improve the CPU, you add some extra RAM and some storage capacity – you know what, I paid double for that extra stuff, just to make sure that I don’t have to rip and replace for another five or ten years. Now I have some confidence in that device. Versus my neighbour on his farm, who had to replace everything completely.

Michael Shea: In a perfect world you’d want that upgradability. But what’s the additional cost?

Looking forward by looking back

Phil Wolff: Exactly. If you have a fixed budget, maybe you reduce the number of devices in order to future proof those you do deploy. Thinking about your power transformers example, let’s say they’ve been in the field for 25 years. If we go back to 1995, we had the web but we didn’t have OAuth or public key encryption or SSL. And in the world of identity and authentication you had LDAP I think. Imagine trying to do identity on the devices from back then.

Michael Shea: You might have an eight-bit microcontroller. Those still exist, eight and 16 bit microcontrollers are still very much around. This is the danger. When people say, well, we’ve done it on a Raspberry Pi, you know, that’s an extremely capable device, it’s not a microcontroller. I mean, it’s a full-blown computer.

When you call it an edge device, it’s probably something in a similar class to a Raspberry Pi. That’s where you’re starting to do artificial intelligence or machine learning. The bar is higher versus a weather sensor or something reading the temperature in a building and turning the heat or the air conditioning up or down. That may be an eight bit or 16 bit microcontroller.

Phil Wolff: Waves of technologies come forward in the world of identity. Not just identifying yourself but the encryption and protection and the self-awareness to know if you’ve been made vulnerable as a device, and report that in.

In 1995, if you wanted to deploy something that might support ten years’ worth of software updates so that by 2005 you have a web server running on the device, so it can answer questions in a common protocol, and just have the software updated to do all that stuff – you’d need to put in the best processor of 1995 and as much RAM as you could afford from that era.

Michael Shea: I don’t know if it’s practical, though, in reality.

Phil Wolff: So the less they futureproof, the more risk they have. It feels to me kind of like a technical debt. You’re swapping the likelihood of needing to replace your whole system versus the opportunity to do everything via software updates. And I guess part of the question, for energy companies and pharmaceutical companies and hospital networks and all these other folks, who are the major investors in and consumers of industrial grade Internet of Things devices, is how much would you pay to push your window from, you know, three years to 10 years?

Michael Shea: Well, what’s changed for them, to change the financial model?

Phil Wolff: More things will be talking to each other, because you get synergy. You’re going to get more diverse kinds of things talking to each other and collaborating. There’s going to be more autonomy, because we’ll have more disruptions in IoT dependencies like power distribution, so you’ll want things to be able to fend for themselves during a systemic outage.

The context is shifting, making old things, the old decisions you’d made no longer terribly relevant. And, you know, we’re going to have machine learning tools that will be able to recognize, Hi, my identity system is telling me everything’s okay, but it’s behaving out of character. Please come check me out. They don’t exist today, but it’s reasonable to think they will. In not too long from now, why wouldn’t you have biometrics on that simple farm sensor to prevent an unauthorized person from physically manipulating it or coming by to steal it?

more to come…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this:
search previous next tag category expand menu location phone mail time cart zoom edit close