Shaping a New Approach to Cyber Defense: Time for Analog

11/27/2016

2016-11-20 By Michael W. Wynne, 21st Secretary of the Air Force

Summary:

Academics have known since 1934 that Turing computers were and remain inherently vulnerable to hacking as Godel and Keene Mathematically proved, and confidently expressed that proof in the years following.

The times were different; and computers were just aborning, and abandoning a rule of circuit design to firmly comprehend the relationship of every input to every output seemed acceptable when operating in isolation.

As society wallows in the deceit that a software patch can save the Turing Computing Machines that underlay the present Internet, we find even senior security officials such as the Chair and Co-Chair of the Intelligence Committee espousing the thought that protection is simply unavailable.

This is not fact based, but has grown to be the popular myth.

Returning to complex circuit design to mimic the intended digital circuit can and should underpin the ‘Designed in Security’ our society seeks, a proper defense.

Background:

The Internet was developed many years after the underlying flaw of the Turing Computing Machine was both invented and reviled during the 1930’s.

Turing is celebrated for his major contribution of code breaking, and as well the breakthrough in speed, using the phraseology in his topology of ‘this sentence is false’ leading to an acceptance of intent over precision in his computational mathematics.

Later as other mathematicians examined his processes, the fact of the endless recursive nature of the process allowed others to implant errors in this process, which essentially derailed the machine output. This has leading partially to the phrase “Garbage in Garbage out” as students who followed Turing grappled with the flaw.

My first encounter with computational mathematics was in an analog laboratory in junior high school where we were asked by the instructor to construct a difficult equation using classic ‘AND’ and ‘NAND’ logic based systems.

Looking back on that equation, there is no way to alter the setup without invading the circuit design. As well a bad answer would lead immediately to first a low grade, and second to a re-examination of the circuit for correction.

Thus every output had a known input.

Later, as a part of the autopilot design for the AC-130 gunship, which I and fellow Air Force Academy Instructors had compiled into an on board computer, testing at the Air Force Flight Dynamics Laboratory revealed a terrible anomaly was occurring.

Reflecting that they were in the analog world, and tested analog flight control systems, they took many hours of data illustrating a random control output that flapped the flaps, misguided the rudder, and generally was a disaster waiting to happen. With this information, from the digital perspective we were able to immediately discern that a flaw had been introduced into the program, and found a pointer looking at a random number generator, instead of the control table that we had carefully constructed. Thus, the anomaly was discoverd.

Looking back, there was a lesson, and that was that we had non-maliciously introduced this flaw in the digital domain, and it was detected by the rigor from the analog domain.

Thorough testing using solid circuit design requirements was the key to dealing with the anaomaly.

A shift from software patches to analog circuit design provides a way ahead. Source: Getty Images
A shift from software patches to analog circuit design provides a way ahead. Source: Getty Images

Later still, my daughter was typing away in the college library, when an old fashioned image of a bomb appeared, counted down, and destroyed all of her unsaved work. This prank was a precursor to the current malicious code that can be introduced from distant locations, though it was local at the time.

As this was not the intent of the university Computer Center, it was an indicator that symptoms of our current problems were evident before the Internet was expanded to a universal norm.

Naturally, a software fix, searching for this particular ‘bug’, was introduced. This was also a precursor to our current fixation to software patches that even come to my home computer (windows based) many times a month.

Years later, as the then National Security Advisor, Condoleezza Rice, advised that the Internet was becoming the wild west; and images from the other side of our placid computer screen were shown to be violent, society began to realize we had a problem.

When I became Secretary of the Air Force, I introduced Cyber into the mission of the Air Force to mobilize for the defense of this new domain; where rested much of our Command and Control.

When the Air Force recruiting headlines for Cyber professionals began to emerge, the Air Force was excoriated by the legislature for being overzealous, and mis-judging the problem with the Internet.

All have since been validated; but the problem of defending the domain remains.

It is time for a serious conversation and shaping a new approach, notably because the President-elect has set a key goal as shaping new civilian infrastructure and strengthening the US military.

Current Situation:

It is often said that doing the same thing, but expecting a different answer to emerge is a sign of insanity, though we are all guilty of this flawed thinking.

Putting a software patch on top of a flawed hardware system to counter punch an invader may be fulfilling, but it is been proven over and over to be fruitless.

None-the-less, as an Eighteen billion dollar industry, not unfulfilling. Even now the National Institute of Standards has essentially declared out loud the futility of the many solutions it has encountered, citing the patience of the Advanced Persistent Threat in many papers. It as well stipulates that many penetrants never realize for many months or years that a penetration has occurred, until it becomes advantageous for the agent to disclose the information, or a separate patch unwittingly discovers the loss of data.

Many times the victim has no idea there was an issue. Corporate Boards are leery of liability, and thus in denial; or becoming part of the herd of software patch payers.

But society is slowly becoming aware that this is a scam, that they are riding an unending strife curve; and the alarms are beginning to sound as if the end of life as we know it is nigh again.

It is seeping into engineering and into design that those that have stayed with Analog are immune to this Internet, distant and malicious, threat. Whether aircraft safety systems, or in some of the most carefully protected areas; suddenly what is old is new again.

I would like to beat the drum for a ‘blast from the past’ and celebrate the re-emergence of computational analog circuit design.

As well; I would raise a ceremonial toast to a systems engineering rule for thoroughly understanding every input and output response before the system goes on line.

This is a marked departure than ‘crowd sourcing’ corrections to flawed software, which by its very nature invites malicious activity, while waving the flag of cooperation and collaboration.

When it comes to National Security; or to Public Infrastructure, this is flawed policy and needs to change dramatically.

Even the Internet of Things (IoT), now popular, requires re-evaluation when public safety in the form of vehicle control, or Grid, or Pipe, or Dam, is at risk.

Forward Look:

I recently gave a presentation in China at a University there, citing the Systems Engineering principles, and identifying the fatal flaw which has been like a virus that has never been extinguished, but instead tolerated for its good parts; but is now becoming a civil defense issue that should be addressed.

I would say for our National purposes, it is time that we followed some prescriptive advice and agree upon a path that will settle down the current rhetoric; and may create a level playing field, where Intellectual Property can easily be protected if desired; and our National Interests can be logically addressed.

For sure, the cited eighteen billion dollar industry is not going away; but can slowly morph into creating useful paths to a safer Internet.

Society is ready; and now the professionals have to decide on priorities, and action.

I would suggest that we should prioritize the goal that USG Web sites immediately be protected using frozen (e.g.; non reprogrammable) complex analog circuitry mimicking and replacing currently installed internet appliances.

Further; that Infrastructure Owners be tasked to put in place protected SCADA Systems, under the watchful eye of the Department of Homeland Security, which again are frozen analog complex circuitry, again mimicking and replacing the currently installed Internet appliance.

Internet Service Providers, router designers, and server designers can provide needed support to the agencies and public corporations to alter our present course, and they should be doing it.

I would further implore Financial Institutions and Corporations to recognize that this must be done to protect themselves, and their customers from the current economic losses.

Why Insurance Companies are not demanding change is a mystery?

Society is not stuck, but thought leaders are, time for a change.

It is Time for Analog as the solution set to deal with the vulnerability challenges associated with software.

This is not only possible, but has been available for a few years–the path is novel, but not unknown.

Vulnerability on the Internet is actually a choice, not a given outcome.

 Let’s get on with it!

Editor’s Note: In the following article, published earlier this year by David Sax in Bloomberg Business Week, the author suggested that in the Age of Cybercrime, The Best Insurance May be Analog.

http://www.bloomberg.com/news/articles/2016-03-10/cybersecurity-the-best-insurance-may-be-analog

The article is an interesting companion piece to Secretary Wynne’s very clear call for a new way ahead to deal with a strategic vulnerability affecting civil and military defense systems.

Last September, Darpa launched the $36 million Leveraging the Analog Domain for Security (LADS) program, which is attempting to create a set of electronic ears that can detect malicious activity by monitoring the unintentional analog emissions of digital hardware, such as heat, sound, and changed frequencies.

“The advantage of an analog approach is that there’s no way for the malware to directly reach through air and affect the monitoring device,” says Angelos Keromytis, who runs the program.

If you wish to comment on this article you can do so on the Second Line of Defense Forum.

http://www.sldforum.com/2016/11/new-approach-cyber-defense-analog-option/