Cyber Security and Defense: It’s the Hardware Stupid!


2016-12-06 By Michael W. Wynne


When the large scale computers became the rage of the space race, Univac, then Sperry Univac, and Burroughs reigned large on the scene.

Within these companies there almost always was contention as they wrung out ‘bugs’ in the system.

Hardware designers blamed the software engineers; and just as vociferously, the software engineers ‘knew’ in their hearts they were done in by the hardware.

This was the stand-off and the concept of general purpose fast became separated from design specific allowing software design to flourish and blossom into its present state.

Today, even for many application specific integrated circuits, there remains a general purpose involvement to make it easier to alter.

With the growth of interconnectivity, that has morphed into the internet.  This has allowed distant upgrades; to processes and manuals, and a convenience that our world has gotten comfortable with.

It is time to re-examine this issue.

Because this very convenience has allowed the implantation of malicious activity, and now threatens the inner support system for society, the question needs to be raised.

This is because, below the applications that are elegant, below the operating systems that allow for the rapid reset of the memory and executables; below even the bit code that continues to underpin the ‘V’ of computational machines, sits the hardware —  a derivative of the Turing Computing Machine; a proven flawed basis of support.

Proven time and again to be vulnerable to external resets, it is time to raise the inevitable question, to which the answer is: ‘IT IS THE HARDWARE, STUPID!’ 

Fixing flawed hardware with software, should have been discarded decades ago.

Why we are still at it, is difficult to discuss in polite company.

Current Situation

Pearl Harbor Day; and yet here we go again, with lot’s of warning, but no innovation to protect America.

We truly need to go back to basics, and ask can this issue be fixed.

Is there a solution that even in its primal state can protect networks from distant hacking?

The answer is yes; restore the rules of systems engineering to understand the output for every input signal.

Construct complex analog circuitry that both mimic and replace currently installed Turing based internet appliances.

The second question would be: is there a pressing need to revert to this solution, (e.g; Analog) to protect society?

With the hue and cry about infrastructure vulnerability, and declarations about evil doers, bank losses, identity theft, invasion and ransacking of credit card databases, and now ransomware; there is but one answer there as well; and that is yes.

While our Nation spends billions in fruitless pursuit of a software fix for a hardware flaw, it has successfully launched the ‘I think you have a problem industry.’

I see this as paying Protection Money to the wrong gang, and we now know that with Ransomware, the Hacking Gang is seeking its payment over and above the Monitoring Gang.

It is time to place responsibility with an accountable agency to commence the difficult task of prioritizing what should be protected, and get on with providing academically proven solutions.

Resolving the great debate that raged in the 1950’s is not a viable way forward, but applying known fixes could be the answer.

In the words of the purported philosopher-Forrest Gump ‘Stupid is as Stupid does’.

After nearly a decade of spending money, now estimated at eighteen billion dollars, researching software to fix a flaw in hardware, isn’t it time to recognize, ‘It is the Hardware, Stupid!’

That eighteen billion would be better spent converting the bit map and the operating systems to work with apps based on hardware that is uncompromising with regard to hacking.

This stops the flow of funds to both the Corporate Patching Community and the Hacking Community, and allows that spend to go to growth opportunities.

Now it is a drag on our economy, and on others around the world.

If our Nation sets a goal to retain as much of the convenience that the present compromised internet contains, our innovators will do just that.

Do we wait for our society to endure an oft forecaseted digital Pearl Harbor?

That is not how the Nation should be protected.

Looking Forward or Avoiding a Digital Pearl Harbor

What then do we need to do?

We need to search through Academic and Governmental research to determine available approaches to correcting the Hardware flaw they have known about since 1934, right after Turing Computing Machines were invented.

With a modest amount of research one can identify providers that never changed from Analog Appliances in the face of the herd mentality that ‘Moore’s Law’ and other advances have produced.

In fact ‘Moore’s Law’ also benefited the Analog Internet Appliances, with its ability to pack more and more capability into a smaller and smaller device, costing far less than predecessors.

Right now, with all of the ‘followers’, we need a thought leader in Government (DHS or DoD) or in Academia (NIST?) to certify the protective capability that the complex frozen analog appliance offers.

To be able to testify, if you will, that using frozen (e.g.; non reprogrammable) complex analog circuitry mimicking and replacing currently installed internet appliances satisfies the pent up desire for a corrective action against hacking; for designed in Cyber Security and Defense.

This would provide the way forward for our industry when the liability gets large, and the insurance companies raise their rates and demand action.

Protecting our society, whether water pumps, Gas Lines, or the electrical grid could fall to being regulated by the Department of Homeland Security to actually get protected.

Infrastructure Owners can be realistically tasked to put in place protected SCADA Systems, with motivation and support from the Department of Homeland Security, which can design and approve frozen analog complex circuitry, which would then replace the currently installed Internet appliance.

Security teams from the agency who routinely monitor security procedures for these assets, can as well advise of security concerns from the internet facing appliances.

Once this breakthrough is underway Internet Service Providers, router designers, and server designers can then look to provide needed support to agencies and public corporations to protect them as vital economic assets.

This could be the new American innovation, where hardware innovation brings our society and the world’s back from a predicted Armageddon Brink.

What better gift to celebrate Pearl Harbor day than to say, we learned to see the signs.

We learned to overcome the biases and got on with it.

We learned to change the outcome of the predicted future, and overcome our collective inaction.

Let’s say it together-‘IT IS THE HARDWARE, STUPID!’ and get on with the fix we are looking for.