Is the Internet of Things still "not connected to the Internet"? Reflection on the hidden dangers of the Internet of Things

At a "round table" held by US President Barack Obama shortly after he took office, as one of the only two representatives, IBM CEO Peng Mingsheng proposed the "Smart Earth" strategy and suggested that the new government invest in a new generation. Smart infrastructure. The strategy believes that the next phase of the IT industry's mission is to fully utilize the next generation of IT technology in all industries. Once this concept was put forward, it caused widespread sensation around the world and was recognized by the world as "a new wave of informationization in the world information industry after the computer, Internet and mobile communication networks." The Chinese government also attaches great importance to this. The "Internet of Things" has been officially listed as one of the country's five strategic emerging industries, and has been included in the National Twelfth Five-Year Plan. At present, domestic theoretical research and investment in the "Internet of Things" is heating up. However, the potential safety hazard of this vision concept, which seems to contain huge opportunities, has also caused some experts' concerns. The author will base on the current reality of China and the essential characteristics of the "Internet of Things", and objectively examine the development of the "Internet of Things" from the perspective of reflection.

Reflection on the development of the Internet of Things

One of the reflections: What is the US government doing while the concept of "Smart Earth" is being proposed?

Talking about the Internet of Things, I have to talk about IBM's "Smart Earth" that is closely related to it. In the latest strategy called "Smart Earth" published on the IBM Forum on February 24, 2009, IBM Greater China CEO Qian Daqun pointed out that "if in the implementation of infrastructure, implant 'wisdom' The idea is not only to stimulate the economy and promote employment in the short term, but also to build a mature smart infrastructure platform for China in a short period of time." Subsequently, starting in February 2009, IBM conducted large-scale advertising through its Chinese website, TV media, bus stations and other media, and actively promoted “Smart Earth” to Chinese companies and government departments through the opportunity of holding various seminars. "Apply, quickly promote the concept of "smart planet" in its American way.

Let us look at the other side of the ocean and see what the US government and military are doing during the same period.

On October 9, 2008, the Ministry of National Defense issued the Directive No. 5200.01 “Defense Information Security Plan and Protection of Sensitive Isolation Information”. The Directive revises the protection of all confidential information, special access procedures, sensitive quarantine information, and controlled non-confidential information.

In December 2008, in the 44th Chairman's Report of the Cyber ​​Security Committee, cyberspace (CYBWRSPACE) was an urgent national security issue, and the report also proposed 25 recommendations for the strategy and its implementation.

In February 2009, Obama emphasized the importance of cybersecurity to the United States during the campaign. Shortly after he took office, he asked for a comprehensive 60-day assessment of the cybersecurity situation in the United States to assess US policy and structure in cybersecurity. Cybersecurity policies include strategies and policies related to action and security in the network, and include comprehensive policies and activities to reduce threats, reduce vulnerabilities, deterrence, international cooperation, incident response, recovery, and recovery, including Computer network operations, information security, law enforcement, diplomacy, military, and intelligence missions are equivalent to the security and stability of global information and communication facilities. This scope does not include other information and communication policies that are not related to national security or to ensuring the safety of the facility.

On March 10, 2009, the US Government Accountability Office issued the report “National Cybersecurity Strategy: Need to Introduce Key Improvement Measures to Strengthen National Security Situation” (Report No. GAO-09-432T), the key to cybersecurity in the report. The field proposes 30 recommendations including five aspects. Although the Department of Homeland Security has done its utmost to meet all aspects of cybersecurity responsibilities, it still does not fully meet the recommended requirements, so further action is needed in these areas.

On May 26, 2009, Obama issued a presidential decree to announce the biggest reform of the White House’s national security system for half a century. On May 29, the White House announced the formation of a Cyber ​​Security Office to coordinate US government activities in this important area.

On May 29, 2009, a cybersecurity assessment report completed by security officials, the US Network Policy Review, was released, and the threat from cyberspace (CYBWRSPACE) has become the most serious economic and military threat facing the United States. one. In publishing the report, Obama said that Cyberspace and the threat it poses are real, and protecting the network infrastructure will be the top priority for maintaining US national security.

On June 23, 2009, US Defense Secretary Gates officially ordered the establishment of the Cyber ​​Warfare Command. The command is responsible for the security of the US Department of Defense computer network and countering external cyber attacks. Other tasks of Cyber ​​Command include conducting network reconnaissance to prevent cyber attacks against the United States and providing a warning cyber strike against enemies who are preparing for the attack.

On June 30, 2009, the United States passed the Cybersecurity Act of 2009.

The above facts give us too much room for guessing. On the one hand, as the "wisdom ambassador" of the United States, IBM has spared no effort to promote the concept of "smart planet" without national security premise, and to "enter" China's national infrastructure; on the other hand, the US government is going up and down. Strengthen the construction of cybersecurity, especially the strengthening of national infrastructure protection that threatens national security, and the formation of cyber warfare forces. The US military believes that the war in virtual space is inevitable and is preparing very actively. The Pentagon Think Tank, the Joint Chiefs of Staff, has studied the possibility of attacking the country's infrastructure in all its operations plans. William Lin, the first deputy director of the US Department of Defense's cybersecurity affairs, published an article in the "Diplomatic" magazine in September this year, saying that in the future, the United States will regard cyberspace as a potential battlefield as other battlefields in which the US military is now fighting. It is understood that the new US network strategy will be introduced in December this year. This strategy requires a phased approach to ensure reliable network protection for all military departments, federal agencies and large companies that undertake military orders.

Although "smart planet" can be understood as an advanced marketing strategy for IBM in China in the face of the global economic crisis, we must be cautious if we sacrifice China's national security interests. .

Recently, Liu Feng, a visiting researcher at the Center for Virtual Economics and Data Science, Chinese Academy of Sciences, wrote an article that expressed extreme concern about this risk. The Software and Integrated Circuits Promotion Center (CSIP) of the Ministry of Industry and Information Technology pointed out in the September 2009 issue of "IBM's "Smart Planet" Understanding and Thinking" that "a wide range of IoT networks allows various risks to interweave. It will bring serious and unpredictable information security problems. The existing information security protection system is difficult to cope with the comprehensive risks of various risk overlays."

Reflection 2: Behind the intelligence, is there any risk in China's critical infrastructure?

In its propaganda, IBM claimed that the concept of “Smart Earth” can promote China's transition to the leading economy in the 21st century. The Chinese government, enterprises and citizens can work together to create a more thorough perception, more comprehensive interoperability and deeper intelligence. "The ecological system." But a careful analysis of IBM's advocacy and recommendations in China's priority construction of smart power, smart healthcare, smart city, smart transportation, smart logistics, smart banking and other fields, it is not difficult to find that these six major industries are related to China The critical infrastructure for national security. Such an infrastructure that affects the national economy and the people's livelihood will inevitably have major political and military consequences if it encounters risks. Most countries abroad use the term “critical infrastructure” (CIKR) to systematically summarize these areas, namely “the sum of physical or virtual systems and assets of importance to the state, which are destroyed or destroyed by the national defense. , devastating effects in the economic, health and safety fields."

Foreign countries generally divide key infrastructure into: guaranteeing government, defense, health, fiscal credit, banking and scientific research, as well as facilities for normal activities in industry and energy; safeguarding industries and energy sectors including nuclear power plants and oil and gas facilities are normal. Operating facilities; food supply and transportation support facilities; municipal utilities including water supply, communications, civil defense facilities, etc. Table 1 shows the quantitative characteristics of key infrastructure and major resources that are protected in the United States.

The Network Defense Professionals Organization (PCD), a non-profit network policy initiative in the United States, has developed a strategic attack scheme for the US official nicknamed "Black Angel." The program consists of one campaign planner, two financial sector experts, three power experts and one transport specialist. Its primary strategic operational goal is to disrupt rail transport and destroy hard-to-replace generators and distribution line transformers with the wrong computer instructions, causing large-scale blackouts. This area is precisely the most widely used area of ​​the Internet of Things (Smart Earth).

On March 2, 2010, the US Naval Academy and CACI International launched an academic seminar entitled "Network Threats on National Security: Addressing the Challenges of Global Supply Chains." At this symposium, American experts analyzed the vulnerability of today's highly secure global supply chains to cyber threats. Experts believe that the supply chain is a system that includes organizations, people, processes, technology, information and resources. This system drives suppliers to produce raw materials and natural resources to form products and then deliver their goods to users. In the end-to-end process from raw materials to finished goods, every step of the supply chain faces constant cyber threats. The US supply chain may be at the highest risk since the end of the American Civil War, facing the possibility of tremendous damage.

Former Virginia Governor James S. Gilmore also said: "In the modern world, the supply chain is information. When something is ordered...where will it be produced, by whom, how much, how much? ...all information that arrives on the Internet or enters a private data system can be intercepted and invaded."

At present, the development of China's Internet of Things has been involved in logistics, intelligent transportation, environmental protection, government work, public safety, safe home, intelligent fire protection, industrial monitoring, environmental monitoring, personal health, water monitoring, food traceability and other fields. It involves China’s people’s livelihood infrastructure and national strategy, even the military field. Any one of them fails or is destroyed. According to the "cascade effect", the loss is comparable to the use of armed forces to strike.

Reflection 3: Is the basic theory such as China's just-initiated “cloud computing” sufficient to support the huge Internet of Things industry?

High-tech such as sensor network, cloud computing, supercomputing, software service, data integration and mining is an indispensable technical foundation for supporting and realizing the "Internet of Things." Among them, "cloud computing" is considered to be a revolutionary technology to change the IT business model. The US Department of Defense also believes that "cloud computing" can be effectively applied to the US network center war strategic plan, and is planning to achieve the goals described in the "Network and Information Integration Assistant Defense Secretary Strategic Plan 2008-2009" through "cloud computing." The plan clearly states that information technology structure design should enhance the sharing, security and flexibility of information. All the calculation methods involving the Ministry of Defense must be designed under the guidance of the relevant departments to ensure the access and security of information.

However, foreign professionals are actively pursuing the Chinese government and enterprises to boldly try “public cloud services” and choose the cloud as a platform to establish standardized and more efficient business processes in the future. However, the reality is that "cloud computing", which is the core of theory and technology, is still a new concept in China, and its introduction has only been in the past two years. Although the application of “cloud computing” has been or will be launched in Beijing, Guangdong, Hong Kong, Chengdu, Hangzhou, Wuxi, etc., relevant research institutions in China are still familiar with this new technology, cognitive, preliminary research stage, in application. It is also the direct use of "takenism" to enjoy the "cloud" service of foreign companies such as Microsoft and IBM. Whether the fragile theoretical research and applied research in China can support the huge industrial chain of the Internet of Things, the author expressed deep doubts.

As we all know, in the sensor network, cloud computing and other aspects are IBM's technical advantages, in the IT industry has been built by IBM has almost no competitors in the relevant information technology ecosystem, it is easy for China's IT industry to share a piece of it? For cloud computing, a revolutionary technology that changes the IT business model, Sun Chaoshu, chairman and CEO of Inspur Group, also has his own opinions on cloud security. He believes that "cloud computing" will lead to the inevitable concentration of information resources, services and applications around the world to the international information industry giants, and the vast majority of information storage and data processing services in the world will be actually mastered by them.

A domestic advocate of IBM "Smart Earth" responded to security questions and said, "Like I give you a pistol, killing and killing yourself, you decide, and their thesis is that this pistol has problems. But in fact, the pistol does not go away." The person believes that IBM is only a technology provider, and users of data and technology - companies or governments have the right to decide on the method and control strategy used. "Now all of the world's computer back-office systems run on IBM machines, and that doesn't mean IBM has a chance to master the global financial system."

This kind of superficial understanding is very popular in China. As everyone knows, once the war or tension is tight, will the manufacturer of the "pistol" also provide us with pistols and bullets? In the state of war, there is no difference between weapons and equipment that have no accessories and maintenance capabilities and scrap iron. Unless you can make pistols and make accessories yourself.

Reflection 4: Who is developing the industry standard for sensing technology in the Internet of Things?

The Internet of Things is defined as "information sensing devices such as radio frequency identification (RFID), infrared sensors, global positioning systems, laser scanners, etc., to connect any object to the Internet in accordance with agreed protocols, for information exchange and communication, A network that intelligently identifies, locates, tracks, monitors, and manages objects." It can be seen that “embedding RFID tags into all related items” is an important prerequisite for the construction of the Internet of Things.

Since RFID will be widely used in various fields, and more or less commercial information, circulation information, industrial information, and even personal information are contained in the tag chip, such information is extremely tempting for attacking opponents. Attackers can obtain a variety of information through attack tags, and the leakage of such information will bring huge disasters to commercial, industrial secrets and even personal privacy. In addition to the Japanese standards used only in Japan, the industry standards adopted by RFID in the world currently use the US RFID industry standard, which defines core protocol standards including communication protocols. This means that what we know, what the other party might know. Cases of stealing RFID information and cracking the security algorithms of the M1 chip have occurred frequently around the world. Although RFID tag and reader communication security model measures have many obstacles for attackers, this is not enough to show that RFID tags are safe, because these obstacles can not completely prevent attackers from obtaining tag information. Therefore, to overcome the hidden dangers of RFID security, the core problem of "American industry standards" will always be spared.

Thinking about countermeasures

Based on the above analysis, the author believes that we should reflect on the current overheated development of the Internet of Things. We must examine the potential risks of national security and industrial security for the development of the Internet of Things, adopt reasonable and feasible measures to adjust the strategy, and strengthen the national critical infrastructure. Safety, and develop relevant regulations.

In the current situation, the security of society depends to a large extent on the security of the country's critical infrastructure. In terrorist attacks, accidents, natural disasters and other emergencies, the risk potential of critical infrastructure is bound to increase. This will have a huge impact on national security, public safety, economic vitality and lifestyle, and its chain effect will far exceed our imagination. As Zhang Yaqin, president of Microsoft Asia Pacific R&D Group, said: "There is information loss in the Internet. It can also reduce or even avoid losses through encryption and backup of information. The Internet of Things is dealing with the physical world, whether it is intelligent transportation or smart grid. , smart medical care or bridge detection, disaster monitoring, once the problem occurs will involve the loss of life and property."

Therefore, there is an urgent need to develop national security plans that guarantee critical infrastructure in peacetime and wartime. Initiatives to protect critical infrastructure security that have been developed and implemented but are not fully adapted to the threat level need to be continuously refined.

First, national institutions coordinate and use all the potential and resources of the national, local and industrial sectors to form a national key infrastructure protection coordination mechanism;

The second is to systematically and accurately assess the security risks and current status of national infrastructure, and provide reference for determining the priority deployment direction of national infrastructure security and counterattack actions, as well as restoring damaged infrastructure;

The fourth is to implement an integrated defense strategy in the security of physical facilities, computer network space and citizen information;

The fifth is to formulate various emergency plans to improve the emergency response capability under various crisis situations to minimize losses.

The sixth is to attach importance to theoretical basic research and adjust the proportion of investment. Theoretical research and team building should be higher than applied research. Only a solid theoretical foundation and a strong technical team can truly stand undefeated and go further.

Seventh is to divide the security level of the application field of the Internet of Things industry. Due to the potential security risks of the Internet of Things, according to the degree of vulnerability of the national infrastructure involved in the project, the classification of the national defense infrastructure assets - industrial infrastructure assets - civil infrastructure assets, the strict security risks of the project Assessment and level defense, suspend the application of IoT technology in the military field. Before China's Internet of Things forms a large-scale industry, it will formulate countermeasures to prevent problems before they occur. While advancing the construction of technical means, we will strengthen the legal system with the goal of improving laws and regulations on information security intellectual property rights and personal privacy protection.

Conclusion

It is undeniable that the innovative ideas and development strategies embodied in the "Smart Earth" and "Internet of Things" concepts have certain reference value for China's information construction and social and economic development. However, as Minister Li Yizhong of the Ministry of Industry and Information Technology pointed out at the 2010 Economic and Trade Situation Report, "it is necessary to be vigilant about new foreign ideas and new strategies," because of China's current information industry. The degree of self-controllability and the level of technological development still have a large gap compared with developed countries. The construction of “Internet of Things” based on “full introduction” undoubtedly has certain security risks. Therefore, we should treat this emerging concept in a prudent and dialectical manner, base on basic technology research, improve relevant laws and regulations, and follow the principle of progressive development. Rationally handling the opportunities and challenges brought about by the concept of the Internet of Things can make us neither at the expense of security nor a good opportunity to lose development.

Tubular Motors with DC power supply.

DC Tubular Motors

Dc Tubular Motors,Constant Speed Tubular Motor,Electronic Limit Tubular Motor,Mechanical Limits Tubular Motor

GUANGDONG A-OK TECHNOLOGY GRAND DEVELOPMENT CO.,LTD. , https://www.a-okmotor.com