Saturday, November 1, 2014

how can we make sure the internet does not grow into a living hell?

Back before 9/11, the internet was one thing we could count on to make human life steadily better and more fun for everyone. Or so it seemed. It seems clear that the internet we knew will grow into something much larger, which people call the "internet of things" (IOT).  But will it liberate us and free our spirits and minds ever more -- or will it be the instrument of a gulag existence or cyberpunk warfare, ultimately draining and threatening the human spirit to the point where the very existence of humans comes into question? The hopes and the dangers are both quite real, and we may heading towards the worst right now if we don't think hard and see the ways to do better,,,

Mainstream futurologists spend a lot of time talking abut the future of work and the future of the internet -- for good reason, since they are major parts of regular life. But how much do they really know about what the IoT actually is, and is becoming?

At NSF, some folks recently asked me to write a little piece on the IoT, where it is going and what we could do to affect where it is going. This is just my personal reaction to that question, not anything at all official... yes, I see major threats, opportunities and needs for action in new directions. I wrote it for NSF, but it certainly goes well beyond NSF.

So first I copy over the draft, and then add some comments about tricky aspects beyond the draft.
At the end, I later add a follow-on paper, formally on "smart cities", which gets a bit deeper into some of these issues -- such as health care, privacy, sequestration...


New Directions at NSF for the Internet of Things (IoT)


Paul J. Werbos, Oct. 30, 2014


1. Summary


NSF already funds substantial research related to most of the many, complex requirements of the IoT. For example, many of the potential important benefits to the nation lie in three key application domains: (1) energy; (2) healthcare; and (3) education and human potential. Conscious attention to long-term transformative national needs and opportunities possible through the IOT could be enhanced in all three areas, but important efforts are already being made. Likewise, the enabling technologies of data analytics, prediction, control, low power radio communication,  machine intelligence, human-computer interface  and associated large-scale internet technology are all receiving attention. There is growing attention to cloud computing, with large centrally maintained server farms,  as one approach to implement new algorithms and cope with the growing deluge of data from IOT and other sources.


The opportunities for doing even better in this area come in three main possible areas: (1) technical improvements and better, more forward looking integration of the existing efforts; (2)  improved translational work connecting these to downstream users; and (3) new directions to address the growing concerns about security and privacy, and strengthening the free market of ideas which underlies the unique productivity of America’s university system and economy in general.


Because so much attention has already been given to (1) and (2), the many unmet possibilities for positive benefit in IOT as such are relatively technical, and hard to summarize at the “300,000 foot” level. Most striking perhaps are: (1) developing ways for teams of humans and robots to work together in coordinated tasks, which have often been discussed, but which could become more concrete by addressing testbeds of an X prize flavor in remote mining, in assembly of a well-defined family of large space structures [1], or in assembly of large CPS solar farms (for which construction labor is the main cost, unlike PV farms); (2) expansion of immersive experience, including remote laboratory experience and student health monitoring, connected to a cross-cutting new effort in improving education of the Other 3 Billion (O3B, in Google’s terms) connected to other expansions in the internet as such both on earth and in space. Both of these would require NSF to work in greater partnership with others. NSF efforts on (3) are relatively new [3], and offer more opportunities for new directions, as well as new basic intellectual challenges and dilemmas of great importance to national needs.  Unresolved issues about privacy and security are perhaps the major barrier today facing vendors of IoT and cloud services [2].


2. Basic Background on IoT—What It is and How it is Seen


Wikipedia [4] defines the IoT as “the interconnection of uniquely identifiable embedded computing devices within the existing internet infrastructure.” In practice, it also entails the development of new technology for the devices themselves, and expansion of the existing Internet to make better use of them.

 In May 2013, McKinsey Institute published a widely cited evaluation of 12 new disruptive technologies, including IoT, and predicted that the global economic impact of IoT could reach $2.7 trillion to $6.2 trillion per year by 2025 [5,6]. An IBM viewpoint [7] states: “The industry predicts that by 2010 possibly 50 billion devices will be connected, which is 10 times the number of all current Internet hosts, including connected mobile phones.”

                McKinsey [8] envisions two types of market or application. First, there are three markets for new information and analysis opened up by IoT: (1) the tracking of behavior; (2) enhanced situational awareness; and (3) sensor-driven decision analytics. There are three markets for automation and control: (1) process optimization; (2) optimized resource consumption; and (3) complex autonomous systems. Goldman Sachs [9] partitions the same markets in a more concrete way, as five segments: (1) wearable electronics; (2) connected cars; (3) connected homes; (4) connected cities; and (5) industries, such as intelligent power grid and healthcare.

                A thorough review by Wikipedia [4] discusses many such applications, but focuses on the key enabling technologies such as the required new protocols, architectures, security and privacy, without which it could all tank.

                All three levels of analysis (McKinsey, Goldman Sachs and Wikipedia) give important insights and are relevant to assessing the portfolio and potential of NSF work.


3. Issues of Security and Privacy


Since the 9/11 event, the world has been facing a growing difficulty in trying to do justice to three major values:

(1)     Security vis-à-vis growing risks from terrorism, particularly considering the possibility of escalation of terrorism to weapons of mass destruction (WMD);

(2)     Cybersecurity, in the face of rising threats, including a greater ability by hackers to locate and exploit all kinds of back doors, and to use control of physical devices to cause physical destruction;

(3)     Protection of privacy and intellectual property, which is essential to systems of trust and confidentiality like the NSF review process, and to intellectual creativity and productivity in general.

The tension between these  three values is analogous in a way to the tension between creating jobs and reducing national debt (while accounting for economic growth and sustainability).  It will play out on a global stage much larger than anything NSF can decide.  However, in both cases, technical creativity could be useful in offering better choices or tradeoffs, to require less damage to one value while pursuing another.

This section will discuss each of these three values in more detail.


3.1. Terrorism and Monitoring


                With regards to (1), NSF partnership with DHS [10] brought us some awareness of just how severe and how real some of the challenges are, looking forward. At one meeting, it was said that the United States is like a house with 20 doors, 10 locked tight with lots of opportunities to strengthen the locks, and 10 open and swinging wide for all the world to see with no realistic ideas in sight for how to close them.  For the case of “dirty bombs” (radioactivity but not fission), the main reason we have not seen major scares yet is that the supply of such materials is very limited at the source. However, as the world energy economy goes through major transformations, the availability of nuclear material and technology now seems likely to grow substantially, in all parts of the world, stable and unstable.  (Breakthroughs in renewable energy technology could possibly help reduce that factor, but on the present path they are not moving fast enough.) 

In recent discussions with DNDO/DHS, they were shifting towards more reliance on human intelligence and deterrence (as can be seen by inspecting the last funding announcement, in comparison with earlier ones) to cope with this threat. However, in the wake of the Snowden revelations and the global response to them, many have said that the old methods of human intelligence are no longer working so well. This poses one dilemma, and one value which needs to be considered.


3.2. Cybersecurity and IoT


On the other hand,  many view the emerging cybersecurity threats as even more serious than WMD terrorism.  In IEEE-USA meetings and other venues, leaders from the electric utility industry have told us again and again that they view cybersecurity and electromagnetic pulses (EMP) as the two biggest threats to the working of the power grid. Congressional legislation has reflected those concerns. The number of cyberattacks has been rising at a very rapid rate, and has also grown more sophisticated. At a meeting at the National Defense University in 2009, Sandia researchers showed how big generators can be taken out by a cyberattack – enough perhaps to send the entire US back to the dark ages, due to system of system effects. Of course, the Internet of Things includes embedded control systems, which are the front lines of any attack intended to cause physical damage. Putting those things on the Internet does create serious new risks. 

                Cybersecurity has also become a large and profitable industry for many consulting firms. This has mixed benefits and costs.  On the one hand, a growing workforce has emerged of real-time operations people, monitoring threats, and expanding capabilities for intrusion detection and isolation. However, as the tide of attacks grows larger and larger, beyond the ability of this workforce to cope with well enough, many financial institutions hope to be saved by a combination of better intrusion detection and “sandboxing” to test suspicious software. Alongside these capabilities have evolved additional protections involving identity authentication, procedures and so on. Recent NSF research [3] has shown ways to improve password protection systems. Research in China has been especially active in biometric methods, and may possibly be ahead of the US in that area. Consulting firms do tend to have a vested interest in maintaining the sales and credibility of the limited capabilities they now have to offer.

                However, many involved in really critical physical infrastructure argue that all of these methods combined still are not enough. After all, just one explosion of a major generator would be a huge problem, even if the responsible attack was only one success out of a million attempts (not an unrealistic number for what is coming). Thus, when the “things” are critical generators or other critical embedded systems, much of the front line power industry uses a different type of operating system, Security Enhanced (SE) Linux , developed in part with help from the NSA.

                SE Linux is grounded in important capabilities initially developed in university research [11,12] but hardly ever discussed by the consulting industry or its representatives. In essence, it relies on research in the 1970’s which fed into the development of the Multics operating system (which I once worked with, albeit for data analytic apps, but with direct contact with the Pl/1 core programming four floors away in the same building at MIT). It involves a very strict adherence to formal rules about the use of privileged access and ring brackets. Theorems were proven offering absolute unbreakability of the operating system, if the rules were adhered to.

                Recent versions of Microsoft operating systems included some effort to apply the same principles, but adherence to rules was not quite so strict and backdoors compromise the theorems to some degree. Apple and Linux operating systems have been much more strict in following what is now called “the Unix model,” but relatively recently it turned out that back doors were found and exploited by malicious hackers for Apple as well. Most shocking of all was the very recent discovery of  ShellShock vulnerability in most Linux and Apple systems – which includes the embedded systems at the forefront of the IoT.

                Industry sources are understandably reluctant to go too public about their concerns for the vulnerability of embedded systems. The most advanced industry researcher I have contact with there says that the plan now is to move to a kind of “patch” model for embedded systems, very different from the frozen mode used in the past for the sake of verification and validation (V&V), more similar to Microsoft mass products, but how to do that for billions of small embedded systems mainly communicating by wireless is something of a challenge – to some extent a research challenge, but to some extent just a problem.

                An additional problem comes from the update cycle for electric utility software. The operations manager of one of the major power systems has told me that yes, like his counterparts elsewhere, he relies on SE Linux, but he actually gets his software from one of the three or four big vendors (like AB&B). They promise full compliance with SE standards of unbreakability, but with some delay. Since it takes some time to ensure compliance, but new software capabilities are needed all the time, they are always behind and never fully compliant in practice.

                In summary, detecting and getting rid of backdoors (and insecurities from outright bugs noncompliant with SE rules)  for all embedded systems and critical infrastructure would be a huge step forward.  Important work has been done recently on automated systems to detect dangerous bugs [3,13], but university researchers could go further. It should be possible to develop open, transparent compliance checking codes, which could be trusted by a wide range of users, grounded in the original theorems [11,12].  Of course, to protect wireless embedded systems, this would also require that hard encryption be part of enhanced standards.   


3.3. Privacy Versus Transparency


The protection of intellectual property and private information is another value of the highest importance. For example, at a recent conference organized by Federal Computer Week, Keith Alexander (recent Director of NSA) stated that theft of intellectual property by China and others is very much at the top of his list of global concerns. He agreed that monitoring to detect terrorism is unavoidable by all major powers, but intellectual theft and sabotage rise to an extremely high level of concern.

                This concern is very relevant to NSF, since we receive some of the most advanced ideas in technology considered anywhere, well before they reach the slow deployment process in US industry. Certainly there are cases where Japan and China have deployed technologies developed in the US before the US did, because of the general speed of some of their systems. Some of that was based on ideas in the open literature, but one could argue that NSF (and other government agencies and technology firms and universities) should have  much more solid protection, as great as what could be had for embedded systems. Security and confidentiality are essential concern of NSF PIs. I have even encountered cases where PIs were wiling to submit ideas to NSF, but not to DOE, because with NSF they felt more secure that systems managed by people with university values would protect them from premature leaks to big stakeholder corporations.                 

            Should NSF and a wide variety of other organizations have access to SE compliant operating systems, backed up by open transparent compliance checking software? Should this be managed at the level of local area networks, or applied individually to servers, PCs, and mobile devices, with secure communication between them?  There is room for considerable research on the relevant tradeoffs.

                Perhaps the most sticky tradeoff is the tradeoff between unbreakability and security at the PC level, versus monitoring for terrorism and such (section 3.1). In the past, limited backdoors may have seemed to offer the best of both worlds (as with Apple operating systems), where “Unix standards” offered unbreakability to normal hackers but transparency to those with the information. But the events of the past year or two show that this does not work so well as some may have hoped, and other factors have made monitoring more difficult in any case.

                Likewise, communication technology plays a central role here. NSF and the US have in the past been leaders in the quantum technologies most relevant here, but it is not clear how long they can retain that leadership, which requires strengthening the culture of discovery, and not only innovation as such. In general, distributed systems under central management have less security than systems where the nodes themselves are secure, especially when there is heavy reliance on wireless communication; however, for many small embedded systems, one has little choice. The implications for economic interactions and corporate culture are also important.

                There is room for considerable research on all these tradeoffs and options.


4. Selected Examples of Possible Areas for IoT Application and Research


NSF probably has awarded something like 10,000 or more grants related to core issues of the IoT. That very crude estimate comes from considering the ten or so areas of NSF research mentioned in sections 1 and 2, and the many years over which NSF has funded work in those areas.  Of course, it is impossible for a brief review written over two weeks to do full justice to that very wide range of work. Therefore, for this draft, I will mention just four of the areas I have looked into, starting with what look like the most interesting unmet open opportunities:

(1)     More focus on human-robotic teams for selected assembly tasks (space solar power SSP, mining, solar farm construction);

(2)     Enlargement of cross-disciplinary global education efforts aimed at the Other 3 Billion (O3B);

(3)     Intelligent Power Grid;

(4)     Connected Cars.

This discussion will build heavily on my previous report on renewable energy [14]. In essence, for each of the possible markets for IoT, it is important to consider where the real large opportunities are to better meet the ultimate national needs.


4.1. Human-Robotic Teams


In 2002, the Engineering Directorate of NSF the senior managing partner of the last open call from the US government for research related to space solar power (SSP) [1,14].  NASA and the Electric Power Research Institute (EPRI) also participated. At the time, many of the earlier problems had been solved, but it was still considered an area for high risk research, mainly because of cost issues with the current designs. Even at the time, it was recognized that the sheer assembly of large structures in space would be one of the three toughest challenges – one of the three areas where new research was most essential to reduce risks and be more certain about likely costs.

                Because of the importance of robotic assembly to that task, robotic assembly was a major topic in the program announcement. It also received the largest number of proposals from the community. As we held a joint workshop, and surveyed the community, we found that “teleautonomy” was the most promising way to solve the real world challenges here.

                “Teleautonomy” is an outgrowth of the earlier important concept of telerobotics. In telerobotics (as in UAV control), a human still makes real-time decisions, but manages some kind of robotics body, typically far away, in a hazardous location. Teleautonomy is essentially the same, except that the robots have just enough intelligence or skill to perform a number of recurrent basic tasks, such that one human can control, say, ten robots. Rhett Whittaker of Carnegie-Mellon (CMU) was the best know spokesman for this, but a Canadian, Baiden, of Laurentian University, had developed the most impressive working systems, used in underground mining.

                The challenge then is to expand the fundamental tools for teleautonomy, by developing repertoires of skills (and bodies) for robots used in tasks like large-scale assembly in space or construction or solar farms, and, even trickier, developing ways to coordinate whole teams of humans coordinating larger teams or robots, aimed at well-defined construction goals.  In principle, this is already within the scope of the National Robotics Initiative, but focus on specific testbed challenge with large potential benefits would stimulate more thinking and proposals, and make comparison easier, in the spirit of X prize.

                I suggest two testbeds, one related to recent designs for SSP and one to solar farms, because they bring out different aspects of the new technology possible, and because they happen to address critical bottlenecks or uncertainties in the two technologies which seem most important to me for affordable, global renewable energy [14]. In both cases, coordinating teams of humans in charge of many robots is the core issue.

                For the case of solar farms, I am excited by the realistic possibilities for using dish style solar energy to get down to 5-10 cents per kilowatt hour (kwh). New research into Stirling engines might itself be enough to get us there, when combined with things going on in the firms which best understand this technology.  However, use of automated construction of solar farms could reduce the cost and the risk. In [14], I estimated that every ten cents per kwh equates to about $2 trillion per year in the global electricity market. A deep reduction in cost and risk would be worth it.

                The chief scientist of STM (the firm which produced the six demo dishes operating still at Sandia) estimates that 90% of the cost of building that type of solar farm is the cost of labor in construction. Unlike PVs, there is no need to import solar cells from China, or pay for expensive DC-to-AC converters; power comes out as AC directly.  Thus reduction in construction cost could be very important. Also, this kind of “solar farm” is actually more like an “orchard,” where each tree is about as high as a two-story building but far less heavy and complicated.  Construction robotics has addressed much larger structures already in Japan, but the US has yet to catch up with Japan in this area; open research, starting with a reasonable sized testbed, could be very useful. A team at MIT already studied solar farm construction, under EFRI, but much more is needed, including use of intelligent control at the level of the individual robot (which is much safer and easier than totally automated, truly intelligent network-wide control). One tricky aspect, however, is that partnership might be needed with a US manufacturer like Caterpillar well equipped to produce this type of mobile robotic assembly platform. On the plus side, one might hope this would fit with the OSTP interest in getting DOE more involved with NRI.

                For the case of SSP, much smaller robots, in free space, are called for. The latest new work on SSP [1,14] shows real promise now in getting down to 9 cents per kwh anywhere on earth, 24 hours per day, switchable from hour to hour to places of greatest need (price).  The new designs call for a highly modular, “lego kit,” style of system, such that assembly of the many pieces in space is essential. Sketch designs exist for the robot bodies, and eight other small elements, but the coordination of hundreds or robots to build one large structure out of little pieces is the essential intellectual challenge. Fabrication and testing of the “lego pieces’ themselves is also a valid area for university research; it is hope that design of a good enough simulator could be a key step in enabling lots of competition here on earth, between multiple teams, addressing teleautonomous assembly in simulation.

                For SSP the SSP topic, partnership would be needed (or a large scale integrator grant) to develop the key testbed for competitive smaller scale teams.

                As I type this, I have received information that Abdul Kalam (former President of India, with links to the new Prime Minister) , is excited by a new international meeting on global collaboration on SSP, which Japan and China are already funding. The potential benefits to economic development (and reducing the need for nuclear proliferation) could be enormous.  However, though I was invited to come and represent the US, I have responded that I personally probably do not have the kind of mandate they would need. Still, if NSF becomes active, many partners could become available. 


4.2 Expanded Education for the Other 3 Billion


Education for the poorest three billion people of earth is a huge potential new market, but is also an area of enormous strategic importance for the entire world. China, for example, has shown how high levels of effort in education can have huge benefits to economic growth and stability in the present world economy. The hope is that new technology might reduce the cost and delay in getting higher levels of education and empowerment out to all the rest of the poorest three billion people of earth.


One of the key requirements here is for expanded internet access as such. Wireless technology has played a central role in this, and ECCS research has been at the cutting edge of developing new wireless technology. However, ECCS and US university research has tended to reflect the existing markets in the US, which gives huge weight to the richer 3 billion. There have been a few discussions in past years of  an NSF push into O3B, but they never got very far – though the EARS people and Jerry Tian did seem to want to move us that way, before their departures.


But in the meantime, the private sector has started to respond to the huge market potential here. Personally, I have heard more about the Facebook and google efforts, which are extremely high priorities for those companies, but major competitors are also putting money into the area.


What could NSF do above and beyond what they are already doing? The NSF has certain special areas of leverage which could help here: (1) ability to look even further into the future, towards higher-risk higher benefit technology; (2) a strong connection to educational technology, which is by far the most important internet service that could be provided here; and (3)  advanced physical device technology, which could be important to the quality (and cost) of experience of the end user, in the “last mile.”  All three link nicely with areas of NSF research, which could play a key role in any new cross-cutting partnership.


Educational technology has been discussed at such great length already at NSF that I would hesitate to get  deeper into it in this review. However, it is interesting that the choice of end user devices to develop should reflect what is being learned about what benefits education. Education research needs to be an integral part of this. But technologies like wearable devices for health monitoring bring device technology to education as well. For example, I was very impressed by research for the Science of Learning Centers which showed  that some elementary school teachers, when shifting to teaching arithmetic, would suddenly experience spurts of adrenalin worse than what they would get being attacked by a dog. Monitoring of such reactions could be useful in presentation of curricular material. And of course, immersive experience is relevant.


Several major private sector players have told me that costs of the nodes in poor countries could be reduced enormously, and quality improved, if we could study the option of designing and orbiting really large new communication satellites, perhaps even as a testbed for solar power collection in space. In an ideal world, we should include such possibilities in any new O3B partnership.


4.3. The Intelligent Grid


The intelligent grid is often cited as the lead example of IoT benefits to the industry sector, because the use of internet and system-wide intelligent systems has been explored in greater depth for the power grid than for other sectors.


As with all experience confronting the real world and the real needs, there has been a mix of lessons, some more encouraging, some less encouraging. All were discussed to some degree in this year’s ISGT smart grid conference in Washington DC, and also in the Clemson power conference which got quite a bit deeper into the use of new intelligent systems technology (led by Venayagamoorthy, one of the ECCS PIs).


On the positive side, Venayagamoorthy’s group has demonstrated new world class breakthroughs in situational awareness using IoT technologies, with considerable industry support adding to the original NSF support. With Harley and Liang, they have outlined a strategy by which intelligent technologies could reduce the effective cost of renewable electricity to the end user by a factor of 50% or more [14].  This certainly counts as a major national need. Deepak Divan, a collaborator of Harley (also ECCS-funded) developed new actuators (a key type of embedded device) with enormous implications for our ability to absorb plug-in hybrid cars in power distribution systems without going unstable, another major national need; he has incorporated his inventions, and received important follow-on funding form ARPA-E and form industry.


On the negative side, critics have gone carefully over the twenty or so benefits which were promised as part of the billions of dollars spent on smart grid under the stimulus act. Much of that money enabled the industry to catch up on woefully overdue needs of system maintenance and modernization, of great value with or without the IoT part. However, the primary “showcase” arguing for the IoT smart grid work at ISGT (not counting ARPAE) was an effort to lower voltage in distribution systems, “saving energy” by getting people to operate at lower power. The community spoke out rather clearly about that; their feedback is a strong warning to any investment in these areas, not to lose side of  the areas of larger need, even when they are more futuristic and impose greater requirements for high risk R&D and for IT, including deployed intelligence. The opportunities are real in this market, but we could easily lose them if we are not clear and imaginative enough.



4.4. Smart Cars


Intelligent transportation and smart cars have been a major theme of research for many decades now.


For many years, auto industry leaders were quietly very skeptical of that research. They saw little chance that individual car drivers would want to give up so much autonomy, or that cities would spend so much money as required for most of the schemes for smart controlled roadways. Marketing studies showed that reliability was number on, two and three in what consumers wanted, not automation.


Before the economic collapse of 2008,  this had changed to some degree. More and more, car companies saw on-board electronics (especially GPS and diagnostics) as vital ways to differentiate their products, and onboard electronics for individual cars became a great priority. It is amusing that China’s most potent new competitor, BYD Qin (guided by Buffet’s suggestions), actually has a small robot dancing on the dashboard to humanize some of those services.


However, after the economic collapse, and the rise in oil prices up to that collapse, issues of fuel security and basic have risen in priority. Oil prices are currently low, perhaps due to a special effort by the Saudis more than the promising decade of oil fracking ahead of us; however, long-term markets will still be heavily influenced by the new conditions.  From the viewpoint of national need, one might argue that toys like dancing robots on the dashboard are matters for the private sector, whereas management of new propulsion plants (as funded on-again off-again at ECCS) is more crucial. Domain expertise and vehicle-level intelligent control and embodied chips play a crucial role, but the need for internet connectivity is not as clear. Changes in the power grid are needed, to accommodate new cars (section 4.3), but the car itself need not be complicated.


IoT has two other important new aspects in the smart car area.


One is the greater development of “On Star” kinds of systems. Industry is already working hard to deploy such systems, to exploit the internet for what consumers care about most – reliability. Ford Motor formerly had a major intelligent systems group focused on new technology to support such systems, but its director, Kenneth Marko, migrated first to Bosch and then to retirement, and I do not have as much access now to what is under the hood. There are many unmet opportunities in that sector. On the other hand, IEEE Spectrum has run a story on just how serious the vulnerability of all modern cars is to really strong, central cyberattacks.

Self-driving cars are also now very popular as an idea in much of the “new adopter” and curious public. This area has a long history, but, as with the dancing robot, it is not clear how vital these cars would be to national security; again, some things are best left to the private sector, except for the military applications, which are being actively pursued at DOD.




1.       P. Werbos, Reviewing space solar power policy, Ad Astra, Vol. 26, No. 2, summer 2014

2.       Mike Kavis, The internet of things will radically change your big data strategy, Forbes magazine, June 26, 2014.

        3. NSF, Leading researchers to discuss privacy and security in a connected age


       4. Wikipedia, Internet of things,

5.       James Manyika, Michael Chui, Jacques Bughin, Richard Dobbs, Peter Misson and Alex Marrs, Disruptive technologies: advances that will transform life, business, and the global economy.

6.       M2M, Internet of things (IoT) companies gear up for $6 trillion market demand,

7.       Brad Bech, James Jamison, Ling Shao and Glenn Wightwick, The interconnecting of everything, IBM Academy of Technology, RedBooks, 2013

8.       Michael Chui, Markus Loffler and Roger Roberts, The Internet of Things, McKinsey, March 2010,

9.       Simona Jankowski, James Covello, Heather Bellini, Joe Ritchie and Daniela Cost,IoT primer: the

Internet of things: making sense of the next mega-trend, Global Investment Research, Goldman Sachs

10.    NSF, Joint Domestic Nuclear Detection Office-National Science Foundation: Academic Research

Initiative  (ARI),

111.    David D. Clark and David R. Wilson, A Comparison of Commercial and Military Computer
112.    Chen, Yanpei, Vern Paxson, and Randy H. Katz. "What’s new about cloud computing security."
University of Calif., Berkeley Report No. UCB/EECS-2010-5 January 20.2010 (2010): 2010-5.

13.    Gary McGraw, Technology transfer: a software security marketplace case study, IEEE Software,

September/October 2011.

14.    Paul Werbos, Research in Renewable Energy – Emerging Opportunities for NSF, August 2014,

draft in this previous series


There are a few tricky bits I did not choose to include, because everyone on earth has limited bandwidth and emotional constraints. Luda has said: "You somehow seem to have the ability to drive even robots crazy..." unless I take care very consciously to try to limit what I say. Then again, she is that person who was once kicked out of, when it said: No human could possibly read so fast; you must be a robot, so we are denying you access.

One tricky bit -- machine compliance verification for standards involves defining and agreeing to standards. Unbreakability and strong encryption should be clear enough, for PCs and servers, folks who know [11] and [12].
But should the standard also require something in the operating system which sends stuff to a backup cache, giving the user a choice of a useful local backup and a mandate that data will go to a central cloud repository with an internally agreed procedure for control, to allow some kind of monitoring for terrorism? In my view, such things need to be agreed to in the open and understood and limited and controlled -- but whether they should exist at all is a matter for debate "above my pay grade." The R&D should analyze what options exist on those lines. If nuclear terrorism can threaten our very existence, it is discussable.

Another tricky bit -- what about HARDWARE backdoors? Let me just raise that as a question. It depends a lot on who designs and makes the chips, and what they know how to do in that process, and on quality control technology.

In the paper, I skirted the issues of true machine intelligence, which I have discussed before on this blog. (Search on "terminator".) Decent control of individual vehicles and such can be done with what I call "vector intelligence," a level of intelligence far below that of a mouse and far above the old PID kind of control used in the Orbital rocket which blew up about two days ago. The paper does call for more use of vector intelligence, but skirts the kinds of things which could be more threatening on their own or in the wrong hands, which have been a growing concern for me since July 14, a major personal watershed I might write about more in the future. 

One Lifeboat guy tells me this all may be necessary but not sufficient. True. Radia type software,
with no integrity in the individual PC, can still be used to make life a living hell more and more.
Conversely, for legitimate international agreed open monitoring of terrorism
(cache with agreed distribution), encryption still enters; my physics posting today (as I add this paragraph in update) suggests that requires a level of quantum technology now not in sight (i.e. more than risky, though objectively quite doable)  for the US, due to recent political fluctuations.


Smart Cities: A High Risk Opportunity


Paul J. Werbos, Nov. 20, 2014


1. Summary


The term “smart cities” means very different things to different people [1]. This paper will address smart cities defined as new approaches to applying information and communication technology (ICT) to challenges faced by the city governments of the world.

The IBM evaluation of smart cities [2, p.7] argues that the important concrete opportunities in this area boil down to four sectors:


(1)    Reducing congestion in the transport system;

(2)    Improve emergency response and reduce crime;

(3)    Improve education delivery and state government services;

(4)    Improve access-to patient-centered healthcare


Prominent critics of centralized smart city systems [1,3] argue that more attention is needed, instead, on core political and cultural issues of cities, and that systems defined primarily by engineers (even systems engineers) may do more harm than good, by neglecting larger social system issues beyond the scope of engineering as such. Even in high technology Boston, where MIT is working on smart cities and is well-connected to the city government, there is considerable skepticism about large scale smart city packaged systems [3].

This being so, I would envision three major priorities for engineering of smart cities in the US, where compelling social needs are strong enough to outweigh public skepticism:


(1)    The health care venue, where the national growth in costs is still a crisis, and where political impasse at the national level creates an opening for solutions at the local level;

(2)    Ordinary business process re-engineering, for ordinary and emergency services, which may or may not call for intelligent systems as such;

(3)    Systems to improve dialogue, in the spirit of open government and university-style deep discussion, to support more effective information economies [4,5].


Only (1) and (3) require substantial new challenging research. Thus only (1) and (3) offer substantial new opportunities specifically for those who are strong in advanced research.

The remainder of this paper will discuss (1) and (3) in order.


2. The Opportunity for Smart Healthcare


The President has often said that the explosive growth in healthcare costs in the US is a major crisis. Even after the passage of Obamacare, his best effort to date to address this crisis, the Congressional Budget Office [6] projects that federal spending on healthcare will rise from under 4% of GDP, as at present, to about 8% by 2038 – not counting spending on healthcare at other levels of the economy. Federal spending on healthcare is projected to be greater than all other noninterest spending in the federal budget.

Another way to look at this is that the sequestration bill passed two years ago, requiring that civilian and military agencies from NASA and NSF to DOD get their budgets cut in half over about ten years, remains in effect. The temporary easing of sequestration passed last year basically runs out at the end of this year, and continued rises in medical costs cast doubt on the claims by lobbyists for all agencies that they will somehow avoid the big crunch for their agency.

Yet another way to look at this is that the efficiency of medical technology is not decreasing, that the present level of medical care is not a crisis, and that many other nations seem to be able to do more with less. In principle, a substantial improvement in cost-effectiveness ought to be possible, and we should be able to zero out the threat of a cost crisis without reducing the quality of medical care.

In principle, a quiet backdoor agreement between political parties should be able to improve efficiency beyond what Obamacare already provides for. The President has repeatedly said that he is open to such constructive changes. However,  it does not seem to be on the horizon at present. Some of the Republicans suspicious of healthcare reform have argued that it should be at the local level in any case, and show respect for the private sector. This being so, there may be a huge opening at present for ICT-based solutions at the municipal level which meet these concerns, if powerful enough new systems/solutions can be developed.

However, the R&D challenge is quite formidable here. There is a need for a whole-systems solution, which would be based on a combination of social science understanding of the healthcare system, ICT systems design, and exploitation of new devices such as low cost diagnostic systems available directly to patients. NSF research has developed many promising possibilities at the device level here, especially in the CBET division (but with significant ECCS presence as well). However, the connection both to new devices and to social reality in the ICT level could be enhanced. The politics of empowering patients may be tractable, but needs special attention, in the face of special interests. Places like the Harvard School of Health and Wharton have provided a great deal of analysis relatively independent of the vested interests which tend to limit the creativity and cost reduction potential of new approaches.

In the end, more efficiency in this sector does imply a loss of some jobs – or at least a loss in the rate of growth of jobs and markets which many medical equipment makers are now counting on. It will be essential to develop new interfaces for patients which, unlike today’s voicemail systems and medical clerks, provide maximum real assistance to them, respecting recent research [7].  Pathways for a smooth transition are also important.


3. Opportunities for Open Government and Dialogue


The IBM report on smart cities stresses the importance of open systems, creativity and the information economy in the introduction [2].  However, it does not translate that into areas for immediate effort.  That is understandable, in a way, since it is a great challenge to try to devise ICT systems which directly address these grand challenges. Yet in the end, the challenges in education and law enforcement are even greater, if one fully accounts for the full dimensions of those issues, without which  public skepticism would be well justified. In some ways, systems for more open government and deeper dialogue in general in the urban areas  may even be important steppingstones to useful progress in the two other areas, in the US.  (Some cities in other parts of the world may have emergencies in those areas, like the crime problem in Rio, calling for different approaches and more deployment of the limited tools now available.)

One way to approach the development of such ICT tools is to consider the tools being developed for engineering researchers, such as tools for finding collaborators and supporting collaborations, and trying to make them more available, not only for paid activities but for volunteer activities and civic activities which are vital both to the happiness [8] and to the productivity [4,5] of modern communities. Another way is to consider how tools like the Watson debate-viewpoint search engine might also be brought in somehow. Deep search engines and deep dialogue have some relation with each other. It may be essential here to bite the bullet, and find ways to account for the deepest insights from social science, from economics and even from serious ethical philosophy when designing systems people are asked to live with.

One important part of this research would be to develop the types of AI system which would be most effective in supporting (and earning) the full creativity, diversity and trust of the human participants. Systems based on scalar measures of trust and best guess estimates could possibly degrade dialogue, even compared with more naive systems, because of the multidimensional nature of trust, uncertainty, values (which are crucial if any optimization tools are used) and emotional filters. All the considerations discussed in my recent report on the Internet of Things, involving privacy and security, are also important here.





2.     Susanne Dirks, Constantin Gurdgiev and Mary Keeling, Smarter cities for smarter growth, IBM Global Business Services. Highlighted at

3.     Courtney Humphries, The too-smart city, Boston Globe, May 18, 2013

4.     Edward D. Hess, Learn or Die: Using Science to Build a Leading-Edge Learning Organization

5.     Neal M. Ashkanasy, Celeste P. M. Wilderom and Mark F. Peterson , The Handbook of Organizational Culture and Climate (Washington DC: Sage, 2011)

6.     Congressional Budget Office,  The 2013 Long-Term Budget Outlook,


8.     OECD, Work and Well-Being: Insights from Happiness Research

1 comment:

  1. It was really nice blog post on IoT and cloud. I found detailed information here. Thanks for sharing