180 likes | 453 Views
Korean Computer Scientists and Engineers Association in America 11 th Annual Symposium 5 November, 2010. Information Sciences Institute “We are the ‘&’ in R&D. Information Sciences Institute Agent of Innovation: from visionary to viable.
E N D
Korean Computer Scientists and Engineers Association in America 11th Annual Symposium 5 November, 2010 Information Sciences Institute “We are the ‘&’ in R&D Information Sciences Institute Agent of Innovation: from visionary to viable Major and Remaining Challenges in Networking, Wireless, and Intelligent Systems Dr. Preston Marshall Director, Decision Systems, Information Sciences Institute, and Research Professor, Ming Hsieh Department of Electrical Engineering Viterbi School of Engineering, University of Southern California, Marina Del Rey, CA and Arlington, VA pmarshall@isi.edu 1
Modern Computer Science Incremental Approach Has Made Us Timid and Unwilling to Attack Major Issues that Might Be Disruptive to Current Technology • We Are All Proud that Computing Has Been A Series of Unprecedented Successes • Internet • Ubiquitous and Mobile Computing • Web, Social Networking, … • So Everything must be Right, …? • Then, Why Have We Become so Incremental and Evolutionary
Modern Computer Science • Our Technology Is Showing Some Serious Stress and Strain • Internet was a great design for 8kB core-based memory computers, but for Today? • Internet Security is Fundamental Risk to Citizens, Institutions, Nations, and Critical National Infrastructure • We Have Risked our Entire Society to one Single, Demonstrably Vulnerable Technology • Our Expression Model is not Fundamentally Different than in the 60’s • Yet Much Research focuses on Tweaks, Engineering Tuning, or Incremental Efforts that do Not Challenge Fundamental Weaknesses, Shortfalls, …
Modern Computer Science?Some Discussion Topics • We Program the Same Way we Did in the 60’s • Product Cycles Extend, Software Dominates Product Cost and Schedule, Our Systems Leak Information, Innovation is Slowed or Blocked, … • Technology Built for Computing with 8K Core Memories is Being Used as the Infrastructure for a Mobile, Information Centric, Society • Would We Build the Internet this Way if we Built it Today? • We Have Created a Technological “Single Cause Failure” that Threatens All our Infrastructure, Wealth, Commerce, … Simultaneously • Internet Security is Fundamental Risk to Citizens, Institutions, Nations, and Critical National Infrastructure We Seem to Accept and Rationalize All of these Facts!
1. How We Program vs. How We Design? Design Abstractions 60-70’s Today Parts of Transistors Transistors and Logic Elements Arithmetic Elements Processor Units IC’s ALOGOL FORTRAN Software JAVA? Lambda Calculus Constraint Solving Declarative? • Problem Expression Still Basically in the 60’s ALGOL Era • If Computing is to be the Driver of the Economy, then How can it Support the Long Development, Uncertain Costs, Atrocious Quality, … • Consider the Evolution of Design Abstraction Level Between IC and Software Design
2. Internet Technology Example: We Are On a Path to Replace Broadcast TV from One Transmitter with Literally Thousand of Individual Point to Point Transfers! • The Internet is Clearly One of Our Most Successful Inventions • But Way Different in Intent than What We Are Using it for: • It was Built to Connect Networks (“Internet”), not Computers, much less 100’s of Devices within One House • It Was Built for Fixed Nodes, Not Highly Migratory, Mobile, … Devices • It’s Strength is the “Purity of Abstraction”, But Not Clear that is Solution for Media Convergence
Some Internet Questions • No One Locates Books by a Hierarchy (i.e. Dewey Decimal or LC #) • Why Would we Organize Names and Numbers for Internet Identity • Creating Thousands of Top Level Domains Hardly Sees Like the Answer • Telephone Numbers Are Your Identity – But IP Numbers Are a Location • So We have Had to Build (Kludge) Overlays, such as Skype ID, Usernames, … • But Services Like IPSEC Fall Back on IP# = Identity • Try to Roam across IP Nets using Skype or IPSEC!! • Content Is All Centralized, Yet Access is Decentralized and Highly Correlated
Some Internet Questions #2 (Security) • Does Anyone Believe We Are Making the Internet More Secure? • We are Clearing a Mine Field by Stepping on Each Mine! • There are More Mines than Mine Clearers! • In this Metaphor, Uncompromised Bank Accounts, Credit Cards, Identities, … • More Important Question: Does Anyone Believe We Can Make the Current Network and O/S software Secure? • Then Why Aren’t We Investing in this Issue anything Like What We Spend on Anti-Virus, Firewalls, Intrusion Detection? • We Are Using our Energy to Bail Water, not Fix the Leak • Market Proof: The Cost of a “Zero-Day” Worm has not Risen Despite Investments in Security
3. Internet Technology “Put it on/over the Internet” Has Become an Elixir for All Budget/Service/Technology Problems • Our Community Built/Builds/Researches/Sells This Technology, but: Our Obligation: • Inform Decision Makers and External Community of the Issues with this Technology • Find the Fundamental Research that Attacks the Big Issues • Not Just fund a Grad Student at a Time!
Internet Accountability • Many Believe Internet Has Anonymity as a “Right” • Not in any RFC I Have Read • I Think the Creators Were Just Glad to Have it Work! • Many/Most of Internet Security Issues Derive from Lack of Accountability for Actions • DNS Poisoning, Attacks, Port Scanning, Spam, ID Theft, Bot Net Control, . . . • As More National Infrastructure is Internet Dependent, are We Willing to Place National Security/Economy/Society at Risk to Maintain Inherent Anonymity? • Dissidents Need Avenues for Speech, but at What Cost and Risk to All Citizens of the World? • Broad Community Needs Understanding of Role for Mechanisms to Enforce Accountability for Some Functions • Network Management, Financial, Economic News, … • Does Not Preclude Services (such as Chat Rooms, Blogs) from Not Maintaining it
Common Cause Failure and Security • During Cold War, Governments Understood Necessity to Ensure no Single Failure Could Deny Ability to Retaliate after and Attack on Our Society • Billions Spent in Redundant Communications, Weapons, Command and Control, … • Billions Spent to Ensure Confidence in Identification of Attack Source • Led to Fundamental Advances in Systems Theory, Communications, Space, Computing, … • That Threat Went Away, But Others Emerged • We Have Had More Cyber Attacks than Nuclear Ones! • Yet, These Basic Principles of Societal Protection Have Not Been Applied to Our Current Infrastructure Because of Lack of Awareness of Technological Concentration
We Once Had a Diversity of Communications Technologies Independent Legacy Systems Enterprise Nets Internet Technologies Plain Telephone VPN VOIP Public Safety DNS, OSPF, BGP, IP LTE Cellular Traffic Future Robotics, Medicine, Earth Resources Military Cellular Management (SS7) Utility Control Cyber Attack is Preferred Vector for non-Peer & Developing Nation State Attack on Otherwise Militarily Invisible Adversary All Comm Services Are Converging on IP as Core • Ex. FCC Has Proposed Public Safety D-Block Spectrum Be Auctioned, and Public Safety Be Given LTE Services • Utilities Building “Smart Grid” on IP, SCADA, All Can Be Negated with a “Common Mode” Attack • Fortunately No One Has Found (or Publically Used) it , but Why Are We Gambling Our Societies on Assumption One Does Not Exist? Monocultures Lead to Massive Societal Failures • Irish Potato Famine
Question to Our Community US and Korea Face Unique and Proven Threats • Importance of Accountability is Obvious After the Fact • Effective Response to the Sinking of the Cheonan Hampered by Lack of ABSOLUTE Proof of Attack Source • Despite Physical Evidence • Imagine the Difficulty in Responding to a Nation State Attack, when the Attack was Vectored through Multiple Botnets, Friendly Countries, non-State Actors, … • How Many of Our National Decision-Makers Understand: • That Major Portions of Economic, Social, and Military Infrastructure is Vulnerable to a Single Mechanism in the Internet Fabric? • Can Not Only Negate a Single Element of the Economy and Response Capability, But to Negate Apparently “Redundant” Systems as Well? • That there Will Likely be no “Actionable” Proof of the Source of Such Attacks? • Dialog is Not One to be Decided by Science Community, but it Should be Raised by this Community
How Do Engineers and Scientists Contribute to the Communications Vision? • Engineers and Scientists Tend to Limit Publications/Presentations to Quantitative Material Backing Up Technical Contentions • Try to Get through Peer Review without MATLAB, SIMULINK, MATHEMATICA, Equations, …! • We Need a Dialog about where things “Might” go! • Bound by Physics, but Flexible on the Immediate Technology and Engineering • For anyone Organizing a Conference, Have Some Science and Engineering Vision in the Agenda – • Otherwise the vision is written by Sociologists, Talk Show Hosts, … • Make sure your TPC Understands!
Our Accountability • We Are Developing and Deploying Technology Faster than Society Can Absorb it! • Sociologists, Lawyers and Politicians Can Look at Impact After Deployment, But We Should Take Burden to Better Articulate these Issues Well Before they Are Apparent • We Particularly Need to be Observant of Loss of Diversity in the Technology • Millions Worry about Loss of Natural Diversity • Should We Not Worry About the Effects of Loss of Technologic Diversity? • One Networking Technology, One Search Technology, … • Marketplace is Good Arbiter for Independent Decisions, but Can Not Deal with Technologic Correlation Across our Entire Society, “Black Swan”, Nation State Actions, …
Fundamental Change in the Internet • We Owe Our Government, Economic and other Institutions Concerns That the Internet Has become So Critical to the Society, yet is Already Obsolete, and a Risk to Our Economy and Society • Emphasize this is not Just an “Interesting” Research Topic for Comp Sci PhDs, or Academic Welfare, but Central to the Future of an Internet-Dependent World • Industry Hesitant to Raise Risks in Pointing Out Issues with It’s Own Products and Investment Strategies • Lots of Small NSF Programs Will Not Fill This Need! • Believe a Similar (Less Threatening) Condition Exists in Restraints on Innovation due to Programming Software-Based Products as they become More Risky and Product Cycles Extend
Korean Computer Scientists and Engineers Association in America 11th Annual Symposium 5 November, 2010 Information Sciences Institute “We are the ‘&’ in R&D Information Sciences Institute Agent of Innovation: from visionary to viable Thank You Questions? Dr. Preston Marshall Director, Decision Systems, Information Sciences Institute, and Research Professor, Ming Hsieh Department of Electrical Engineering Viterbi School of Engineering, University of Southern California, Marina Del Rey, CA and Arlington, VA pmarshall@isi.edu 17
Some Major and Remaining Challenges in Networking, Wireless, and Intelligent Systems The growth of the Internet has shown the flexibility of the underlying mechanisms to scale from small, University-oriented computer to computer connections, to a fabric that is fundamental to most of today's social, commercial, financial and Government structures. However, the fact that has been successfully scaled does not prove that it is the right network framework to address all of today's challenges. The growth of wireless, the transition of critical infrastructure systems to the Internet technology, increased vulnerability to cyber-attack and vulnerability of private information all are stresses unimagined only decades ago. Responses to these stresses have tended to be evolutionary, but it may be time for the science and technology community to make more effort to bring the need for revolutionary changes in the computing and networking infrastructure to the attention of policy, regulatory and funding organizations.