How to prevent IoT-based Internet outages: #1 SynthOS
I'm currently poised to finish reading a book called But What If We're Wrong?: Thinking About the Present As If It Were the Past by Chuck Klosterman. The concept underlying this tome is rather interesting -- to visualize the contemporary world as it will appear to those who will perceive it as the distant past.
Based on what I'd heard about the author, I had high hopes about this little rascal (the book, not Chuck). Sad to relate, it didn’t live up to expectations and I wouldn’t recommend your spending any time on it. Having said this, the book does contain some nuggets of knowledge and tidbits of trivia that make one think, such as Chuck noting that he started his professional career in a world where there was (essentially) no Internet at all, and he'll end his professional career in a world where the Internet will be (essentially) the only thing that exists. (This makes more sense the way he says it with supporting arguments.)
My point is that it's becoming increasingly difficult to imagine life without access to the Internet, so occurrences like the recent cyberattack on October 21 that disrupted Internet service across Europe and the US bite deep into the fabric of our technological society.
A big aspect of all this is creating secure systems. Security must be present end-to-end throughout the Internet and must cover both hardware and software. One problem is that, although a lot of effort is going into securing the core of the infrastructure, more and more functionality is being pushed out to "the edge" of the Internet in the form of the IoT devices themselves. It was one thing when leaf-node devices were simple sensors providing rudimentary information like ambient temperature; it's quite a different thing when they are given intelligence and communicate sophisticated packet-based information (for example, see Junko Yoshida's recent column Movidius to Push AI at Edge of Network). This is the point at which these devices start to provide a significant attack vector into the network.
Indeed, it appears that this was the case in the October 21 attack -- malware took over more than 500,000 under-secured IoT devices on the edge of the Internet and used these devices to mount a concerted distributed denial-of-service (DDoS) attack that brought down some of the most popular sites on the Internet, including Netflix, Twitter, Spotify, Reddit, CNN, PayPal, Pinterest, and Fox News.
In the coming weeks, I'm going to be writing a series of columns discussing a variety of strategies, tools, and technologies that can be used to make the "things" at the edge of the IoT more secure. In this article, I thought we'd start with Zeidman Technologies (which was founded by my chum Bob Zeidman) and its SynthOS product that can analyze your application code and automatically generate a real-time operating system (RTOS) -- for use on an FPGA, MCU, or SoC -- that is optimized and tuned to your particular requirements (see Synthesize Your Own RTOS for Free!). According to Bob:
There is no need for the developer to worry about things like setting semaphores, mutexes, or priority flags, and no need to create task context blocks, message queues, or task mailboxes -- these are all handled automatically. Furthermore, the developer doesn't need to worry about race conditions, deadlocks, processor hogging, or un-serviced tasks, because -- in addition to being optimized for speed, size, and security -- the resulting application-specific operating system (ASOS) is correct-by-design.
I must admit that when I first heard about SynthOS, I thought about it only in the context of my own hobby projects, like my Capriciously Cunning Chronograph, and my mind completely skipped over the security implications inherent in the SynthOS approach. Bob just called to informed me about a blog he's written How SynthOS Can Prevent an IoT-based Internet Outage, which has certainly given me some food for thought.
If you have any opinions on this topic that you'd care to share, including strategies, tools, and technologies that can be used to help secure the Internet in general and IoT devices in particular, please comment below and also email me at firstname.lastname@example.org; maybe we'll base a future column on your suggestions.