Internet Security Expert Witness & The Industrial Internet Consortium

In The Internet of Things, for Better or Worse, internet security expert witness Steve Burgess writes on networked devices. Burgess Forensics has offered computer forensic and electronic discovery as well as expert witness testimony since 1985.

What kinds of devices make up the Internet of Things (“IoT”)? Anything Internet-connected, which can currently include everything from computer to coffeemaker, from range to refrigerator, from baby monitor to burglar alarm, from car to crockpot. And because they’re Internet-connected some people are afraid that these devices may be subject to malware that will cause them to become zombies.

And indeed, unauthorized use of internet-connected devices has already begun. Around the end of 2013, about 100,000 such devices were used to send about 750,000 spam messages. Seven messages per device is not much, but it is indicative of a real problem. And the low number per device may have been by design, so as to avoid detection. What to do?

Quentin Hardy of bits.blogs writes “And indeed, unauthorized use of internet-connected devices has already begun. Attention: Internet of Things. For better or worse, big boys are in the room.” As many as ten companies including AT&T, Cisco, General Electric, IBM and Intel are forming a consortium to create engineering standards in some of the world’s largest industries, from automotive and manufacturing to healthcare and the military. GE.com describes the Industrial Internet Consortium: “The open, not-for-profit group will work together to break down technology silos, improve machine-to-machine communications and bring the physical and digital worlds closer together. The members will be developing common architectures and advanced test beds for real-world industrial applications…. Although there are already some 10 billion connected devices, they represent just 1 percent of what’s possible. That number will grow to 50 billion by 2020.

The National Institute of Standards and Technology is helping organize the consortium. Five areas of concentration have been laid out:

• Co-engineering cyber and physical systems • Identifying cyber-security issues and solutions • Addressing concerns about interoperability • Identifying ways to maintain robust wireless connections • Setting standards for real-time data collection and analytics
On the international level, the Object Management Group was founded in 1989 as an international, open membership, not-for-profit technology standards consortium. OMG standards are driven by vendors, end-users, academic institutions and government agencies. OMG Task Forces develop enterprise integration standards for a wide range of technologies and an even wider range of industries. OMG’s modeling standards, including the Unified Modeling Language (UML) and Model Driven Architecture (MDA), enable powerful visual design, execution and maintenance of software and other processes. OMG also hosts organizations such as the user-driven information-sharing Cloud Standards Customer Council (CSCC) and the IT industry software quality standardization group, the Consortium for IT Software Quality (CISQ).