IEEE Reliability Society Newsletter     Vol. 61, No. 2, May 2015

IEEE Reliability Society Student Outreach in Taiwan

Shiuhpyng Winston Shieh

IEEE Reliability Society Taipei/Tainan Chapter Chair
ssp@cs.nctu.edu.tw
http://dsns.csie.nctu.edu.tw/ssp/ssp-e.html

On March 17th, 2015, Dr. Jeffrey Voas delivered two speeches at National Chiao Tung University. He also participated in the discussions with students.

Presentation 1: 3rd Party Software's Trust Quagmire
Current software development has trended toward the idea of integrating independent software sub-functions to create robust software systems. Software sub-functions are often not homegrown – instead they are developed by unknown 3rd party organizations and reside in software marketplaces owned or controlled by others. Such software sub-functions carry plausible concerns in terms of quality, origins, functionality, security, interoperability, to name a few. This talk surveys key technical difficulties in confidently building systems from acquired software sub-functions by calling out the principle software supply chain actors.

Presentation 2: Networks of Things: Pieces, Parts, and Data
After surveying published IoT literature and products, there is clearly value in having many sensory devices connected to a larger infrastructure. There are also many use cases that illustrate that not only is such a paradigm valuable but that this will be the next evolutionary step for technology. However, the current IoT landscape appears as a confusing mix of buzzwords, consumer products (e.g., smart homes), and over sensationalized predictions. There is no clear formal, analytic, or even descriptive set of primitives that can govern the operation, security, and life-cycle of IoT ecosystems. To counter this, we have developed an IoT primitives approach focusing on specific case studies. This enables us to identify the fundamental underlying primitives and requirements to empower a robust and secure operation for most IoT ecosystems.

We envision that this work will become a blueprint that will define those principles common to all Private Networks of Things (PNoTs). Thus far we have identified 10 primitives common to all IoTs, and we are in the process of building the assumptions and formalisms for each primitive. Note that those primitives become crucial when we wish to argue about IoT systems as a whole. They are also a unifying theme allowing us to compose and exchange information among differently purposed ecosystems.

Besides our work on the IoT primitives, we have another preliminary result; we have partitioned those primitives with cyber-security ramifications, and those for which enhanced security will offer little ROI. Moreover, we have partitioned those primitives for which reliability is a greater concern than security. And not surprisingly, there are those that fit in the grey area between the extremes.

By having primitives, we can analytically and formally argue about "use case" scenarios that address the "what if" questions and scenarios that most vendors and current IoT practitioners avoid. These scenarios can yield a quick determination as to which existing security approaches apply, to what degree, and at what cost.

 Photos Taken at NCTU:

Distinguished Speech Delivered by Dr. Jeffrey Voas, NIST. March 17th, 2015	Distinguished Speech Delivered by Dr. Jeffrey Voas, NIST. March 17th, 2015
Distinguished Speech Delivered by Dr. Jeffrey Voas, NIST. March 17th, 2015	Distinguished Speech Delivered by Dr. Jeffrey Voas, NIST. March 17th, 2015
Distinguished Speech Delivered by Dr. Jeffrey Voas, NIST. March 17th, 2015	Meetings with Ph.D. students March 18th, 2015