SE and the IoT Yann-Gal Guhneuc Workshop on Security and Privacy - - PowerPoint PPT Presentation

Yann-Gaël Guéhéneuc

This work is licensed under a Creative Commons Attribution-NonCommercial- ShareAlike 3.0 Unported License

SE and the IoT

Workshop on Security and Privacy Engineering NII, Tokyo, 2016/03/22

The major cause of the The major cause of the software crisis software crisis is that the is that the machines have become several orders of magnitude machines have become several orders of magnitude more powerful! To put it quite bluntly: as long as there more powerful! To put it quite bluntly: as long as there were no machines, programming was no problem at were no machines, programming was no problem at all; when we had a few weak computers, program all; when we had a few weak computers, program-

• ming

ming became a mild problem, and now we have became a mild problem, and now we have gigantic computers, programming has become an gigantic computers, programming has become an equally gigantic problem. equally gigantic problem. — — Edsger Edsger Dijkstra Dijkstra, The Humble Programmer , The Humble Programmer (EWD340), Communications of the ACM (EWD340), Communications of the ACM

A New A New Software Software Crisis Crisis

A New A New Software Software Crisis? Crisis?

Tesla P85D Tesla P85D

Data is hidden in firmware Data is hidden in firmware Customer has access to the data Customer has access to the data Company has remote access Company has remote access New firmware fixes charging bug New firmware fixes charging bug

Tesla P85D Tesla P85D

A New A New Software Software Crisis Crisis

Tesla P85D Tesla P85D

• Development

Development

• Release

Release

• Feedback

Feedback

• Change

Change

• Security/Privacy

Security/Privacy

What? What?

Definitions

The Internet of Things is a network

• f physical objects connected to

and access through the Internet

The things contain hardware and software

to allow them to interact with the external environment and to let them and users interact with one another

Why? Why?

Usages

Monitor things Predict usages Optimise consumption Manage life-cycle

http://www.japanfs.org/en/news/archives/news_id034785.html

The value of a telecommunications network is proportional to the square

• f the number of connected users of

the system (n2).

—Robert Metcalfe, c. 1980 (attributed by George Gilder in 1993)

“[E]ven Metcalfe's law understates the value created by a group-forming network [GFN] as it grows. […] [T]he value of a GFN increases exponentially, in proportion to 2n.”

—David P. Reed, "The Law of the Pack" (Harvard Business Review, Feb. 2001,)

But contrast with http://spectrum.ieee.org/computing/networks/metcalfes-law-is-wrong

http://makezine.com/2014/02/06/the-internet-of-things-why-does-it-matter/

Socialisation

• f everything

When? When?

www.slideshare.net/Sigmasoftware/internet-of-things-58751241

www.slideshare.net/Sigmasoftware/internet-of-things-58751241 news.softpedia.com/news/New-Infographic-Boosts-Your-Smartwatch-Knowledge-446497.shtml

www.slideshare.net/Sigmasoftware/internet-of-things-58751241

www.slideshare.net/Sigmasoftware/internet-of-things-58751241

Tesla P85D Tesla P85D

How? How?

• Usage

Usage

• Integration

Integration

• Construction

Construction

http://www.sine-wave.com/blog/enterprise-internet-of-things-platform-essential-layers

Usage

http://img.deusm.com/designnews/2015/02/276684/Optimal-Design.jpg

Integration

Construction

http://www.slideshare.net/RehmatMarwat/introduction-to-internet-of-things-45172425

Conclusion Conclusion

A New A New Software Software Crisis Crisis

Problems? Problems?

Solutions? Solutions?

Solutions?

Reactivity, scalability, configurability,

resource consumption, robustness

Methods and development techniques Architectures, interoperability

https://www.computer.org/web/computingnow/swcfp1

Solutions?

Development tools, frameworks, platforms Continuous delivery and integration Verification and validation

https://www.computer.org/web/computingnow/swcfp1

A New A New Software Software Crisis Crisis