As technology developers and implementers, VMware works to define and solve some of the most difficult challenges of our day. But what about the technical challenges of tomorrow?
Readers may or may not be aware that VMware interacts extensively with university researchers, industry peers, and government agencies to understand and define the key technology challenges of tomorrow. That is, while software teams across the company are delivering great new product features and frameworks for the near future, VMware’s Office of the CTO is simultaneously looking at where our customers and the industry will be 5-10 years from now, and where our research and development opportunities may lie.
Nowhere is this more important than in the area of security and resilience for enterprise computing infrastructures. If the long and difficult history of computer hacking and cybercrime has taught us anything (consider WannaCry, various Facebook attacks, or the Colonial Pipeline ransomware incident), it is that anticipating adversarial behavior is as important as responding to it. Applied to longer-term time horizons, we should ask ourselves what technology domains will need to be protected in 5-10 years. What will future adversaries look like, and what tools will they have at their disposal? What technology advancements could dramatically improve the resilience of our systems across the industry?
NSF ERVA Visioning: Engineering R&D Solutions for Unhackable Infrastructure
On August 10-11, 2022, VMware co-led an event at the Massachusetts Institute of Technology (MIT) designed to discuss impactful engineering research directions in future security and resilience. The event, sponsored by the Engineering Research Visioning Alliance, or ERVA, was attended by approximately 25 subject matter experts who contributed perspectives from university research, industry labs, and government.
ERVA was created by the National Science Foundation in 2020 as a neutral convener for events that identify bold and impactful engineering research directions — the kind that could help define a roadmap of national research priorities. A Standing Council selected the visioning theme (“Engineering R&D Solutions for Unhackable Infrastructure“) and assembled a Thematic Task Force to identify research areas and frame event discussion. Co-chairs of this Task Force included Saurabh Amin of MIT and yours truly from VMware Research.
Following the event, an extensive report was written summarizing recommendations for future engineering research on infrastructure security and resilience. My discussion below draws upon content taken from this report.
Unhackable Infrastructure: Scope and Goals
ERVA’s Thematic Task Force defines “infrastructure” as the confluence of four key components:
- Physical assets (i.e., hardware),
- Software and algorithms,
- Data and communications (i.e., data flow), and
- Humans (users, operators, admins, adversaries)
Note the inclusion of humans in this list, a feature addressing what visioning participants felt was an important omission in a great deal of prior research on security and resilience. During the discussion, participants often used the acronym CPHS which stands for “cyber-physical-human systems .” It expands the usual acronym CPS which leaves out the important “H” for “humans.”
An example of “infrastructure” might be an enterprise infrastructure, including data centers, edge computing deployments, and associated client devices. Or, it might be a regional power grid, a wireless communications installation, an autonomous driving deployment, or an automated manufacturing facility.
You can think of “unhackable” as the goal we aspire to in developing the next generation of cyberphysical infrastructure. It ups the ante from the often highly hackable infrastructure of today. The goal of group visioning is to consider what technology advancements could dramatically move the bar toward the ideal of effectively unhackable.
ERVA Recommend Areas of R&D Investment
A key contribution of the ERVA Thematic Task Force is identifying five key areas of R&D investment that should be prioritized. Once again, drawing from report content, these include:
1. Human-Technology Interface Considerations
Far from a second-order consideration, humans are at the center of the systems and infrastructure we will be building in the future. Research is needed to better understand human interfaces, usability, and tradeoffs with functionality, convenience, cost, and human incentives, which go along with the economics of security investment. The latter point on incentives and economics applies to adversaries as well. Work is needed to integrate and protect new human interface technologies like AR/VR and voice assists (i.e., natural language processing).
2. Measuring and Verifying Security (Metrics)
A key challenge in tomorrow’s CPHSs is measuring, evaluating, and verifying security, given their complexity, dynamic execution, and the uncertainties of the surrounding physical environment. Research is needed in continuous monitoring and automated response in the face of changing threats and unpredictability in system behavior. The need for robust verification implies extensive specifications for large-scale infrastructures, something beyond our current practices. Observability is a key design issue in future systems, especially concerning dynamic security state.
3. Future Approaches to Autonomous Security
Autonomous refers to self-configuring, self-guiding, self-managing, self-tuning, and so on. Autonomous security is needed in CPHS infrastructure to address the problem of scale and complexity. The AI-driven security of tomorrow must go beyond statistical analysis to include automated decisions and responses. Contextual awareness is a key challenge in making autonomous security more effective and humanlike. Future applications include virtual security assistants, automated configuration agents, and real-time security risk analyzers.
4. New Approaches to Resilience in Interdependent Infrastructures
Interdependent infrastructures bring together heterogeneous cyber-physical components into complex peering and hierarchical arrangements. Research is needed on correlated hardware and software vulnerabilities that an adversary can exploit. A better understanding of the complex interplay between coordinating entities in CPHS infrastructures is required. A key challenge is developing designs that integrate modular components yet maintain system-level safety and security properties across system boundaries.
5. Architecting Trustworthy Systems
Trustworthy systems offer provable correctness and reliability. Research is needed to transform informal notions of trust into well-defined, robust notions of provable security. Design specifications are a central requirement, including explicit incorrect actions — an intractably large problem space since the number of possible incorrect actions would seem infinite. Work is needed in both centralized and decentralized infrastructures and in complex federations of infrastructure. A large number of new infrastructure domains will need to be addressed. One example of this is automated driving infrastructures and deployments.
What You Can Do
VMware is always interested in collaborating with enterprise partners and organizations on the future of technology. Feel free to reach out or leave a comment below for discussion on any area discussed by the ERVA visioning report, “Engineering R&D Solutions for Unhackable Infrastructure.”
Also, note that the ERVA Standing Council takes ongoing suggestions for visioning themes. What do you see as an essential area for future research and development investment? What would change our world in your eyes?
Links for Further Information