Creating digital trust

Creating digital trust in systems

This piece is the sixth article of our July issue of FOCUS, the theme of which is digital transformation.

26 August 2020

Coastal Infrastructure Commercial Maritime Defence and Security Energy and Resources Water Management

Creating digital trust in systems

“Digital technology is re-shaping nearly every aspect of daily life, including how we interact with each other and what we expect of people. As a result, our cities are becoming increasingly transformed through digitalisation and data, re-inventing how our urban economies function and how people live and work”, says Freyja Lockwood: Smart City & Innovation Manager, Bristol City Council.

“There’s a major focus on the digital economy providing a rich source of data about people, places and things - especially personal data. Both the public and private sectors are looking at how they can exploit these technologies in our cities to improve services, reduce costs and open up new markets with disruptive economic models.

“In the digital economy, cities are a key setting for the collection of the data that enables modern technology and service firms to thrive, from sharing economy platforms like Uber or Airbnb, to providers of the technology that power local services.

“But as the lines between human agency and smart agent-like devices become increasingly blurred, there’s an emerging challenge in building trust and public acceptance. With these new threats and governance challenges come fundamental questions that we should be exploring in order to understand how to develop systems that people trust and to unlock the immense opportunities that Digital Transformation can bring to citizens and their city spaces.”

And it is precisely this challenge - that of developing safe, high-integrity systems - that Dr Chris Mobley, Founder of Blueskytec set out to address when he founded his company in 2013. Having observed that military systems and submarines had implemented strong cyber security and secure data links to protect against online interception and malware propagation, Dr Mobley did not think the same could always be said for the proliferation of connected IoT devices that were being rolled out and that are at the core of future infrastructure.

So he found a way to secure the data that feeds into high-value, mission and safety-critical assets such as drones and UAVs, satellites, ships, autonomous cars and the platforms and digital systems that are making our cities smarter, more connected and more ‘bullet-proof’ against potential cyber penetration or electronic attacks from known and unknown sources.

“Integrity is the root of all trust - whether this is between people or systems. With our technology, we assume that all communications are compromised and lack integrity unless they share our technology’s backbone. We believe that a physical asset needs to be physically secured with hardware”, says Dr Mobley.

His patented hardware and encryption techniques create a physical ‘trust anchor’ among system components. Something that can serve as proof of absolute trust between devices in a system, like a secret handshake among friends or a secret code phrase.

Except this handshake or phrase cannot be shared, observed or understood by outsiders and, according to Dr Mobley, guarantees absolute data security when applied. This hardware-based trust anchor works by preplacing a block of coded key material into any physical asset or system to create an infallible root for trust between those systems.

In Columbia, these assets happen to be bikes. Here, they are working with local government on a smart city initiative to address air and plastic pollution by incentivising young people to collect plastic bottles. These bottles are crushed to create colourful bicycle frames which are fitted with Dr Mobley’s patented technology and environmental sensors.’

“In this way, young, inner city people get access to bicycles in exchange for cleaning up plastic waste and the data from the sensors helps parents and local government securely track the location of the bikes, along with C02 levels, speeds and the state of local roads”, says Dr. Mobley.

But the asset could also be an autonomous car. “If we think about the Artificial Intelligence (AI) that we’re training, like those in autonomous cars, we assume that we’re operating that car in a benign environment, but this isn’t necessarily true”.

“There are people who are also training AI to do bad things, who may get hold of an unsecured device with the intention of altering its base programming. Dangerous situations like these need to be avoided.

“For the AIs in autonomous cars to function correctly, they must upload the information they’ve gathered during the day into a database to be shared with other AI cars”.

“This is then rolled back out overnight so that all the cars can benefit from what that one AI has learnt that day, allowing a car that is operational in sunny California to learn how to drive in snowy weather conditions from one that’s operational in Austria, for example. It knows because the other cars know!

“But this key process of AI training is open to abuse from malicious actors if the data exchange is not secured. For these systems to be safe and reliable, their integrity is critical. We need to be able to trust these systems and know that the updates we are getting from other AI systems and environmental sensors are also trustworthy.

“Training AI algorithms on untrusted or infected data could cause it to make bad decisions, which would be catastrophic in the case of a car. And if humans start to see that autonomous cars are showing signs of not behaving properly, then they will cease to trust them” says Dr Mobley.

“By using a ‘trust anchor’, an autonomous car can drive off round the countryside and we can digitally ask it questions. If the right answers come back, then we know we are speaking to the right car and can exchange information we can trust. Equally, that car will know not to respond if it gets questions from a device that is asking it the wrong questions.”This simple exchange methodology can be used to create trust”, says Mobley.

Securing data between physical industrial systems and IT systems is fundamentally different.

“When people think about cyber security, they are often thinking about securing just IT systems, where confidentiality, integrity and availability (CIA) of the system are what matters most to the user”, says Mobley. “But with digital twins and industrial instrumentation systems and sensors, where data interacts with humans, this paradigm is flipped and the most important factor is that the device and the data are safe to use.

“Blueskytec’s digital anchors are manufactured in the UK through a trusted supply chain and ensure that IoT/IIoT devices talk to their endpoint server first, before talking to the cloud.

“This guarantees data security and addresses the trusted systems paradox. As we move towards autonomy, hyper connectivity and embrace AI at scale in our future cities, we must elevate our thinking about security and integrity of the systems we are developing. We must understand the social implications and work to build people’s trust.

“Without a solid foundation that encompasses an individual’s or company’s or society’s Security, Privacy Safety and Ethics, these latest advances and applications in IoT/ IIOT technologies will be significantly undermined and will result in the proliferation of new threats and vulnerabilities”.

Meet the authors

Freyja Lockwood

Smart City & Innovation Manager, Bristol City Council

Freyja Lockwood

Smart City & Innovation Manager, Bristol City Council

Freyja leads Bristol City Council’s City Innovation Team. Along with the citywide partners, the team is exploring, developing and implementing ‘smart’, citizencentred solutions to improve their city space. As a chartered Human Factors specialist and systems thinker, Freyja brings a people-centred approach to technology-driven change. In 2017, she co-authored the widely cited Global Marine Technology Trends 2030 Maritime Autonomous Systems that explored the potential impact of emerging technology on the maritime sector.

Dr Chris Mobley

Director and Founder of Blueskytec

Dr Chris Mobley

Director and Founder of Blueskytec

Dr Chris Mobley has a background in defence and national security on both sides of the Atlantic. He worked on electronic warfare projects before moving into cryptographic solutions to secure the UK’s battle space with MoD and GCHQ. His work with his colleagues for US and UK intelligence agencies provided a deep understanding of future cyber security threats and led to the development of technology using a quantum derived hi-grade crypto to secure control systems and monitor anomalous behaviour utilising machine learning.

Share this

Related content