An Eerie and Early Visualization of the Internet of Things (IoT)

I've got a short story to recommend to you. It's cerebral without being overly literary. It's got action, though no cyber-physical grid attacks. There's no shooting. No lives lost. No outages. But is there ever a lot going on! In fact, I'm pretty sure it's a parody of sorts of what may be coming our way in the not-very-distant future.

Titled "Water,' it was published last year by author and futurist, Ramez Naam.

Here's what the ad-free, neural-implanted main character experiences walking down a street in NYC:

Civic systems chattered away. The sidewalk slabs beneath his feet fed a steady stream of counts of passers-by, estimates of weight and height and gender, plots of probabilistic walking paths, data collected for the city planners. Embedded biosensors monitored the trees lining the street, the hydration of their soils, the condition of their limbs. Health monitors watched for runny noses, sneezing, coughing, any signs of an outbreak of disease. New York City’s nervous system kept constant vigil, keeping the city healthy, looking for ways to improve it.

MIT Palantir Reveals Future Views of Grid and Grid Security

And as in the Lord of the Rings, few can look into a palantir and walk away unscathed. That's true for this recently released grid forecast from MIT, and especially for the sections on cyber security, which have served as the justification for many alarmist articles since, including:

• Electric Grid's Future: Increased Risk of Attack
• Smart Grid: There will be a Successful Attack
• US Power Grid is a Big, Soft Target for Cyberattack, MIT Study Shows
• Is Smart Grid Security a Losing Game?

What the hell does that last title even mean?  I read the article and still don't get the point.

It's funny but I just went through the security section of the MIT document and couldn't find anything faintly, and nothing that would strike the regular readers of this blog as in any way surprising.

The part that seemed to stir the press pot the most was in the conclusions and recommendations section - it began by stating that no one organization today makes and enforces grid security rules for the entire (US) grid, not FERC or NERC since they only have authority to regulate the bulk grid. Not other groups in DOE. Not DHS. Nor NIST, as its cyber security working groups as they can only recommend, not mandate, protective actions.

So this prompts the MIT report team to conclude:

This lack of a single operational entity with responsibility for grid cybersecurity preparedness as well as response and recovery creates a security vulnerability in a highly interconnected electric power system comprising generation, transmission, and distribution.

And recommend:

The federal government should designate a single agency to have responsibility for working with industry and to have appropriate regulatory authority to enhance cybersecurity preparedness, response, and recovery across the electric power sector, including bulk power and distribution systems.

This sounds right on one level (single source of truth and control) and yet wrong on many others, particularly, as the authors themselves point out, that they are hard pressed to imagine which government organization is equipped or ever could be equipped to take on so monumental a task.

But seriously folks, the MIT report is well worth a look, not so much for its cyber security content, as for its informed prognostications on other aspects of the future grid. There's no need to worry about the Eye of Sauron, or anything else unusually alarming, in this quest for knowledge.

You'll find the full report and some supplementary materials HERE, and the security section begins on page 208.

Image credit: Wikia