16 February 2015

Will “Softwarization” create new risks of global Cyber-wars ?

Recently, we’ve been asked what are the potential military applications of SDN and NFV.

Well, the first simple example in my mind concerns remote control and program of (swarms of) drones and robots. In fact, it has been argued several time that “Softwarization” will transform terminals, tablets, machines, smart thing, drones, robots… into “meta-node” of SD-Infrastructures (SDI). In general, it’s easy to predict that the availability of huge amounts of cloud processing and storage, interconnected by highly flexible and fast SDI, will create a pervasive “machine intelligence” able to morph space-time physical dimensions, and, in general, the direct physical presence of humans will be required less and less to perform certain jobs or tasks.

In the future, technology will offer increasing capabilities and performance at lower and lower costs, and it will be more easily accessible. SDIs are likely to become  the nervous systems of future Digital Society and Economy. This will create opportunities and risks: software is vulnerable by definition.

Future SDI will be by definition a vulnerable infrastructure that needs to be secured against attacks and made resilient. Security should be part of the smartness (i.e., we always talk about smart grids, smart cities, smart objects…etc). Possible scenarios? It’s just a matter of “imagination”. Nevertheless, I guess it’s much more important concentrating on how to contain the threats, or predict, tame the risks posed by some uses of Softwarization.

Security-by-design should be, in my opinion, one of the key top-priority avenues concerning SDN and NFV. And, new techniques should be identified to complement the current approaches adopted in legacy infrastructures.

Softwarization, for example, could bring the ability for security policies to follow logically specific network functions (in logical containers, VMs).  More in general, cyberspace is definitely becoming a Complex Adaptive System: in this sense both local self-organization/emergent behaviours (with simple rules) and global Big Data analysis (making use of methods and algorithms for detecting suspicious data patters, anonymously) could contribute protecting SDI (e.g., through adopting 'honeypot' approaches to detect and block SDI attacks).