Pages

11 July 2017

Complex Cyber Terrain in Hyper-Connected Urban Areas

by Mike Matson

The cyberspace domain of the future will most forcefully assert itself in urban areas. These urban areas will vary greatly in population density and spatial distribution, level of integration between systems, and the formality of systems. Within every urban area will exist complex physical cyber terrain and complex virtual cyber terrain.

The number of connected devices, sensors, and tags in a UA will be staggering. The most significant systems in hyper-connected UAs will be the millions of personal area networks, and corresponding millions of discrete artificial intelligence programs. The adaptation of artificial intelligence in future networks introduces a new and potentially powerful actor in the cyberspace and land domains commanders will have to interact with to succeed in urban operations – the city itself.

One Size Does Not Fit All

Megacities and dense urban areas of 2050 will not be not monolithic constructs, nor will the cyberspace domain within them. The level of integration within a UA and the formality of the computer systems will fluctuate between and within UAs. At urban cores, cyber infrastructure may be both highly integrated between systems, and highly formal. This means multiple, centrally designed and deployed networks put in place by city planners to effectively manage the various services in a city. Systems may become both less integrated and less formal the farther out from the urban core, but that is not a given, meaning every UA will fluctuate not only in a physical sense, but a virtual sense, block by block.

In highly integrated UAs, highly formal systems may stretch deep into the suburbs. Whereas in developing countries, as rural populations move to cities, informal population centers often build up on lines of communication stretching out from the urban core. These areas will likely experience less integrated systems linked to the urban core, but may still be highly integrated at the local level, creating islands of highly integrated systems within otherwise low integration areas. And the systems may be more informal, creating a significant mishmash of hardware and software to create jerry-rigged solutions to hyper-local problems.

The most critical dynamic in these UAs will be the population. Just as the Internet of Things (IoT) and Internet of Service (IoS) will continue to evolve to support people and services, the population will become hyper-connected at the individual level, becoming an Internet of People (IoP): “People becoming a part of ubiquitous intelligence networks having potential to seamlessly connect, interact and exchange information about themselves and their social context and environment.”[1]

The combination of completely integrated people and systems in UAs is what will define future hyper-connected UAs, which are constantly changing in both space and time. These hyper-connected UAs will have complex cyber terrain and this terrain will cross into the other warfighting domains.

Complex Cyber Terrain within an Urban Area

The Cyberspace domain is manmade and that is what makes the domain fundamentally different from its predecessors. Cyberspace is malleable where other domains are not.[2] Most discussions of the cyberspace domain focus on the software, and not the hardware of the Internet. The software is generally considered a more significant aspect of the domain.[3] As a result, the physical aspect of the domain has not received a great deal of focus, because of claims it is inherently too complex to effectively visualize. The problem is, “…although the cyber domain is a human construct, the complexity of cyber infrastructure, together with the speed and global reach of cyber action, frustrates the ability to visualize cyber-space in a coherent way.”[4]

Within the framework of multi-domain battle, however, the cyberspace domain has its own complex physical terrain within the land domain, and operations within hyper-connected UAs will need to take this physical cyber terrain into consideration. Nowhere else is complex physical cyber terrain more evident than in UAs.

What does complex physical cyber terrain look like today, and what it might look like in 2050? A great primer on complex physical cyber terrain in urban areas is Ingrid Burrington’s 2016 book, Networks of New York: An Illustrated Field Guide to Urban Internet Infrastructure. In it she takes the reader on a tour of the complex physical cyber terrain of a megacity. She focuses on below ground, ground level, and above ground systems. Three major pieces of terrain stand out in importance.

Fiber Optic Cable

The Internet primarily moves over fiber optic cable. While wireless access to the Internet will be ubiquitous in UAs by 2050, and there will be multiple technologies to move data over the last mile between fiber and endpoint, the basic construct will likely remain that the vast bulk of data ultimately will move between systems via fiber optic cable.

Where is fiber optic cable in UAs? It is right under your feet. Fiber optic cable often is laid in UAs on top of prior services like phone and electricity, making cable easy to find and access. If you know the code, a person can read the utility markings, manhole and access covers, and scars in the pavement to see where fiber cable is laid even without maps or diagrams.[5],[6]

Another key piece of physical terrain related to fiber optic cable unique to coastal cities is submarine landing points, and submarine termination points. The vast majority of all Internet traffic flows over submarine cables between continents. Submarine landing points are where cables cross from the maritime to land domains. Termination points may be several miles away where the cable enters the local network at a carrier hotel or data center. These are both important pieces of infrastructure in coastal cities.

Carrier Hotels and Data Centers

A termination point is a good pivot to discuss the largest individual pieces of complex physical cyber terrain in a UA. These are carrier hotels and data centers. Carrier hotels and data centers are the nerve centers of a UA. A carrier hotel, also known as Internet exchanges, are where different commercial networks on the Internet interact. Carrier hotels and data centers can fill an entire building. “Racks and racks of switching equipment and cables run through these buildings.”[7] Very often they may be clustered where fiber optic cable is laid in the densest amounts, such as lower Manhattan.[8]

Data centers may go by different names, but the purpose is the same. Large numbers of servers are located in the same location and provide remote processing or storage capability for consumers. Those consumers can be governments, private companies, and individuals. Data centers are the key to cloud infrastructure, and the disruption of processing and storage activity in a data center could have impacts well beyond the local area.[9] There could be dozens or even hundreds of data centers of various levels of military importance in any particular UA which may need to be seized, destroyed, or defended in order to facilitate operations within the cyberspace domain.

Ubiquitous Sensor Networks

Burrington’s book does a good job of sampling what will eventually evolve into ubiquitous sensor networks (USNs). She identifies a variety of camera and radio frequency ID (RFID) sensor networks below ground, at ground level, and above ground, which provide sensor data to larger systems.[10]These systems are in their infancy when compared to what is planned for the future. USNs are a major driver of the IoT for industry and government.

There are three main elements to an USN, which are sensors, tags, and communication/processing capacity.[11] From a complex physical cyber terrain perspective, the physical devices of interest are the sensors and tags. (The data from the sensors flows over networks, ultimately via fiber optic able, to processing and storage at data centers already discussed.)

USNs have three primary applications: detecting, tracking, and monitoring. Some examples include: 
Detection – Detect abnormalities in systems, identification of intruders / CCTV etc. 
Tracking – Supply chain management via RFIDs, tracking vehicles, and tracking people, etc. 
Monitoring – Health monitoring, environmental monitoring, recording rates of degradation of infrastructure like bridges and roads.[12]

USN’s paired smart software are the foundation of “smart cities.” A smart city is essentially a hyper-connected urban area which functions in an intelligent way by integrating all its infrastructures and services into a cohesive whole and uses intelligent devices for monitoring and control.[13]

Why are USN’s important complex physical cyber infrastructure? First, “sensing is at the heart of smart infrastructures, which can monitor themselves and act on their own intelligently.”[14] Future Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA) networks, Intelligent Transport Networks, and other smart systems will rely on remote sensing to operate.

The second reason is the sheer number of sensors which are going to be employed.

PlanIT Valley is a conceptual city in Portugal, designed to be a smart city testbed with a targeted population of 250,000. The planners’ intent is to place 100 million sensors in the city, or roughly 444 sensors per person.[15] In a single UA of 2 million people, one quarter the size of a megacity, that would equate to 888 million sensors connected to the Internet, not counting any other type of Internet infrastructure.[16]

USN platforms represent the key physical infrastructure required to create a smart city environment.[17]The volume of these connected devices blanketing a city will make them an attractive target for cyber operations. Seizing control of them in large numbers can be used for cyber effects operations, as the massive IoT-enabled DDOS attacks of the Mirai malware aptly demonstrated in late 2016. Or by taking them off-line, it can deny an enemy vital intelligence.

Remaining Key Physical Terrain

One attribute of the future cyber domain will be ubiquity. Cyber will be everywhere and so pervasive that in the future “cyber is no longer cyber.”[18] As everything is plugged into the Internet and conforms to a TCP/IP protocol, physical infrastructure related to mobile communications also becomes complex physical cyber terrain, such as cellular towers, and mobile base stations, along with “classic” telephone switching stations and satellite ground stations.

The volume of mundane connected devices within a UA will be staggering. Within a UA, there will be blue space (ours), red space (theirs) and gray space (neutral). All three of these spaces have significant surface and deep web portions, and some level of dark web.[19] The physical devices in the surface web and deep web will reach into the millions of individual connected devices. Each home will have a network with any number of connected devices. Each building will have its own network hardware in addition to the networks of its residents. Each business may have hundreds or thousands of connected devices.

Personal Area Networks

Interacting with these static devices embedded within a UA will be Personal Area Networks (PAN). A PAN “is a personal, short distance area wireless network, typically extending 10 meters in all directions, for interconnecting devices centered around [an individual.]”[20] Individuals today may have upwards of four to five personal devices interconnected upon their body such as a phone, smart watch, fitness tracker, GPS tracker, or Internet-enabled medical device. These devices are already designed to interact with their environment, such as phones syncing to cars for hands free driving, or apps granting reward points for walking into a particular store.

PANs will likely become vastly more complex by 2050. They will begin to grow around a person from shortly after birth. Wearable technology, technology embedded in clothing, and technology embedded within the body are all being explored. Interaction with the environment via augmented reality is likely to be ubiquitous. The PAN will move with the person, syncing with its owners’ home base, and virtual smart assistants, the future decedents of Siri and Alexa, will travel with an individual wherever they go on their virtual shoulder. Interacting often on a machine to machine (M2M) level without the owner’s awareness, PANs and their Artificial Intelligence (AI) assistants form the basis for the evolution of Sentient Tools.

Sentient Tools will be aware of their surroundings and able to make sense of and adapt to them. But more than that, the tools will have a social awareness of the people using them.[21] In a hyper-connected UA, these PAN’s will interact on a constant basis with each other and the millions of devices within a UA as individuals move through it. PANs therefore have obvious intelligence and operational value.[22]

Complex Virtual Cyber Terrain

Just as UAs have complex physical cyber terrain, they will have complex virtual cyber terrain. There will be more systems, with greater complexity, and with incalculable amounts of data generated on a minute-to-minute basis. Increasing data volume will drive the evolution of complex virtual cyber terrain and the most significant complex virtual cyber terrain faced in 2050 will be AI programs.

AI programs are the next logical step in computer programming. Future UAs will be overlaid with tens of thousands if not hundreds of thousands of discrete AI programs, sentient tools, machine learning systems and possibly autonomic computing. Autonomic computing for example, involves systems which are self-configuring, self-healing, self-optimizing, and provide self-protection.[23],[24]

As computer systems become more complex, the ability for individuals to manage the systems will decrease to the point AI programs will be tasked to self-optimize to most effectively execute their defined objectives. For smart cities to function, AI becomes a necessity. These systems will come from different vendors, be individually configured, and operate on systems large and small. Each AI program, through purpose and configuration, will become unique. The end result will be UAs in 2050 saturated with hundreds of thousands of AI-run systems, each slightly different then the next.

Running the Numbers

To add it all up, and using some admittedly very broad estimates for illustration purposes, for every one million people living in in a hyper-connected UA in 2050 there could be: 
1,000,000 AI-supported PANs. Each PAN has 5-10 devices in their immediate network, for a total of 5-10 million mobile connected devices, supported by AI systems, moving around and interacting with the UA on a constant basis with a social awareness of their environment. 
Between home and work, another 10-30 IoT connected devices per person, for a total of 10,000,000 to 30,000,000 additional connected devices in a UA, not counting USN networks. 

USN networks, while allowing for wide variances in density, formality, and connectedness of the networks UA to UA, averaging between 50-500 sensors and tags per person, for a total of 50,000,000 to 500,000,000 sensors or tags. 
AI programs and sentient tools big and small on a ratio of 1-50 to 1-100 per connected devices, not counting PANs or USNs, for a total of 100,000 (10,000,000 devices at 1-100 ratio) to 600,000 (30,000,000 devices at 1-50 ratio) additional AI programs per 1 million people. 

This means any given UA of a million people could have five to ten million devices directly linked to individuals, with another 10 to 30 million additional static connected devices, and 50 million to half a billion sensors and tags. And all of those devices interacting with a million PAN AIs and 100-600 thousand additional AI systems, some of which will be working together to run the essential services in the UA.

Extend those numbers to a UA half the size of a megacity, five million people, scaled to the high end of connectedness and formality of systems, and you get a hyperconnected UA with billions of connected devices and millions of AI programs – five million socially aware sentient tools alone directly linked to individuals. The UA will be blanketed with fiber optic cable, and the densest concentrations will be identifiable by having clusters of carrier hotels and data centers in the same geographic area.

Enter the City

A hyper-connected UA in 2050 will have networks of millions of sensors, which will allow the UA to perform the equivalent of seeing, hearing, touching, smelling and even tasting its environment. It will be operating through the individual and collective effort of hundreds or thousands of AI systems, reacting to sensory input from vast USN networks, and in conjunction with and on the behalf of PANs moving through its systems.

This massive level of connectedness will turn UAs from static pieces of concrete and steel into large-scale entities which can sense and react to what is happening within it. UAs may become independent actors in their own right operating on a M2M level. What if a city can take actions which are self-optimizing, self-healing, and self-protecting, to counter activities which are disrupting the UA? In essence, what happens when the city starts reacting to military operations autonomously to heal or even “defend” itself?[25]

This does not suggest UAs will develop an artificial general intelligence (AGI). But the massive numbers of AI systems in a UA by 2050, linked to USN networks, and managed via distributed data centers, means UAs will likely have capacity to autonomously react as those systems attempt to continue to execute their functions to the best of their ability in the face of military operations.

And these UAs, constantly interacting with PANs on an M2M level, will also attempt to interact directly with military personnel and equipment in unforeseen ways. These consequences cut across warfighting domains, as both complex physical cyber terrain and complex virtual cyber terrain play a part in a UAs ability to react.

To conclude, some broad hypothetical questions are presented for consideration if hyper-connected UAs with significant complex cyber terrain become “independent actors” within the cyberspace and land domains during military operations: 
How does a commander address a UA’s immune system response by AI systems detecting and reacting to military operations within the UA? 
How does a commander shield blue force “smart” military equipment and networks from disruptive M2M communications and millions of interactive PANs? 
Can a commander “recruit” a hyper-connected UA to operate in conjunction with blue forces? 

End Notes

[1] Jose Hernandez-Munoz, Jesus Bernat Vercher, Luis Munoz, Jose Galache, Mirko Presser, Luis A. Hernandez Gomez, and Jan Petterson, Smart Cities at the Forefront of the Future Internet, LNCS 6656, pp447-462, Page 449.

[2] Martin Libicki, Cyberspace is Not a Warfighting Domain, I/S: A Journal of Law and Policy for the Information Society. (2012) Vol 8:2. Page 324.

[3] Mad Scientist Conference 2016, The 2050 Cyber Army Technical Report, (7 November 2016) Page 5.

[4] The US Army Landcyber White Paper, 2018-2030, Army Cyber Command (9 September 2013) Page 7. Drawn from Mad Scientist Conference 2016, The 2050 Cyber Army Technical Report, (7 November 2016) Page 18.

[5] Ingrid Burrington, Networks of New York: An Illustrated Guide to Urban Internet Infrastructure,Melville House, Brooklyn, NY. 2016. Pages 20-21.

[6] Having physical access to an important fiber optic cable in a UA has obvious advantages. It can be tapped and monitored for intelligence. Data transmission can be throttled or blocked to choke off UAs from sensor networks, either virtually or via physical means. And propaganda, disinformation, corrupted data, and other cyber effects operations can be inserted into data streams via MITM attacks.

[7] Ibid, Pages 64.

[8] Ibid, Pages 65.

[9] Conversely data centers in other locations can and will impact the functionality of a local UA.

[10] Ibid, Pages 88-92.

[11] Ubiquitous Sensor Networks (USN)¸ ITU-T Technology Watch Briefing Report Series, No. 4 (February 2008) Page 1.

[12] Ibid, Pages 5-6.

[13] Gerhard P. Hancke, Bruno de Carvalho e Silva, Gerhard P. Hancke Jr., The Role of Advanced Sensing in Smart Cities, Sensors. (2013) Vol 13. Page 394.

[14] Ibid, Page 394.

[15] Ibid, Page 397.

[16] While USNs would likely not scale up on a strict 1-1 ratio, it is a good exercise to illustrate how quickly USN numbers can reach staggering proportions in a UA.

[17] Jose Hernandez-Munoz, et all, Page 450.

[18] Mad Scientist Conference 2016, The 2050 Cyber Army Technical Report, (7 November 2016) page 6.

[19] Ibid, Page 19.

[20] Ubiquitous Sensor Networks (USN)¸ ITU-T Technology Watch Briefing Report Series, No. 4. (February 2008) Page 3.

[21] Brian David Johnson, Frost and Sullivan, Science Fiction and the Coming Age of Sentient Tools, Computer, IEEE Computer Society (June 2016), page 95.

[22] For additional reading, Using the IoT to Gain and Maintain Situational Awareness in UDE and Megacities by Alfred C. Crane, Bringing Big Data to War in Megacities by Robert Dixon, and Flocking Phones & Drones by Alex Bittermand and Richard Carlo, all touch on interesting aspects of tapping into the intelligence and operational potential of what are identified here as PANs.

[23] Stefan Polard, Autonomous systems and Artificial Life, Ubiquitous Computing Smart Devices, Smart Environments and Smart interaction (2009) Pages 317-341.

[24] For example, imagine every personal home network having a router with a firewall with limited autonomic capabilities. A new piece of malware hits the firewall and is stopped by heuristic programming. Then, like trees which secrete chemicals to warn other trees of attacks, the wireless network disseminates binary samples with snort signatures of the malware to all nearby wireless networks. This snort signature is passed across the entire UA, wireless network to wireless network. And unlike trees which take days or weeks to warn and have other trees prepare their defenses, this happens 50-100 times a day at the speed of light, moving like virtual waves across vast areas of UAs.

[25] For example, an intelligent transportation network (ITN) notices massive abnormalities in normal traffic flows. A military commander may be trying to keep a particular main supply route clear, but the ITN begins adjusting traffic lights, reroutes self-driving cars, and sends out text alerts to citizens to identify detours, attempting to “fix” the traffic problem and steer people back onto the route the commander is attempting to keep clear.

No comments:

Post a Comment