Engineering R&D Solutions for Unhackable Infrastructure

MIT co-hosted ERVA's visioning event that convened top researchers from various sectors to consider the theme of Engineering R&D Solutions for Unhackable Infrastructure.

The goal of ERVA visioning events is to identify specific areas that are nascent or require additional exploration with the potential for the greatest return on investment.

Theme Overview

The systems and infrastructures of tomorrow will be under continuous attack by increasingly sophisticated adversaries who will leverage, among other things, new generations of software virus technology and techniques borrowed from AI. Finding more effective and advanced ways to prepare for and respond to attacks is critical to both current and future societal-scale infrastructure systems and services.

In this ERVA visioning event, we considered gaps in today's security technologies and new ideas and visions that could steer future research toward areas of much-needed innovation in computer security as we know it. Said another way, we asked what tomorrow's "unhackable infrastructure" could look like with non-incremental advances in security R&D and engineering.

ERVA's charge is broadly to identify specific research areas where additional investment can have transformational change and help mobilize the engineering research community to provide innovative and non-incremental solutions for societal benefit. This visioning event included discussion of both future infrastructure requirements and scenarios, and future innovations in security that protect this infrastructure. We look to document fundamental engineering problems, technology needs, and opportunities, and to create actionable recommendations for consideration by researchers and experts in the community.

Unhackable Infrastructure

While developing a notion of "unhackable infrastructure" was part of the visioning exercise, we see "infrastructure" to include at least four key components that come together in delivering modern digital services: 1) physical infrastructure (assets, hardware), 2) software and algorithms, 3) data and communication networks, and 4) human beings who are involved at multiple levels (e.g., users, operators, security administrators, advesarial elements). This makes modern and future infrastructures highly complex sociotechnical systems. Persistent security threats and lack of comprehensive approaches for protecting current and future infrastructure is one of the main engineering challenges of our times.

The notion of "unhackable" includes the ability to ensure safety, security, and trust in essential systems and services that our society relies on. They must be protective of human safety and their well-being, and adaptive to unexpected changes. This entails maintaining trustworthiness in a wide range of situations, including actively resisting adversaries (both known and unknown), robustness to failures, and resilience in the face of systemic risks. Developing context-driven criteria and pathways to advance this aspiration can have far reaching impact on how future infrastructures are built, operated and maintained, and in particular support the creation of a robust security ecosystem.

To truly be unhackable, the infrastructure needs to be robust against an enormous array of attacks/problems that could occur, and to have the accompanying solutions to deploy countermeasures including immediately identifying the source of the threat. System interactions with more “hackable” humans and legacy systems needs to also be considered. Additionally, an unhackable infrastructure would need to know what humans can do so intimately that the infrastructure system is prescient. Unhackable infrastructures enable responsible and safe operation, system-wide situational awareness, and quick recovery from disruptions. They also promote new business models to advance the security ecosystem and shape market competition in a direction where service providers need to provide resiliency guarantees to remain competitive.

Breakout Sub-Themes

Key Issues and Questions surrounding the theme of Unhackable Infrastructure

Future Technology Addressing the Role of Humans - Studying the role of humans as both adversarial actors and and key elements in engineering security technologies. Discussing how individual actions are shaped by uncertainty and how collective behavior emerges.

Measuring and Verifying Security (Metrics) - In a highly dynamic and uncertain environment, how do we measure and validate security?How can metrics be used to facilitate the development of more secure building blocks and, where appropriate, imposing differentiated access/responsibilities based on levels of trust.

Future Approaches to Autonomous Security - Monitoring and predicting attacks over complex networks. Leveraging data science (ML, RL), decision science, and other technologies and approaches to automate security functionality.Leveraging approaches to detect, isolate, and respond to attacks.

New Approaches to Resilience in Interdependent Infrastructures - Recognizing the inevitability of system compromise and the risk of cascading failures. How can we engineer situational awareness, detection, recovery, and adaptation to ensure implementable recovery that is safe, secure, fast and practical even in resource-constrained environments?

Architecting Trustworthy Systems - What platform features do we need, and how can such building blocks work together in complex infrasturctures. How should a core set of platforms be architected to process large amounts of data collected from untrustworthy components embedded in the real world? How do we manage supply chains and how do they impact the trustworthiness of future systems? What do we need to ensure quantum safety?