|Read the Digest in
You need the free
In this issue:
Browse through our useful links.
See our article archive for complete articles.
Sign up for your free subscription.
Visit our Continuous Availability Forum.
Check out our seminars.
Check out our writing services.
Check out our consulting services.
Security and the Internet of Things
The world is moving rapidly toward the Internet of Things (IoT). In the near future, all of our everyday devices, from our refrigerators to our lights to our door locks, may be interconnected via the Internet. The IoT may well become a hacker’s paradise. How would you like someone to break into your home by unlocking your doors via malware infecting your toaster?
Already, major airliners are hotbeds of IoT. Everything is fly-by-wire. The aircraft’s avionics, the cabin control systems, the in-flight entertainment (IFE) systems, and the air-to-ground Wi-Fi networks are all connected by an Intranet. True, the avionics and other plane controls are separated from the passenger facilities by firewalls. But can the firewalls be breached? Can a passenger commandeer the airplane by hacking through the IFE’s seat box located under each row?
Experts say no. However, one security researcher not only says yes but claims that he has monitored cockpit traffic on several flights in this way. Even more concerning is that he says that he has taken control of an airplane in a simulated environment in his test lab.
If security of the IoT is to be taken seriously, this is a wake-up call. Our seminars in high availability discuss security issues such as this.
Dr. Bill Highleyman, Managing Editor
In 2012, American Airlines replaced the 35 pounds of paper navigation charts carried by its pilots with iPads that display navigational charts upon request. However, with no paper charts, the pilots had no backup if their electronic charts failed.
In April 2015, dozens of American Airlines flights were seriously delayed because pilots were not able to access their navigation charts on their iPads. Pilots had to return to the gates to reboot their iPads and to pick up paper charts as backups. The problem turned out to be an error in the chart app supplied by the company that provides both paper and electronic navigation charts for the flying community.
Both my wife and I are general aviation pilots. We use our iPads as electronic flight bags. However, we always have paper charts with us just in case the iPads fail for whatever reason. Without paper charts as a backup, we then would be without navigational information.
The lesson? Every electronic system needs a backup to ensure availability.
Many states in the United States have been hit with a tremendous drought over the last four years. California, Texas, and Oklahoma have been particularly hard hit, and California has put severe water restrictions in place.
Datacenters are notorious users of great amounts of water to cool their systems via massive chillers. The new NSA datacenter in Utah is reported to use 1.7 million gallons of water per day to cool 100,000 square feet of computer equipment. Microsoft’s San Antonio datacenter in Texas uses 8 million gallons of water per month.
How are datacenters handling this drought? For the most part, they are continuing to operate as usual and are guzzling water. Some are having to truck in water. But there are more efficient ways with respect to water usage such as desalination and air economizers. These technologies may be too late for existing datacenters, but they certainly should be considered for new datacenters.
When we talk about disasters that can take down a datacenter, we usually mean earthquakes, floods, fires, riots, and the like. Hopefully, the datacenters of the future will add “drought” to the list.
The flight controls of major jets are controlled by complex computers that connect to major flight systems by an Intranet-like Ethernet bus using IP addresses. In many airliners, the passenger in-flight entertainment systems (IFEs) are also connected by an Intranet; and in some cases these networks are not segregated. Rather, they are separated by firewalls.
Could a hacker access a plane’s flight controls via the IFE system while sitting in his seat? Chris Roberts says yes and claims that he has done it. Roberts built a test lab and found successful ways to do so. Roberts has been issuing warnings about vulnerabilities in IFE systems for six years.
On a recent flight, Roberts jokingly tweeted that he would drop the oxygen masks. At his destination, he was escorted off the plane by FBI agents, who seized his computer and iPad. He was interviewed by the FBI for several hours before being released. He has not yet been charged with any crime.
Is Chris Roberts a hero, an irresponsible hacker, or a hoax? Only time will tell. But the story he brings to the table is compelling and one that speaks volumes about the security future of the Internet of Things.
Fault-tolerant HP NonStop servers have come a long way from their origin as Tandem Computers. While retaining their full fault-tolerant capabilities, they have moved from proprietary hardware and software to become increasingly more open, with a Unix-like operating system and support for modern programming languages such as Java. HP has now taken the final step in moving NonStop servers to commodity technology by migrating them to an x86 architecture. These new servers are known as HP NonStop X, and they are configured as standard HP blades.
The NonStop X blades are only half-height, allowing 16 processors to fit within a standard HP c7000 chassis. Perhaps the most dramatic improvement for the NonStop X is the use of InfiniBand for interprocessor messaging. Important for the future, connecting NonStop servers with InfiniBand means that they also potentially can communicate with HP-UX, Linux, Windows, and OpenVMS blades in the same enclosure.
In the early Tandem days, it was said that Tandem computers were the best-kept secret in the IT industry. Almost no one outside of big financial and telco firms had ever heard of Tandem. With HP’s firm commitment to the NonStop product line, hopefully this perception will become a thing of the past.
A challenge every issue for the Availability Digest is to determine which of the many availability topics out there win coveted status as Digest articles. We always regret not focusing our attention on the topics we bypass.
Now with our Twitter presence, we don’t have to feel guilty. This article highlights some of the @availabilitydig tweets that made headlines in recent days.
Sign up for your free subscription at http://www.availabilitydigest.com/signups.htm
Would You Like to Sign Up for the Free Digest by Fax?
Simply print out the following form, fill it in, and fax it to:
+1 908 459 5543
The Availability Digest is published monthly. It may be distributed freely. Please pass it on to an associate.
Managing Editor - Dr. Bill Highleyman email@example.com.
© 2015 Sombers Associates, Inc., and W. H. Highleyman