chevron-down Created with Sketch Beta.
January 01, 2018

Handbook of System Safety and Security, Edited by Edward Griffor

Reviewed by Michael Aisenberg

Book reviews are an infrequent feature of this publication, as exigencies of timeliness dictated by publication schedules make identification of review-worthy volumes difficult. Rarer still are reviews of volumes that are more likely to be regarded as reference works or academic texts than as useful volumes on the discussion of topics germane to the charter of this quarterly from the ABA’s Section of Science & Technology Law. It is thus remarkable to me that I both identified a volume of sufficient uniqueness and, having read it, chose to review it. And it is rarer still that my colleagues on the editorial board for this journal concurred in my judgment.

Within the legal profession, and among professional publications, book reviews are of most utility when they direct practitioners toward works discussing useful concepts such as techniques enhancing professional skills or novel technologies, litigation strategies, emerging policy directions (especially inaugurated by obscure governmental bodies), and analyses of conflicts in appellate review suggesting areas of policy direction that might result in changed regulation, enforcement, or interpretation.

My justification for consuming space, ink, and your time in reviewing the new Handbook of System Safety and Security (Handbook) is that it will likely be a game-changing utility (at least for a period of time). The Internet of Things (IoT) ecosystem is characterized by a widely acknowledged paucity of useful publications. Practicing attorneys, including litigators and corporate counsel, policy makers, and industry insiders may all find this book useful, as the Handbook should help to dispel “mythology,” clarify confusing concepts, and reconcile apparent contradictory definitions in the ever exploding IoT space (including its subsect Industrial Internet of Things (IIoT), cyber-physical systems (CPS), and industrial control systems (ICS)).

The corporate counsel subset of this putative audience will especially find this volume to be both clear and accessible in the manner that is often helpful in writing short due diligence memos when relying on extrinsic “authorities.” This utility is important, because in the IoT-et al. space, there is really very little literature of any sort that is “authoritative,” and generalists in every area of practice and policy need accessible and “actionable” reference literature in novel areas of technology with which they are not personally and or intimately familiar.

In the IoT world, there are no controlling global IoT treaties, there is no seminal federal legislation, or even a designation of primary agency responsibility. Like other mega-issues including “cloud” and “breach” where existing policies have been held to apply, if consumers are impacted by IoT abuse, the Federal Trade Commission’s generic consumer protection expertise may apply, but there is little opinion or reference literature supporting it. Federal agency IoT security posture, including attacks against federal critical infrastructures, may fall under Department of Homeland Security (DHS) jurisdiction dictated by the Federal Information Security Modernization Act (FISMA II) and Office of Management and Budget (OMB) Circular A-130, but don’t waste a lot of time searching for guidance on how DHS will apply its security oversight mandate to federal agency IoT/CPS/ICS environments.

In the current standards community, IoT is characterized by such a profusion of standards activity that there is a real risk of validating the standards community’s maxim that “too many standards is worse than no standards at all.” In 2015, the Open Group published a catalog of then extant “IoT-related standards activity,” including voluntary standards developing organizations and state-sponsored activity; their table had 63 entries. At last check in early 2017, the number had ballooned to over 200 committees at work developing standards for IoT, CPS, and ICS.

In the area of system security, there is some progress in a recently released National Institute of Standards and Technology (NIST) interagency report, based on the prior unpublished draft report of the two-year NIST-hosted joint public-private CPS working group (PPWG). But this document has no authoritative status, and the underlying report lay unreleased for over a year between the final draft dissemination in September 2015 and the adoption of its key points in the recent NIST interagency report. In addition, the voluntary industry body, the Industrial Internet Consortium (IIC), has produced several valuable works, including an IIoT Reference Architecture in 2016.

Among this extant literature, the PPWG draft is significant, because several of the authors of the Handbook were leaders or active participants in the working group and principal contributors to the draft report. The 200+ page PPWG report is, however, characterized by complexity and of limited utility to nonengineers, devoting its first chapters to the development and explanation of an entirely CPS whole-cloth vocabulary and taxonomy that many have found “impenetrable.”

The Handbook exhibits none of these handicapping characteristics. While titled as a “handbook,” it is organized in a progressive manner, introducing foundational concepts in its introduction and early sections, authored by editor Ed Griffor, former IoT lead for Fiat Chrysler and now deputy director of the CPS program at NIST.

Like other similarly positioned “seminal” works relied on by both academics and practitioners, such as James Martin’s Future Developments in Telecommunications and Warwick Ford and Michael S. Baum’s Secure Electronic Commerce, this volume should find a place in serious university curricula as well as on the desks of practitioners who will likely dog-ear its pages as they cite key phrases and sections in briefs, memos, and PowerPoint decks.

While the Handbook is the product of no fewer than 22 PhD contributors, a sufficient number of them have also been “corporate staff,” and so their writing for this volume is neither gratuitously technical nor dependent on the reader learning an unfamiliar vocabulary in order to understand and apply its learning. (However, there are sections, such as the discussion of security modeling, and an entire chapter on “The Algebra of Systems and System Interactions with an Application to Smart Grid,” which are laced with a fair portion of equations.)

The development of this volume is (like a Scientific American article template) technically progressive, with general concepts introduced early and more complex concepts introduced in later chapters. Foundational discussions in the three chapters comprising Part I include the composition of systems; a detailed development of the role of modeling in systems design, applications, physical system models, and environmental models; and the nature of interactions among the various model types.

Part II introduces the focal topic of security, with a healthy dose of practical discussion on “the business of safety” illustrated from the automobile industry, and a thoughtful discussion of the role of cybersecurity in commercial enterprises. Risk management and assessment applied to CPS environments are also introduced and discussed at length with useful graphic materials, culminating in discussions of risk engineering and a case-study analysis of blockchain technology, including the “risk engineering of cryptocurrencies.” These discussions may prove to be the most valuable as reference work to practitioners, dealing as they do with the conceptual aspects of the foundational issues of this novel domain of IoT/CPS/ICS.

But if Part II is a useful reference, Part III of the Handbook will be fodder for those who are seeking analysis, if not validation, of “conventional wisdoms” applying and linking the safety and security discussions of Part II to the cloud, mobile/wireless technologies, and smart grid environments.

Repeatedly, the panel of authors adopt journalistic clarity as their motif, organizing sections into telling the reader what they will address, addressing the concepts, and then recapping what they have discussed. While some experts may find this approach simplistic or even condescending, as a research aid for those seeking sources and authorities for basic learning or due diligence, this approach to technical concepts is useful and comfortable.

It is important not to “oversell” an assessment of the utility of this volume; it is not likely to be the single, dispositive authoritative volume on IoT/CPS security. It may indeed prove to be time bound, as its subject technologies will inevitably morph and advance. But any general caution and reticence about book reviews is here tempered by a legitimate exception: this work should prove to be useful to those in search of an accessible discussion of the technical engineering concepts underlying the IoT/CPS/ICS domains, the resources necessary to add credible substance to due diligence and research-based writing, and an understanding of the present limitations of reference materials on risk and security applied to these domains.

In the present environments of industrial policy and legal practice, with the cacophony of voluntary standards artifacts and the absence of definitive IoT public policy guidance, this thoughtful volume will provide both learning and quite useful conceptual reference not readily aggregated in a single volume elsewhere. u

Reviewed by Michael Aisenberg

Michael Aisenberg ([email protected]) is principal cyber counsel at the MITRE Corp. He is co-chair of the ABA SciTech Information Security Committee and an assistant editor of The SciTech Lawyer.