Is there a reason every information system, every embedded technology and every damn piece of computerized technology must be connected to the internet?   Honestly, if I’m missing something then let me know.    The internet is great and for the purpose of global communication and information distribution it can’t be beat.   Yet there are times when this is not really the goal of a system and where connection is actually just a way of making things less secure.

I can give an example:  In my home there’s a system of thermostats.  They control the heat and cooling.   There are several, including a master that controls whether the furnace or air conditioning is on and off along with slaved controls for given rooms and zones.   They all interface with each other and the master one is programmable so you can have it shut off the heat at a given time or whatever you like.    Despite this it is utterly impossible for a hacker to somehow gain control of the system and start turning my heat on and off.

Why?   Because the only way a hacker could possibly do that would be to come into my home and splice into the two lead wire that connects the thermostats to the furnace.   They don’t have IP addresses.   They don’t have embedded servers.   They do have microprocessors and a simple LCD-based interface but it’s no more powerful than it needs to be in order to decide when the heat or air conditioning needs to be turned on and how high.

It might surprise some who were born into this internet-connected age that you can indeed have a multipoint, actively adjusted control system without resorting to using full blown personal computers, client-server systems, ethernet, TCP/IP, routing and packet forwarding.    In fact, it can often be better to do it without that kind of system.

I am bringing this up in the context of this ridiculous “Smart grid” talk that has been a big deal in the media.   A “Smart Grid” for, those who don’t know, is the whole concept of making the power grid more capable of remote power routing, active compensation for load shifting and things like that.   The claim is that it will make renewable energy more competative.  Of course this is all a lot of bull because the actual amount of energy lost in grid regulation is pretty small as is and no matter how “smart” a grid is, there’s still no avoiding the ultimate problem of always needing enough generating capacity to fill need.    If you don’t have the capaicty to provide for demand, then it doesn’t matter how much you mess with power routing, someone is going to be in the dark.

It’s also worth mentioning that many utilities are not even so hot on the idea of a smart grid.   Some have even suggested that they be allowed to charge more and provide less total power throughput on their actively regulated grid.

Meanwhile there have been reports that the whole issue of bringing the internet and software into grid management is opening up the possibility of a cyber attack on the power grid.  Gee, who woulda thunk, right?   China is just one nation which is suspected of conducting research on how the US power grid could be disabled by an internet-based attack. I agree with a poster on this article that Infrastructure is too important for the internet. But that does not mean we need a whole nationwide dedicated network of high bandwidth fiberoptics to control our power systems.   Nope.  I wonder why this level of complexity is even considered when one stops to think that the commands and data being sent to and fro are so simple and low in bandwidth needs that they only really need to have a few pulses of RF signals on the grid itself to transmit.   There’s no reason every single sub station needs a cable modem or a DSL connection to tell it whether or not to up the voltage on a given line.

Another thing that should be considered is that active systems are never as reliable as passive systems.   In this spirit I’d like to present a device that will beat the pants off of any “Smart Grid” control system for reliability in stopping overloading of lines or circuits:

Tada!

Of course this should not be in any way taken to suggest that I am against increasing active controls where they are useful.   Active control, smart circuitry and regulation does not require full blown computer networks and operating systems.   Your car, for example, is full of electronics which monitor the fuel mixture, adjust the engine timing and do all sorts of other things that can improve effeciency.   Do you need to wait for your car to reboot when you start it?   No, of course not.   These systems are embedded, hardwired and designed for one thing.   Unlike a general purpose computer, you can’t play Doom on your car’s oxygen sensor system.   Also, unlike a general purpose computer, you never have to defragment the storage on the oxygen sensor system or reset the IP address on it.

Here’s a little example I drew up.   The following device has no software, no processor, no ram and no storage.   It does one thing:  if the voltage level on a line drops bellow 20 kilovolts it alerts the network by sending two short pulses of a 1 khz tone over the power line.   You could have many different circuits like this each sending a different series of pulses to alert the network of a different event.   For example, two pulses every five seconds means that there is a minor under volt, four pulses means that there is a major under volt (more than half the voltage),  a continuous tone means that there is a major systems failure, a 2 khz tone means there is a major over volt etc:

This is not limited to monitoring only.   With a few relays and logic gates you can easily put together a circuit that does a task which might be defined as “If a signal of an under volt at a substation is detected then close a switch to provide more power to that substation, unless there are no more avaliable circuits left to provide additional capacity from.  If there are no additional circuits then decrease the voltage slightly on other stations up to 2% until the under volt warning signal stops, or if it does not stop by the time voltage has dropped by 2% then sound the alarm for a brownout.”

Yes, you can build a circuit that will do that, and only that.   It won’t be hackable and you also won’t be able to play doom on it.

Not good enough for you?   Need to do more complex calculations for load balancing?   Well then there’s an answer for that too.   The microcontroler:

Most of them are pretty simple and run a few lines of code, but some are powerful enough that you could play Doom on them.   But why would you want to?   The whole object here is to get a stupid little chip that does stupid little things and doesn’t worry about people telneting into it.

It’s also possible to have a central control system without using internet-based systems.   After all, railroads were able to control numerous switches and signals without assigning them each an IP address and putting in a remote administration server in each switch and signal light.   The systems were hard-wired by their own dedicated circuitry to the control centers.  In some cases the connection may have been by a radio link or even by signals sent through the rails, but it was never a full fledged inetenet-connected network.  These systems can send signals telling a light to toggle on or off, but you can’t play Doom on them.   Also, they’re very safe and reliable.

If there is the necessity to have flexibility or change things on the fly that can be done too, without resorting to full fledged network-connected clients at each station. If there is any software involved it should be in the central control point.   Settings can be changed without software changes.  Telling a sensor to ignore certain events or trigger on others is entirely doable with simple communications, closed systems and logic gates and microcontrolers.

By no means does this mean that things should necessarily be “low tech” either.  Modern solid state electronics, fast microcontrolers and sensors are all great, the problem arises when these are unnecessarily connected to the internet or are connected with things like personal computers running general-purpose operating systems with full software capabilities beyond what is necessary for the job.

Hell, you can’t telnet a system that doesn’t have a telnet capability, now can you?

Why on earth does the 787 have a flight control system that is in any way shape or form connected to the internet on the aircraft?   Hell, why is the flight control system even IP-based?   Why not just just use a self-contained embedded system?  Instead of having the flight control system interface with the passenger internet system so that the pilot can turn it off by means of software, why not just have it independent and if the pilot wants it turned off he can have the flight attendant pull the plug out?

I’m starting to think that system designers need to consider some basic truths:   Simple is good.    If you are talking about putting a firewall on a computer that runs the grid or controls an aircraft, then ask yourself, why the damn thing is connected to the internet in the first place.   After all, you can’t root a system without a root account.   You can’t break the password of a system that doesn’t have a password but instead is just administrated locally.   You can’t change the instruction set on a system which is hardwired to do one thing.

The best programing language is still solder.

---

This entry was posted on Wednesday, April 22nd, 2009 at 12:33 am and is filed under Bad Science, Good Science, History, Misc. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

---

View blog reactions