See things clearly
In my last blog about data flow and the development of ‘autonomous vehicles’, I argued that,
“...while the dream of a safer, and more efficient, road transportation system is worthy, it won’t be happening on a large-scale anytime soon...
...computers aren’t yet intelligent enough to reliably make safe, on-time decisions about everyday driving problems...”
A few days later I read about a U.S. National Research Council (NRC) investigation into automated software control systems in cars.
A number of the NRC report’s findings stand out:
“Finding 2.2: Electronics systems are being interconnected with one another and with devices and networks external to the vehicle to provide their desired functions.
Finding 2.3: Proliferating and increasingly interconnected electronics systems are creating opportunities to improve vehicle safety and reliability as well as demands for addressing new system safety and cybersecurity risks.
Finding 2.4: By enabling the introduction of many new vehicle capabilities and changes to familiar driver interfaces, electronics systems are presenting new human factors challenges for system design and vehicle-level integration...”
The world is becoming more reliant on flows of data, and the transport sector is no exception.
But, like most sectors, transport needs more clarity as to how flows of data interact with the assets of the business. Indeed, other parts of the transport industry have been investigating issues related to flows of data.
For example, a piece by Jeff Wise of Popular Mechanics summarises the findings of French investigations into the 2009 crash of Air France Flight 447. Data stopped flowing because
“...its speed sensors became iced over, and [then] the autopilot disengaged. In the ensuing confusion, the pilots lost control of the airplane because they reacted incorrectly to the loss of instrumentation and then seemed unable to comprehend the nature of the problems they had caused. Neither weather nor malfunction doomed AF447, nor a complex chain of error, but a simple but persistent mistake on the part of one of the pilots...”
Flight 447 was an Airbus 330, a fly-by-wire aircraft, where conventional manual flight controls are replaced with an electronic interface.
Wise concludes with an excellent point,
“...Over the decades, airliners have been built with increasingly automated flight-control functions. These have the potential to remove a great deal of uncertainty and danger...But they also remove important information from the attention of the flight crew...When trouble suddenly springs up and the computer decides that it can no longer cope...the humans might find themselves with a very incomplete notion of what's going on. They'll wonder: What instruments are reliable...What's going on? Unfortunately, the vast majority of pilots will have little experience in finding the answers.”
The European Network and Information Security Agency (ENISA), recently published the “first EU report ever on cyber security challenges in the Maritime Sector.”
Key findings include,
“...Due to the high ICT complexity, it is major challenge to ensure adequate maritime cyber security. A common strategy and development of good practices for the technology development and implementation of ICT systems would therefore ensure “security by design” for all critical maritime ICT components.
As current maritime regulations and policies consider only physical aspects of security and safety, policy makers should add cyber security aspects to them.
We strongly recommend a holistic, risk-based approach; assessment of maritime specific cyber risks, as well as identification of all critical assets within this sector...”
If this “security by design” for maritime systems is looking at a technological approach to cyber security, it ignores the Cyber Risk Framework on page 14 of the World Economic Forum’s “Partnering for Cyber Resilience Principles and Guidelines” report. The Framework highlights that people, process and technology all need to be considered for cyber security.
For me, that’s the key to all of these incidents – the need to consider people, process and technology, when looking at how data flows throughout systems.
The Airbus 330 incident shows how the technology didn’t deliver the information the people needed, and the processes they used to interpret the data were flawed. The findings in the NCR report highlight the same issues for companies like Toyota and Jaguar, where the proliferation of interconnected technology in cars changes the way people need to interact with a vehicle, and the information it is giving them.
Regardless of where we are – land, sea or air – it’s only by considering the interdependencies between people, process and technology, that we will set a course for a successful journey into IT’s future.
Add a Comment