IGF 2021 - Day 2 - WS #239 The Internet of Things is a Ticking Clock: Secure Design Now

The following are the outputs of the captioning taken during an IGF virtual intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.



>> MARK DATYSGELD: Hello, Everybody.  This is Mark testing audio.  As you can see, I am sort of from Poland.  Hopefully You can hear me.  If anybody can give me a shout.

>> Yes, we can see you.

>> MARK DATYSGELD: It would be good we get assigned cohost in case we need to kick people out and things like that.  Thank you for your support.  Please make me a host.  Jaewon Son as well.  And Jackie Deany as well, and (?) supporting us today.  With the four of us as co-hosts, I think we should be good.

>> We all live in a digital world.  We all need it to be open and safe.  We all want to trust.

>> And to be trusted.

>> We all despise control.

>> And desire freedom.

>> We are all united.

>> MARK DATYSGELD: Hello, everyone.  Are we on?  Can you confirm me, Savyo, that we are on and live for the entire world to see?

>> I think yes, yeah, yeah.

>> MARK DATYSGELD: Hello, everyone.  It is a great pleasure to have you all today with us.  This is actually continuation of a panel we hosted last year.  We had a very fruitful discussion on what exactly is the future of IoT in relation to its security.  And I think that our outcome, my panelists can correct me if I'm wrong, but I think that our outcome was very much that we need security by design.  Now, you may say, what's the big innovation there?  What's the big idea?  Well, first of all, at least we can consensus, that seems like positive enough for an IGF session.  But more than that, we discussed some avenues to reach that could be carried out.  I see some people who are in last's year panel are here today as well.  So, welcome back to our audience.  You're less of an audience and more as participants in the panel.  I would like to think this is a very interactive discussion.  Please share your view with us.  I will be monitoring the chat.  Everybody in the session as well, we have Jaewon supporting us, also monitoring the chat.

And without further ado, I would like to get to the point, how we get security by designing IoT.  Just to get back to our previous discussion, we were exactly getting to the point that without engaging with manufacturers, without establishing a system within the industry, this would be a very difficult task.  We actually need policies.  We can't simply rely on the goodness of people's hearts, because it is not so much so a matter of people not wanting their devices to be secure.  It's more of a matter of how do we actually get this in the system, right?  What is the system that we can establish to actually try to get to the results that we Dyer?  What kinds of policies are we looking at and what kinds of mindset do we need to establish?

So, to get our conversation started, I would very like to ask our good friend Edgar Ramos, who will share policy insights with us.  He's a man of the industry.  He very much has his hands on this matter in a very physical way.  So, it would be really interesting to hear your thoughts, Edgar.  Over to you.

>> EDGAR RAMOS: Thank you, Mark.  Yes, hopefully you can hear me well.

>> MARK DATYSGELD: Perfectly.

>> EDGAR RAMOS: The idea is that today we live in a world where, basically, is all or nothing whenever you get a service.  So, basically, every application, every IoT service, we are trying to get, basically, comes with a user agreement.  And then there is a tick 1 box say you accept this.  If you don't accept it, there is something in the text that you thought, well, I'm not okay with this, but then it's either you take it or leave it.  You don't have more options.

And part of the problem is that this huge user agreement that you have, basically, it's not or it haven't been yet done in a way that can be digitalized and it can be made possible to even negotiate and comment saying, here you say you're recording all my data in China or in U.S.  I'm a European citizen.  And I would like my data to be in Europe.  So can I negotiate this part?  Even so, there could be other things like nonfunctional requirements, these with are talking about privacy and other things.  But also it can be things like logistics.  You come and you make an agreement and you say, well, you know these are the bananas that you're going to transport from point A to point B.  You have to keep these bananas from 15 to 20 degrees refrigerated.  And then that is an agreement that you do, basically, in your convent.

But then could you actually propagate these agreements even further to your machine so that they understand that this kind of new container that is coming which has bananas has to be kept between certain conditions.  So, this is what we call the policies.  The policies are nonfunctional requirements which are, basically, regulating the interactions between businesses, between people, and even regulation between governments.  So the government might have regulation imposed in the people, like such as you have to declare your taxes after whatever period of time.  That's a policy.  And it was given by the government.

So, then these kind of things, we are looking at ways how can we actually dynamically express them so that you could actually negotiate them.  That's one of the things; enforce them; or monitor them because many times you cannot be able to enforce them.  But you can at least monitor and say, this policy was a conditional.

So, all this is giving the possibility that in the future there could be new business models where you could do this kind of customization so the industry and consumers could have the power to, for example, have a profile of policies where it says, okay, all the data that is referring to my personal data, so that is referred to me, has to be processed in my own equipment, for example.  And then when you get a service agreement, they might be service agreements that they are okay with that and there might be service agreements that they are not okay with that.  And then they will tell you, by the way, you have this policy that is in conflict with our service, so either you accept negotiated it or we cannot give you the service.  But they could be maybe a competitor which has a similar service and then, actually, can provide you the service that this other company couldn't do.

So, then the idea of this dynamic policy is to give a new tool for the industry and IoT in general so we can have more power position.  We can also have more control of how the things are going to be done.  And then also model these nonfunctional requirements, which are very important in use cases, and somehow it has been overlooked because everything is normally done legally with legal agreements or the user agreements.  But then you could have this deed or contract today that can be helping to develop this kind of policies in that sense.

Then there is also working in tens.  I don't know if you have heard about it.  But they have some internet-based networking, for example, and even application so that you give a goal to a system and then the system with AI try to make that goal true.  Then with the hub of policies, you could regulate how this in terms are supposed to be made true.

This is research at the moment.  The only thing that is close to something like this policy description is one language called Tosca, but then we have been looking at is it really possible to be used for IoT applications and so on.  But there are other type of options that have to be explored.  And then also we have to look at this negotiation options and then how finally this comes everything together and put in a framework that can be interoperable and working everywhere.  That's the idea of the policies.

>> MARK DATYSGELD: Thank you very much, Edgar.  Apart from bananas, which was my main takeaway, I do think that you bring a very interesting point forward.  When we talk about policies, we usually discuss this within a very specific context of what policy is and you bring a very specific angle of this which helps corner our discussion very well.  And I think, kind of, leads very well into Martha's discussion.  I think that what Martha, at least conceptually what she wants to bring today drives into that, which is what has been the practical implications of the different policy approaches that have been going on?  What are we looking at right now?  What are we looking for in the near future?  So it's a pleasure to have you today, Martha.  And if you could enlighten us, it would be great.  Thank you very much.

>> MARTHA TEYE: Sure.  Thank you, Mark, thank you for this opportunity, and thanks, Edgar, for your remarks and your presentation.  I mean, yeah, it totally makes sense.  And I would build upon that.  First start by looking at what COVID-19 brought as far as IoT was concerned.  And we all have thoughts that probably there would have been like a big shift or transition into IEP once COVID came.  But internet had more traction, more traffic and stuff like that.  IoT seemed (?) side but gradually it has actually improved.  And IoT devices are used in our environment and almost all the time.  But then we realized that these tend to affect the actual metrics around them.  So, we are looking at once IoT in the healthcare, smart TTs, what stresses they are bringing.  We can see some sort of financial stress and it brings us back to the question, even when we talk about policy in terms of, like, data security and all that, what are some of the economic policies that can also be addressed to help with this health -- the financial crisis that this might bring because we see that now this IoT devices do not come cheap.  And as people use it or as problems come, for instance, one example I like to use is the -- there will 16, that's the 5G release, 16 3GPP which was delayed by three months due to COVID.  That alone is a setback.  I mean, that came in the area of IoT.  And then realized that even a setback, as I releases which are going to come after that are also going to be affected with some sort of delay.

So, it is very important that the industrial enhances the unexpected question.  Those of us that work with IoT, like, manufacturing, devices, it's a very crucial to look at in that regard.

Now, we see that, like -- we talk about data management, AI and computing, which are some of the trends that we should expect in IoT as time comes on.  An example is smart TTs.  Now going forward, we expect that isn't just the customers or the consumers that would be using the IoT devices.  No.

So, it means that this (?) would also be make and collect data and on their own, through video and surveillance and other things.  So, then that comes into play when (?) mentioned by consent data agreements, I'm not comfortable with all of these.  Now here is the case where the smart devices would be collecting this data and managing it.  How secure are we, then looking at and providing just our data, like private and personal information, and now IoT it intrudes personal privacy almost every time.  So, how then do we see to drive this in such a way that we as the consumers, we see in 5G, which is now connecting people faster and now China is, actually, one of the top nations that are, actually, leading in this IoT innovation because of 5G.

I believe that the EU and other continental nations need to double up to compete with growing influence over let's say China so it doesn't look like most of these innovations are just being owned by just a single source so that there is more, shall I say, collaboration to protect people's data, to protect people's information and also to facilitate international data transfers and all of that.

That said, I think IoT really, really, really has this, shall I say, connection with edge computing and that is one of the key things that right now is dear to me and I think some organizations have started working towards looking at the bridge between IoT edge computing so to say that, for example, if we have an autonomous vehicle which we see them coming up as something that is rising and now we are able to see that they are good drives on the road, it collects signals, data on pedestrians who are crossing, maybe signs, traffic lights and roads and all of that.  But (?) needs to stop all in an event of maybe an accident or something, it needs to send data back and forth to the cloud, and honestly, it is quite, shall I say, a longer time in central processing that bar cloud back and forth.  But then if we should be able to incorporate, like, edge computing into this, it brings us to a state where we can now have, like, census to the vehicle to process the data locally in realtime --

(Audio difficulty)

>> MARTHA TEYE: Micro seconds and (?) and then that makes it even a better option for us and even a better -- so it all boils down to, I mean, trying to get these systems intertwined to reduce all the time -- I'm sorry, the down times and to improve the predictions that are made by these AI systems that drives these IoT applications.

So, that being said, I think IoT is still going to be the future and some of the technology road maps might be blocked due to circumstances that we do not see.  But then the industry needs to be prepared for it.  Recently I joined the class of excellence of the investor guide tour working on classifying ecosystems and this time around we are trying to research into how to make your own DIY recipes that would enable, like, smarter industries, smarter cities and to be able to collaborate.  I mean, in terms of collaboration, looking at living and nonliving things, when I say nonliving things, I mean looking at robots and the like.  These are going to drive and then we need them to be more sustainable.  So, driving them to enable us work world, yet trying to reduce implications that we might have.

And this all deals with, like, getting right policies in place, getting right people who think and collectively and then do not think just within one sector.  That is why collaboration is so necessary and needed when that comes into play.  And I believe that going forward, our discussions would not have to be probably on looking like the threats that IoT poses to us.  But, rather, looking at how we can make this the new normal, the new things to embrace and then just us (?) be able to live in that day when we are all good to go.

So, basically, I think that will be my submission to ask what I said and, yeah, you could contact me to talk more about this, because I'm really interested in stuff like this.

>> MARK DATYSGELD: Thank you very much, Martha.  What I get from your position is somebody has a positive look on IoT.  That's actually great (chuckles).  Somebody thinks it's going to be just fine.  And I get about what you're saying.  This has been the promise for quite a few years now, right?  This has been the promise that IoT will actually deliver us great solutions.  But in a lot of senses, it has been mostly about how do we say hello and light up the house rather than life-transforming solutions that we are looking for.  But hopefully we are getting there, or at least that's the general idea.

>> MARK DATYSGELD: I see we have a raised hand from Wathagi.  Wathagi, is your question related directly to what Martha was saying?

>> WATHAGI NDUNGU: Thank you, Martha, that was really cool, and yeah, I do find this talk very interesting as well and and that my problem that I see is the most is regulation.  As you know, there's a new IoT device security law coming up in the EU and also a few other bunch of laws that will also affect regulation on IoT devices, such as the e-privacy regulation that will come in in Germany already.  There's a law that has come in that already affects IoT devices (?).  So, there's already a problem of regulation smart city environment and I feel like we already have too many constants.  We cannot keep saying that, oh, yeah, we have this problem (?).  When we haven't (?) the policies we have.

I think we can look for solutions that are not just more regulatory.  We can look for more probably citizen centric solutions, for example, things like building data trusts.  I know you proposed a case for edge computing, which is good, yeah, but I think that also other solutions that are also good, like (?).  I attended a session yesterday that talked a bit about it.  And also building things like data trusts, like some privacy by design solution that also are for security, and I was wondering, like, how all these laws will even affect each other.  But also there's a new artificial intelligence, I think everyone heard about it, and they proposed a solution for the regulatory sand boxes.  So if everyone is dealing with these issues in their own way, every single sector, obviously, there will be overlap and some sort of confusion.

And I was just -- my approach would be more citizen centric solution, because at the end of the day, it's who is using and I was just thinking if we just all -- (?) okay, fine, we are going to make more laws and (?) says, okay, we are going to make -- we are going to come up with more cool things to solve this security problem, maybe we will get a little lost.  But I get that's why we are the IGF anyway because it's stakeholder.

Yeah, but I just wanted to, like, suggest a more citizen centric approach.  Where we really put the citizen at the center of the solution because at the end of the day, what we want to do is to make life easier for the citizen with IoT.  That was just my comment.  Thanks.

>> MARK DATYSGELD: Yeah, no.  Thank you very much for broader context.  Wathagi is not a host but she could be in this panel.  I will bookmark this point and turn it into our first debate question.  Right now I will hand it over to our final panelist and we will get to that question when he wraps up.  So, panelist, please start thinking about your impressions on what has been said.  And in the meantime I will give word to our in-person panelist, the one who is holding together the entire venue on his shoulders, my good friend and IoT specialist Savyo will discuss the implementation side of a standard for IoT.  What does it actually look like, what does it actually feel like.  He is going through this right now as a matter of going through his post degree.

So, Savyo, it would be great to hear your impressions of what is actually looks like from the inside.

>> SAVYO VINICIUS: Thank you, Mark, for the introduction.  So I am not that strong, actually.  I am just sitting down here and being present.  So I am not holding anything else.

But, yeah.  By the way, thank you for the soft change from an optimist view to the pessimist view.  But not that much pessimistic view for the IoT security.  I can do nothing else, I can say about nothing else.  If I'm the guy who anyone asks when something goes wrong, so I have to deal with the problems.  And, okay.  Just recapping some things from our last session and now getting back to our session now.

Last session we debated more about static things on securing stuff, on the design of the stuff, (?) in the manufacturer's house, and how should we deal better with the communication with IoT and the edge computing or something like that.

But now we have one workshop more, talking more with the fluidity that the IoT have.  The things are alive.  The closest alive we can have.  So every time something changes and new abilities happen and so on.  When you think about secure design of IoT, last session we stop it in the part of configuring a device.  So starting design of the manufacturer, the design, actually, the secure design, the development of the device or the systems, the selection of the product on the shelf, and the first configuration in the end user's house.

And now we are going to go a bit beyond, because the life cycle of one IoT device or systems goes beyond.  So, we have operation where in our daily basis, it's the biggest part of the life cycle of IoT device and I will get back to this part later to talk about one thing I'm working on in IETF.  We have when something goes wrong.  We have sometimes a few more updates from the device's manufacturer.  So this is another part of the life cycle, and sometimes it gets back to the configuration and so on.  So, we have some cycles of, configuring, operating, updating and then getting back to configuration.  And sometimes the device reaches the end of life, maybe the manufacturer does not have any more support on that, or the manufacturer does not exist anymore, so the device reaches the end of life.  But we still have left life after the end of life.  And this is also we had in the last session from comments, from the comments of our -- of the other people in the roundtable.

Getting back to the operation and when things go wrong inside of the operations.  In most of the case during the enterprising environment, so in business, in small offices, big offices, in industry and smart farms and anything else, we have a kind of team looking for the security of that network, monitoring the traffic inclusion, the systems, and blocking bad things with inclusion provision systems or configure -- or with other things that situate policies and so on for that context.

But there are some scenarios where the things goes different and this is the part that I'm getting into the discussion.  Scenarios as home IoT.  We have known taken care of the security of that whole network.  So, we have a long, unauthorized access to devices and so on.  And sometimes we discover when vulnerability ended and the end user does not update the software, the IoT device and so on.

And other scenarios, we also have one small team taking care of security of a big city, for example, lots of different regional network with different devices.  And they just can't follow the process and, like, see normal behavior in the network and in the attacks or keeping the updates, like, in every day.  So, this is where I go with my proposal.  I have currently one active draft in the IETF where I try to deal with this thing, using well known knowledge about disabilities or malwares, malwares, variants, so on.

The point is sharing knowledge.  So, in the name of the proposal, the name of the draft, you can find it within share, it's INXU, internet explore utility, and its function is taking care of finding threats in the network based on well-known attacks and exploits and malwares in the way that someone can describe how an attack can be done like exploiting vulnerabilities and internet work and the final network, that will be one process, very fine.  Which are the allowed connections, communications in the network, into the networks.  And then very fine if someone set some of that -- some set of that connections can expose a DN network to a threat.  So, this is the point.

What else can I say?  So this proposal takes advantage of one really recent RFC.  It's the RFC8520.  It's from 2019.  And this RFC allows a device to get into a network.  It can announce to the network what type of connections can be expected for them to well work.  This RFC is focusing more on operation than with security, but in technical terms we can use the manufacturer's user description which is the RFC 8520.  We can build a communication graph of the network with the host that are communications and the list of protocols that are being used.  So, we can build this type of communications.  And we have in this proposal develop the malicious threat description data model where we can scribe this well known attacks and malwares and sharing with the end users' networks and in the context, for example, of mark cities, we can set this data to send this data to the end network, like a small network in the city or the clients' ISP.  This information we will be process, this malicious description we will be process among the mud files that are released, like the network communication graph.

And then we can find and probably block the exposure of threats.  So, yeah, this is, basically, this.  This is in the context of dealing with the end of life of a device, for example, if we have a well-known attack to a device that has not no more support from the manufacturer or any other community, or even during the process, while this device is being supported before an update or something like that.

It's to deal with the fluid thing in the life of an IoT device.  That's it for now.  Get back to Mark.  Thank you.

>> MARK DATYSGELD: What I get from your explanation is that you are surviving the IETF, which, you know, some of my colleagues from the industry would say is a difficult task in itself.  A salute to all of our teams from the IETF in the audience.  Great stuff to see this kind of engagement within the IETF environment, but it shows that our internet governance community is concerned about this matter at a deeper level than just making the technology available.  This is something that I think is a plus.  This shows the kind of resilience that our community has of being able to intervene, even when the industry doesn't, right?  This should have been an industry first initiative.  But in the absence of that kind of standard, we are seeing a few standards emerge.

Just recently we did see initiatives by companies to try to standardize some of their protocols, coming particularly in the form, at least the one that I saw the most, is called matter, as in, you know, things that matter, I guess, or, like, the actual materials that compose the word.  I think Apple was there, Google was there.  But this draft keeps being postponed.  I think it has been postponed to late 2022 now.  And it falls very much to the community to actually act.

And with that, I would like to get back to the intervention about citizen centric questions.  And for that, I will turn to our environment, sustainability, Civil Society and all other related matters, Jaewon.  Please, Jaewon, you can kick off this second discussion.

>> JAEWON SON: Thank you.  I was asked to talk about this, the transmitter, because I personally believe that everyone is (?) before their (?) tech person or government and everything.  So without having this citizens or consumer in the discussion, we wouldn't be able to have everyone's point for the regulation.

So, rather than thinking of which stakeholder should be in charge of protecting against the cyberattacks, I think we should put efforts between (?) to have better centered.  But in the same time, I think Civil Society's input is possible only when they have better idea about it and why is it important for them.  Because let's say if there's consumer buying simple toaster, they wouldn't sit down in the retail world section about if it is being secured enough unless they find it really important.  So, to (?) the stakeholder security, I think we need to first market (?) devices with these (?) by increasing the customer awareness and also try to improve the transparency for the consumer by coming up with a strategy to communicate security features of IoT devices to consumers.

And in addition, I think by initiating this dialogue within the stakeholders, I think we should try our best to not give a specific recommendation or best practice guidance to the people when they do not have a good idea about, like, why this IoT security is about and why is it important.  So, yeah, of course we should try to increase the (?) of them as much as possible and then we can come up with the discussion to share and discuss the solutions.  Yeah.  I hope our session today will be

(Audio difficulty).

>> JAEWON SON: Thank you.

>> MARK DATYSGELD: Thank you, Jaewon.  And with that, I open to our other panelists.  What are your thoughts on the citizen centric approach?  Anybody who wants to intervene first.  Edgar, anybody has their finger there.  I think, Martha, go ahead.

>> MARTHA TEYE: Yeah, sure.  Thinking about that, I think one of the approaches we can use is probably to first have this DIY approach, do-it-yourself approach, where people would not be able to, like, interact directly with this devices, set it up on their own and that would even influence the manufacturers (?) because this time small people to trying to more be their own, should I say, not entirely manufacturers, but now assembling the entire stuff.  So yeah it would now relate better and we are able to get individual reasoning towards this, because, yes, we agree that there are some policies in place, but how well are we using, making use of these policies in manufacturers IoT devices.  It hasn't been clear yet.  Once we are able to first at a basic level get a (?) space or do this and do-it-yourself approach, we are able to understand better and then we can even promote more sustainability because if we talk about, like, the citizen centric approach, I can't just generalize it.  Because even in a particular area there are several, shall I say, people to even interact.  There are several views.  There are several usage and capacities and all of that.

So, even if that is still going to be like a broader range that needs to be incorporated into design principles and all of that.  So, I think, and we could use that (?) as well in (?) this in citizen centric and usability in devices.

>> MARK DATYSGELD: Sounds about right.  Savyo and Edgar, do you have any particular reactions or should we move to the next question?

>> SAVYO VINICIUS: I have only some comments maybe.  This kind of work, when we talking about, again, how the things change.  Maybe there is one great -- a great response for this kind of claim.  It's the project that Edgar is working on, like the things are fluid, there are, like, some nonfunctional requirements.  So, this is just one point, just to point it out.  That's all.

>> MARK DATYSGELD: You have been called out specifically, Edgar, so go for it.

>> EDGAR RAMOS: Yeah.  I think, I mean, when mentioning this kind of citizen centric, I feel that, I mean, it has been looking at too much from a regulatory perspective.  I think the best tools are those where people can take their own decisions and they can, actually, can by themself make their own policies, if you want to call them like that.  So you don't need a government to come and intervene.  Although, of course, many times this is done for the protection of consumers and the protection of people and, of course, there need to be a legal framework for it.

But also I think the most -- the more use cases we deal with, we realize that you cannot cut everything with the same scissors.  What it means is that there will be very much sensitive things that are requiring much more protection and it requires maybe a more defined formal legal framework.  And then there are other things, like, our box of bananas, which doesn't require such a thing.

So, then the idea here, I think when we talk about this citizen centric, it's more about, you know, making it more free on, I would say, like, extendible so that you could actually customize and dynamically decide what is the best thing, according to your use case.

And then this is not only about citizens anymore.  So it's all equally applicable to any industry.  So, as I say, if you have a business relationship, one company with another, and then they decide to establish a policy or a contract between them so that, well, I want your deliveries to be done in this time frame with this specific constraints and then you can share this data with this specific partners.  So, those are policies.  And then that means that you don't need a regulatory framework for that.

Of course, you could include, and that is something that it will come, I think, at some point, you could clue provisions to make digital contract enforceable legally, which means that when you come to make a legal contract, which is, basically, something that you do by writing, you could also do them digitally, which today exists certain type of similar things that are valid as legal contracts.  But what I mean is, like, this kind of including the negotiation process and coming to an agreement and then finally saying, well, this is what we agree, and then most probably some of these things cannot be enforced directly by the software or hardware that you have in your platform, but you can monitor them.

So, for example, the ledgering technologies are popular today for that, block chain and so on, so that you can actually do this kind of things.  And then the idea is that with that, you can later enforce legally something that was not possible to enforce maybe physically.

Then that is the part of the regulatory that we would need to update so that these kind of digital agreement, if we want to call them like that, can somehow have a framework, regulatory framework that allows that you could have them and you can enforce them and then make them legally binding, as well.

>> MARK DATYSGELD: Thank you, Edgar.  It's good to find out very late in this process that the big banana industry is actually the one pushing this panel forward.  You should have disclosed your corporate interests first.  But I will still, you know, accept your intervention as valid.

Yeah.  I think that this is, actually, very good.  We got a whole spectrum of opinions on this.  So, great, great discussion on this matter.  And I do think we have time for another, and perhaps yet another after that, maybe a quick one after that.  I don't know.  So, please, anybody who would like to manifest themselves.  I will put you on a queue Wathagi, because I will read Daphne's question and then get back to you.

Daphne posed a question which I think we touched upon last year.  And I think we have some thoughts on that, for sure, which is how do we actually make people care, right?  How do we actually get to them and say, you need to have a look at this device every once in a while.  You need to perhaps not imagine that it's taking care of itself.  Not imagine that it's going to solve its own problems.  Because publishing scary news on the media doesn't seem to be doing the trick.  That doesn't seem to be the solution to our problems.

So, how do we actually get users to engage with these policies?  How do we make them care?  They are doing so in their cars, right?  They know that every so often they have to take their car for revision.  They have to look into it.  They have to change the tire.  They have to do a series of things with their cars.  They don't assume it will take care of itself.  Somehow, though, we have created this paradigm in technology in which people do assume it's okay.  They do assume that, okay, whatever.  This is good.  It's working.  If it isn't broken, then it's probably okay.  How do we overcome that?

Do any of our panelists wants to give a first stab at that?  Martha looks like she might.  Do I have a yes from you, Martha?

>> MARTHA TEYE: Yeah, sure, sure.  I have been thinking through this, actually, for some time also.  It seems like you can't push people too much into what they can do and what they cannot do with their devices.  Just as you give your example with the cars, people always have the need to, like, service their cars and make sure things are working right but they don't have the same need for these ISD devices.  I think manufacturers can in a quay put certain restrictions in place for such devices.  For example, if I speak to maybe my phone, 10 of the lights and probably have ignored certain security features for quite some time.  It decides not to and probably maybe go back to check this feature, go back to a beta password, go back to do something.

I think, indeed, scaring people of the news isn't working.  And trying to sensitize people also isn't, sort of, like, thinking into if you go to the software but you intend to go to hardware, yes, people would argue with the fact that it is the property (?) have rights to it.  But then it should come also with a guide.  You have rights to with (?) to use your device, I think, your privacy is of utmost importance, your security is important.  All that said, your private and security, we also need to put the same things in place.  And I think that would somewhat meet people halfway because nonetheless no one can stop the end user that use IoT devices because they have to update.  Once it becomes a need and a necessity, they will definitely make sure their security is protected and then we are all good to go.

>> MARK DATYSGELD: Savyo, you wanted to garner any thoughts?  Savyo is turning on his microphone.

>> SAVYO VINICIUS: I think it's on.


>> SAVYO VINICIUS: Thank you.  This comment, this talks actually gave me, kind of, existential crisis because I was considering different scenarios.  So, for example, this is not quite simple, depending on the context we are talking about, like keeping things safe in IoT.  So, I was thinking about, for example, the scenarios of autonomous vehicles were, for example, we have a kind of open API, that everyone used, the same API for communicating between the cars.  And people rely on it to go to work, to go visit family and so on, to have fun.  So, I have one car.  And there is one few more updates for my car to fix some bug that the bug make the car -- cause some accident.  And then it relies on the API.  But some regulations, some legislation from the city, like, now you only can use your car if you have this few more update, starting from this version.  And you have two days to do it.

Or what happens if the car reached the end of life of this?  So this is, basically, going to change by scenarios, like, for smart cities, including autonomous vehicles, this might have a kind of regulation above that.  But for home -- for industrial IoT, people care about that at any time.  But for end users we have difference in the rules.  Actually, yesterday I had one question with one friend.  And we were, like, wondering about a kind of few more updates centered with some push alerts for this.  But this is only a discussion, but this is, basically, the case.  People will care about it, depending on the context.  And, yeah, that's it.

>> MARK DATYSGELD: So, I would still like to get to Wathagi and would still like to get to Edgar.  So let's try to do this maybe as Edgar, a minute 1/2 or two minutes and we give the word to Wathagi to give her the final word, which I think is fair.

>> EDGAR RAMOS: Yeah.  I just wanted to reinforce pretty much the same point that Savyo was saying, like, making an update, it's not always desirable.  Many times it brings issues.  So you just do the update and then your things don't work.  So then what happened with the users?  They don't want to do updates.  They think everything is fine.  Why do I need to touch it?  So, then there is this mentality about, like, if it's not broken, don't touch it.

Then changing this mentality, it requires that you should at least being able to do some sort of simulation and see, like, does my system works?  Can I actually -- I mean, somehow do some kind of preemptive check that is everything gonna be fine.  Part of that has been addressed today by the industry use indeed are twins.  The idea of the twin is you have a digital copy of the device or whatever thing you are utilizing and then you could actually simulate how these digital copy of the, let's say, the physical thing would interact with your other systems before you actually get it to work.

So, one possibility is that all this kind of management goes in that direction where you actually handle everything to digital twins.  And then in that way, you could, actually, think about it like, okay, I did this update in the (?) nothing happened, things were working fine.  So now I do in the digital.  That is one possible solution, that is in the solution space.

Now in how we get the people mentality to think about this, let's do update, let's keep our software update, I think it will come naturally the more -- let's say the more this kind of things are propagating in our lives.  So, I mean, today whenever I get an update for an app, you think about it, like, do I do the update or not in our forms?  Then you think, oh, then I'm losing this or that new functionality if I don't do it.

And then I think the same will happen with devices and so on.  So you will get additional value, not only fixes for this security or fixes for this kind of other issue.  I think also there could be additional value that then that will start to come in the mind of the people that if I add this and I do this kind of update, then I will get additional things.

And maybe digital way is one way to show up that in advance.  That was a good one.

>> MARK DATYSGELD: Perfect.  I don't want to go over too much.  Maybe I will go over five minutes, if the organization doesn't mind.  Wathagi, I give you 30 seconds, we have got one panelist wanting to answer a burning question, and then I will end the session.

>> WATHAGI NDUNGU: I wanted to ask IoT, probably like you talk about, the courses you can get to (?) perfection not be achieved.  Like what it would look like.  I mean, I still don't believe we can get it without citizens centric because it's for the citizen, because I was wondering what are, like, the things that need to be at the center of it?  Obviously this discussion is about security so it has to be security.  But what would be the best possible thing that would happen with this field to make everyone, like, engaged and stuff like that?  (?) talks about incentives which is a good kind of answer, yeah, I like.  But that's what my question is.

>> MARK DATYSGELD: Here's my idea.  We will each give a phrase about this or like a small set of phrases.  To me, what I think we need is to actually be able to get more informed opinion in the mainstream media.  We need people who want to communicate things in a simpler manner, that's not just, hey, this is scary.  This is going to hurt you.  But people who actually manage to translate the information that we discuss on this fora and actually get it to the media in a way that's still -- it's still comprehensible, it still makes sense, it's still true and accurate, but at the same time helps people understand what we are discussing and why.  Savyo.

>> SAVYO VINICIUS: I have, actually, nothing to add about this.  But less comments in the overall session.  This kind of execution about IoT secure designs is being carried in the CHOS so please join us.  We have the general meeting tomorrow here in the IGF and one working session in the Friday.  This discussion is under the IoT service by secure design working group, the (?) internet security -- internet standard security and safety and also please feel free to make any comments also in my draft in IETF if you're in IETF.  Or if you want to join IETF, please feel free.  Bye-bye.  Thank you.


>> EDGAR RAMOS: Yeah, I think for me the most Utopian thing at the moment in IoT and it's required for everything is interoperability so we need system to talk to each other and to understand.  So it's not only about, like, yeah, I can send packets from this and that.  But also understand the semantics of what is -- what is possible to be done by one device, by another device and then how they can interact with each other.

And then I think there you get these layers of also of things like security on policies that we have been talking about that are needed to be taken care in a semantics level.

I would say what it needs to happen in IoT, semantic interoperability.  So when we achieve that in a higher scale, I think things in IoT will skyrocket.  It will start to happen everywhere.

>> MARK DATYSGELD: Martha, take us home.

>> MARTHA TEYE: Getting us to the barest minimal shall I say design process that almost everyone with the least, should I say, usable device can interact with IoT devices, and that would be more better for people so they don't think about the financial implications or complications (?)

>> MARK DATYSGELD: Thank you a lot, everyone.  This has been a great session, great participation.  Thank you, everyone, for attending.  We had a lot of interesting diversity here.  We had people from every continent discussing something that I think all of us really care about.  So, it's always great when we see an IGF session going, you know, in the way that we wish it would.  So, thank you first and foremost to our audience for being here.  And thank you for the panelists as well.  It's been a pleasure to be able to continue this discussion, bringing all of our different perspectives and continents together.  Let the American representation, African, Europe, Asia.  We have all of our experts in the audience.  So it's always great to be able to do this.

Thank you, everyone.  And if you want to add anybody, any of this young luminaires here, find them over at LinkedIn, find their projects.  They are really great people.  With that, I would like to bring the session to a close.  And wish you all a good morning, a good afternoon or a good evening.  And yeah, feel free to catch up with us.  Thank you very much.

(Session was concluded at 13:55 UTC)