Cybersecurity: A Little Introduction

Logo of WarGames Film produced by Universal Artists

Internet was built in order to provide full access from anywhere. When DARPA funded the development of internet, it was trying to assure that the destruction of a centralized computing center would never avoid a fast response to a nuclear attack from the enemy. Those engineers were searching for a network configuration that could provide fast reconfiguration. TCP/IP protocols were born in this way. The TELNET standard was created in order to have a direct link to remote computer as if the operator was in front of the mainframe. However, nowadays, the port 23 is usually blocked by most firewalls.

TELNET protocol is not commonly used due to its lack of encryption. Different protocols were developed later as SSH. More complex and secure protocols can be used instead. On the other hand, text terminals are a reminiscence of the past, now people use graphic interfaces instead. Sometimes it is interesting to review the history in order to understand which one is the true aim of many things before criticizing them.

Modern people consider computer security as a defense tool; however, remote access was conceived as a defense tool. From a military viewpoint, connectivity, instead of firewalling, is a defense tool in a nuclear world. A firewall is similar to a company of soldiers defending a nuclear silo. It is not defending directly our lives but protecting a deterrence weapon.

This discussion is very interesting because in the civil world we are very worried due to data hacking; however, we do not care about the effects of a lack of connectivity. Modern societies have usually got a lot of people in the streets demanding more security; however, security is provided by connectivity and the access to information. For instance, a piece of fake news is not a problem by itself. The problem of fake news is that corrupted or manipulated information is equivalent to unavailable information. Democracy resides on proper information for voters. Majorities can never be owners of the truth if they have not a proper access to the full real information. In a competitive world deception is used many times to increase the competitiveness, and information analysis instead of direct assumptions is required to assure that managers are making the best decisions. In a business, management, data analysis and decision making techniques are required in order to drive a company. The complexity of problems and the competitive environment produce that better decisions are made by experts instead of a majority of employees.

The higher the number of people accessing to computer system the higher the probability that information can be hacked and got illegally or corrupted. Limiting the access to information we are increasing the security of the system, but we are limiting its functionality. Encrypted access to computer systems introduces an additional advantage: Encrypted communications are less hackable and they can provide a way of authentication of the identity of the user better than a simple password. The use of encryption systems lets to increase the number of users without a huge increase of the probability of hacking. Connectivity can be preserved through encryption systems because it makes more difficult the hackers’ activity, but the cost of the computer system and its maintenance is higher and it requires specialized personnel with higher qualifications.


Technology Transfer for Improving Competition

High Industrial Engineering College of Madrid. Photo Credit: Public Domain

Technology Transfer is the delivery of the knowledge required to manufacture a product, to apply a procedure or to provide a service. It is a common way to expand a business all over the world using the commercial network of other companies where your company has not got physical presence without a huge investment in your own commercial network. For the recipient company, it is a way to enter a market without the risk of investing in R & D.

This kind of agreement can be done due to the following fact. Industrial property rights are a monopoly of the inventor. They cannot be copied without his authorization and, usually, an economic compensation.

The concept of technology transfer does not include only industrial property rights. It is wider. The knowledge involved in production of goods and services is not always protected under patents. The complexity of many activities is many times a protection way enough, because the time required to make reverse engineering of a product can be long, and the first manufacturer can acquire competitive advantages and establish entry barriers in the market.  This kind of knowledge that is not protected by a legal patent can be transferred under a legal agreement.

In a startup company, the knowledge of a product can be in the mind of a person or a few people, usually the entrepreneurs. Large companies with large R & D departments usually define strict procedures of documentation for any R & D activity. Large companies can provide the information required for a technology transfer easily, however, small companies that are not based in a product under a legal patent are not prepared to make the technology transfer. That is a reason why many startups are bought when they reach success and they need to grow. In other words, to buy the knowledge of a small company with a single product is, in fact, to buy the whole company, entrepreneurs included. The new company will translate the knowledge into the production procedures that will be properly documented and standardized, and the knowledge will not be more in a few people.

The value of a startup is related to the complexity of the knowledge involved in the production process that makes a process of reverse engineering unfeasible from an economic viewpoint. The payment of a high price for a small company avoids that it can get the financial resources required to grow alone and puts the market again under the control of the large one.

The technology transfer through agreements between different companies without mergers or acquisitions are more common between companies of similar size, because the merger of two companies with different procedures and culture it is a complex process itself, and complexity implies high cost as we can see before. Sharing knowledge about a certain process avoids the costs linked to a merger and it provides an exchange of information about the companies that could be useful for a future merger.

Artificial Intelligence in Organizational Systems

Robot in an Assembly Line. Photo Credit: Public Domain

There are many definitions of artificial intelligence in the same way as there are many definitions of intelligence. Intelligence is usually defined as capability to understand or capability to solve problems. Artificial intelligence would be the same capability built artificially for a computer.

The second definition is incomplete because any computer is mostly used to solve problems. Many times they do it much better than humans, but we do not think that they are intelligent if they are doing a pre programmed mechanical task. Intelligence is more linked to understanding than to solutions. In common life, we usually think that an engineer is more intelligent than an operator because the engineer has more knowledge and he understands the problem although the operator executes the task and provide the solution without understanding it.

There is no current computer system with the ability to understand a problem in the same way a human can do. However modern computer systems have the ability of adaptation to different circumstances related to the task to be executed. The process made by the computer to define a task to be executed is what defines the computer system as intelligent.

Intelligence is related to adaptability opposite to mechanism related to repeatability. A classic computer algorithm provides the same result for the same inputs. This is far from intelligence, and in the same way, any human system designed to provide repeatability is far from intelligence too.

Repeatability is a desired output in most industrial systems. In fact, industry is a result of the search for repeatability to provide a set of products of similar quality. The use of people in an assembly line is not an advantage instead of automatic machines to get repeatability. That is the reason why modern industries are more automatized.

From an industrial viewpoint, there is not a need to make a distinction between human and artificial systems, but between intelligent and mechanistic ones. Any industrial facility is a system composed by human beings and machines doing different tasks. Some of them are totally predefined and other ones require a new analysis and the adaptation of the processes. What makes a system intelligent is its capability to adapt the tasks to the problem instead of the degree of intelligence of its agents.

Artificial intelligence is not something fashionable. It is the logical evolution of any industry to the changing modern social environment. The environment of any organization changes much faster than a few decades ago. Organizations need to be more intelligent and less mechanistic. The age of quality standards has gone. Modern organizations live in the age of adaptability. Computer systems are not required to implement standardized procedures in an automatic way substituting human operators only. They are required to overcome the capability of decision makers to adapt the organizations the needs of the environment in a much faster way and in a much less complex one.

The limit of human intelligence to drive organizations is well known. The time of big data analysis and artificial intelligence support for decisions makers has come to make organizations more adaptable in modern changing environments. Artificial Intelligence exists to support intelligent organizations farther than human intelligence has got.

In any organization, AI will coexist with classic machines, with human operators working by procedures and with human decision makers. The design of the full system providing the required repeatability and adaptability will provide different organizations, with different degree of organizational intelligence. Although this cannot be measured, a satisfactory design can be evaluated through the measurement of complexity. A good resilience is a sign of proper adaptability and required repeatability for certain tasks.

Organizational intelligence is not an aim, it is a mean. The degree of organizational intelligence will depend on the industry: Nobody contracts an architect to hammer a nail. It should be very expensive and inefficient. And nobody contract a bricklayer to design a large tower. It should be very cheap but ineffective.

Computer Vision and Big Data

A simple algorithm to extract edges from the image Lena commonly used by computer vision scientists. Photo Credit: Public Domain

Large corporations are very interested in the new paradigm of Big Data. But what does it mean exactly? Basically, it is the acquisition and processing of large amount of data about markets in order to make reasoned decisions in a company. Big data can be used in order to improve any area of the company, from great strategic decisions to personalized offers for individual clients.

With this information we can see that it is a great opportunity for companies to improve their benefits. But, how must the use of big data be implemented?

The problem of big data is not the data. Of course, gathering data in not an easy task. A company must implement some source of acquisition in order to get the data. People were not prone to share their own information until social networks arrived. But, nowadays, we can get information about markets or clients from different sources.

The real problem to solve is how to process that great amount of data in order to get useful information for decision-making. The extraction of useful information from a large amount of raw data is a problem common with the technological area of robotics and computer vision. Mobile robots moving in a not structured environment must gather and process a large amount of data from vision sensors and so on, in order to determine a path or strategy in order to reach a destination point. A single image from a current common color camera is a signal 1024x768x3 bytes of information. This implies the processing of 2,359,296 bytes of information. A stereo vision system would use two cameras. If we work with video sequences at 25 images per second, we will need to process 117,964,800 bytes of information per second.

When we are working with big data, we need to diminish the size of data and to extract a more manageable subset of data especially useful for our interests. In computer vision, many times we work with edges. The mathematical meaning of edge is the derivative of the spatial sequence of data. In simpler words, we are interested in abrupt changes on the data that define different zones. This scheme can be used for any kind of big data problem. For instance, if we were analyzing geopolitical data in order to make decisions about the movement of our troops, we would be more interested in the changes of concentration of enemy troops around the borders instead of the internal situation of troops in order to prevent an invasion.

A single worker would last a lot of time in order to analyze the 2 Mbytes of information to extract the edge of an image; however, a computer can do it instantly. To program an algorithm to do it is not very difficult; however, it is not a task for someone who hated derivatives at the high school. Big data analysis is a matter of mathematical knowledge, not only a matter of writing code.

The knowledge required to analyze data fits well the knowledge of computer vision scientists among many other ones.

Artificial Intelligence for the future

Chess Robot: Photo Credit Wikimedia Commons

The recent advances in Artificial Intelligence are provoking a debate about AI safety. There are some noticeable voices talking about the risk of the construction of intelligent robots. In my humble opinion as an expert in robotics from several decades ago, I consider that this problem is more philosophical than technical. The nature of knowledge and intelligence has been a philosophical problem from the beginning of philosophy, and there is not a philosopher that has proposed a satisfactory solution to it.

In the twentieth century, with the advances in automation, AI is born as a technical problem. The aim of AI is initially to endue automation systems with the ability to acquire some kind of knowledge about the controlled system or the environment in order to provide better responses than linear controllers. The initial successful AI systems are based on expert systems. Expert systems incorporate the knowledge of human experts and have some preprogrammed decision rules in order to improve the output of the controller.

The difference between a linear controller (a classical PID) and an expert system is that the former one is ruled by a mathematical algorithm which parameters can be precisely determined from the physical model of the system, and the latter one is ruled by a decision algorithm that managed the information deposited by experts into a database. However this kind of AI is fully predictable, the same inputs always provide the same outputs for the some stored knowledge into the database and that kind of expert systems cannot learn by themselves. The problem of expert systems is that they cannot cope with unexpected situations. They only can cope with situations expected by experts providing the knowledge.

When I was working in computer vision related activities as researcher, I realized that it was very important to have a philosophical vision of the intelligence in order to build more sophisticated systems, I began to read works by many philosophers:  Aristotle, Kant, Descartes, Hume, and so on. The problem of knowledge acquisition and intelligence is constant in the history of philosophy. Kant, considered the father of the modern philosophy, is a very interesting reading (and a hard one too) in this field. His separation of the concepts of phenomenon (object of sensible knowledge) and noumenon (object of pure reason) is very descriptive to be used in the engineering of intelligent systems. Kant is the first one philosopher that makes a discussion about the ability of the human brain to deduct two contrary logical solutions to several philosophical problems. He called them antinomies. In other words, there are some philosophical problems that cannot be solved by reasoning.

This is very important when we are talking about thinking machines. Natural intelligence is limited and most people talking about artificial intelligence are not conscious about it.

Current intelligent machines are much more complex than an expert system. They can acquire knowledge and learn. There are different techniques to get this with a computer, the most known technique can be the artificial neural networks. This kind of systems are bioinspired, they have a lot of little processing centers that can interconnect with their neighbors. Knowledge is stored in the weights of the connections between processing centers. The difference between ANNs and experts systems is clear. The output of the system depends not only on which is the knowledge to be acquired but on the how the knowledge is learnt.

There are recent examples about this fact, when some AI bots trying to learn from the interaction in social networks can finally transmitting unacceptable messages if a group of people interacting with the bot have provoked a learning driven to it. This is not very surprising because the same behavior can be easily provoked in a human child.

Why do I think that AI safety is more a philosophical problem than a technical one? Because we are trying to build a copy a natural system with a working model practically unknown and even that it is imperfect and limited.

The philosophical question here would be: Are we doing a copy of the human intelligence or are we doing a copy of the human stupidity? Actually, we do not know it, because we do not understand well what human intelligence is and how it is implemented, and what does a person more intelligent or more stupid.

However, the question about it we can make a safe humanlike AI system is more technical than philosophical, because safety measures can be included in the implementation of any computer system. This should be obvious for everyone. When we are not able to assure that our dog will attack people during our morning walk, we usually use a dog leash. The fact that a dog can move autonomously does not imply that we cannot limit its movements. In the case of robots, the leash can be incorporated internally by engineering design.

AI systems can be designed in many ways, with more or less degree of sophistication and it can include safety measures. AI will be useful in the industry if they are engineered to provide desired tasks and we avoid the raw copy of the human stupidity.