Behind the scenes on social media at the tv on twitter, instagram and facebook. Host this week on the communicators we want to interdict tissue to George Mason University professor duminda wijesekera, professor what do you do at George Mason University . Guest i do research mostly related to Cyber Security and Quantum Transportation systems. I have a large group of students on Radio Communications and connected and some Railroad Security and someone you av meaning unmanned areas so everything related to industrial commission. Host im sorry what is that word you are using a mac. Guest like in buses and trains and so on. Host to teach any classes as well . Guest yes, i do. I teach different types of Cyber Security classes in this fall i will teach a class on connected and automated so we have a pretty good selection of guided students and faculty any Supportive Administration that lift us up they buy day that we are encouraged to do whatever we can to reach out because Cyber Security and the new areas that are emerging industrially and participate in the best extent we can. Host you also have worked at the National Institute of standards and technology so what is that what were you doing . Guest the National Institute of standards and technology has a position called the the laboratory for Cyber Security so i was there as visiting researcher and its been for forensics and i worked with a couple of Research Banks there and also have the university that participate in that Cyber Research and i do really enjoy working [inaudible] host professor, we invited you here because you are a presenter at black hat this year and first of all what is black hat . How do you describe that . Guest that is essentially people who work on the attack creation side of not really hacker hackers but people who like have vulnerabilities that exist in distant systems and try to bring into society and the people who should know about that and make them aware so that it will be close and people will find the loopholes and encourage people similar reports and related systems and work with manufacturers for the people who created the systems. Host that was in las vegas and thousands of people attend this event, dont they . When you go into black hat because of the expertise of the people do you leave your cell phone back up in your hotel room and use your atm card . Guest i have heard that before but what some people have said that has happened to them but i dont have an experience like that nor do my didnt spend much more time there. Host black hat has become very mainstream, has in it . Inviting people like you. Guest absolutely true. This time i think we have a thousand people there and there were lots of scientists and Companies Even government labs and cities like ours. Host what was your presentation about . It was entitled attacking electric motors for fun and profit. Guest this work started about a year ago and have done similar work and ill get to that in a minute but what it was is we realized looking at the way its designed in the way they are constructed it might be possible for somebody to attack them in the sense that it makes them do things that original use did not intend to do like when you want to [inaudible] we would like to reduce it when the border gives [inaudible] we like to reduce it when states go forward we would like to determine counterclockwise so those would create unsafe situations wherever electric motors are used like in the cell phone [inaudible] but if you use it in any way that would have a very bad particles like that covers direction and go back and step forward and turn left or right and so we thought we would experiment with different kinds of electric mortars and we found that there were more than one way to attack them and our presentation was based on half of the research that my student did under my direction so very cleverly a man that was able to reduce [inaudible] in the meantime they look at different mortars and didnt go well and it might also be attacks that we thought he could reach. Host professor, what is in an electric motor that would make it susceptible to an attack . Guest electric motor has control system and a power system and electromagnetic in one way or the other and thats how we generate that momentum and moment by essentially moving electric wire across a magnet so any and all of these components are subjected to some kind of interruption disruption for a moment that was not expected to be there so [inaudible] disturbing the electroMagnetic Field and going into the control system and being disrupted in the middle of the operator and the Border Control or even in the market controller changed them unknowingly so that the controller itself would not know that something was changed but on the other hand to physical disruption that would like using Magnetic Field and so on would alter the moment of the electric motor. Host not necessarily an attack on software. Guest yes, thats correct. Not necessarily an attack on the software but could be physical as well as cyber. Host were you successful . Guest yes, we were. Host does that were you . Guest to a large extent, yes because if you look at the consumption of electric motors about there and when you get onto any train or bus or car there are so many electric motors in them and they do conceal electricity and theres a whole division in the department of energy that they make them efficient and better than making them not waste too much electricity or produce the energy that is unnecessary for the application but what we are showing is that it is possible to interfere and do all of those good objectives if you intended to make some harm and host what about software attacks connected to experiment with those . Guest yes, we did. Host what did you find . Guest is not that difficult to install the controller with malware and replace the controller that would do the opposite with the performance of the motor. Or it could interfere with the medication median which is also a piece of software between the different components of the entire motor. Host a couple of years ago it was that a jeep was hacked on purpose by wired magazine and it was controlled remotely. Is that a countrywide danger that this could happen . Guest i think that let me ask you that question indirectly. If something was greeted by one human being they should be able to find ways to find loopholes to either misuse it or use it in a way that was not intended to be used but i myself was a engineer in the workforce. Host for honeywell. Guest yes, for honeywell. I know this type of bad stuff we could make mistakes there are so many softwares systems, tools that ensure what you should not do and prevent you from good things but despite all of that we are human so at some point someone will relate if i am paid to or if i have efficiently elevated for whatever lack of reason i devote my time in my life. Host one of the things you write and talk about our cyber physical systems. What are those . Guest those are physical equipment that based on some phenomenon of physics such as chemistry for that matter such as batteries or electric fans or automobiles or train engines anything else that moves or rotates or provides the physical service that is usually controlled by some form of software it could be low down in the form or an application but that would still be interfered with and while it will degrade performance because of this interference but it has an example is that if you have an automatic ensuring that your traveling at 30 miles an hour but it travels that 50 miles an hour this would become a problem when you apply the brakes you dont want to apply that much and then you realize youre not slowing down. Its not necessarily a problem with the braking system but if someone interfered with that i know that you want to go to great extent to not make this impossible and its not a real example i just made one up to show you what it would do. Host how do they interact with socalled Intelligent Transportation systems . Guest so, if you look at Intelligent Transportation systems most of the systems today are migrating to be controlled by software. Our catholics lights are controlled by software. Most of our [inaudible] radar sonar detectors and cameras that show you Different Things such as the make you keep your lane so if you deviate from the lane it will make a sound or somehow make you come back so its becoming very much computerized, if i may say and using different Computer Systems to make sure that we as human beings dont make intentional mistakes and if we do try to correct our mistakes. A great example is that abs systems, automatic braking systems, trends at a high frequency, 400 times a second so it balances the power infection of the vehicle and that is even beyond our human capability this came about in the 60s and 70s so very detailed by the automobile manufacturers and originally grouped with manufacturers like bosch and so on and that has been a great help now. It will have most of our cars come with it in at the beginning it was only limited specialty cars but today not only the bigger way such as the tractortrailers and so on have that function ability built in to make it safer but also around you so you dont just about off your lane and hit somebody unintelligibly because one of the tyrus went to a patch of ice so those things are mentioned that weve had the one with a system like abs have couple can be attacked . Guest remotely is a much more difficult thing because they have to get into the system that connects the brakes and bu host were moving into an age of Autonomous Vehicles so does that increase the danger of Remote Attack . Guest if we look at it as a purely Software System come upbringing and more software and abilities, and one would think that yes, it does but look at the engineering that goes into the motor and then its supposed to come tomorrow and the lack of effort to ensure that there are no other mistakes and they look at all the cases where we are unintentionally did not address a particular handling and bring them to bear and bring the engineering and Human Factors to ensure that accidents do not happen that did not go unnoticed and there are great tasking effort devoted to making sure that they behave properly in that even if it meets with an accident quite unintentionally it protects the passengers and the passengers surrounding. Host recently in russia there was a tesla crash and that there have been a couple around the country and some loss of life. Whats your take on that . And they were in the drivein system at the time. Guest thats correct. Yes. Host what is your take . Guest it could happen to any Software System but i think most of the manufacturers as i mentioned go to great effort and if you look at [inaudible] as a document they put out in 2017, 2018 and the garment takes great effort as a thirdparty and to advise both the consumers and producers such as the Automobile Industry and the equipment manufacturers and Research Community that is like a thirdparty looking at it to ensure that every case is addressed but also even if we did not address them it keeps the ongoing loop trying to make everything better and hopefully we will close those loops one by one. Host professor duminda wijesekera, the 737 max does this fit into this category of malfunctioning software or Software Taking over for human function . Guest eventually some of the software [inaudible] its not humanly possible to control it. So, most of the control systems would have this type of issues but i think that the engineeri engineering, supplants of such that we find ourselves responsibly and usually would try to address those issues in the next level while we try to find immediate remedy so i think that im optimistic that just like when people find accidents happen that we would go back to ensure it never happens again but of course there is no guarantee that we have gone through all the potential possibilities and all the enrichments for the equipment and give a license or some sort of outright absolute guarantee of total safety. We have to look at every operation scenario and make the increment that can withstand most of the cases. All the unusual cases but the problem is if you work through an engineering process it could take a lifetime and an incredible amount of effort and energy or engineering and usually we try to be on the safe side and give ample warning so it should be operated and how it should be operated and cases in which we cannot ensure the complete autonomous behavior can be guaranteed for absolute safety and we say in this case is we would ask the human being to interfere and take over and make some decisions that would take you through those cases and bring it back to a safe space for the control system to go for the rest of the journey. Host so much of our medication today is wireless. Do you fear an electromagnetic attack more than you do a software attack . Guest yes, one of the things that could be affected are the electric motors in the radio frequencies. That naturally does happen at a very low rate due to sunspots but they are disturbed by but it could happen to any wireless media. Host including airplanes . Guest yes, its good. Its the rays of the sun that we cannot actually control and sometimes they penetrate due to atmospheric conditions and sometimes even that must be they do not have an issue but could be a sunburst. Host right but what about a malicious attack . Guest a malicious attack you have to reduce that Magnetic Field just like radiation that i was investing and this was [inaudible] a lot of things are possible but producing the attack especially if anything was physical equipment its very difficult to make them in absolute secrecy and bring it out just for the attack. Host lets talk about something you talk about in your black hat presentation, attacking electric motors for fun and profit. He spent quite a bit of time on drums and those are out there in the world today and help me her guest yeah, its conceivable. One of the attacks that we have there is attacking a drone and is a four motor drone and it is possible to attack therefore using two different techniques and if theres a solution [inaudible] theres interfering Radio Communication as he mentioned before or taking Radio Communications over and issuing commands that the actual driver never intended. Host knowing what you know and how much time to spend worrying about these . Guest i would say that it concerns me but i it definitely worries me. Someone asked me three months ago if and is again related to equipment on cars so would you drive a car with all this new features and my answer was absolutely, yes. If i dont drive my own car how would i find out whether theyre a good ride. I do have [inaudible] i just look at the available information is and if i have the opportunity, that use it. Host army on the right path generally in this country when it comes to Cyber Security . Guest i would think so but my opinion again, what i think people who are dedicated to the cause both in industry and the government they give their life to it and have greater appreciation for what they do. Host because of what weve been discussing is that the reason you think tranny to folder under suspicion . Guest its good to i dont know too much about that but as far as what happens when you find someone or abilities more than our age of people suspect it will be abused. One wonders if their intentions are not but back into the attention is more difficult because most of the systems other than the ones that i used in Safety Systems are made out of commodity components so that one of the things i worry about was insecurity and how to ensure other pieces of equipment they use was tested [inaudible] theres a black sheep in every industry and people try to go through those details but i think most of the issues like trade and i consider them to be also especially political issues and people who are thats why we looked at some of the [inaudible] some people do get work like Lockheed Martin that invented these concepts in the darknet trying to find if there is something that is evolving and that into the life cycle so we could take precautionary that may prevent incidents that otherwise would happen. Host 101 is a Computer Science professor and George Mason University and hes been our guest at the committee gators. Thank you very much. This communicators and all others are available as podcas podcasts. For 40 years cspan has been providing america unfiltered coverage of congress, the white house, the Supreme Court in Public Policy events from washington dc and around the country. You can make up your own mind. Crated by cable in 1979 cspan is brought to you by your local or cable satellite provider. Cspan, your unfiltered view of government. You are watching the tv on the. The top nonfiction books and authors. Booktv television for serious readers. Up next on bikinis they examined the confirmation of Supreme CourtJustice Brett kavanaugh and the future of the court. They are interviewed by Los Angeles TimesSupreme Court correspondent david savage. After words is a weekly Interview Program with relevant gas host in