In the 1930s, British polymath Alan Turing described a “universal computing machine,” a device capable of performing any computational chore. His idea underlies the versatility of virtually all modern computers – servers, laptops, tablets, phones, and other devices that can run almost any program – and our very conception of what a computer is.
But this far-reaching versatility brings vulnerability, says SFI External Professor Chris Wood. An attacker who gains access to a general-purpose machine can exploit its broad computational abilities to accomplish nefarious ends. As more devices go online – through cloud computing, connected cars, and the internet of things, for example – security becomes an increasing threat and challenge.
“The more general-purpose computers we put on the open internet, the more serious the threat becomes,” says Wood.
But what if we rewind the tape of history? Is there another sequence of events that would head off such security worries?
If computers had instead been developed as specialized devices, each programmed to do specific tasks, then perhaps they’d be less vulnerable to attacks. In such an alternate history, says Wood, the damage from a hacker who commandeers a single-purpose device would be limited. Contemplating this alternate history might help inspire better security measures.
“How can we create the security advantages of such an alternate history now without losing the advantages of our general-purpose devices?” he asks. To explore that question, Wood has invited representatives from tech companies, government agencies, and academic institutions to a November 14-15, 2016 working group at the Institute. The meeting, “Circumventing Turing’s Achilles Heel,” will focus on improving the security of computing systems having a specific range of functions that require continuous connection to the internet.
Wood’s research interests have included the relationships between the structure and function of information processing devices, both natural (like brains) and artificial (like computers). This working group is an extension of those interests into computer security.
He hopes the meeting will provide leaders in the field with an opportunity to explore novel strategies for boosting security in an age of increasing risk.