Accession Number : AD1044876


Title :   2017 Emerging Technology Domains Risk Survey


Descriptive Note : Technical Report


Corporate Author : CARNEGIE-MELLON UNIV PITTSBURGH PA PITTSBURGH United States


Personal Author(s) : Klinedinst,Daniel ; Land,Joel ; O'Meara,Kyle


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/1044876.pdf


Report Date : 01 Oct 2017


Pagination or Media Count : 28


Abstract : Mark Weiser first coined the term ubiquitous computing, describing it as invisible, everywhere computing that does not live on a personal device of any sort, but is in the woodwork everywhere [Weiser 1988]. With advancements in miniaturization and in the economies of scale for systems-on-a-chip, Weisers vision is finally becoming a reality. Weisers vision of the future also included the difficult challenge of securing the near-infinite amounts of data generated, processed, and stored by ubiquitous devices (or in todays parlance, the Internet of Things [IoT]). This increasing prevalence of new devicesand the extent to which Americans have come to rely upon them in daily lifepresents new challenges for the vulnerability coordination community. Can the Common Vulnerability Enumeration (CVE) methodology support this myriad of devices? Can the Common Vulnerability Scoring System (CVSS) provide effective and meaningful vulnerability information as increasingly complex and interrelated vulnerabilities surface? The Department of Homeland Securitys United States Computer Emergency Readiness Team (US-CERT) strives for a safer, stronger Internet for all Americans by responding to major incidents, analyzing threats, and exchanging critical cybersecurity information with trusted partners around the world [DHS 2017]. To carry out its mission, US-CERT must be proactive, focusing on future threats and vulnerabilities amid fear and uncertainty that often result from highly publicized cybersecurity attacks. To support the US-CERT mission of proactivity, the CERT Coordination Center (CERT/CC) located at Carnegie Mellon Universitys Software Engineering Institute was tasked with studying emerging systemic vulnerabilities, defined as exposures or weaknesses in a system that arise due to complex or unexpected interactions between subcomponents.


Descriptors :   Technology assessment , transportation , machine learning , robotics , surgery , operating systems , vulnerability , personal digital assistants , mobile devices , robots , internet


Subject Categories : Cybernetics
      Radio Communications


Distribution Statement : APPROVED FOR PUBLIC RELEASE