'It will go wrong. There's no question of time... on safety or security side'
Cheerful chap writes off all mission-critical IoT software without realising it
"Software comes with two unique properties: it's basically impossible to inspect and test, and we don't know the sequencing of instructions at the basic level," Statoil's lead analyst for corporate IT digitalisation, Einar Landre, told today's IoT Tech Expo in London.
Giving an engineer's perspective on mission-critical systems, Landre – a Northman from the Norwegian state oil company – ran the audience through a quick overview of safety systems then and now.
Looking at the Apollo Moon rockets of the late 1960s, he said: "You programmed it by throwing switches!" contrasting it with today's software-powered systems – and the 1996 Ariane-5 rocket explosion, where a common mode failure related to a conversion from 64-bit floating point to 16-bit signed integer value caused the $500m spacecraft to veer off course and explode long before reaching orbit.
"We need standards," continued Landre. "The most important thing is that we approach things with an evidence-based safety and security approach. We can't test it... but we can understand the threat factors and see what we can do to make it as safe as practicable. There will always be something that goes wrong, but it will give us an approach."
Although Landre seemed to be using the word "test" in the way that a mechanical engineer would understand testing a gearbox by applying a known input force and seeing whether the predicted output force matched reality, his comments on the human factors were the most insightful.
A French academic in the audience took exception to Landre's assertions about testing, however, and stood up to correct him. "I saw that you really put a high focus on safety and security in software. I know from the research we do, we demonstrate the software is safe and secure."
He then asked, how does research into safety and related topics such as human factors "spread into the industry for the bits that need it? We know nuclear and planes are using it, but do we think people from IoT will have interest in using this?"
"We move it to industry and you can say, 'Yes, IoT is more about software than things.' OK, how do we make trustworthy, safe and secure software? That needs to be addressed," declared Landre. "It will go wrong. There's no logistic question of time. It's both on the safety side and the security side."
Despite his evident hesitation towards software, Landre was also insightful towards the not-so-obvious pitfalls of increased automation and adoption of machine learning technologies.
"We can use software to offload and support human operators," he said. "But we have to do that and understand second and third-order failure effects. What happens if this goes wrong, how is it propagating? And of course, at the same time as we can use cognitive computing, the cognitive functions come with their own complexity. We have to verify that this algorithm does what it should."
Another questioner followed on: is it more important to have onboard intelligence – say, in an airliner – than having systems that communicate?
"I think so, yes," said Landre. "The machines will have their software more embedded into them."
Although the impression was that software will get absolutely everywhere, two questions from the audience quickly jerked the audience back to reality.
An oil and gas control engineer stood up. "I have invested in state-of-the-art control systems. Where does this IoT [sic] fit in?"
Landre played for time. "When we do new builds, how can we add additional instrumentation? We also look into how we can modernise all the assets. It's an enormous effort, an enormous challenge. I think that in this scenario we can add more sensors and make more smartness but it's a long journey in an industry that is extremely conservative."
Another audience member took the mic. "How prevalent is takeup in oil and gas?"
"It depends on what you call IoT. I think that in many ways, as with other heavy industries, it's a laggard when it comes to digital technologies," confessed Landre. It's a notable feature of the IoT world that while there's definitely no shortage of people hawking their wares at industry – from big dogs such as HPE right down to startups – there is a distinct shortage of case studies in the crown jewel, the factory setting.
It's almost as if real engineers look at industrial IoT offerings and say to themselves, “Nah, we've been working perfectly well without all that guff, why bother?" ®