The purpose of this article is to explain the relationships (dependencies, interdependencies, interrelationships, benefits) between Data, AI, Cybersecurity, Cloud, IoT and Blockchain, and to understand their consistency. The link between all these fields leads us towards a new convergence which makes possible their interoperability, their security and their standardization.
We thus provide a summary of the state of the art and we also present an inventory of standardization, methods and actors in the field, as well as the use cases identified in the literature.
Why and how can we think of the “convergence” of Data, AI, Cloud, Blockchain, IoT and Cybersecurity? What types of relationships do these technologies have? How do these relationships operate? For what final benefits?
There is indeed a link between data and the digital systems that collect it, categorize it, store it, secure it, analyze it… but what are these links? All these sub-domains constitute proven technologies, autonomous and usable exclusively, the Cloud hosting is sold without solution of monitoring of the network or monitoring of intelligent terminals for example. The platforms of artificial intelligence, do not propose solutions of the type “Blockchain as a service”, or systematically cloud infrastructure. So where are the spheres of inclusion, cooperation, interrelationship of all these sub-domains?
So why and how could we envisage “convergence” on a functional, technical or usage level, when we articulate Data, IA and Cloud for example? What links can Data, AI and Cybersecurity have? What relationships exist between Data, Blockchain, IA and Cybersecurity? Ditto between Data, IoT and Blockchain?
In the beginning, The Data…
The driving force behind digital innovation projects in industrial organizations is the desire to break down silos. Silos that exist both between the departments and the management of an organization and with those of their ecosystem. The new challenge is that these digital innovation projects now create open, transparent, interoperable spaces for cooperation and de-pilot, decompartmentalize the company from its hierarchies, its technical barriers, its protocols which cannot communicate and / or exchange information. data easily.
To do this, we believe it is urgent to take into account the interdependencies of Data, AI, Blockchain, Cloud, IoT and cybersecurity. This new convergence should lead the industrial strategy to adopt a holistic approach to the implementation of the various state-of-the-art digital technologies.
Data is initially like “Alpha”, it is the precondition for the existence of Artificial Intelligence as we know it today, based on the techniques of machine learning and deep learning.
Most of the time, data is compared to “oil”, to a new “black gold”, to “fuel”, to “digital fuel”, to “energy” (often fossil) that transports and activates a system that processes information. Our analogy is a little different and is articulated according to the metaphor of the human body: evolutionary, perfectible, vulnerable, fallible, resilient at the same time. This parable allows us to conceive of the data in the image of blood, this vital fluid which irrigates, innervates, distributes in all parts of the body, and diffuses, transports active oxygen to articulate all organs and functions, forming an organized, animated and functional whole.
Human organs are instruments which fulfill precise, “bio-logical” functions but which depend on the blood flow flowing through the veins and arteries which supply them, otherwise the organ is without function, without action and it dies.
The lung, the heart, the intestine cannot exist without the millions of red blood cells which circulate there and cross them. It is the same for the data and for the functioning of the artificial intelligence, in our ‘living’ and ‘functionalist’ metaphorical perspective.
Indeed, current AI developments are essentially based on so-called Machine Learning and Deep Learning (deep learning, thanks to multilayer convolutional neural networks) techniques which require the use and exploitation Big Data to function well.
Data is comparable to red blood cells and / or white blood cells and vital organs are functional information processing mechanisms, intelligent devices, like automatic analysis and automatic categorization functionalities. delivered by bricks, in artificial intelligence solutions and platforms (here we avoid the overused “brain / AI” analogy).
Indeed, it all starts with Data, in a data-centric organization, data is the primary and permanent asset, and applications come and go. A data architecture model precedes the implementation of any software application. It is the creation of the data heritage. A data architecture is put in place to ensure a common repository, a single source of truth with all customer, supplier, product and market data. This is the approach to master data management. The data once processed, cleaned, analyzed, transformed into information, allows humans to make decisions, complementary to the decisions taken by the self-learning algorithms of artificial intelligence, itself fed by massive data flows.
Data and “trusted” Artificial Intelligence?
AI represents a major stake for all sectors, because its applications are multiple, for example in industry (predictive maintenance), health (aid in diagnosis and therapeutic treatment), on-board systems, e-commerce or digital security. It cannot therefore fail to raise fears and questions, sometimes of an ethical nature.
An AI-based system must be auditable, explainable, with a view to informing users (or designers) of the properties or limits of its operation, of its choices or reasoning relating to the decision it uses.
“Auditability” is also a central concept, especially for autonomous systems, which make it possible to understand and correct “a posteriori” a decision error. Finally, other technical properties must also be taken into account such as reliability, in which we will notably include the concepts of robustness (namely the evaluation of the ability of the system to provide correct answers including in the face of unknown situations. or malicious intent), controllability (i.e. ensuring that the system does only what is expected of it and nothing else.
Achieving critical AI-based systems requires drawing inspiration from and enriching classical engineering (data and knowledge engineering, algorithmic engineering and systems engineering). It is necessary to be able to ensure that the system conforms to the needs and constraints of the client, to define methods and tools to secure all the design phases, but also to guarantee properties such as reliability, security and cybersecurity, and “maintainability” of the system and this, throughout its life cycle.
The industrial challenge is therefore to equip the entire “AI engineering” process from start to finish, taking into account the algorithmic, software and systems dimensions, but also those of data and knowledge, in order to emerge the foundations of “trusted AI for industry”.
The french government, thanks to its offensive strategy on the financing of innovation, launched the program “Grand défi”, chosen by the Innovation Council and financed to the tune of 120M € per year by the Innovation Fund and industry, which aim to respond to societal challenges in strategic areas requiring the removal of technological barriers. The Grand Défi IA aims to ensure the transparency and auditability of autonomous systems based on artificial intelligence, on the one hand by developing the capacities necessary to observe, understand and audit their operation and, on the other hand, by developing approaches demonstrating the explicable nature of their operation.
With 45 million euros of funding over four years, their program called Confiance.ai “is the most important technological research program of the national AI strategy”, notes Julien Chiaroni, director of this great challenge for the French General Secretariat for investments (SGPI).
If research and industry will collaborate, the objective is clearly industrial. Confidence.ai must provide tools, processes and methods at the industrial level to ensure that AI systems meet the criteria of confidence, including security, reliability and explainability. Finally, industrialists and researchers should join a third type of actor: start-ups and innovative SMEs. A call for expressions of interest was launched for them on July 9, 2021.
“Data centric” approach to Blockchain and IoT.
Blockchain provides an immutable data recording and storage environment for “transcribing” any transaction between multiple stakeholders. Recording transactions with smart and connected devices creates traceability, increases security, and builds accountability and trust. The Blockchain supports the security and sharing of data resulting from analysis performed by algorithms through its authentication protocols and its ability to make data immutable.
In the blockchain, the following issues constitute the major issues:
Interoperability: ensure that the various blockchain and DLT protocols and platforms can exchange data and communicate transparently with each other;
Governance: Good governance practices and standards for blockchain projects as well as blockchain consortia working on decentralized platforms;
Identity: Promote a common identity framework and / or an interoperable identity between different protocols and blockchain platforms;
Security: Ensure secure operation of the various nodes, networks and services;
Smart Contracts: Support best practices and standards to ensure that smart contract technology is safe and secure.
The issues of normalization and standardization are crucial for the massive adoption of Blockchain. We must continue to cooperate with the relevant supranational and sectoral organizations to develop blockchain norms and standards which include ISO (in particular ISO TC307), ISO / IEC JTC1 and ITU-T or even with INATBA: which heads a working group, the International Association of Trusted Blockchain Applications.
The convergence of all these areas of AI, Blockchain, Cloud, IoT, cybersecurity revolves around a “data-centric” approach that creates the logical, functional and technical links between them.
This is how data feeds information systems and artificial intelligence enables their control. The IoT generates data thanks to connected sensors and their interactions, the Blockchain transfers and distributes secure data, deemed reliable and incorruptible, tamper-proof.
As internet-connected devices become smaller and more ubiquitous, their ability to capture data exceeds the ability of humans to be aware of their activities (in data capture). The devices collect information such as voice, geolocation, ambient temperature and ambient lighting to improve the user experience.
Data confidentiality and security are major issues for the IoT: although handled by authentication mechanisms such as encryption and security certificates, these mechanisms are evolving in the IoT, because the devices are mobile, with data stored in the cloud. AI techniques can be used to keep communications private when routing paths change dynamically and when a third party stores the data.
For example, automatic learning machines have been adopted to distribute secure certificates to moving vehicles, and artificial immune system algorithms have been adopted to safely self-organize ad hoc wireless sensor network connections (Wireless Sensor Network) to serve mobile gadgets.
Finally, the essential standardized protocols are starting to emerge such as the SCHC which attacks the headers of the usual Internet protocols (IP, UDP and CoAP), which contain various information: address of the source, the destination, the location of the Internet. the data to be read. The particularity of this method is to take advantage of the specificity of the IoT: a simple connected object, such as a sensor, has far fewer functions than a smartphone. It is then possible to anticipate the type of data sent. The SCHC compression standard has been validated and promoted by the Internet Engeeniring Task Force (IETF).
Data, AI, Blockchain, Cybersecurity and Cloud.
The hardware and software devices of cybersecurity secure data and ensure its formal integrity. Cloud computing makes it possible to host data sets and artificial intelligence algorithms. The main challenges of the Cloud are based on the necessary implementation of a secure, sovereign and open technical infrastructure on a European scale.
The Gaia-X project and its essential components respond to this, as follows:
Data sovereignty, that is, complete control of data storage and processing as well as control of access to data.
Use of open, understandable and secure technologies, including use of Open Source principles, in an open ecosystem.
Decentralized and distributed data processing (Multi-Cloud, Multi-Edge or Edge-to-Cloud) in order to achieve economies of scale.
Semantic interconnection and interoperability – based on standards – at network, data and service level – in particular, interconnection of “Cloud” and peripheral environments.
Independence and automation of the certification of participants in the GAIA-X ecosystem as well as the completion of participation contracts and their compliance in terms of IT security, data sovereignty, service agreements and framework contracts.
Provision of all the central services necessary to guarantee security and user-friendliness of the operation (eg authentication).
Self-description of the nodes of the Gaia-X system aiming to promote transparency but also the development of new business models and applications between different participants (eg data distribution or services).
In our conception, humans occupy a preponderant place, alongside cyber-physical systems.
Shortly before the advent of Industry 4.0, Wang (as early as 2010) already noted the lack of consideration for human factors in the development of Cyberphysical Systems. This is why he proposed the concept of “Cyber Physical Social System” (CPSS). With this concept, he recognizes the importance of taking human factors into account in the design of systems and their architectures. In order to support it, the notions of physiological, psychological, social and mental spaces have been added to those of cyber and physical spaces (Liu et al. 2011; Shi and Zhuge 2011).
In a context of growth in cyberattacks, security incidents, their media coverage and the awareness of both companies and individuals of Cyber risks resulting in a gradual increase in certification obligations (ISO 27001, etc.) and demonstration of proficiency (pre-sales and referencing safety questionnaires) and more generally a growing need for trust, often supported by a convincing demonstration of compliance (certifications, labels, due diligence, questionnaires, referencing).
As the cyber threat landscape continues to expand, we need advanced tools and technologies that can help detect, investigate, and make decisions faster for emerging threats. AI has the potential to intelligently analyze and automatically categorize large amounts of internet traffic.
The cybersecurity of critical infrastructure (oil, gas, electricity and nuclear, water, etc.) is also one of the major challenges: it is about protecting the assets that fundamentally support national security and society. Thus, safeguarding critical infrastructures is essential, because the activities and daily life of people depend on their availability and their integrity.
The role of cybersecurity in critical infrastructures is mainly associated with securing SCADA (Supervisory Control and Data Acquisition) systems. These are the main infrastructure control systems (made up of compute nodes that communicate with other nodes). SCADA systems typically reside on the organization’s operational technology networks.
Conclusion
We come to the end of our article in which we were able to show the relationships of dependence, interdependence, the cumulative benefits between Data, AI, Cybersecurity, Cloud, IoT and Blockchain. This gives rise to a first overall understanding and overall coherence, which makes all the “link” between these technologies and complementary digital fields.
Thinking about this new convergence must make possible the interoperability, security and standardization of the aforementioned technological fields. Because there is indeed a link between data and the digital systems that collect it, categorize it, store it, analyze it, secure it.
These converging technologies are mutually reinforcing and must be approached in a holistic way. Focusing on the advancements of a single technology does not explore the full range of applications it could have on businesses. Their interactions will increase exponentially as they mature and become more complex and as other disruptive technologies are adopted by businesses as well.
As a reminder, in a data-centric organization, data is the main and permanent asset, and applications come and go. A data architecture model precedes the implementation of any software application. It is the creation of the data heritage. A data architecture is put in place to ensure a common repository, a single source of truth with all customer, supplier, product and market data. The data once processed, cleaned, analyzed, transformed into information, allows humans to make decisions, complementary to the decisions taken by the self-learning algorithms of artificial intelligence, itself fed by massive data flows.
Therefore, data feeds information systems and artificial intelligence allows control. The IoT generates data thanks to connected sensors and their interactions, the Blockchain transfers and distributes secure data, deemed reliable and incorruptible, tamper-proof. The hardware and software devices of cybersecurity secure data and ensure its formal integrity. Cloud computing makes it possible to host data sets and artificial intelligence algorithms. And humans retain a preponderant place, alongside cyber-physical systems.
This is how the convergence of all these technological fields occurs in the digital age, within the framework of a “data-centric” approach which thus makes it possible to create, as we have seen, the logical, functional and technical links between Data, AI, Blockchain, Cloud, IoT, cybersecurity.
Related
This post is also available in:
FR (FR)