The robotic production line is churning along just fine when Kevin Jones plugs a USB stick into the control computer. In seconds, the conveyor belt speeds up, throwing metal and plastic parts all over the place. A virus in the stick has prompted the control system to go haywire, but not for long.
Your dashing correspondent – entirely untrained in control system security – dons an augmented reality visor and gets to work. The headset shows a virtual panel floating above the hacked device which offers me information on the attack, the IP address of the device and a “restore” option. I punch it with my index finger and the worm is wiped.
Welcome to the augmented-reality “IT help desk”. AR lets workers channel specialist skills right into their field of view, helping them solve problems they couldn’t handle alone. A team led by Jones, who is head of cybersecurity research at the Airbus research centre in Newport, UK, designed the system to protect their aircraft production lines from attack. But they’re planning to put it on the open market to help workers athospitals, water treatment plants and fuel refineries, for example.
Airbus envisions the system, which uses Microsoft’s HoloLens, as a fast way for factory workers to pull in expertise to deal with attacks like– the joint American and Israeli worm that wreaked havoc on Iran’s nuclear centrifuges in 2010.
“Stuxnet was the first time we really saw a very sophisticated, targeted, advanced threat against an industrial control environment,” says Jones, noting that it is relatively easy for attackers to constructwith existing software tools.
Airbus’s system works by scanning for anomalies in the networks that control its production lines, as well as behavioural changes in its machinery. If it finds any, it alerts the security team. That team quickly finds a fix for the problem, and instructs local engineers. In a plant where there may be hundreds of controllers or servers stacked to the ceiling – Airbus thinks augmented reality headsets like HoloLens will make it easier to find a fast solution.
“We can significantly reduce the time it takes people to see what has been attacked and mitigate the threat,” says Jones.
Better ways of battling cyber threats with novel interfaces would be welcome, says Jay Abbott, managing director at Falanx Cyber Defence in London.
“If you forget everything you know about how to interact with a computer and their limited visualisation capabilities, then augmented reality and haptic touchy-feely interfaces make complete sense,” he says. “This has to be the direction of travel for the security industry – it will make remote support and operation more intuitive and more efficient.”
One thing security engineers are always wary of, however, is what has become known as “security theatre” – cool-looking ideas that do little to add real security. Jones says that is not the case here: the speed improvement they have seen using AR is real, he says. Airbus plans to quantify the advantage in trials later this year.
More on these topics: