Market drivers continued
Securing our connected future
2
Internet of thinks: securing the brain–computer interface From our phones to our cars to our homes, we are realising the benefits of linking more and more aspects of our lives to the internet in a safe and secure manner. But what would happen if we could connect our brain to the internet? Our research team explored this and more through the emerging phenomenon of brain–computer interfaces (BCIs) – technologies that provide mechanisms for monitoring and decoding activity in the brain and send signals to the brain through stimuli. Although it sounds like science fiction, some major technology companies are already researching, developing and commercialising BCIs. There are three main types of BCI – non-invasive BCIs, partially invasive BCIs and invasive BCIs – which can be categorised according to their physical invasiveness upon the human body and overall proximity to the affected user’s brain. How could they be used? The number of potential applications and impacts on society and industry through BCIs is extensive. A couple of examples include: • Medical applications, such as alleviating physical disabilities by stimulating parts of the brain concerned with motor neuron functions to restore movement in affected limbs • Media, gaming and entertainment applications, such as content that is streamed directly into the brain through BCIs or enabling users to control aspects of a video game through their thoughts Many of these imagined applications will only be realised through advances in neuroscience and artificial intelligence or machine learning, but the significance of their potential impact on how we will live and work is obvious. What are the security and safety risks? Putting aside the exciting aspects and opportunities of BCIs, the reality is that they involve integrating technology with our brains – technology can be insecure and vulnerable to attack, so the threat model of BCIs needs to be carefully understood, particularly within specific use-case contexts (e.g. thinking one’s password to unlock a device). BCIs bring with them security risks to confidentiality, integrity, availability and safety, where they may offer mechanisms to adversely affect the operation of a person’s brain activity which could result in mental manipulation, long-term brain damage or loss of life. They also have the potential to impact individual privacy in ways that could dramatically alter our society and freedoms. Some of the specific safety risks of BCIs include complications during the surgical procedure to implant them, scarring on the brain and burns through excessive heat generated from BCIs. From a security perspective, the volume of potential threats is vast, ranging from design, supply chain and surgical impact through to removal and decommissioning.
How can these risks be mitigated? It is vital that security considerations span the entire lifecycle of a BCI, from secure design to secure and safe surgery and implant (where BCIs are invasive), secure operation and secure decommission. Ultimately, we’d encourage that principles of security by design are implemented to mitigate potential risks, but other
considerations include: • Supply chain threats • BCI interface security • Software escrow
The convergence of mind, body and technology is fascinating and exciting, with a potentially huge impact on humankind’s evolution and enlightenment, but it’s crucial that we approach BCIs with the same diligence as we would with any other emerging technology. By doing so, we can continue to realise the benefits of our increasingly connected world in a safe and secure way. ”
Matt Lewis Group Commercial Research Director, NCC Group
22
NCC Group plc — Annual report and accounts for the year ended 31 May 2022
Made with FlippingBook Online newsletter maker