How Can IoT Win Our Trust?
Two leading IoT scientists, Professor Petar Popovski and Lam Duc Nguyen, Ph.D. discuss what it means to keep the human-in-the-loop, gaining (and maintaining) trust with the help of Blockchain, and what reaching consensus means for product development.
A wearable wrist device tracks a heart patient’s vitals and the data is shared directly with their doctor, processed by software that can detect abnormalities post-surgery and alert medical professionals. An autonomous tractor navigates rolling fields of crops, recording the square meters tilled over the course of a morning. A customer provides production specifications to a contract manufacturer powered by robots, which in turn develop a production plan. In each of these scenarios, the integrity of valuable data is at stake. And especially when it comes to the heart patient, the consequences of inaccurate or inefficient data are potentially fatal.
Building said solutions and researching how best to develop capabilities to manage such enormous troves of sensitive data require a built-in baseline of trust: how do we know that the data is accurate? How do we know that it is protected from manipulation? How can we track errors and mitigate glitches in the system? “To be able to trust a fully autonomous network, we would need to build it in a way that it would protect external stakeholders (data privacy and security), that would be efficient (algorithmic value and efficiency) and that we could check often, to see how and why the algorithms work the way they do…the human has to be able to understand, fix, protect, and wrestle control from the algorithm if something goes wrong. In my opinion, that is trust,” explains Nicolas Borsotto, Founder at both Archgriffin Consulting and Meetup.ai. As Borsotto illustrates: the stakes are high and the situation, a complicated puzzle.
So how do professionals approach these challenges? IntellIoT, an EU-wide research project supporting the development of the next generation of IoT devices, spoke with two researchers, Professor Petar Popovski and Lam Duc Nguyen, Ph.D., whose pioneering work seeks to answer these very questions.
Continuously ranked among top institutions worldwide, Aalborg University (AAU) is known for its strong engineering programs and close ties to industry. As the head of its Connectivity (CNT) section of the Department of Electronic Systems, Professor Petar Popovski teaches courses in communication engineering, statistics, and information theory. An expert in wireless connectivity, 5G and beyond, ultra-reliable communication, Internet of Things (IoT), and communication for distributed ledgers, he is the author of the book, “Wireless Connectivity: An Intuitive and Fundamental Guide” (Wiley Press, 2020) and is contributing his expertise to the EU-wide research project IntellIoT.
Lam Duc Nguyen is a Ph.D. Fellow at AAU with a focus on Blockchain, Smart Contract, and Intelligent Wireless IoT. His research includes the application of Blockchain and Federated Learning to enhance the efficiency of Blockchain-based IoT monitoring networks. He received the Outstanding Paper Award for his research on scaling Blockchain in Massive IoT at the IEEE World Forum Internet of Things 2020 and was a co-founder of Adu9 — an IoT-based startup. He is the Blockchain architect for IntellIoT.
The interview has been edited and condensed for clarity and brevity. It was conducted by Emily Phillips and Zuza Jabłonowska with support from Nicolas Borsotto.
IntellIoT: What does “keeping the human in the loop” mean to you?
Petar Popovski: Historically, when we talk about IoT, this area was called machine-to-machine communication. But in the end, these systems are used by humans and made for humans, so the human will be introduced at some point.
This technology exponentially increases the capabilities of humans, e.g. instead of controlling one thing, you can simultaneously control many, let’s say, agricultural machines. That increases your key capabilities and the possibilities to interact with your surroundings.
On the other hand, we would like to have the human in the loop in order to handle events that require human judgment in real-time. So, human intervention, such as whether a patient needs extra care or a machine needs some replacement. That means that the whole system should represent its state in a way that is understandable or explainable to the human. What happens in the AI field is there’s a lot of discussion about explainable AI. You can extrapolate that in the case with IoT, where you have a system with interface interactions that are extrapolatable for humans.
“That means that the whole system should represent its state in a way that is understandable or explainable to the human…the whole system has to play out in a way that can live within human time constraints.”
The final point here is — because we’re speaking about real-time and as my group does research on this — real-time for machines and real-time for humans is not the same. The whole system has to play out in a way that can live within the time constraints of a human. If there’s a delay of a couple of milliseconds, humans do not notice. But for the machines, that could be critical. So the objective is to make the human part of the critical operational system. One of the big challenges is how to adjust the timing.
“The objective is to make the human part of the critical operational system.”
Keeping the human-in-the-loop is important not only for the occasional need for a human to assess an unknown situation or fix an error, but also because humans are the reason why this technology has been developed in the first place. But considering the fact that machines can operate at a speed that humans can’t quite grasp, what are some of the challenges that Popovski and Nguyen encounter in their research?
IntellIoT: Let’s talk more about this idea of time. What are some ways that you are approaching this topic in your work?
Popovski: As you approach the generation of young 5G and 6G, there’s a lot of discussion about latency. Latency means that the wireless communication system, having low latency, gets a predictably small part of the latency budget. The rest could be used for something else, such as interaction, image compression, playing a video or whatever. But things are not that simple. It’s not always easy to offer predictable latency. So what we are trying to understand is what kind of different timing requirements can be there, with respect to variables such as whether the state of the source has changed, whether the interaction should lead to a certain type of consensus, whether there’s a future deadline, or if there is some timing error in the path of some cyber-physical system.
“Things are not that simple. It’s not always easy to offer predictable latency.”
For example, you have an agricultural machine that approaches a certain situation and then reports the situation. Based on this, there has to be a reaction, otherwise, there could be a critical system failure. We can have a system production machine where we know that if by that time data doesn’t arrive, then the whole system goes into a shutdown. We are all trying to understand what are the different timing requirements that can occur in the system? And that’s much, much broader than just latency.
Successfully averting system shutdowns is one goal for technologists. But just because a machine is buzzing along happily doesn’t mean that all is well. How can you be certain that the data collected and related by a machine truly represents reality? Is it safe to trust? Blockchain is one way to enable more security and address these concerns.
IntellIoT: What is on your mind when it comes to the topic of trust and how it intersects with the work that you’re doing?
Lam Duc Nguyen: The first reason why we need to talk about trust and transparency is, for example, in the case that people want to control a machine if something goes wrong with the output data. We need to know why the machine made the decision and how we can control the data. For example, we’re working with blockchain to provide a transparent and immutable system for monitoring and studying data.
The second one is about data privacy and security. How can we ensure the privacy of individuals? This is exactly why we need to address this topic about trust and transparency of data vis-a-vis the human-in-the-loop. How can you know that the privacy of the people can be controlled, not be hacked or have data fraud, or something like that.
IntellIoT: It’s essential to be able to trust that the data coming from, for example, a heart patient is accurate so that a good decision can be made. Why introduce something like Blockchain to help strengthen this trust?
Nguyen: Blockchain is a platform that provides transparency without any third party for the participant. Because blockchain provides transparency, everyone can check and know what happened in the network. With its immutability, no one can cheat or edit anything which is already on the blockchain. So those are blockchain’s characteristics. Because of its transparency and accountability, it can guarantee every information associated with the network and in the system. So for example an administrator or a customer can trace the progress and know what happened in their system: they can trust the data.
IntellIoT Can you tell us more about what you are doing to address these questions in your work?
Nguyen: In line with the IntellIoT project, we have a use case about healthcare. The doctor can use the patient data and apply some machine learning techniques to predict disease or heart attack in the patient’s future. So the question is: if the patient doesn’t want their data scrapped or they don’t want the doctor to use their data, they can use another option wherein the doctor can still use remote data from the patient, not the actual data.
In our group, we are also building a data marketplace so people can provide data to the marketplace, but they still keep it as their own, and they can get something for providing the data for the system, whether to a hospital or other field.
Just this past month, the EU announced its new cybersecurity initiative, the Joint Cyber Unit. The unit will gather various stakeholders to a platform both virtual and physical in order to cooperate on some of the biggest emerging security threats: cyberattacks. As our lives become more entwined with the digital sphere, so does the risk and vulnerability increase. What role does trust play in how you build a system in the first place? And are there any downsides to incorporating this?
IntellIoT: What types of trade-offs are necessary for the work that you do? Does it make things harder for you to do this?
Popovski: If you are getting the data from IoT devices or from humans, you want to ensure that they are representing the true situation, right? And truth is expensive. The truth is expensive because, for example, you’re getting information from social media and you believe that that’s true, but you have to “pay” in terms of time and energy to find out what is the real thing. Here, when we say that the truth is expensive, we mean that the devices which are providing data should not be the traditional simple IoT devices. This is what we are testing: it’s not that the device has to provide the data, but that it has to participate in a certain consensus process with the blockchain to ensure that this data is presented in a truthful way.
“When we say that the truth is expensive, we mean that the devices which are providing data should not be the traditional simple IoT devices.”
This is introducing extra overhead in the system — because instead of just sending the data once you have to participate in the process of consensus building. This has massive consequences because now we have to define the time and the latency of various stages. One is what is the latency of the data provision? And secondly, what is the latency that the data has been verified? These are two different things.
IntellIoT: If we did not include these types of secure data transactions, what could happen? Why bother?
Popovski: We are not experts in security; we are not the ones designing the cryptographic procedure and there are people that know much more about that. But what I can tell you is that what would happen is what is now happening, for example with ransomware. There are a lot of cyberattacks with ransomware.
When you receive some data or some email in your system, if it’s not verified, what is the origin? How would you trust what the email is telling you? How do you trust that the data provided by some IoT devices is correct? If this data has been faked, then it might calibrate your algorithms to work differently, inefficiently, and maybe you make a worse product than your competitor.
IntellIoT: Are there debates right now among your colleagues over the best way to go about doing this? Or is there a general consensus about how to approach these challenges?
Nguyen: Overall, there’s been a lot discovered about consensus and how to guarantee the security and privacy of data in the cryptographic system. So if we don’t want to waste a lot of energy and resources for reaching consensus, we can try to find another consensus algorithm or strategy that would not use more system resources or capacity. But it’s still a very open question. In the near future we will still have to use very large amounts of resources, the capacity of the system, to verify or validate the data.
“In the near future we will still have to use very large amounts of resources, the capacity of the system, to verify or validate the data.”
IntellIoT: What is something that you wish everybody understood about this concept of trust and next-generation IoT devices?
Popovski: If you look at the evolution of data, there used to be not so much data 50 years ago. Since then we have done everything in the communications system to provide this data. Then, we’ve got social media, where fake videos are spread much more than the original video. So if we have IoT devices, that means that there’s a lot more chance to create fake data, than real data. And so the question is: how are we going to protect that? How are we going to show what is true data?
The second important point is that right now we’re doing, for example, financial transactions. I’m transferring money to you, you’re buying something from me and so on. But if the interaction among the IoT devices should go to the next level, for example, that they provide each other with data to do learning and so on, they have to make these transactions. They have to be trusted because there will be devices paying for data, devices selling data, devices buying data, and so on… devices doing joint algorithms and making contracts. The human-in-the-loop concept doesn’t mean that the human will be involved in every step of this. But there should be things that are practical to the human, and its place in the loop gains trust.
With a consortium of 13 partners across 9 countries, IntellIoT is a pan-European research project supporting next-generation IoT technologies. Connecting experts in AI, machine learning, IoT, cybersecurity, 5G, distributed ledger technology, and other areas, the project and its resulting framework champions end-user trust, adequate security, and privacy by design. IntellIoT focuses on 3 use cases: in agriculture, an autonomous tractor; in healthcare, an AI-powered wearable for heart disease patients; and in manufacturing, DLT supported infrastructure for collaborative IoT production.
IntellIoT: We are talking about a loT of challenges about trust. How would you position what we are doing at IntellIoT in regards to those challenges?
Nguyen: The IntelIoT project provides a very good opportunity to apply what we are researching into practice, for example, in manufacturing, agriculture, and healthcare. This is a good chance for us to bring the research about current IoT connectivity and blockchain. We can apply blockchain and IoT connectivity very easily and it will bring a lot of advantages to people in different industrial aspects.
Even if the concept of blockchain, or for example, wireless LTE connectivity is very complicated for most people, they can see the evidence when they experience the system at work, for example, in healthcare, manufacturing, or agriculture. I think the IntellIoT project enables a smooth transition from theory and research to practical things and is a bridge for academic work and industrial companies.
IntellIoT will soon begin accepting applications for its Open Call. Are you part of a startup or SME whose technology solutions could benefit from joining the consortium and developing the next generation of IoT devices? Learn more about the application process here, and sign up for a newsletter to get a notification when the Open Call starts.
