People of ACM - Sandeep Shukla

December 27, 2016

You have remarked that, a decade ago, most computing professionals understood the term “embedded computing” to mean the tools and methodologies for embedding computing within physical systems, but in the last 10 years, the basic definition of embedded computing has fundamentally changed. Will you explain what you meant?

When I looked at the journals dedicated to embedded computing such as ACM Transactions on Embedded Computing Systems, or IEEE Embedded Systems Letters, I found that more than 90% of the papers were on design methodologies, and tools for optimization of memory usage, computation time, power consumption and battery sizes, and cost and area in hardware implementations. However, embedded computing has changed the information infrastructure overall. If you look at the power grid, the digital relays, the phasor measurement units, the sensors and actuators, the entire gamut of information collection, processing, and control actuation are based on embedded systems. Handheld devices have changed the way business is carried out, from classrooms to field engineering. Network devices such as routers, switches, network storage—all are part of embedded computing. If you consider biomedical devices—pacemakers, insulin pumps, and body area networking, gears carried by the military to the battlefield, automotive advances, avionics and many more—all are embedded systems. Air pollution detection and corresponding control actions, solar panels, and the corresponding power electronics-based control and conversion—all are embedded systems. So I have classified embedded systems not only in the core areas of power, area, cost, memory-efficient design methodologies, and algorithms with limited footprints, but also in these various application areas, plus space, smart grid, smart habitat, green computing, embedded computing for the developing world, etc.

Another area where embedded computing needs to converge with a pretty important area is cybersecurity. Considering the applications of embedded computing I named above, cybersecurity is of paramount importance, and during my editorship of TECS, I emphasized the need for cybersecurity and in particular its specific role in the embedded computing space in almost every issue. Usually "embedded computing” refers to computing that is embedded inside other equipment, or another artifact whose main purpose is not computing per se but computing is used to sense, measure, control etc. Therefore, it was always a concern to optimize the hardware, firmware and software for embedded computing—and hence the earlier emphasis has been on that. Now is the time to reconsider embedded computing along application lines while also keeping the fundamental problems of optimal design in the core of activities.

Are critical infrastructures more vulnerable to attacks than they were 10 years ago, and if so, why?

Data collected from various sources clearly indicate a rise in cyberattacks on critical infrastructure. According to data I have seen, between 2006 and 2012, the cyberattack reported to the Industrial Control Systems Cyber Emergency Response Team ( ICS-CERT) increased by 782%—that was an eightfold increase over a six-year period. Over the past four years it has become much worse. In October of this year, one of the DNS root server companies, Dyn, faced a distributed denial of service attack via a mirai botnet that exploited webcams, and video recorders as bots by infecting them with malware. In my view, this is because unlike 20 years ago when attackers were mostly hobby hackers, now nation-states, terrorist groups, and hacktivist groups usually make the attacks, and their goal is to effect maximum damage.

Attacking a country’s power grid (as happened this year in Ukraine and partly in Israel), banking transaction network (as happened to Turkey this year), or important industry (steel plant in Germany in December 2014) could debilitate the economy of the country. These cyberattacks are sophisticated and often seem to be the work of a large group of experts, as was seen in case of the Stuxnet worm that was unleashed on an Iranian nuclear enrichment plant in 2009. We are living in a very dangerous world, and our dependence on computing and networks has increased so rapidly that we are now living in a world where a cyberattack can debilitate a country’s economy and/or ability to respond to such attacks at any time.

Do you think academic researchers and those developing products and systems in industry exchange information rapidly and effectively, or could their collaboration be improved?

This depends on the country and academic culture. In the US, the collaboration between academic researchers in computing and industry has been successful in many cases. Many startups originate from universities, and many opportunities exist for faculty and doctoral students to spend summers or extended periods in industry and effect knowledge and innovation transfer. I think this is less common in other countries, but in India, where I work now, this is very much required. We are trying to encourage this exchange of technology, expertise, and problem definition in India as well, as that will be the key to the country achieving technology leadership. Without working on problems faced by real-world computing needs, academic research often becomes mere an exercise in producing write-only publications, which is not healthy for the country’s technology sector, which in turn is not good for the economy.

What advice would you offer a younger colleague interested in pursuing a career in embedded computer systems?

Most of computer science today can be divided into what I call high-end computing and embedded computing. High-end computing involves design and architecture of servers, high-speed computation, effective deep learning machines, and other computing devices needed to calculate, simulate, render virtual reality, etc.

Embedded computing is the most pervasive of computing machinery. It is everywhere , from the inside of your smartcard that you use to get into your building, to the computing and communications involved in trains, planes, rockets, and cars, and many other objects.

High-end computing is very exciting, but it does not require the millions of engineers that the embedded computing world needs now. It is therefore a great career choice from a job security point of view.

However, my advice to any young colleague would be to do research and innovation in embedded space in such a way that it can be useful in real and future products. We are in a world where innovation will produce industry, jobs, and further innovation. Robotics is part of embedded computing, and robotic replacement of workers in factories, warehouses, driving, and many other fields is coming—but that does not mean that there will be no jobs.

The job of innovation will be here, and thus my young colleagues with their fresh minds should get more focused on innovating solutions to real-world problems. To those who are hung up on solving “fundamental problems,” my advice would be: solve real-world problems and you will face many fundamental problems. Just because a problem is abstract does not make it a fundamental problem. A problem is fundamental only when it appears over and over again in solving many real-world problems. So I would tell them not to confuse the fundamental with the abstract. This would of course require a change in our publication-only culture in academia. We must create an environment in which innovation gets primacy, and publication is only a vehicle to disseminate innovation. Thus publication is important to record and disseminate, but the goal should not be to get another publication but to have a publication as a byproduct of innovation.

Sandeep K. Shukla is a Professor in the Department of Computer Science and Engineering at the Indian Institute of Technology (IIT), Kanpur. He is the Editor-in-Chief of ACM Transactions on Embedded Computer Systems (TECS), and an ACM Distinguished Scientist. His specializations include cybersecurity of critical infrastructures, formal methods, formal verification, model-driven engineering and software synthesis.

Shukla’s numerous honors include receiving the Ramanujan Fellowship from the Science and Engineering Research Board, Government of India, and the Presidential Early Career Award for Scientists and Engineers from the US White House. He is working with his colleagues at IIT to develop a research center on cybersecurity for critical infrastructures.