Secure Milking

::: nBlog :::

A month ago I was in an IoT panel discussion organized by the Finnish Internet Forum, held in the Finnish parliament. Not least due to location, a sizeable group of MPs were participating. Opening words were delivered by Carl Haglund, head of the parliamentary future committee.

As with many panels before, the discussion quickly centered around security threats and general risks of our connected future. Televisions, personal video recorders, thermostats, washing machines – they can all be hacked and used for malicious purposes. People should learn about firmware vulnerabilities in all their devices and update them regularly, to be safe. And again we heard the ultimate argument – it might be better to be disconnected. I have a rather different view.

A peculiar example from central Finland was an automated milking machine, getting national news coverage for being hacked and used to send spam emails. A solution was to disconnect it; luckily it was only spam. Clearly the farmer was to blame. She/he should have been a certified telecom security professional, right?

Now milking is an intricate matter. I was taught the manual way 35 years ago, but we’ve since progressed a lot. Cows must have a stress-free and safe environment in order to be productive, and each cow is milked slightly differently based on its size, age and a multitude of other parameters. They have RFID tags in their ears, from which the milking machine recognizes each cow and adjusts the milking profile and tubes with millimeter accuracy. Milk amounts and structure are carefully measured, and any irregularities are reported to the farmer in real time. Intriguingly, cows very quickly learn to queue by themselves to the milking machine at the right time, after being individually fed by another machine. And they very clearly like the predictable process. A modern milk farm looks like a social club for the cows, as they roam freely in the farm complex from one intelligent machine to another.

Now back to the hacked machine and spam issue. For the machine manufacturer, the only way to do fast and effective product development is to get real data from farms, as real time as possible. Getting bigger data gives bigger results, so getting telemetry feed from all farms and machines is just a matter of time. If you’re operating with a limited or delayed data set, it is likely that your competition gets there first and outpaces you.

Of course security is important, but the key thing here is not technology, but a new business model – a smart manufacturer starts selling milking service, priced per liter or udder, per day. And – critically – the responsibility for the communication, security and data integrity is suddenly at the manufacturer, not with the farmer. This is a big step as manufacturers have happily sold fire-and-forget products for the last 100 years, with only some hindrance from consumer protection agencies.

Taking lifecycle responsibility for products is new for manufacturers, even for relatively new phone makers. However, with growing spime and service business model it is the only sustainable way. It also needs new type of thinking and leadership, and may look risky as the litigation and financing models are also lacking behind. Taking responsibility should not be a hot potato thrown to the least suspecting party (usually customer) but a source of pride for modern companies turning into service providers.

//Pasi