Support

Podcast: Episode #28 - Michael Weigand - From Planes to Power Plants, Protecting The Intersection of Physical and Digital

August 17, 2023

In a recent episode of the "PrOTect OT" cybersecurity podcast, CTO Aaron sat down with Michael Weigand, co-founder and chief growth officer at Shift5. The company is at the forefront of enhancing the safety and intelligence of various fleets, spanning both defense and commercial sectors. Shift5's main thrust is to design hardware and software that interacts with the intricate systems found in modern vehicles — from satellites and combat aircraft to commercial airliners. Michael mentioned that the aircraft flying in the background were a testament to the kind of machinery his company works with, notably those landing at DCA airport.

By integrating their systems, Shift5 not only ensures the security of these vehicles by preventing malware attacks on edge computers but also collects essential data. This data not only fortifies security but also aids in improving operational readiness. Through these advancements, the company aims to usher in significant cost savings and cultivate a safer environment for these machines in the broader world.

Cybersecurity and Operational Excellence in Modern Transport

Aaron and Michael Weigand delved deeper into the intricate layers of operational technology and cybersecurity. Michael's journey began in the military, where he was a cyber officer determined to shield weapon systems from cyber threats. With this objective, he co-founded Shift5, aiming to develop hardware and software solutions foundational for protecting assets.

Michael explained that many systems, whether in commercial aircraft or rail locomotives, are not adequately monitored. Existing data recorders are mainly for crash analysis, not for real-time threat detection or cyber incident response. This gap is alarming, especially since updates for these systems are often not encrypted, risking potential malicious loads.

As Shift5 delved into the cybersecurity landscape, they realized two things. First, cybersecurity is often a neglected concern until a significant threat emerges. Second, their work provided a unique benefit: the collection of never-before-seen sensor data, immensely valuable for advancing prognostics and predictive maintenance.

By training algorithms and models on this rich data, they could predict failures even if those were not pre-programmed into the system. This not only increased operational readiness but also garnered the interest of operational leaders, bringing cybersecurity and operations onto the same table. It made investing in such technology a win-win, serving both safety and efficiency.

But Michael's point transcended just the technical side. As he watched another airliner land at DCA during the podcast, he stressed a sobering reality: current commercial aircraft lack antivirus, intrusion detection, or prevention systems. Such vulnerabilities in our skies are not what he envisions for future generations, emphasizing the urgency to shield them from cyber threats.

Not Pushing FUD, But Anticipating Issues That Can Affect Transportation

Michael expressed his concerns about potential avionic hacking incidents, drawing parallels to the tragic events surrounding the MAX fleet due to a software flaw. Such incidents, he pointed out, could lead to severe economic repercussions for the aviation sector and, by extension, every individual with investments.

Aaron then emphasized the advancements in the utility sector, attributing it to clear regulations and guidelines, whereas areas like rail and wastewater lag behind due to a lack of such guidance. He touched upon the challenges these sectors face, like securing funding and dealing with outdated equipment.

Michael delved deep into the technology his company offers to address these challenges. At its core, it's a military-grade box, adaptable to multiple vehicle types from ground combat vehicles to naval assets. This edge computer gathers data, detects anomalies in real-time, and can even provide intrusion prevention. Key to its success is its modular open architecture. They collaborate closely with OEMs to customize their solution for specific vehicles.

The process is extensive: data collection, enrichment, compression, storage, transmission, and sophisticated anomaly detection. Once this data is centralized, it's decoded and translated into time series data. This enables data scientists and security researchers to extract meaningful insights, whether it's for safety, security, or operations.

Michael underlined the complexities of managing and updating this vast infrastructure, but highlighted how their specialized service and constant upgrades ensure the system remains robust and relevant, allowing teams to focus on their primary roles.

Addressing These Challenges

Michael detailed a multifaceted approach that starts with a multidisciplinary kickoff meeting. This meeting often involves various stakeholders, including chief engineers, architects, and others, to review all available technical documentation.

Michael emphasized the significance of relationships with vehicle Original Equipment Manufacturers (OEMs). Collaborative efforts with these OEMs are crucial in ensuring a smooth integration process. As the discussion continued, Michael highlighted the process of connecting sensors, obtaining certifications, and addressing data engineering challenges. Especially in commercial aerospace, certifications like the supplemental type are imperative when introducing new hardware and software to aircraft.

One of the core components of the integration process is data engineering. After setting up sensors and systems, data starts flowing in. This raw data undergoes processes like translation, normalization, and baselining anomaly detection. Moreover, collaboration with teams to develop responses in operations or dispatch centers becomes essential.

Aaron echoed the importance of not just implementing cybersecurity for its own sake but ensuring it aligns with operational needs. The challenge lies in demonstrating Return on Investment (ROI) in terms of efficiency, safety, and other metrics. Michael further stressed the significance of such measures, noting the extensive support they receive at Shift5 from a professional team.

Michael emphasized that incorporating security measures from the outset is more cost-effective than retrofitting. He highlighted the sensitivity of factors like size, weight, and power impacts, especially in the aviation sector. Early collaboration with OEMs allows for software solutions to be integrated seamlessly without needing additional hardware.

Michael shared his excitement for the tailoring process, discussing the myriad of options available for system architects. He mentioned that while their Department of Defense (DoD) customers pose the most intricate challenges, the experiences with them are invaluable. Transferring the best practices from these engagements to other sectors, such as civil aerospace or rail, has been rewarding for Michael and his team.

In their conversation, they returned to the underlying theme of truly grasping the intricacies of business. While headlines often highlight cyber risks or dramatic events like nation-state attacks, what really drives businesses is comprehending and managing their risks. One has to internalize these risks, weigh them, and truly understand their implications. This individual took it personally, saying that their reputation was on the line. They wanted to ensure the decision made was rational and justifiable.

However, there's no one-size-fits-all answer. While they might believe in their method, they candidly admitted that they can't guarantee results every time. It's possible that, on occasion, a system might already be so efficient that there's little room for improvement. But in other cases, a deep dive might reveal unexpected issues. There's an inherent uncertainty in the process, and no two systems are exactly alike.

What was particularly admirable was their genuine approach. They weren't acting like a salesperson, pitching lofty promises just to close a deal. Instead, they took a consultative stance. They believed in showing potential clients actual results, citing real-world examples. However, they also emphasized the need for potential clients to understand that success stories from one company might not directly apply to another. Each business is unique, and the value derived from one might not always translate seamlessly to another.

Listen to the Full Episode

This has been a brief summary of the discussion, shortened for brevity. For the full insights of the conversation, be sure to listen to the full episode here: https://podcasts.apple.com/us/podcast/the-protect-ot-cybersecurity-podcast/id1662081824?i=1000624794989