You. Hello everyone, my name is Susiesu. Welcome to my today's talk on the transformation of diverse and information security in AIoT. Before we just start our today's session, I would like to express my gratitude to the 42 for inviting me to be here and meet all of you. Let's just begin. Here is quick introduction about myself I'm currently working as a DevOps manager and a software operations architect at signify formerly Philips lighting three years ago I have actively dubbed into AI and machine learning et cetera, which is the reason why I'm here. Look at the lecture side. In our tech industry we strive to contribute to open source a lot. So if you would like you can scan this QR code provided and you can gain my articles, tech events and speeches and also my upcoming books. The first we will talk about what does Iot mean AIoT? So actually it's just a new term. It means artificial intelligence in IoT. For example like automated vehicles like Tesla, gilmore, et cetera. And for example like smart cities. Our company's lighting is a leader industry and also the radio surveillance, monitoring traffic and smart buildings for the manufacturing. Like we take advantage like deep learning and deep neural networks for production line to do this kind of quality checks. As I said, my strength is in Iot lighting industry. So I take the relevant for example so let's imagine I visited the Black Forest recently and I captured a photo at the right side illustrative. Now I'd like to recreate the same ambience in my bedroom. Can AI achieve it? The answer is yes. So first I got this photo, black Forest photo and we need to have some conversion from image to the test all to some parameters that hardware can recognize. So far, definitely we can achieve it. For example, a couple of weeks ago OpenAI launched one of the six features. One of this is dell e three and it can support this function very well. And then we will just upload this letter e three to convert to process this photo image to the text related to these lighting parameters that hardware can recognize. Then send the command to hardware like hardware processing. Finally we applied it become this. It's quite astonishing, right? Go ahead. So second part we will discuss how AI and AIot affect our DevOps roles. I believe most of you, you are maybe either DevOps engineers. Let's go ahead. So what's the current AI capabilities? I have to tell you so far I provided the data here is quite a little bit old because I got it a couple of months ago and two weeks ago operations on the OpenAI's dive days, they launched the six features and the new data, new knowledge and a new function and a new modalities. IoT dramatically challenges the current AI capabilities. We definitely need to jump into what I say, the AGI era. What does that mean? Is artificial general intelligence era. As open AI CEO simside, he just defined AGI as a kind of median human can lets your work effectively as a coworker. So return to this topic. Yeah, definitely. In the future or in the very coming future, the AI capability will increase twice or three times than current data. I shared. So what's the current data? So AI is equal to a Google level three software engineer. If you're not familiar with Google's salary hierarchy, here it is. So for the level three Google's software engineer, they can earn like around two hundred k dollars per year. And it can be replaced right now. And AI is also equal to a qualified Stanford students. You think maybe just a yin major? No, it's a yin. 16 units seem like 16 majors. It's really super intelligent Stanford students, right? Actually over the decade we have a lot of discussion about AI. AI actually is not a new term, but did you realize this year AI become very popular and what I say is kind of prominent any time in the past years? As I said, the answer is we are definitely into the AGI era. So what does it mean actually? OpenAI's GBT four turbo, the recent model, the recent API actually can just bridge the gap between human common sense and AI capabilities. So over ten years ago, we had a prediction about AI. Yes, it's all about like telemarketers, they can be replaced easily. And also bookkeeping clubs and the competition and the benefits managers, et cetera, or receptionist. But actually this year, after we jump into the AGI era, things changed. Here is some statistics, data from very official website. Here are the ten roles that AI is most likely to replace. Unfortunately, I have to tell you, in tech jobs, for example, like coders, software engineers, data analysts, their job can be replaced by AI easily. And also media jobs. Do you remember this protest? Like Hariwun, they have contender creations. Protest for protecting their ip, right? And also the legal industry jobs. For example like paralegals, legal assistants, our market research analysis, also teachers, and also finance jobs like financial analysis and financial advisors. And also like stock traders, graphic designers, accountants, customer service agents. But for our DevOps, we will focus on software engineers. Now you may feel oh very worried about our role, our job. But what AI cannot do here it is. So AI cannot do a lot of things. But I will focus on these four parts. So first, AI is incapable of handling intricate problems. We are in the reality. So the real world case is not like one plus one equals two. It's very complex. For example, especially like big firms, developers consistently encounter real world open ended questions and challenges. Big firms, they are a Iot of departments. For each department they have a different perspective. And when they work together to achieve the same goal. And also there is an old business and focus on like a migration. We always encounter this kind of situation like a operations, because we know if it's completely new, we can do it easily. But for migration, we need to keep the zero down time for the running business, for these kind of intricate problems. So far AI cannot do it because it means the kind of multi departments, cooperations and also very little things, not just only related to technology, it's also related to the models, the business models for our customers business. What should I say is a kind of interpersonal skills, something like that. The second part is AI lacks the depth of thought. For example, like I mentioned, AI current capability can replace the level three Google engineers. But how about the level four level, the top one? I think everyone just know actually as DevOps. So we are not just only focused on the development, we focus on the operations as well. I forgot who said it. DevOps is similar like a philosopher. It's not just one piece of technology. They must know the whole picture over the entire lifecycle of a business, from the human communications and also the technologies like development operations, Linux and networking, et cetera, et cetera and so on, a lot of things. And when it comes together, it's really difficult to be replaced by AI because AI cannot do this depths of thought. For example, like the top Google engineer, they are kind of the master in our tech industry. They are the person, what I say is kind of a game maker. And they are the person to make this role. Yeah right. And also the third one, AI is deficient in critical thinking capabilities. As I mentioned, there is six features has been launched on the dev day of OpenAI. One of it is modalities and IoT means in the future, and OpenAI also maybe other AI companies, they will launch more and more sophisticated models. So it means it will affect our daily life, it affect enormous range of fields. But about this thinking model, we will be the person to choose is what I like. It's not what I like. If I need to focus on we questions. It's not my thinking model, it's not my belongs to my personality. I'm the person I question this, it cannot nurture myself thinking model. Because we as a human, we have our personal thinking model. So what should I say is one of the most important capabilities we needed to focus on? I mean, critical thinking, it means we cannot replace by AI. And I could say critical thinking is kind of for one difference between human and AI. And also the fourth one, AI strategies to engage in real world collaborations and communication, cross various departments and teams, right? For example, like a software skills, communication should be fine. But how about interpersonal skills? They didn't know how we feel. Even we use these words, right? But related to the kind of humans words or even their innation, it's really complicated. It's not like if it's just a machine, just because of your test, can understand what you really mean. So it's kind of interpersonal skills. AI cannot do. It also like leadership and being the influencer to affect others and problem solving. Yeah, this AI may be helpful, you know, for the entire intricate problems, they cannot do it. And also like teamwork. And for example, like maintaining the work ethic this AI cannot do. We mentioned the AIoT and also how affect our dev throws. But then the third one is AI security. Actually, you know, definitely in principle, not for in IoT industry. For example, like a software attack by AI, it will just let your website go down, right? Or maybe you got some financial losses. But if AI hacked IoT industry is so horrible, it means it will kill someone. It will affect individuals directly. Let's focus on the IoT industry first. As I said, AI is not new term so far. It becomes very prevalent just because the GPT four has been released in March 2023. But actually this term has been coined in 1956. So it's almost 70 years ago. What I mean is AI security, it will grow up gradually, not just so far. I give you the AI security scopes, but it definitely is coming very soon. It will be expanded, but we can learn from the traditional classification related to security, right? For example, the right side is the diagram I drawed. And here you will see information security include cybersecurity and cybersecurity and it security. They have overlap. It belongs to network security. Let's go ahead. Cybersecurity and is IoT just here. So network security, cloud security, endpoint security, application security, then Iot security. So we will extend this part a lot because as I mentioned, Iot security we must focus on very much. It will affect our lives. IoT will affect the safety of the city, the entire country or the entire world. So Iot security related to for example like 5g networks related to IoT, like Internet of vehicles Iot industrial, industrial Iot. So IoT looks like the right side is ICI is a separate incident timeline. It's a real case, some real case happened over the past thousand years, 100 years. Sorry. So first for example since the 1903 let's take one for example. So 212 there is campaign it's about the guys pipeline cyber attack. So for example like synclates pipeline. And also think about a nuclear industry. If IoT has been attacked by AI, IoT means not just one person or a few operations, they will die but it will dramatically erupt and destroy this entire city or the entire country. So horrible, right? So is the reason why we must focus on the AI security, especially the Iot industry. So here is AI security based on my personal ten years cyber security expert I defined this with my three years working experience in AI. So let's just have a look go through the whole one, two, three. The AI security because it's dramatically, not dramatically, it's kind of very different from the traditional security scopes. So first let's go to the data security. So protects AI data confidentially and integrity and availability and uses encryption and access controls to secure data storage and also anonymize the data to prevent lets. For example here is quite a new feature because take one for example like JBT. We have interaction with JBT, we send a question but this kind of question doesn't view related to our real life or is something related to our privacy. And when we nominate it even you have intact it's nothing. Yeah, Iot won't be a big deal for us. And the second privacy preservation. So what it can do to protect this privacy preservation. So for example like differentiate privacy in compresses like methods we introduce manage the disturbance or other noises into this data to safeguard individual privacy without compromising the general usableness of data. So even it has been all hacked or et cetera, we do not know. We got some noises we cannot get the general useful of the data. And Saturday the learning allows for the spreading the training procedure over various devices to prevent the disclosure of raw data, right? And the third one is traditional one information security like application cloud infrastructure, incident response, cryptography and disaster recovery, vulnerability management. All types of information security we need to focus on in AI, right? And explainability and transparency is also very important one for AI security because it can identify vulnerabilities and understanding how decisions are made and the transparent models are easy to audit to debug. For us, we are the human but IoT is just a machine. We give the data no matter what kind of things. We need some, it can be explainability and also transparent. Otherwise we do not know the machine will go which kind of a direction. Maybe it's a disaster, but we even didn't know it because it dramatically not transparent for us, right. And then the IoT security, like we have failed networks, like the self driving and the IoT, we definitely do not want the AI attacked us, right? What I say is so terrible. And human AI interaction security, like protecting user data, preventing the impersonation attacks, ensuring that AI generated outputs are not exploited by malicious purpose. Yeah. For example, we have the interaction and with Chinatip, with some model learning model and we are focusing, we are just younger, very real teenager or these kind of things, if they have been attacked, okay. And IoT has been exploited by malicious purpose. Wow, it's really horrible. It can train our children, our next generation, or even for us to kind of nurture your religion or something affect your culture and to influence you to do something very bad. Oh, it is so horrible. And then it's also special when in AI, because as I mentioned, there are a lot of modalities, like models, so many models so far in reality. And also in the future there are more and more models will be launched. So what we can do to protect this model security. It's the close things for AI security, because AI is kind of a set of various models. And so first, as adversarial perturbations, like malicious impose craft to deceive AI models into making incorrect predictions. Also the transfer attacks like reversal text that work across different AI models. For example, like red box, the black box attacks, which depend on attackers knowledge of the target, like model's architecture. For example, if your model, for example, like a business prediction model has been attacked by your competitors, and you just generated, and AI just generated a laser prediction that you go this way, but dramatically wrong, maybe just after two years you just realize, wow, it's completely wrong prediction. But you already to plays everything there. You contribute to your business, you cost the money for everything. But it's so horrible, right? Bias and fairness security. We are human around the world and with different cultures, different civilizations, different religions. It's so difficult in our daily life to do our best to mitigate a bias for this machine. Of course, they didn't know what is bias. So we definitely need to this technology techniques to identify and to reduce the bias in training data is what we view. Streamlining this machine and also fairness aware learning, so created to design models that make fair predictions across different demographic groups, different cultures, and then lifecycle security. AI is not like, oh, we just invent some software. We developed our software, one day we just terminate, we do not use it anymore, leave it. But AI model or AI stuff, you cannot just like we started coding practices and regular updates. But how about when you will determine this project, you must make sure everything proper disposal of these systems, you end this project and determinate this project. It should be fine. But if something ongoing, we must make everything sure we have the lifecycle, we make sure everything know what's the matter. Stipend the regular updates, that's quite most important part. And then regulation or regulatory compliance. If we just rely on the AI firms itself to be warm heart, to be a good heart to help the technology go the right direction is ridiculous. We cannot rely on them. We need involved in what I say, the regulations and also the legislations, for example like data protection laws, GDPR or industry specific regulations and icicle guidelines. Right. And it's the last one. But last, but not the last one. But I don't think Iot will be the last one. Definitely in the near future it will be extended human in the loop, because if there is no human view like white box, black box, we don't know what is the machine will go, will the machine will go which direction or the machine has been attacked. The machine got some threat detection, but we must have some human expertise with the AI analysis for this threat detection. And also be curious and be cautious. No matter how we call us. It's not wrong, honestly. We need to have this overall human oversight. So we have discussed the alt definition and I also give you the lighting application example in reality. And also I have shared how AI and alt affect our DevOps roles and what we can do, what I can do and what AI cannot do. We will focus on this one. And then the last but not the least, we have a discussion about the information security, the traditional classifications, and also we focus on the IoT security. Definitely. I give you the new definitions and also the scopes, different scopes of AI security we need to focus on. Yeah. So here IoT is. So I hope all of you can get a little bit inspiration from my today's talk and anything practical you gained. I will feel really grateful and you enjoy today's talk. Thank you.