Monday, May 18, 2020

Committee Hearings – Week of 5-17-20

This week with the Senate in Washington and the House continuing to meet in pro forma sessions there are relatively few hearings scheduled. There is one markup hearing that addresses cybersecurity.

Cybersecurity Markup

The Senate Commerce, Science, and Transportation Committee will hold an executive session on Wednesday that will include markups of ten bills and 17 nominations. One of the bills, S 3712, the Cybersecurity Competitions to Yield Better Efforts to Research the Latest Exceptionally Advanced Problems (CYBER LEAP) Act of 2020, addresses cybersecurity concerns.

The official copy of the bill has yet to be published, but the Hearing website contains a link to a committee print of the bill. The bill would direct the Commerce Department to establish at least five separate “national cybersecurity grand challenges”. None of the listed challenges would address control system security issues.

Related Issues

There is one other bill being considered at the same hearing that may be of interest; S 2904, the Identifying Outputs of Generative Adversarial Networks Act. While a main focus of the bill is to direct NIST to conduct and support “research on technical tools for identifying manipulated or synthesized content” {§3(2)}, there is also similar directed interest in generative adversarial networks. The ‘adversarial networks’ would consist of competing artificial intelligence networks that would alternatively generate and detect “increasingly higher-quality artificial outputs” {§6}.

The idea of competing networks certainly seems to be an interesting way of advancing capabilities. There is an important ethical problem here though. The production of advanced networks to identify ‘manipulated or synthesized content’ would certainly be an increasingly important forensic tool, but a the simultaneous improvement of manipulation and content synthesis capability will just make the problem more intractable. Even if the legislation required the generation tool research to be classified (which the bill does not even attempt to address), the recent escape of NSA hacking tools points out that security classification only provides limited protection of potential attack tools.

I do not think that I will be providing any additional coverage of S 2904.

No comments:

/* Use this with templates/template-twocol.html */