Earlier this month, at the invitation of theĀ US-China Economic and Security Review Commission, I submitted written testimony and subsequently testified at the China, the United States, and Next Generation Connectivity hearing regarding IoT Systems risk mitigation forĀ institutions and cities as well as considerations regarding 5G deployments on the same.
A copy of the written testimony is here. A transcript of the oral testimony will be available in the next weeks.
The testimony discussed potential benefits of IoT Systems for US government, cities, universities, other institutions, and companies. It also discussed risks to those same entities from IoT Systems implementations. The risks discussed include:
- Supply chain risks
- Poor selection, procurement, implementation, and management of IoT Systems
- Lack of institutional governance and lack of awareness of social-technical issues in IoT Systems deployments
Prior to the testimony, I was asked how the US government could help. I suggested these four areas in the testimony:
- Standardized provenance vetting and reporting for IoT device components
- Support for increased US labor force training in Operational Technology (OT) skill sets
- Support for development of institutional and city IoT governance frameworks
- Support for data ethnography and socio-technical research and application in context of IoT Systems
The testimony also included comments on supply chain risks:
As well as aspects previously discussed in this blog such as the ability of an institution or city to manage their IoT systems:

where the wild things are [reference to Sendak]