Cyber Security at the Movies: Guardians of the Galaxy (Fail Secure security)

by Paul Curzon, Queen Mary University of London

[Spoiler Alert]

If you are so power hungry you can't stand the idea of any opposition; if you want to make a grab for total power, so decide to crush everyone in your way, then you might want to think about the security of your power supply first. Luckily, all would-be dictators who crush everyone who gets in their way as they march towards total domination of the galaxy, tend to be very naive about cyber-security.

Take Ronan the Accuser in the original Guardian of the Galaxy film. He's a villain with a religious streak, whose belief that strength is virtue and weakness is sin leads to his totally corrupted morality. To cut to the guts of the story he manages to get the "Infinity Stone" that gives unimaginable power to its owner. With it he can destroy anyone who gets in his way so sets out to do so.

Luckily for the Galaxy, good-guy Peter Quill, or Star-Lord as he wants to be known, and his fellow Guardians have a plan. More to the point they have Gamora. She is an assassin originally sent to kill Quill, but who changes sides early on. She is an insider who knows how Ronan's security system works, and it has a flaw: its big, heavy security doors into his control room.

Once inside his ship, to get to Ronan the Guardians will need to get through those big heavy security doors. Now once upon a time big, heavy doors were locked and barred with big, heavy bolts. Even in Roman times you needed a battering ram to get in to a besieged city if they had shut the doors before you got there. Nowadays, how ever big and heavy the door, you may just need some cyber skills to get in if the person designing it didn't think it through.

Electromagnetic locks are used all over the place and they give some big advantages, such as the fact that they mean you can program who is and isn't allowed entry. Want to keep someone out - you can just cancel their keycard in the system. They are held locked by electromagnets: magnets that are switched on and off using an electric current. That means computers can control them. As the designer of an electromagnetic lock you have a choice, though. You can make them either "fail safe" or "fail secure". With a fail safe lock, when the power goes, the doors automatically unlock. With fail secure, instead they lock. Its just a matter of whether the magnet is holding the door open or closed. Which you choose when designing the lock depends on your priorities.

Fail safe is a good idea, for example, if you want people to be able to escape in an emergency. If a fire cuts the electricity you want everyone to still be able to get out, not be locked in with no chance of escape. Fail secure on the other hand is good if you don't want thieves to be able to get in just by cutting the power. The magnets hold the bolts open, so when the power goes, the spring shut.

This is Ronan's problem. Zamora knows that if you cut the power supply then the doors preventing attackers getting to him just open! He needed a fail secure door, but instead had a fail safe one installed. On such small things are galaxies won and lost! All Zamora has to do is cut the power and they can get to him. This of course leads to the next flaw in his security system. It wouldn't have mattered if the power supply was on the secure side of that door, but it wasn't. Ronan locks himself in and Zamora can cut the power from the outside ... Dhurr!

There is one last thing that could have saved Ronan. It needed an uninterruptible power supply.

After all, what if the space ships cleaners (you never see them but they must be there somewhere!) unplug the door lock by mistake just because they need somewhere to plug in the hoover.

The solution is simple: use an "uninterruptible power supply". They are just very fast electricity storage systems that immediately and automatically take over if the main power cuts out. The biggest on Earth keeps the power going for a whole city in Alaska (you do not want to lose the power running your heating mid-winter if you live in Alaska!). Had Ronan's doors had a similar system, the doors wouldn't have just opened as the power would not have been cut off.

It's always the small details that matter in cyber security (and in successfully destroying your enemies and so ruling the universe). As with all computational thinking, you have to think about everything in advance. If you don't look after your power supply, then you may well lose all your power over the galaxy too (and your life)!