By Oscar Sverud
STOCKHOLM, SWEDEN – We can be sure that digitalization is on every boardroom agenda. It seems like all companies look into digitalization to keep up with the competition and to create new revenue streams. However, if digitalization is not handled with care, it could spell the end of your company. The threat is real, and we’ll describe why below, but first, some background.
Reverse engineering has affected companies for a long time – either as a threat to the business, or as a means to shortcut development time. Despite what some people think, this is not something that is isolated to Asian fast growing economies. All the big, well-established companies – no matter their country of origin – buy competitors’ products, take them apart, and copy parts of the most effective solutions in order to make them their own.
It is not a coincidence that one of the more well-known Steve Jobs quotes is “Good artists copy, great artists steal”. When the competition releases a new product, all the competitors are eager to tear it down. However, while this is easy for mechanics and electronics, it’s not so easy when it comes to software (UI is, of course, the exception). Software is different; companies rarely share the source code, so for the competition the software is a black box. Prior to digitalization, the in and out data of that black box of software is mainly interfaced to the product the company sell.
With digitalization, companies often open up public APIs (Application Programming Interfaces) in the hope that third-party companies create new products and functionality based on their products. This is often quite successful, since companies receive help from others to grow their ecosystem and increase the value of their products.
With advances in artificial intelligence, the threat of software being reverse engineered has changed dramatically. For reverse engineering on hardware (mechanics, electronics etc.) the company being copied always have the time-to-market advantage, while competitors do reverse engineering, set up manufacturing, do the testing and ship, all while the company being copied have had the time to themselves improve the product and can stay ahead of competition.
With digitalization and open APIs, competitors can set up deep learning systems run on supercomputers that train and replicate the behavior of your API in days or even in hours. The trained AI system created by your competitor can then expose the same API and offer identical functionality as your own API. Research has even shown that if the API exposes trained AI algorithms, it is even possible to steal the private training data from within the AI system. Often the training data is far the most expensive part of an AI system in a narrow vertical where training data is not publicly available.
Fortunately, it is possible to avoid these types of threats (called extraction attacks) or at least minimize the impact once you are aware of the risks that digitalization introduces.
The example above is only one of many reasons that all organizations need to be kept updated on the advances in artificial intelligence. It is time to make sure AI is put on top of the agenda in your boardroom as well.
Reverse engineering is an effective way to catch up with competitors. Until recently, this has mainly been a problem for hardware companies to deal with. With the current obsession in digitalization and open APIs, together with advances in AI, this has dramatically changed. When making APIs available in the name of digitalization, you also need to be aware that you might just be making yourself vulnerable to AI extraction attacks.
Oscar Sverud is the COO of Imagimob AB, a Stockholm-based edge AI computing startup specializing in real-time edge and motion AI.