Singapore is pushing out several new initiatives, including a drowning detection system, as part of its ongoing smart nation drive, whilst touting the importance of an open API-driven framework in driving such efforts. It also acknowledges the country needs to do more to improve its security posture, particularly in the aftermath of the SingHealth data breach.
Compared to other global smart city projects, though, Singapore is taking a different approach by creating common, open platforms, according to Minister-in-Charge of Smart Nation Vivian Balakrishnan, who is also the country’s foreign affairs minister.
With this open ecosystem, comprising open access to data, APIs (application programming interfaces), and toolboxes, both its citizens and private sector then would be able to create and develop services, said Balakrishnan during a briefing with local media.
“It’s an integrated approach to create more relevant, responsive services for citizens. That’s where we can deliver a competitive advantage,” the minister said.
He added that Singapore was able to do so because the country operated on a single layer of government and was small enough to function as a city in itself.
Singapore needs to “up our game” in security
The open access to data, though, may potentially expose citizens to added security risks, especially since organisations still are entrenched in poor security practices, as revealed in the SingHealth data breach.
Investigation into the July 2018 security incident had uncovered, amongst others, the use of weak administrative passwords, unpatched workstations, and inadequacies in the network that allowed hackers to run bulk queries.
The SingHealth breach had compromised personal data of 1.5 million patients as well as outpatient medical data of 160,000 patients that visited the healthcare provider’s facilities.
Asked if the incident had prompted the government to relook its smart nation approach, Balakrishnan highlighted the need to first recognise that security was “a clear and present concern”, and one that was evolving.
He also noted that Singapore was subject to “very sophisticated, ongoing advanced persistent threats”, which further underscored the need to take the country’s cybersecurity strategy “very very seriously”.
“There’s no [one] final solution. It’s [an] ongoing effort. Security has to be baked into the rollout of digital services,” he said, pointing to the government’s focus on five key projects in its smart nation strategy, which included the National Digital Identity (NDI), e-payments, and the Smart Nation Sensor Platform.
The minister noted that the SingHealth breach demonstrated that humans were fallible and would make mistakes. This meant systems would need to be constantly monitored and upgraded, and skillsets also would need to be updated.
In addition, every vulnerability must be plugged, access controls should be properly managed, proper validation should be made, and so on. Efforts needed to ensure all the different components adequately were safeguarded, he said, noting that multiple loopholes needed to be aligned for hackers to break in successfully.
Commenting on the oversights that led to the SingHealth breach, Balakrishnan acknowledged: “We definitely need to up our game, but we cannot go back to paper and pen.”
Detecting potential drowning, shuttling passengers without drivers
In pushing ahead with its smart nation plan, the minister revealed several pilots that recently launched or were slated to commence later this year and in 2019.
For instance, an ongoing trial uses computer vision and recognition technology to monitor swimming pools and detect potential drowning incidents based on behavioural patterns. Alerts then are sent out to lifeguards who can respond to such incidents.
A three-month public trial involving autonomous shuttle buses also would begin next year along a 5km route on Sentosa island. This would be an extension of a previous on-road pilot, launched in June this year, along a 1km road at Tanjong Beach, also located on Sentosa.
There also were plans to launch, later this month, a mobile app for the country’s citizen account SingPass, which was used to access e-government services. Currently in beta test mode amongst a selected user base, SingPass Mobile would offer an added layer of security by allowing citizens to use the biometric feature on their mobile phones to log into their account, Balakrishnan said.
He also pointed to ongoing efforts to expand the reach of the MyInfo service, a centralised repository that enabled certain data fields to be automatically populated with the citizen’s personal information, such as passport number, residential address, and mobile number.
The service works by extracting data provided to–and archived by–the respective government agencies, as and when they were required to pre-fill forms. All SingPass accounts have a corresponding MyInfo profile.
To date, 110 government services and 90 private sector services are linked to MyInfo, including local banks and insurance companies.
According to Balakrishnan, there also are plans to release an upgraded version of the “above-ground boxes”, or AG boxes.
First unveiled when the government debuted its smart nation vision in 2014, these boxes served as all-in-one containers with power and fibre connectivity, and held data sensors from different government agencies. These boxes were touted to reduce the need for unnecessary groundwork, hence, cutting deploying time and cost.
While he declined to share details, the minister said tweaks to the AG boxes were likely to focus on their connectivity such as wireless technologies, which currently were being trialled.
The Singapore government last week laid out plans to move some of its systems to the cloud and build a suite of standardised software components to help quicken application development.
Prime Minister Lee Hsien Loong said the government would need to “reengineer” its systems and processes to drive the country’s smart nation goal, including transforming the way it developed software. Lee revealed plans for a Singapore Government Technology Stack (SGTS), which would comprise common software components used in application development.