A Big Challenge Safe products in the IoT era

摘要

Professor Ross Anderson and his colleagues have investigated which measures are necessary to combine traditional product safety with the advent of the IoT. They did this on behalf of the European Commission. The EU is working on new legislation to ensure product safety in the future. They asked Anderson to identify what is necessary for this. Anderson, a professor of security engineering at Cambridge University, carried out the study with his colleagues Eirann Leverett, Senior Risk Researcher, and Richard Clayton, Security Researcher. The report with their findings was published in 2017 [1]. Anderson and his colleagues concluded that we still have a long way to go. The crux of the issue is that the way we ensure the safety of physical products is fundamentally different from how we ensure the safety of digital technologies. Products are tested and inspected before they are put on the market, and this is assured by a safety certificate or an approval mark. If there are significant changes to the product, it must be certified again. By contrast, the safety of software is essentially dependent on changes. Software is constantly monitored and regularly revised with patches and updates. Anderson addressed this in more detail in a presentation on their study at the Chaos Communication Congress (CCC) in December 2019 [2]. He called this the ‘trilemma’ of IoT products. If you stick to pre-market certification, you cannot modify your software, which means your product is unsafe. If you modify your software, you lose your certification. And if you combine certification with updating, which means going through the certification process again after each software update, the costs go through the roof.