Keynote: Sustainable security – an Internet of durable goods?

As we start to connect durable goods such as cars, medical devices and electricity meters to the Internet, there will be at least three big changes. First, security will be more about safety than privacy. Certification will no longer mean testing a car once before selling it for ten years; safety will mean monthly software updates, and security will be an integral part of it. Second, we will have to reorganise government functions such as safety regulators, standards bodies, testing labs and law enforcement. Finally, while you might get security upgrades for your phone for two or three years, cars will need safety and security patches for twenty years or more. We have no idea how to patch 20-year-old software; so we’ll need fresh thinking about compilers, verification, testing and much else.