Keynote: Sustainable security – an Internet of durable goods?
As we start to connect durable goods such as cars, medical devices and
electricity meters to the Internet, there will be at least three big
changes. First, security will be more about safety than privacy.
Certification will no longer mean testing a car once before selling it
for ten years; safety will mean monthly software updates, and security
will be an integral part of it. Second, we will have to reorganise
government functions such as safety regulators, standards bodies,
testing labs and law enforcement. Finally, while you might get
security upgrades for your phone for two or three years, cars will
need safety and security patches for twenty years or more. We have no
idea how to patch 20-year-old software; so we’ll need fresh thinking
about compilers, verification, testing and much else.