Making Security Sustainable
Ross Anderson, University of Cambridge
July 26, 2017 2:30pm, in DC 1304
Until recently we built two types of thing: things like phones and laptops that we connect to the Internet, upgrade once a month and throw away after three years, and things like cars that we don't connect to the Internet, don't upgrade and which last for thirty. Recruiting durable goods to the Internet of Things will bring many interesting challenges not just for safety and privacy but around tools, standards, maintenance, liability and business models. If Google finds it too hard to patch more than a few versions of Android, how will a car maker patch a hundred old models? What about the component suppliers, who sell to many makers? And who will pay for it all? This coming storm will engage the economics of security and dependability, and will also provide many new urgent and challenging technical research problems. It will also change security as a discipline, as safety engineering and security engineering become intertwined.
Ross Anderson is Professor of Security Engineering at Cambridge University. He was one of the founders of the discipline of security economics, and leads the Cambridge Cybercrime Centre. He was a pioneer of prepayment electricity metering, peer-to-peer systems, hardware tamper-resistance, steganography and API security. He is a Fellow of the Royal Society and the Royal Academy of Engineering, as well as being a winner of the Lovelace Medal—the UK's top award in computing.