Safety and Security – You can’t have one without the other?

“Love and Marriage”, Safety and Security”? I have long believed that safety and security will begin to merge: how can you claim your car is safe if it can be hacked? Although security does not need safety – I need my mobile phone to be secure but I do not use it for any safety-related activities.

My concern has always been how the regulatory authorities would handle such a move. For example, there are a number of standards regulating the safety of medical products but which security standard should they adhere to? Also, most safety standards use pre-market inspection to determine safety whereas security is likely to require regular software upgrades.

I would highly recommend this paper “Standardisation and Certification of the ‘Internet of Things’” as a well-written analysis of the issues