CEOs Discuss Security and Safety Issues at ElectronicaJanuary 09, 2017 by Roland R. Ackerman
Security, safety and the protection of data and systems are gaining in importance. This is evident in many massive threats companies have to deal with;
Security, safety and the protection of data and systems are gaining in importance. This is evident in many massive threats companies have to deal with; numerous attacks demonstrate the vulnerability of entire branches of the economy. Thus the development of strategies and protection mechanisms against all these threats is of paramount importance.
Consequently, especially with 5G and the autonomous car coming up, the traditional CEO roundtable discussion during the opening day of electronica 2016 had a strong focus on the topics safety and security this year. Kilian Reichert, the moderator, placed the initial questions: Who are our enemies? What are the problems, and which chances do we have to overcome the threats?
Rick Clemmer, President and CEO of NXP, opened the discussion, stating that "it´s the development of future autonomous cars, that will ensure an ever increasing level of security. Accordingly the applications, not the components or the technology play the important role in this context, plus the steady demand for more convenience – they altogether are doubling the complexity plus the need for more security of data transmission. These are the most important trends, even more than the ubiquitous digitalisation. And, don´t forget: Safety and security are a part of the total solution, not hardware or software alone."
Carlo Bozotti, CEO of STMicroelectronics, added: It is also conversion. The objectives are the same all over the world, be it Industry 4.0 or China 2025, the IoT or Industrial Automation – security and safety are prerequisite for the implementation and the merging of all this programs. Distributed islands of solutions and their cooperation will be central for the future architectures, no longer the network, to increase productivity, reliability, efficiency and flexibility of the industrial landscape.
"Connection density increases ten times, as well as the proliferation of connected devices – and each one can be a door for attackers. So we must protect the overall applications. "
"Yes, smart solutions will be crucial to guarantee security", confirms Stefan Auerbach, Member of the Management Board and Group Executive Mobile Security of Munich-based Gieseke + Devrient. And in his opinion software will be more decisive than hardware.
Replying to the statement "The more connected we are, the higher the risk", Professor Frank H. P. Fitzek, Deutsche Telekom Chair of Communication Networks of Technical University Dresden and 5G expert, commented: "The networks are not the risk, but the solution. End-to-end security and centralistic approaches are obsolete. We are not fast enough inside the networks. We must take the holistic approach including e.g. connectivity, too, not just the single device."
Dr. Reinhard Ploss, CEO Infineon Technologies, confirmed: "We can react. Firstly hardware devices have to behave as we expect. The architecture of the hardware must be sure – how can we manage in the overall system? For instance in the car there is an increasing need that each group has to provide the required level of high security – so the solution goes in horizontal as well as in vertical direction. It has to be hardware, starting on the chip level, and the software in all aspects." He continues: "IT security must be split in two ways, a.) we must harden the car or the systems and shield them against any attack, and b.) we must ensure zero defects and cannot allow any failures."
As we are confronted with all kinds of attacks, complements Prof. Fitzek, from school kids hacking computers up to even states aggressing companies and networks (he revoked on Stuxnet), we have to make sure, that every part, components, computers, networks, work 100 per cent sure. So it´s the technology itself. "We need monitoring all over, and more investment in the global market." Carlo Bozotti proposes three levels: silicon, devices/systems and the internet. Where he sees the system level as the most dangerous one, which stands for "attacking from above". Rick Clemmer recognises even cultural differences: In Europe engineers are securing information, in the US they are protecting the systems from being hacked, and in China the government decides what is to be protected.
We must not forget, notes Stefan Auerbach, that a lot of secure hardware is already available an in use. SIM cards, which his company offers, are very safe. "We deliver 5 billion cards every year, increasingly embedded. They themselves are not hacked, only – if at all – the system around them. And now it´s our task to bring these components into the IoT arena. Also for 5G we don´t have to reinvent the wheel. We have learnt a lot about cryptology and can apply it accordingly."
Prof. Fitzek duns an intelligent approach: Not designing and then checking if everything is protected; safety and security, or e.g. latency as aimed at, must be in the design from the beginning. Dr. Ploss agrees: We need safety by design. Even the politicians can help, funding projects like Industry 4.0. But what happens with already existing installations like 4G, products and software, or machines of different providers exchanging data, and bringing all the technologies together? One approach are decentralized networks, says Fitzek. Labelling was not seen as expedient by the discussants, as the users will not understand or accept it. But branding: The companies will take every effort to take responsibility, protect their brands and increase trust and awareness.