What’s the difference between IoT Trustworthiness and Software Trustworthiness in IoT Systems?
Software Trustworthiness is only one aspect of what it takes to achieve IoT trustworthiness. Software trustworthiness is achieved when operational consumers of the software have developed a level of trust that the software enabled functionality will function as expected in normal and abnormal operational circumstances. Software needs to be resilient and of high quality. Creating high quality software requires high attention to detail, adherence to a well-defined multi-phases process that includes specification, architecture, implementation, functional testing, security testing and applying software protection techniques where applicable.
IoT trustworthiness needs to address many additional aspects such as device identity, safety, secure communication, operational in circuit functional up-gradeability as well as resilience to a multitude of attacks that comes with simply being connected to the internet. Given the sheer size of the IoT, solutions need to be automated, auditable, standardized and scalable.
However, there is a more intangible aspect to IoT and Software trustworthiness that is very hard to measure. Organizational health is a serious issue. Time and profit pressures may cause organizations to act in ways that lead to poor quality and insecure products.
End users, whether corporate or private, of IoT enabled functionality need assurance that can only come from levels of trust that have engendered over a long period of time as products and the organizations that create and operate IoT products act in a transparent, measurable and ethical manner.
Thank you Simon. I think that Software Trustworthiness and IoT Trustworthiness are entangled, at least in one direction. A lack of Software Trustworthiness can directly impact IoT Trustworthiness, especially Safety.
The recent PW 1500G jet engine software update causing a safety mishap for the A220 jet is a prime example.