Addressing the issue of product liability in a connected world
According to a report by the National Safety Council, there were more than 40,000 motor vehicle fatalities in the U.S. in 2017, 90% of which were the result of driver error. However, it may soon be possible to replace fallible human drivers, all too often subject to distraction, with autonomous self-driving vehicles.
The benefits of this are considerable. The University of Florida’s Professor Peter Hancock suggested that eliminating this capacity for error could save more lives in two years than were lost in the entire Vietnam War, while KPMG estimated that crash frequencies could drop by up to 80% by 2040.
And when these vehicles arrive, they will bring a wealth of valuable data with them.
New and emergent infrastructures such as the internet of things and 5G are being viewed by businesses across all industries as opportunities for driving new business value, of which the development of driverless cars is but one example. According to Intel, autonomous cars alone could provide a $7 trillion boost to the economy over the coming decades.
But it won’t necessarily all be smooth sailing…
Technology failure used to be little more than an annoyance. Today, however, the failure of an IoT device can have potentially serious life or death consequences, which can’t be fixed by a simple reboot. An autonomous vehicle responsible for a fatal accident can’t just be dusted off, restarted and put back on the road.
As a result, liability and the allocation of responsibility are now deeply intertwined with applications and service dependencies. The continuous addition of moving parts, such as the thousands of microservices that touch millions of sensors through the IT infrastructure, is making the relationship between these dependencies increasingly opaque and the need for visibility without borders using the power of smart data more strategic.
Liability and risk
While most businesses welcome digital transformation as a way of improving their operational efficiencies and customer experience, its inherent complexity now makes the potential for harm that much greater. There are very real consequences when new, sophisticated IT architectures and systems unlock access to new data frontiers; enterprises may achieve greater speed and agility, but there is the potential for more to go wrong.
The Center of Democracy & Technology noted in a report that the piling up of software defects in emerging smart technologies can put the commercial viability of enterprises at risk, not to mention the well-being of the people that use these technologies. As these technologies become ever more ubiquitous, this issue will only become bigger. In Los Angeles recently, a class-action suit was brought against two e-scooter operators whose cloud-based apps enable the identification and unlocking of available scooters, along with manufacturers Xiaomi and Segway, following claims that the companies were responsible for personal injury and property damage.
Indeed, aware of the potential vulnerability of IoT technology, the State of California recently passed a bill that requires manufacturers of devices that connect “directly or indirectly” to the internet to equip them with “reasonable” security features, designed to prevent unauthorized access, modification or information disclosure.
While the issue of liability has thus far focused on device manufacturers, it’s worth examining the direct and indirect implications to the teams responsible for the creation of an application or service that are part of the product, such as an organization’s DevSecOps team.
Visibility and situational awareness
DevSecOps teams employ a security-focused continuous development, integration and deployment lifecycle model. The pace with which new functions and features are released when using this model presents inherent business risks. For example, when a function fails — due to load, latency or errors — it is tiny from a software perspective, but has a big impact on application performance. Microservices connectivity sprawl not only adds more traffic, but increases application time-out problems due to scale or logic. And as the innovation and deployment pipeline accelerates, bottlenecks within or between teams can restrict the overall flow of value to customers, increase the mean time to resolution (MTTR) and add operational costs. An effective way to reduce those risks is to have DevSecOps teams extract value from wire data — the traffic flow that comprises every action and transaction that traverses the enterprise. Continuously monitoring wire data and forging it into smart data during a development cycle and beyond — in real time — will provide unrestricted visibility into how applications and services work across the entire infrastructure and deliver meaningful and actionable insights for DevSecOps teams. The same smart data allows a common situational awareness to improve agility, reduce MTTR and keep up with the pace of change.
By providing relevant, actionable and intelligent data sets on events as they happen, smart data enables all teams — from developers to operations, security, QA and everyone in between — to work closely together while parameters continue to evolve throughout the development process, and while traffic flows from — and to — data centers, clouds and the network edge. Not only will this visibility provide enterprises with a “line of sight” into various interdependencies, the common situational awareness will go some way to containing product liability. Businesses will enjoy greater speed and agility, and be confident that any issues that arise will be dealt with before they can harm their brand or their users’ experience.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.