"Who are the enemies?" asked the moderator.
Professor Fitzek: "It started with school kids, but now it is all sorts of people, including governments, but remember also the technology can err. Airbus has I think five computers all doing the same calculations on different platforms to catch errors. It's about investing in global network security; a bit like the police."
STMicroelectronics CEO Carlo Bozotti's contribution was to state that security has to address all layers of abstraction: silicon, board, device, network. Auerback said that the sim card industry produces 5 billion sim cards per year and because they adhere to standards they are very secure.
Professor Fitzek was asked what is the difference between 4G and 5G. "One G," he said but added that all generations before were looking at communications between humans. "5G is about billions of connections with different key performance indicators (KPIs) such as latency, performance, security. In 1964 Paul Baran – the father of the Internet – proposed a solution for security; multiple paths, but at this time it was not implemented because they did not have capacity. We just have to raise the cost of engagement for the hacker."
A theme was developing here along the lines that security has to be addressed in a holistic end-to-end fashion but that no individual company or set of companies owns enough of the problem to be able to dictate a solution. Clemmer observed that in the automotive sector security has not been well accomplished but now that cars have been hacked the automotive makers are stepping up.
Reinhard Ploss, CEO of Infineon, observed that consumers are not, as yet, sensitive to IT security. This prompted the thought that some sort of labelling or certification of security might be way to both raise awareness of provide assurance. But should this be driven by companies or governments?