Software Engineering Radio - the podcast for professional software developers avatar

Dexa/Software Engineering Radio - the podcast for professional software developers

Learn more
Published Apr 12, 2023

SE Radio 559: Ross Anderson on Software Obsolescence

Join Ross Anderson as he delves into the complexities of software obsolescence, exploring regulatory and security challenges across industries like automotive and banking. Discover the vital strategies for effective software maintenance and the role of legislation in extending software longevity and enhancing system safety.
Episode Highlights
Software Engineering Radio - the podcast for professional software developers logo

Topics covered

Popular Clips

Episode Highlights

  • Defining Obsolescence

    Software obsolescence refers to the gradual decline in the functionality and security of software as it ages, often due to the introduction of new features and the complexity of maintaining them. explains that as software evolves, it can lead to dependability issues and security vulnerabilities, necessitating upgrades that ripple through entire ecosystems 1. This complexity is further compounded by the integration of machine learning models and the coordination required for vulnerability disclosures and upgrades. Anderson illustrates the real-world impact with examples like smart fridges that become obsolete when manufacturers stop maintaining their servers, turning them into useless appliances 2.

       

    Car Lifespan Impact

    The automotive industry faces significant challenges due to software obsolescence, which can drastically reduce vehicle lifespan. Anderson highlights that cars in Europe may soon have a maximum lifespan of ten years if software updates are not maintained, posing an environmental disaster as the average car lifespan is currently 16 years 3. This reduction could lead to increased CO2 emissions due to the need for more frequent car production. The European Union has mandated that carmakers maintain software for ten years, aligning with spare parts availability, to mitigate these issues 4.

       

    Obsolescence Challenges

    Consumer electronics and IoT devices are particularly vulnerable to software obsolescence, leading to significant challenges in maintenance and security. Anderson notes that devices like smart fridges can become obsolete when manufacturers cease server support, rendering them non-functional 2. The European Union has recognized the need for regulation, prompting studies on standardization and certification to ensure safety and sustainability in IoT devices 5. Anderson emphasizes the importance of building systems with the capability for over-the-air updates to address vulnerabilities, especially in complex systems like cars, which have numerous radio frequency interfaces that can serve as attack vectors 6.

Related Episodes