Whitepaper "Towards Auditable AI Systems"
When wristwatches receive emails, washing machines report their electricity and water consumption to an app, or loudspeakers answer questions, they are considered “smart”. The devices are controlled digitally, process important data and are connected to the internet. Vehicles, machines, industrial plants and even medical devices are also part of the Internet of Things (IoT).
Technology is developing at a rapid pace and has long since outgrown the existing regulatory framework. The TÜV Association has therefore developed proposals on how the safety of smart products can be guaranteed.
Independent assessments are necessary
Manufacturers are already obliged to ensure the safe use of a product today. What the EU (as the responsible legislator) does not explicitly prescribe, however, is how resilient products must be to external interference. This above all applies to protection against cyberattacks. The TÜV Association believes that there is a need for action here. Because the nature of smart products is being changed through software updates, the entire product life cycle must be taken into account.
The TÜV Association recommends updating the relevant directives and regulations, and adapting the scope and type of product assessment. Smart products with an increased risk potential should be assessed by independent bodies. Assessment organisations need access to safety-relevant control technology, its software and the digital interfaces of the smart products and their data for this.