The Effect of Software Warranties on Cybersecurity

This workshop focused on bringing software developers and legal professionals together to understand the shared challenges they face in promoting the development of secure software on the one hand, and software at all, on the other hand. This report sum- marizes current scienti c research on the topics and challenges discussed in the workshop breakout sessions. The insights from the workshop highlight a number of interesting directions for fur- ther research on the interplay between software warranties and cybersecurity.

[1]  Roland L. Trope A warranty of cyberworthiness , 2004, IEEE Security & Privacy Magazine.

[2]  Annie I. Antón,et al.  Evaluating Legal Implementation Readiness Decision-Making , 2015, IEEE Transactions on Software Engineering.

[3]  Alan Butler Products Liability and the Internet of (Insecure) Things: Should Manufacturers Be Liable for Damage Caused by Hacked Devices? , 2017 .

[4]  CACM Staff Abolish software warranty disclaimers , 2015, Commun. ACM.

[5]  Charles Cresson Wood,et al.  Solving the Information Security & Privacy Crisis by Expanding the Scope of Top Management Personal Liability , 2016 .

[6]  Tyler Moore,et al.  The economics of cybersecurity: Principles and policy options , 2010, Int. J. Crit. Infrastructure Prot..

[7]  Dorothy E. Denning Toward more secure software , 2015, Commun. ACM.

[8]  Evelyne Studer,et al.  Regulating Cybersecurity - What Civil Liability in Case of Cyber-Attacks? , 2017 .

[9]  Zhen Li,et al.  An Economic Alternative to Improve Cybersecurity of E-government and Smart Cities , 2016, DG.O.

[10]  Annie I. Antón,et al.  Analyzing Regulatory Rules for Privacy and Security Requirements , 2008, IEEE Transactions on Software Engineering.

[11]  M. Scott Tort Liability for Vendors of Insecure Software: Has the Time Finally Come? , 2007 .

[12]  Martin R. Stytz The case for software warranties , 2003, IEEE Security & Privacy Magazine.

[13]  J. Alex Halderman To Strengthen Security, Change Developers' Incentives , 2010, IEEE Security & Privacy.

[14]  Daniel J. Ryan Two Views on Security Software Liability: Let the Legal System Decide , 2003, IEEE Secur. Priv..

[15]  Steven B. Lipner,et al.  The trustworthy computing security development lifecycle , 2004, 20th Annual Computer Security Applications Conference.

[16]  Jennifer A. Chandler,et al.  Contracting Insecurity: Software License Terms that Undermine Cybersecurity , 2006 .

[17]  Herbert Zech,et al.  Building a European Data Economy , 2017 .

[18]  Bartlomiej Hanus,et al.  It Is Just Unfair Using Trade Laws to “Out” Security Software Vulnerabilities , 2017 .

[19]  LIIS VIHUL,et al.  THE LIABILITY OF SOFTWARE MANUFACTURERS FOR DEFECTIVE PRODUCTS , 2014 .