Search for: All records

This report documents the program and the outcomes of Dagstuhl Seminar "EU Cyber Resilience Act: Socio-Technical and Research Challenges" (24112). This timely seminar brought together experts in computer science, tech policy, and economics, as well as industry stakeholders, national agencies, and regulators to identify new research challenges posed by the EU Cyber Resilience Act (CRA), a new EU regulation that aims to set essential cybersecurity requirements for digital products to be permissible in the EU market. The seminar focused on analyzing the proposed text and standards for identifying obstacles in standardization, developer practices, user awareness, and software analysis methods for easing adoption, certification, and enforcement. Seminar participants noted the complexity of designing meaningful cybersecurity regulations and of aligning regulatory requirements with technological advancements, market trends, and vendor incentives, referencing past challenges with GDPR and COPPA adoption and compliance. The seminar also emphasized the importance of regulators, marketplaces, and both mobile and IoT platforms in eliminating malicious and deceptive actors from the market, and promoting transparent security practices from vendors and their software supply chain. The seminar showed the need for multi-disciplinary and collaborative efforts to support the CRA’s successful implementation and enhance cybersecurity across the EU. 

Resource sharing is fundamental to the design of telecommunication networks. The technology, economic and policy forces shaping the transition to next-generation digital networking infrastructure—characterized here as “5G+” (for 5G and beyond)—make new and evolved forms of edge sharing a necessity. Despite this necessity, most of the economic and policy research on Network Sharing Agreements (NSAs) has focused on sharing among service providers offering retail services via networks owned and operated by legacy fixed and mobile network operators (MNOs). In this essay, we make the case for why increased and more dynamic options for sharing, in particular of end-user owned network infrastructure, should be embraced for the future of NSAs. Furthermore, we explain how such a novel sharing paradigm must be matched by appropriate regulatory policies.