Regulation, standardization and enforcement of product safety and security are becoming a major challenge related to products with embedded digital technologies, such as AI due to that digital product properties are likely to change throughout their life cycles. Also, cyber vulnerabilities and threats need to be considered in technical regulation. Conformity assessment and legal metrology play an important role in providing traceability, auditability and verification, including for market surveillance.

New digital legal frameworks introduce the life-cycle perspective in regulation requiring traceability. For example, within the EU the proposed Cyber Resilience Act (see https://digital-strategy.ec.europa.eu/en/library/cyber-resilience-act as of 3 July 2023) states: “In order to facilitate vulnerability analysis, manufacturers should identify and document components contained in the products with digital elements, including by drawing up a software bill of materials. A software bill of materials can provide those who manufacture, purchase, and operate software with information that enhances their understanding of the supply chain, which has multiple benefits, most notably it helps manufacturers and users to track known newly emerged vulnerabilities and risks. It is of particular importance for manufacturers to ensure that their products do not contain vulnerable components developed by third parties.”

The proposed EU Artificial Intelligence (AI) Act also requires a life cycle approach. “Providers must set up a risk-management system that documents and manages risks across the AI system’s entire lifecycle, when used as intended, or, under conditions of ‘reasonably foreseeable misuse’. Risks may be added as a result of post-market surveillance.”

Experts assess these types of measures as very difficult, if not impossible to use for obtaining full regulatory certainty.

This conference will aim to address the question in what manner could conformity assessment and/or legal metrology and/or market surveillance provide support in addressing life cycle compliance for products with embedded digital technologies, in a verifiable and measurable way with the aim of addressing regulatory objectives such as safety, cybersecurity, resilience and privacy while taking into account international trade without unnecessary barriers.

The conference will start by establishing what is meant by “continuous change” in digital products that complicate regulation and standardization, and which provoke the eventual need for new methodologies for continuous compliance.

• Moderator: Rosie Seville, Vice-Chair of UNECE WP.6 [Bio]

Welcome address

• Elisabeth Tuerk, Director, Economic Cooperation and Trade Division, UNECE [Bio]
• Heidi Lund, National Board of Trade of Sweden; Chair of UNECE WP.6 [Bio]

Keynote and Opening

• Anna Vitie, Chair of World Trade Organization Technical Barriers to Trade Committee [Bio]
• Shawn Paulsen, Vice-President, International Electrotechnical Commission; Chair IEC Conformity Assessment Board [Bio][PPT]
• Jessica McCarthy, Student, Geneva Business School [Bio][PPT]
• Marco Pangallo, Permanent Mission of Israel to the UN and other International Organizations in Geneva [Bio]

Background – Regulatory compliance of products with embedded AI or other digital technologies

• Lance Thompson, Secretary, WP.6, UNECE [Bio][PPT]

• Moderator: Gabrielle White, Vice-Chair of UNECE WP.6 [Bio]

Industry perspective

• Omar Dhaher, Associate Technical Director, Digital Europe [Bio][PPT]

Regulatory perspective

• Anthony Quinn, Standards Team Lead, Office of Standards and Intellectual Property, ITA, USA [Bio]
• Jan Deconinck, Advisor Head of National Metrology, Belgian Ministry for Economic Affairs; Chair UNECE WP.6 MARS [Bio][PPT]
• Sławomir Górniak, Senior Cybersecurity Expert, Market, Certification and Standardisation Unit, EU Agency for Cybersecurity (ENISA) [Bio][PPT]

Transversal issues to consider

• Accreditation considerations: Jacquelyn MacCoon, Standards Council of Canada [Bio][PPT]
• Gender considerations: Michelle Parkouda, Standards Council of Canada; Chair UNECE WP.6 ToS-GRS [Bio][PPT]
• Risk management considerations: Valentin Nikonov, Patir Management and Investment; Vice-Chair UNECE WP.6 GRM [Bio][PPT]
• Digital divide considerations: Pilar Fajarnes, Technology and Logistics Division, UNCTAD [Bio][PPT]

Discussion