Posted by Robert Vamosi on April 10, 2017
The features that drive new car sales today are increasingly based on software. Drivers want their own music. They want to stay connected with their digital world. They want digital assistants to help park or even drive autonomously.
While auto makers (i.e., the OEMs) have mostly mastered their physical world, with stable supply chains able to provide quality components to produce the reliable vehicles on the road today, automotive software remains a foreign land. The good news is the OEMs are rapidly learning what they need to do—although they are largely reacting to changing needs rather than consistently driving innovation. Make no mistake, while they’re very good at automotive safety, they’re still very new to automotive security.
To leapfrog the learning curve on software, there have been some interesting software-automotive partnerships recently. Blackberry is partnering with Ford. Microsoft and Tata are getting together. There’s a match between a traditional software company and a traditional auto maker. Toyota, just to be different, has decided to go it alone–for now. And then there’s the list of ride-sharing partnerships working on autonomous vehicles.
Alphabet (Google), it seems, is trying to do an Android thing in the automotive world in that they’re partnering and investing in new players including their own company, Waymo. They are creating more of a free for all space, like Android, but one nonetheless grounded on a secured platform so that the traditional automakers can use it to build their own software ecosystems. Apple may or may not be playing in the automotive space.
On the other hand there is Tesla which seems to be following the Apple model, building all the devices, driving all the software development, and overseeing a walled garden of software, apps, and so forth. They have their own software that does follow continuous integration and a continuous deployment cycle. In short, like Apple, they are in their own little world.
Tesla has been described as a rolling system of systems—more computer than traditional car. And there’s not just one computer system, there’s many, many computer systems within each vehicle and they all have high levels of interaction. Further the software can be updated with over the air patches and upgrades without much user interaction.
The Tesla world is removed from, say, the more traditional automakers like Ford or GM. The established manufacturers—most of them, at least—don’t write much software when it comes to their vehicles. They rely on this very large, very robust cyber supply chain, like the supply chains for the physical parts in each vehicle. Except here one of the software members have their own software development practices.
This could get messy when we get the world of autonomous vehicles. There, a driver chooses a destination, a mapping app determines the correct route, and the vehicle interacts directly with that mapping app. They may be segmented on the internal network, but they’ll need to interact nonetheless. There may be quality and security differences between then and that’s where things start to get messy.
In the future, automotive software development might parallel mobile phones. Mobile phones, before the iPhone, were really just utilitarian devices that maybe could take some notes, make a phone call, check voicemail, but now they’re fully integrated mini-computers. With the evolution of mobile operating systems and mobile ecosystems came two philosophies:
Tesla may well be that walled garden and other vehicles might use the Android model for their technology or at least always be a little more open. These open systems will still have to have a somewhat walled-off garden if only to ensure that the vehicle operates as intended. Or as regulated.
Vehicles allowed on public roadways must adhere to specific criteria so the next few generations of vehicles will, by default, have very similar capabilities. Even Android phones today have a carrier portion of the phone and a user land portion of the phone. Each section has very different expectations and very different security requirements.
Cars tomorrow will be able to run their own unique apps. The software inside our cars will also be able to configure setting personas based on the driver. So, despite the standardization, the automotive software complexity is only going to get greater. As with our mobile devices.
Some of this happening already within the automotive industry. There are a number of Tier One cyber supply chain providers that provide multiple versions of a same infotainment system head unit for three or four different vehicles. They each have their own requirements and software development practices so the providers have different “flavors” of the same product.
It’ll be very hard for those software developers to maintain that going forward without consolidating based off whether it’s a regulatory requirement or an industry specific requirement. The automotive industry wants to self-regulate in this space and wants to be able to get ahead of the curve having seen what some of the challenges already are. The work that’s being done at SAE, for example, most of these participating OEMs and supply chain providers are very excited and very upfront in the information they’re sharing in order to craft a standard that they can all follow. One that is flexible enough yet provides a high level of security.
If the result of these standardization groups were to be a single automotive software platform, the security model would be overwhelming to maintain. Rather—and it seems the industry is already moving in this direction—there needs to be a common framework, or better yet a series of related frameworks, that recognize differences. Rather than one base platform, there would be individual criteria for say LIDAR systems, or infotainment systems, etc.
In the future, there will be some general models that are fully accepted by the industry as well as the manufacturers that provide components to the automotive space. In the future, secure automotive software will work out. But for now, strap in, because the ride’s probably going to be bumpy for a while.
Get the latest Software Integrity news, thought leadership, and more.