Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for June 20, 2013
Pencil, Pencil, and Pencil
Dividing the Linux desktop
LWN.net Weekly Edition for June 13, 2013
A report from pgCon 2013
Linux and automotive computing security
Posted Oct 10, 2012 23:36 UTC (Wed) by martinfick (subscriber, #4455)
I could not help but think of the modern Battlestar Galactica series when reading this article, I am now fairly convinced that I simly don't want such a network in my vehicle. If the authorities mandate it, I will just stick with my used cars for as long as I can (luckily 90s galvanizing makes that more of a possibility). I don't own a vehicle made this melenium and I don't plan to, they simply are less safe and full of BS that no one needs. Everytime I rent a car I am shocked at how poor the visibility is due to the large air bag filled columns pushed too far forward impeeding the view out the side of the windshield making a left turn a high risk acitvity (for me and anyone nearby). It's sad, but soon it will be mandated that we all drive tanks with nothing but a 7 inch screen to view the outside chaos of dead pedestrians left in our wake, and the media will brag about how much safer modern cars are than ever. :(
Posted Oct 10, 2012 23:44 UTC (Wed) by jimparis (subscriber, #38647)
I was referring to the rear-view cameras, which are kind of a necessity on some cars these days due to poor visibility... (see below)
> they simply are less safe and full of BS that no one needs. Everytime I rent a car I am shocked at how poor the visibility is due to the large air bag filled columns pushed too far forward
I think many of the visibility problems stem from pushing to get better gas mileage. Vertical spaces like windows keep getting smaller. Accordingly, some of the technological "improvements" like rear-view cameras are to try to counteract those problems. It's not (necessarily) just some cranky designer having a bad day.
Posted Oct 11, 2012 3:39 UTC (Thu) by ncm (subscriber, #165)
Posted Oct 16, 2012 12:18 UTC (Tue) by wookey (subscriber, #5501)
I've been holding on to my 1997 pre-ECU vehicle for a while now, despite its relative inefficiency, hoping to get something with free software in it so I had a least a chance of keeping some control over quality. It looks like it'll have to last at least a few more years before I can actually buy anything I might consider acceptable. But there are at least signs of useful progress in this sphere.
Posted Oct 11, 2012 14:42 UTC (Thu) by ortalo (subscriber, #4654)
The problem is taking seriously into account computer security. I had hoped in the 90s that maybe this could be done before computing invaded everything. It seems I was wrong.  So now, what do we do to change that state of fact (before even your old no-computer car really gets unusable)?
Switching to Linux may be an improvement.
But note that if I had the choice now, I would switch to OpenBSD. Not because of the technical quality, but because of the design target.
(Unless Linus and other developpers of the kernel clearly upgrade the priority for security of course.)
PS: Another practical idea but intended for cars manufacturers: offer brand new cars to all linux kernel developers. Now. And for BSDs devs too (come on, that business is not *so* in crisis). Let's remember them that was what Digital did 20 years ago to get Linux on its Alpha CPU.
 In the meantime, in my opinion, security only seriously expanded to the gaming industry and to some extent the media/telco. industry. What an irony!
Posted Oct 19, 2012 12:53 UTC (Fri) by JEFFREY (subscriber, #79095)
You'd really shudder to know that CAN bus is also used in SCADA/DCS systems that operate dangerous boilers, refineries, and power plants.
Posted Oct 19, 2012 13:59 UTC (Fri) by Jonno (subscriber, #49613)
The difference is that there are several standard abstraction layers built on top of ethernet which provides additional features, including some security features. Unfortunately these abstraction layers are way to complex to run on the 20 kHz, 8 bit system with 64 kB RAM you typically see in a sensor, leaving you the options of raw ethernet, raw CAN, or raw RS-232 for connectivity.
When given those choices, using CAN is usually a pretty good option, you just have to remember its limitations and design your application protocol with security in mind, as you wont "inherit" any from the underlying protocol, like you do with TCP/IP. (Though that is probably true anyway, as the security features of TCP/IP are quite limited).
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds