Posted Aug 9, 2012 19:26 UTC (Thu) by iabervon (subscriber, #722)
In reply to: GPL v3 by Richard_J_Neill
Parent article: GENIVI: moving an industry to open source

I think that the right thing, from the point of view of allocating responsibility, would be to check at boot that the image is signed by a key stored in a PROM (or ROM) in a ZIF socket inside the dashboard. If you want to change your firmware, you have to change the PROM to hold a key you have the private part to, and sign your new firmware. Then, if the system malfunctions in an unsafe way, it'll point to you as the responsible party. More generally, if the owner of the vehicle wants to install a Bose IVI system in a Ford car, they can do this with no more hassles that it used to be to put in a custom stereo, but they're also clearly shifting the safety responsibility to Bose from Ford, removing the chip that says "Ford IVI" and putting in the one from the Bose box. (While they're at it, use JTAG to install firmware images, to make the sort of equipment needed to install new firmware at all comparable to the sort of equipment needed to install a different public key.)

Posted Aug 11, 2012 8:58 UTC (Sat) by jospoortvliet (subscriber, #33164) [Link]

As was said, that's beautiful, but might still not hold up in court - the car maker gave you the possibility to screw up so it is their responsibility. Or something like that...

Moreover, you think a journalist would bother checking if the car software was modified? No, headlines will just say "4 killed in $CARBRAND".

I understand the reluctance to adopting GPLv3. I hadn't thought of these issues but they make it rather clear to me that GPLv3 has a big problem...

Posted Aug 11, 2012 9:59 UTC (Sat) by dlang (subscriber, #313) [Link]

it's already big business to modify car computers, brakes, engines, and everything else that's safety related on a car.

What makes software so different?

Posted Aug 12, 2012 0:48 UTC (Sun) by iabervon (subscriber, #722) [Link]

Letting you use the steering wheel and gas pedal is clearly a much larger way in which car makers give you the possibility to screw up. They also give you the possibility to neglect safety-critical maintenance. Anyway, when 4 people are actually killed in a car, the make of the vehicle doesn't necessarily show up in the story, let alone the headline; it's unfortunately far too common an occurrence. People collecting safety statistics are much more likely to take after-market modifications into account; and this sort of aggregate statistic is unlikely to really be affected by anything an IVI system could do, anyway.

