User: Password:
|
|
Subscribe / Log in / New account

Linux and automotive computing security

Linux and automotive computing security

Posted Oct 10, 2012 23:36 UTC (Wed) by martinfick (subscriber, #4455)
In reply to: Linux and automotive computing security by Cyberax
Parent article: Linux and automotive computing security

"Back in my day", people looked behind their cars before putting the car in reverse. I was shocked to be recently hit standing still in a parking lot by someone relying on their reverse warning and not bothering to look; the warning never went off.

I could not help but think of the modern Battlestar Galactica series when reading this article, I am now fairly convinced that I simly don't want such a network in my vehicle. If the authorities mandate it, I will just stick with my used cars for as long as I can (luckily 90s galvanizing makes that more of a possibility). I don't own a vehicle made this melenium and I don't plan to, they simply are less safe and full of BS that no one needs. Everytime I rent a car I am shocked at how poor the visibility is due to the large air bag filled columns pushed too far forward impeeding the view out the side of the windshield making a left turn a high risk acitvity (for me and anyone nearby). It's sad, but soon it will be mandated that we all drive tanks with nothing but a 7 inch screen to view the outside chaos of dead pedestrians left in our wake, and the media will brag about how much safer modern cars are than ever. :(


(Log in to post comments)

Linux and automotive computing security

Posted Oct 10, 2012 23:44 UTC (Wed) by jimparis (subscriber, #38647) [Link]

> "Back in my day", people looked behind their cars before putting the car in reverse. I was shocked to be recently hit standing still in a parking lot by someone relying on their reverse warning and not bothering to look; the warning never went off.

I was referring to the rear-view cameras, which are kind of a necessity on some cars these days due to poor visibility... (see below)

> they simply are less safe and full of BS that no one needs. Everytime I rent a car I am shocked at how poor the visibility is due to the large air bag filled columns pushed too far forward

I think many of the visibility problems stem from pushing to get better gas mileage. Vertical spaces like windows keep getting smaller. Accordingly, some of the technological "improvements" like rear-view cameras are to try to counteract those problems. It's not (necessarily) just some cranky designer having a bad day.

Linux and automotive computing security

Posted Oct 11, 2012 3:39 UTC (Thu) by ncm (subscriber, #165) [Link]

According to report from inside the automotive industry, what drives the trend to reduced visibility is the desire by female buyers (who now have a predominant influence on new-car purchase decisions) to feel less "exposed". In other words, car makers are making everyone, including buyers, less safe so as to be perceived by buyers as safer.

Linux and automotive computing security

Posted Oct 16, 2012 12:18 UTC (Tue) by wookey (subscriber, #5501) [Link]

Reduced visibility due to thicker A pillars is due to more stringent crash testing/requirements. 'NCAP tests' in Europe. And a god NCAP rating really does help sell cars. But it also makes them heavier and harder to see out of. The steadily improving motor vehicle injury stats have been coming at the expense of those outside (pedestrians, cyclists, motorcyclists) for some time now. At least in Europe TPTB have finally understood that trying to improve the numbers by simply discouraging those other modes is counter-productive in so many other ways (obesity, congestion, noise, expense and general public realm issues), but rowing back from 50 years of 'the car is king' thinking and development is hard to do. Visibility, crash ratings and excessive tech in cars are just small parts of a much wider issue.

I've been holding on to my 1997 pre-ECU vehicle for a while now, despite its relative inefficiency, hoping to get something with free software in it so I had a least a chance of keeping some control over quality. It looks like it'll have to last at least a few more years before I can actually buy anything I might consider acceptable. But there are at least signs of useful progress in this sphere.

Linux and automotive computing security

Posted Oct 11, 2012 14:42 UTC (Thu) by ortalo (subscriber, #4654) [Link]

That's too late.
Even if you can avoid the security/safety issue in your car (which I doubt you will be able to), you will not be able to avoid it in the next place where embedded (computer) systems (security) will raise concerns (tubes, trains, planes, houses, nuclear industry, chemical industry, ... put your favourite risk here ...). It's even possible that the automotive industry is not specifically "in advance" on this topic...

The problem is taking seriously into account computer security. I had hoped in the 90s that maybe this could be done before computing invaded everything. It seems I was wrong. [1] So now, what do we do to change that state of fact (before even your old no-computer car really gets unusable)?
Switching to Linux may be an improvement.

But note that if I had the choice now, I would switch to OpenBSD. Not because of the technical quality, but because of the design target.
(Unless Linus and other developpers of the kernel clearly upgrade the priority for security of course.)

PS: Another practical idea but intended for cars manufacturers: offer brand new cars to all linux kernel developers. Now. And for BSDs devs too (come on, that business is not *so* in crisis). Let's remember them that was what Digital did 20 years ago to get Linux on its Alpha CPU.

[1] In the meantime, in my opinion, security only seriously expanded to the gaming industry and to some extent the media/telco. industry. What an irony!

Linux and automotive computing security

Posted Oct 19, 2012 12:53 UTC (Fri) by JEFFREY (guest, #79095) [Link]

"You don't want [CAN bus] in [your] vehicle."

You'd really shudder to know that CAN bus is also used in SCADA/DCS systems that operate dangerous boilers, refineries, and power plants.

Linux and automotive computing security

Posted Oct 19, 2012 13:59 UTC (Fri) by Jonno (subscriber, #49613) [Link]

CAN itself is no worse than Ethernet, except for speed and packet length limitations. On the contrary, it offers several benefits over plain ethernet, such as built-in QoS and a much lower cost to deploy.

The difference is that there are several standard abstraction layers built on top of ethernet which provides additional features, including some security features. Unfortunately these abstraction layers are way to complex to run on the 20 kHz, 8 bit system with 64 kB RAM you typically see in a sensor, leaving you the options of raw ethernet, raw CAN, or raw RS-232 for connectivity.

When given those choices, using CAN is usually a pretty good option, you just have to remember its limitations and design your application protocol with security in mind, as you wont "inherit" any from the underlying protocol, like you do with TCP/IP. (Though that is probably true anyway, as the security features of TCP/IP are quite limited).


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds