Car Automation. Me? Worried?

  2011-01-08

Car Automation. Me? Worried?

  22:48, by Hagai Bar-El   , 732 words
Categories: Security Engineering

Cars will soon be (almost) fully automated. News on experiments with cars that drive by themselves, in different scenarios and situations, make it seem obvious that soon enough the role of the driver is to be similar to that of a pilot in a passenger jet. Many people feel some itch of discomfort with this thought; the itch of “we are not there yet”. Let us see if and why we “are not there” yet, and what we can do about it.

Experiments are performed, and at a high level they seem to work. Therefore, as it appears, we are almost there, or at least we are on the right track, functionality-wise.

If there is an aspect from which we and our technology are not ready, it is that of security and reliability. Truth be told, today we cannot design an even simpler software application without having it suffer (at least) occasional reliability glitches. We prove over and over again that we just cannot build a sophisticated application that will just work without bugs and glitches, let alone be secure. Intuitively, bugs that we can afford in IT applications, and even in GPS applications, we cannot afford in the robot that turns the steering-wheel.

Whenever I raise this concern, I am often reminded of aviation software. A passenger jet is full of code as well, and nonetheless civil aviation is considered safe. However, there are at least three reasons why this comparison does not apply. First, I cannot back it up with any figures (if anyone does have any — please post a comment), but it is intuitive that the complexity of the car steering application is to be higher than that of a passenger jet. A passenger jet is more sophisticated of an apparatus, but it seems as the number of real-time events it needs to cope with, as well as the sophistication of their circumstances, are lower. Second, as any reader of the RISKS newsgroup can easily tell, aviation software is far from perfect. It does have its glitches, including cases of shutting the engines down during flight. Fortunately, there is still a pilot on board to handle such situations manually using human knowledge and common sense. This function will not exist in a self-driving car, even someone sitting at the drivers seat. The pilot is a trained individual, operating by strict regulations, sitting in the aircraft for this purpose alone. A typical car driver in a self-driving car will soon enough drift into playing with the kids, sleeping, reading, or just daydreaming, without keeping his hands and attention on the automatic wheel that seems to behave nicely for years already. Third, cars play in a more active, competitive and ever-changing market than jets, with competition that is powered by individual retail customers demanding more features on a model-by-model basis. The Boeing 747 is with us for 40 years. Software in it may have changed, but probably not as dramatically as that of a car that the user changes every half a decade with an expectation of improvement.

Despite all that, I am not as worried as probably expected. Means for making reasonably-secure and reasonably-reliable software exist, they are just expensive. So far, we succeeded in avoiding costly secure coding methodologies because we could afford to. Our software today breaks, not because there was no way to make it less breakable, but because there was no incentive for the provider to make it so. Simply put, the software provider pays the cost of security, but does not pay the cost of insecurity, so its preference is clear. There is still no reason to believe that when pressed by customer requirements and by regulation, a software provider cannot do better in this respect. At least as much as I can see, car makers are aware of the challenge that stands in front of them.

Will car steering software be all hundred-percent safe? Obviously not. Bugs and vulnerabilities will be found, and these might cost lives, like other failures in critical equipment; failures that we usually tolerate as long as kept within reason. This is a price we have to pay for advancing the state of the art into the unknown. Nevertheless, given all that the car industry should know and understand, and given that it comprehends what needs to be done at all costs, we may just as well be on the right track.

No feedback yet


Form is loading...