Slashdot Mirror

← Back to Stories (view on slashdot.org)

Automakers Move Toward OTA Software Upgrades

Posted by Soulskill on from the granted-features-like-a-wizard dept.

Lucas123 writes: While some carmakers today offer over-the-air software upgrades to navigation maps and infotainment head units, Tesla became the first last week to perform a powertrain upgrade overnight. But as the industry begins adopting internal vehicle bus standards with greater bandwidth and more robust security, experts believe vehicle owners will no longer be required to visit dealerships or perform downloads to USB sticks. IHS predicts that in the next three to five years, most, if not all automakers, will offer fully fledged OTA software-enabled platforms that encompass upgrades to every vehicle system — from infotainment, safety, comfort, and powertrain. First, however, carmakers must deploy more open OS platforms, remove hardened firewalls between vehicle ECUs, and deploy networking topologies such as Ethernet, with proven security.

19 of 157 comments (clear)

  1. "remove hardened firewalls between vehicle ECUs" by SoCalChris · · Score: 5, Insightful

    What could possibly go wrong?

  2. Will they be cut off after 6mo-1year by Anonymous Coward · · Score: 5, Informative

    Will they be cut off after 6mo-1year
    and they want the new update BUY A NEW CAR.

    I hope auto drive systems have at least 5 years of updates at no added cost.

    1. Re:Will they be cut off after 6mo-1year by stooo · · Score: 4, Funny

      You will get new versions of a car :
      - Home basic car : will only start 10 times, until you get an upgrade. Can only take a single passenger
      - Home premium car : start always, but there are no brakes
      - Profesionnal car : has brakes, but they break often
      - Enterprise car : has reliable brakes, but lacks a radio
      - Ultimate car : you get the radio for 5000 Euro extra.

      I have to put the obligatory GM-Microsoft :
      http://mistupid.com/jokes/msvg...

      --
      aaaaaaa
  3. Re:"remove hardened firewalls between vehicle ECUs by zidium · · Score: 5, Funny

    Worst case? The only ship to survive will be the one without wifi! (Battlestar Galactica)

    https://www.youtube.com/watch?...

    --
    Slashdot Valentines Beta Massacre: iT WORKED! The boycotts killed Beta!!
  4. Hmm... I thought it was *my* vehicle. by fahrbot-bot · · Score: 4, Insightful

    So the vendor can/will push an update OTA to *my* vehicle w/o my specific consent?

    Also... Imagine (a) needing to use your vehicle - for an emergency, perhaps, in the middle of the night only to be met the dashboard message: "Update in progress; Please wait ..." or (b) waking up to a bricked vehicle from a bad update.

    --
    It must have been something you assimilated. . . .
    1. Re:Hmm... I thought it was *my* vehicle. by PhrostyMcByte · · Score: 3, Insightful

      It does have some advantages. I got the Scion FR-S the day it came out. The original firmware had a number of small issues and one very serious one.

      At a specific load and intake volume, the car wouldn't push enough fuel. It ended up being dangerously lean and it was found that those who stayed at that point for too long would have a catastrophic failure from their direct injector seals melting, necessitating a full block replacement.

      An ECU update came out a while later that fixed it, but nobody was notified. Cars coming in for service don't get it automatically -- the techs aren't even told about it. 99% of those original cars remain unupdated. Anyone who chooses some "spirited" driving on a hot day is at risk.

      An OTA update would solve issues like this really smoothly for a lot of people. I'm all for it.

    2. Re:Hmm... I thought it was *my* vehicle. by AaronW · · Score: 3, Informative

      All of the OTA updates to my Tesla ask me if and when to install the updates. Usually it's a no brainer.

      --
      This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
  5. What could go wrong? by fermion · · Score: 4, Insightful
    MS probably tests upgrades more than any, but a few computers usually go nuts after an upgrade. You can blame the open hardware of MS computers, but then think of apple. They have very closed hardware in the iPhone, but still a few iPhones go nuts after upgrade.

    Automatically upgrading non critical systems makes sense. Upgrading the working of a car through a insecure interface is nuts, automatically more so. You leave work to go home, the upgrade failed, you are stranded. Someone hacks the interface, upgrades you car to their car, you no longer have a car.

    I am sure people are going to attack dealers over this as well. But when I needed the firmware of my car upgraded to allow the new commutation standard, I drove the car to my friendly ane highly reputable dealer, they upgrade the software for free, made sure everything still worked, and I did not have to risk the upgrade would brick my car.

    --
    "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
    1. Re:What could go wrong? by jmcwork · · Score: 3, Funny

      MS certainly does test their upgrades. I have been a beta tester for years: Every time I press that icon that says "You have updates available" ....

  6. Important when updates ARENT wanted. by Anonymous Coward · · Score: 4, Insightful

    This is mostly for updates that remove or reduce features.

    EXAMPLE. I own a Mitsubishi Lancer Evolution X, big time performance car. It comes with HID lights that have a switch inside the cabin for adjusting the leveling.

    Apparently enough fools are setting it to the max height setting that the feature was deemed illegal and a TSB was sent to Mitsubishi dealers informing them to disable the switch and fix the lights at a certain height.

    I personally love being able to aim my headlights down lower towards the ground when driving through my neighborhood at 1am and adjust my headlights higher for country gravel roads.

    For that very reason I haven't let the dealer touch my car. I don't want to visit them to LOSE features. So I won't let them have it. They also want to change a torque reduction value in the ECU to save their ass on warranty by reducing my cars performance. I won't let them change that either.

    OTA is to fix the problem of unwanted updates. Things where you no longer desire the "upgrade" because it removes control from you. You should really fight this because it will eventually be used to control you like a slave.

    I'm waiting for a big plane to crash or bomb to go off in the future where suddenly all cars get an OTA upgrade that enforces a "no-drive-zone" around certain important geo-coordinates. Everyone would freak out and then question how they let something like that take over their cars....

  7. Re:"remove hardened firewalls between vehicle ECUs by sinij · · Score: 4, Funny

    If BG was a bit more realistic, all other ships would have been parked in orbit and used to send out spam.

  8. Re:I think we need some serious open source effort by sinij · · Score: 4, Insightful

    People like you is why I don't buy used cars. It is unsafe to ignore check engine light, if you don't trust the dealer, then get cheap OBDII reader and scan error codes yourself.

  9. Re:I think we need some serious open source effort by sinij · · Score: 5, Insightful

    I ignored it as I knew from past experience, that this car had no major problems.

    I am with you, the other day I was patching mission-critical server when I noticed SMART errors. I ignored it, as I know from past experiences that this server had no major problems.

    At some point, at above 90% load the server started random kernel panics. Any lower load than that would be without any problems. I decided to have sysadmin check it out. He wanted $480 for a new hard disk. Without fixing, this "server would permanently lose data one day" he said.

    Well, stubborn as I am, I ignored his advice. I added couple months on it without any problems at all. When it kernel panics, I would just reboot it...At one time, I thought my reset button may be dirty - it wasn't.

  10. Re:I think we need some serious open source effort by Lumpy · · Score: 5, Funny

    Why bother with that when he can shift into neutral at 10 mph over the speed limit and redline it. He knows better than anyone else.

    --
    Do not look at laser with remaining good eye.
  11. How can someone think that this is a good idea ... by janoc · · Score: 4, Insightful

    I am not against the ability to perform an OTA update in principle, but considering how abysmal record with firmware (and software in general) these companies have, this is a major disaster waiting to happen.

    When Microsoft, Apple or Google botch an update, there will be a few dead computers or phones at worst. If someone like e.g. Toyota or BMW (both with a "proven" record of poor quality firmware - think "stuck" accelerators or the famous BMW video of stalling car spitting out its key at the driver) push an automatic OTA update and something unexpected fails, there will be *dead people* in addition to dead computers. And something *will* fail sooner or later - we are far far from the ability to write provably correct code as a matter of course. And embedded code is often one of the worst examples of both software engineering (non-)methods and quality, mainly because it costs money and time to do things properly instead of outsourcing the firmware to the lowest bidder somewhere in a sweatshop. Nobody will ever see that code anyway, right?

    The only way this can work safely is with previous user's authorization - i.e. *never* automatically and unattended. In that way I can make sure that I am safely stopped and not going 130 kph on a motorway when my engine or brakes decide to go bust on me. That is, AFAIK, what Tesla is doing (a message pops up and the driver needs to accept the update). However, unless this mode of operation is made mandatory, some dickhead will for sure push an automatic update at some point. It is just too tempting to not to and I would be surprised if Tesla didn't have an option to push a "silent" update too already ...

    The other point that nobody reacted on so far - do you really want an always-on, always phoning home wireless connection in your car? That's a wet dream come true for anyone who wants to track your car for whatever reason. Tesla is doing it for (ostensibly) performance tracking (and, conveniently, busting lying journalists), your insurance may start to require access to that data if you want to keep your premiums low and finally police and spooks will rejoice, because they don't even have to bug your car or bother with license plate cameras anymore ...

  12. BS by stooo · · Score: 5, Informative

    >> What could possibly go wrong?
    Nothing. There are hardly any firewalls between ECUs. Firewalls do not exist on CAN.
    The article is written by someone with no insight in car architecture :

    >> First, however, carmakers must deploy more open OS platforms
    Nothing to do with the reflashing

    >> remove hardened firewalls between vehicle ECUs
    There aren't any firewalls

    >> and deploy networking topologies such as Ethernet, with proven security.
    Ethernet is already widely deployed in cars for data hungry applications ( infotainment) For other uses, ethernet is absolutely not suitable ( price, power, wiring constraints, EMC, safety, .....)

    --
    aaaaaaa
    1. Re:BS by UnderCoverPenguin · · Score: 3, Informative

      A friend of mine works for an automotive electronics supplier, so knows how in-service software updates are performed.

      One of the ECUs also functions as a "diagnostic gateway" (DG). The DG is connected to the vehicles "diagnostic link connector" (DLC). To update the software in an ECU, a service technician plugs a reprogramming tool into the DLC and talks to the DG. The DG forwards the commands and data from the tool to the ECU being reprogrammed. It also forwards the ECU's responses to the tool.

      Many new vehicles also have a remote assistance feature, like GM's OnStar, that uses a cellphone radio to communicate with a help center. An additional feature provided by these remote assist (RA) ECUs is reporting diagnostic messages from the other ECUs to the vehicle vendor.

      To enable OTA software updates of any ECU in a vehicles requires only to upgrade the RA to be able to receive and buffer an entire file and to incorporate the "tool side" of the ECU reprogramming protocol (in vehicles that support OTA updates to the infotainment system, this has already been done). Also, the DG would need to be enabled to forward commands and data from the RA to ECUs not on the same network bus as the RA.

      --
      Don't try to out wierd me, three-eyes. I get stranger things than you, free with my breakfast cereal. --Zaphod Beeblebr
  13. Re:OMG by radl33t · · Score: 3, Informative

    yep, i'm sure they never thought of that. good thing clever guys like yourself are around to ask the really hard questions.

  14. Re:Oh HELL no ... by vux984 · · Score: 3, Informative

    So some fucking OTA update is going to fail while you're in the middle of driving because it just happened without asking you?

    Nice strawman you've constructed. The one car that does OTA updates right now (Tesla) downloads them and then prompts you when to do them, so you can wait until your home in your garage. You don't hear any Tesla owners complaining do you?

    Mobile phones are another device with OTA update support. Have you heard a lot of stories where the phone interrupted a 911 call to do an ota update and then failed? No? Because it never happens. The phone says theres an update ready, and waits for you initiate... most of them will even refuse to go if you are low battery, and most recommend you be plugged into a charger for the update... absolutely none ever have just spontaneously decided to update during a call.

    This is so incredibly stupid as to defy belief.

    Why manufacture imaginary problems to be outraged about; there are plenty of real problems in the world. But OTA updates isn't one of them.