Part 1
On 2021-07-07 Robert N. Charette wrote an article in IEEE Spectrum, How Software Is Eating the Car, The trend toward self-driving and electric vehicles will add hundreds of millions of lines of code to cars. Can the auto industry cope?
As usual, an article in Slash Dot ( /.) is my main source of biased opinions about a serious technological issue, with one typical comment given a score of 4: interesting. It read: “If you get something pre-1978 then the most sophisticated electronics in the vehicle will probably be the radio kit.” This was then followed by numerous comments about 1976 (and later) Chrysler Cordobas. This type of reasoning reaches its zenith with, “What was the last car without this nonsense? Makes me want to buy a classic car or motorcycle, just for the simplicity.”
Yes, for a long time the trend has been towards increasing [Engine Control Units =] ECUs, based on the design philosophy of, “If you want a new feature, you buy a box from a Tier 1 [top-level component suppliers, such as Bosch] that provides the feature, and wire it in. As a general rule, automakers love outsourcing work; for most of them, their dream scenario is that everyone else does all the work for them and they just slap a badge on it and take a cut.
Then Rei adds a score 5: informative, but long, comment: “This article actually has it backwards. The first company to break with this philosophy was Tesla, which has from the beginning had a strong philosophy of in-house software design, and built basically a ‘car OS’ that offloads most vehicle software functionality into a handful of computers (with redundancy on safety-critical functionality). … Eventually everyone is going to have to either make their own ‘car OS’ stack or lease one from someone else. The benefits are just too significant[:] Lower hardware costs, lower assembly costs, lower power consumption, simpler cheaper lighter wiring harness, faster iteration time on new functionality, closer integration between different subsystems, you name it. This trend throws into reverse the notion of ever-increasing numbers of ECUs (which quite simply was an unsustainable trend).”
Who could possibly disagree?
Part 2
What is the minimal vehicle a person needs? Of course, there will be as many answers as there are people, and it will all be dependent on what they are doing. There are a lot of vehicles available, but I will not refer to them as choices. Some places lack trams or other forms of public transit. They may exist in other places, but run at inappropriate frequencies. Some communities lack bike lanes, forcing cyclists to compete for space with cars. Some streets are perpetually gridlocked.
Some people need to work, outside of their residences! Does one have to take children to kindergartens or schools? What distance does one have to travel to attain basic health and nutritional needs? Can this be done as part of a commute, or is a separate trip necessary? What about specialty shops? What is the distance to the nearest bus station/ train station/ airport/ international airport? Is there a need for a social life? Is one dependent on driving a car? Could a bicycle do for some items? Are trains or buses an option? So many questions, so few obvious answers.
Perhaps my own situations could be used as an example. Compared to most people, my life is simple: no job is calling me, and I am no longer responsible for looking after young children. Yesterday, I used a vehicle with a mass of about 1.5 Megagrams (where 1 Mg = 1 000 kg), to drive 40 km. Admittedly, there are vehicles that weigh less than a car. A bicycle is probably the most efficient device for conveying people, and it can have a mass of from about 5 to about 20 kg. Yet, I would not feel safe driving one of these on the roads of rural Norway. There are no buses, but if I plan in advance and contact the appropriate office a day in advance, I might be able to use public transit, essentially a taxi charging bus rates, as long as I am willing to wait up to several hours, for a return trip.
The most basic foods, as well as building supplies, can be purchased with a 14 km return trip across Skarnsund bridge in Mosvik, where there is even a coffee bar, with better than acceptable lattes. Basic health care (doctor, dentist, pharmacy, optometrist) and a larger selection of food and basic necessities are met by driving 26 km for a return trip in the opposite direction, into Straumen. More specialty shops are available in Steinkjer involving a 70 km round trip. This all involves driving. However, there is also a train station at Røra, 40 km round trip by car, that will allow one to connect with an international airport (TRD), and the fourth largest city in Norway, Trondheim, about 120 km away – 240 km round trip, with an even larger selection of shops and activities.
Part 3
I am in agreement with Rei, that more software (and less hardware) is needed in vehicles. Yet, I am reading this week that General Motors is charging purchasers of many GMC, Buick, and Cadillac vehicles, that are shipped with OnStar and Connected Services Premium Plan by default, $1 500 for the three-year plan that was once optional, but is now required. Other companies are doing the same sort of thing. It is estimated that this revenue stream could give GM an additional $20 to 25 billion per year by 2030. BMW has come out with similar claims, giving them an additional revenue of about $5 billion per year by 2030. I do not want to ensure that a wealthy elite continues to take more of an income pie that is already unfairly divided.
At issue is the right of consumers to direct access to vehicle data, which historically has been obtained from an on-board diagnostic (OBD-2) port (North America) or European on-board diagnostic (EOBD) port, since 1996 and 2001, respectively. These allowed vehicle owners and technicians access to vehicle data to assist with maintenance and repair. This situation is threatened by vehicle manufacturers, who want to use telematics = the sending of data wirelessly and directly, restricting vehicle data to manufacturers. In 2021, 50% of new cars have these connected capabilities, but no country has more than 20% of its vehicle fleet equipped. USA has the most. By 2030, it is estimated that about 95% of new vehicles sold globally will have this connectivity, according to a study by McKinsey.
While this data could provide economic and other benefits to car owners, vehicle manufacturer want to act as gatekeeper, determining who can access it, and at what cost. This is a detriment to consumers, which could result in: Increased consumer costs; restrictions on consumer choices for maintenance and repair; safety and security issues involving the use of non-standard data types and formats; privacy concerns. Automotive mechanics, and other aftermarket providers can also be affected.
This has resulted in a consumer backlash, which I associate with the right-to-repair movement. There are already open-source groups working to ensure that consumers retain their rights. In addition, Automotive Grade Linux (AGL) is an open source project hosted by The Linux Foundation that is building an open operating system and framework for automotive applications. It was started in 2012, and currently has 146 corporate members.
I imagine that automotive manufacturers will try to add just enough proprietary software to their vehicles, to profit maximally from their investment. On the other hand, I see that there will be an incentive for ordinary consumers to demand right-to-repair legislation, and for guerilla activists to produce generic software substitutes where this is useful.
In Europe, repair is increasingly regarded as an essential consumer right and an environmental necessity. The main objective of the European Green Deal, is to be climate neutral by 2050. The European Commission’s Circular Economy Action Plan (CEAP), published 2020-03, details how this goal is to be reached. To reduce waste, products have to be designed to last. If they don’t last, they shouldn’t be sold. To encourage the development of products that are longer-lasting, there could be lifespan labels, service manuals, and an EU-wide repairability index. This would encourage the market to compete on repairable and durability.
In 2020-11, the European Parliament voted overwhelmingly in favor of a right-to-repair, and insisted that the more conservative European Commission administrative arm, implement it. It also included repairability labeling.
In 2020-11, voters in Massachusetts approved Question 1, involving a right-to-repair Law, with almost 75 percent in favour. The law requires automakers to provide a way for car owners and their chosen repair shops to access vehicle data, including that sent wirelessly to the manufacturer. The intent of this law is to prevent manufacturers and dealerships from having exclusive access to data.
Massachusetts is the state where the first automotive right-to-repair law was passed in 2012. That law made car makers open up the data inside the car. Rather than create a state by state solution, automakers reached a nationwide agreement with car parts makers/ suppliers and repair shops on how to share the data. This agreement opened the OBD-II port. With this new and improved right-to-repair law, similar transformative actions are required.
There are an increasing number of underpaid programmers and other software and hardware specialists, unable to fully live the American (and Scandinavian) dream. Many of these would undoubtedly be willing to work as guerilla technologists to develop the tools needed for retrofitting vehicles with more consumer friendly components, especially after warranties have ended. There are an increasing number of inexpensive microprocessors and systems on a chip that can be used for these purposes.
Part 4
To put electric vehicles in perspective, one needs to return to 1965-11-05, when President Lynden Johnson was given a copy of Restoring the Quality of Our Environment, a report by the Environmental Pollution Panel, President’s Science Advisory Committee. On publication of this blog, people have had 20 735 days or 56 years, 9 months, 8 days to confront this challenge, but have failed miserably at this task.
One fundamental question is, where can younger people learn more about the construction of appropriate vehicles for the 21st century? Currently the most interesting project is Woodpecker, that describes itself as an: “Open source based Carbon negative Electric Vehicle Platform. Woodpecker is a game changing micromobility vehicle to decrease CO2. Electrical propulsion allows to use solar and renewable power. Production of Wooden frame even decreasing CO2 because it is encapsulated by [wood] while growing. Vehicle built on Circular Economy concept – most parts are recyclable.” It appears to have originated in Latvia, and includes partnerships with many higher-educational institutions in the country. One problem with Woodpecker, is that it as an organization is too closely bound to commercial enterprises. For example, a good starting point for most open-source projects is to become acquainted with their documentation. In this case it requires people interested in downloading their technical drawings to have a Trimble account, in order to use Sketchup.
Notes:
1. This post follows up some aspects of Vehicle Devices, published 2020-11-03. The division between parts is not based on content, but time. Part 1 of this weblog post was originally written 2021-06-18 and saved at 10:49. It had been patiently waiting to be published. On 2022-08-12, outdated content was removed, and Part 2, was added, starting at 20:43. Parts 3 was started on 2022-08-13 at about 07:40, while part 4 was started on the same date at 08:48.
2. Trondheim claims to be the third largest city in Norway, but I would give that title to Stavanger. The challenge with Stavanger, is that its metropolitan area is divided between multiple municipalities. Yes, I am aware that I have offended some of my Norwegian readers, because of their origins in Trøndelag. However, Stavanger is the only place in Norway where I have ever been able to find/ buy root beer! This is probably due to Americans working in the oil industry, and living in the Stavanger area.
Very interesting and thought provoking Brock.
I liked this especially as I would like to find out why my car does this or that in response to my driving or button pushing. Of course the ‘handbook’ doesn’t explain these things at all, and most of the other explanations are rather obtuse.
Frustrating! I subscribe to the ethos “I wanna fix it! Is it broke?” Well I did put all of the third alarm clock back together as a working item. Thankfully my parents never asked about the first two.
And my cars have all continued running. The two I maintained, and improved slightly, most easily were a Ford 105E Anglia, and a Toyota Corolla.
Another root beer fan!
The problem you outline here has already been the subject of litigation in regard to high-end farm equipment – John Deere tractors being the principal manufacturer of same I am familiar with. Deere claims you buy the tractor, but you are only leasing the code in them and so cannot fiddle with it. But the you-know-what hit the fan when the number of tractors needing service surpassed Deere’s ability to service them in a timely manner. Farmers’ claim they cannot let crops sit in the field until Deere gets around to a repair while a capable shop is just a phone call away.
Aircraft have shifted to these systems as well, so this is hardly a limited problem.
Unfortunately, as usual, it is complicated. Manufacturers rightly complain, wondering how they can be held responsible for the safety of a vehicle in which others could alter the controlling code.
This letter by Håken Hveem of Hamar, an agricultural area in central Norway, appeared in Bondebladet = the (Norwegian) Farmer’s Magazine https://www.bondebladet.no/debatt/med-rett-til-a-reparere/ with Creative Commons 1.0 Universal license, allowing free redistribution of the copyrighted material.
For decades, many farmers did their own repairs. Farm equipment, like everything in our lives, is increasingly driven by software. While this software has increased efficiency and environmental friendliness in terms of reduced emissions, it has also allowed manufacturers to take increasing control over the repair process.
Like cars, agricultural equipment is increasingly controlled by an elaborate and complex network of data sensors. When one of these sensors notices an error, no matter how small or serious, it puts the machine into “limp home mode”. This allows farmers to move the machine slowly but not use it fully. Once the problem is diagnosed and repaired, the error code is cleared and the machine can continue to work.
To avoid the draconian software locks that John Deere and other manufacturers put on the tractors they sell, farmers across the United States have begun hacking their equipment with firmware hacked in Eastern Europe and available on paid online forums.
Tractor hacking is becoming increasingly popular in the United States, because manufacturers have made it impossible to perform “unauthorized” repairs on farm equipment. Farmers in the US see this as an attack on their sovereignty, right to self-repair, and possibly an existential threat to their livelihood if the tractor breaks down at an inopportune time.
An October 2017 John Deere licensing agreement, which the company required U.S. farmers to sign, prohibits nearly all repair and modification of farm equipment, and prevents farmers from suing for “crop loss, lost profits, loss of goodwill, and so on.” The agreement applies to anyone who turns the key or otherwise uses a John Deere machine with built-in software.
In September 2018, a US trade group representing John Deere and a range of other tractor and farm equipment manufacturers made a pledge. They promised that starting January 1, 2021, John Deere and other tractor manufacturers would make repair tools, software and diagnostics available to the masses.
This has not changed the situation in the USA, as no law has entered into force that makes it possible to obtain suitable software legally. This means that, for example, only John Deere dealers and “authorized” workshops can work with newer tractors.
This results in problems, such as changing a gearbox yourself, or if a mechanic who is not part of John Deere does the job, you could potentially be left with a tractor that won’t start, because the gearbox is not approved by the computer brain that sits in the tractor. You must then have a service person from John Deere come and authorize the part against the computer brain.
You also cannot obtain diagnostic data without having the correct software installed on a PC that is connected to the tractor, and this software is not freely available. Nor can the tractor be modified to run on, for example, methane produced from pig dung.
A similar problem inspired hacker Richard Stallman to invent open source software in the 1980s. When an experimental laser printer donated to MIT by Xerox developed problems, Stallman tried to develop a software fix so he could help anyone using the printer. He quickly discovered that the machine’s source code was proprietary—a stupid restriction that prevented him from helping his colleagues.
Stallman and many others stand behind the idea of open source software, computer software where the source code is released under a license that gives users rights to use, study, modify and distribute the software to anyone and for any purpose.
Software with open source code is a shining example of open collaboration, for example the Linux operating system, as well as the Oggún tractor, were created on this principle. There are of course also other “open source” equipment projects in agriculture such as Open Source Ecology and Farm Hack.
More content about John Deere hacking can be found in a Wired article: https://www.wired.com/story/john-deere-tractor-jailbreak-defcon-2022/
At the DefCon security conference in Las Vegas on 2022-08-13, Sick Codes, an Australian hacker living somewhere in Asia, presented a new jailbreak for John Deere & Co. tractors that allow people to take control of multiple models through their touchscreens.
The finding underscores the security implications of the right-to-repair movement. This isn’t a remote attack, but the vulnerabilities involved show fundamental insecurities. At the 2021 DefCon, Sick Codes lectured about tractor application programming interfaces and operating system bugs. This resulted in tractor companies, including John Deere, fixing some of the flaws.
More recently, he experimented with a number of touchscreen circuit boards to find bypasses to John Deere’s dealer authentication requirements. Eventually, he was able to restore the device as if it were being accessed by a certified dealer. When the system thought it was in such a state, it would offer more than 1.5 GB worth of logs that were meant to help authorized service providers diagnose problems. The logs also revealed the path to another potential timing attack with the potential to grant deeper access. Sick Codes soldered controllers directly onto the circuit board and eventually got his attack to bypass system protections and grant him root access.
While his approach requires physical access to the circuit board, it is possible to develop a tool based on the vulnerabilities. Sick Code is curious to see how John Deere will react because he is unsure how it can patch the flaws without implementing full disk encryption. This would require an extensive system redesign, that would be difficult to deploy on existing equipment.