In my opinion it points to a more dangerous thing, “continuous delivery” software mindset seeping into safety critical systems.
It’s fine, good even, that web developers can push updates to “prod” in minutes. But imagine if some dork could push largely untested control system updates to your car’s ECU… it’s one thing for a website site to get a couple errors, but it’s a very bad thing if it makes your steering wheel stop working.
Unfinished products make more money, and it’s high time a consumer protection law clamped down on this.
I agree I mean how many times in the past couple of years have large sites or services gone down because an update was pushed through.
Most recently I can think of teams going down earlier this year.
Should be protocols put into place for cars that need to be followed for a software update.
Should be protocols put into place for cars that need to be followed for a software update.
Protocols are in place. We can argue over wether or not those are good enough, but the car industry is incredibly heavily regulated.
Those protocols include certain systems being designated as “critical” and significantly more testing is required to change them. Some changes can only be made after an entire year of testing by a third party auditor including crash tests, emissions tests, etc.
Updating the map to inform the driver that a police officer is standing around the next corner with a radar gun? That can be done OTA with zero testing (and yes, my car does that). That’s not a critical system, it’s an important safety feature. If the car ahead of me is going to slam on the brakes the moment they see the officer… I want to know it’s likely to happen ahead of time - might even slow down myself. ;-)
This operates under the assumption that cars produced before the era of OTA updates could not have been improved by OTA updates. I’ve used a few of them, and that doesn’t seem to be the case.
But imagine if some dork could push largely untested control system updates to your car’s ECU…
While I can’t deny that this isn’t categorically impossible, it seems incredibly unlikely. At the very least, I don’t think we’ve seen this happen yet, and OTA updates have been around for a while now.
In my opinion it points to a more dangerous thing, “continuous delivery” software mindset seeping into safety critical systems.
It’s fine, good even, that web developers can push updates to “prod” in minutes. But imagine if some dork could push largely untested control system updates to your car’s ECU… it’s one thing for a website site to get a couple errors, but it’s a very bad thing if it makes your steering wheel stop working.
Unfinished products make more money, and it’s high time a consumer protection law clamped down on this.
I agree I mean how many times in the past couple of years have large sites or services gone down because an update was pushed through. Most recently I can think of teams going down earlier this year.
Should be protocols put into place for cars that need to be followed for a software update.
Protocols are in place. We can argue over wether or not those are good enough, but the car industry is incredibly heavily regulated.
Those protocols include certain systems being designated as “critical” and significantly more testing is required to change them. Some changes can only be made after an entire year of testing by a third party auditor including crash tests, emissions tests, etc.
Updating the map to inform the driver that a police officer is standing around the next corner with a radar gun? That can be done OTA with zero testing (and yes, my car does that). That’s not a critical system, it’s an important safety feature. If the car ahead of me is going to slam on the brakes the moment they see the officer… I want to know it’s likely to happen ahead of time - might even slow down myself. ;-)
Oh yeah don’t stop.
This operates under the assumption that cars produced before the era of OTA updates could not have been improved by OTA updates. I’ve used a few of them, and that doesn’t seem to be the case.
While I can’t deny that this isn’t categorically impossible, it seems incredibly unlikely. At the very least, I don’t think we’ve seen this happen yet, and OTA updates have been around for a while now.