Re: [SystemSafety] The VW Saga

From: RICQUE Bertrand (SAGEM DEFENSE SECURITE) < >
Date: Mon, 12 Oct 2015 11:32:33 +0200


I am in a trans sector workgroup. One of our automotive colleagues explained us that there is already an emerging “market” of tools to access the SW of cars and that the trend is that such tools will be more and more accessible on internet. This will slowly but surely enable any automotive geek to customize increasing parts of his car. This is more or less like reconfiguring your mobile from scratch.

Bertrand Ricque
Program Manager
Optronics and Defence Division
Sights Program
Mob : +33 6 87 47 84 64
Tel : +33 1 58 11 96 82
Bertrand.ricque_at_xxxxxx

From: Matthew Squair [mailto:mattsquair_at_xxxxxx Sent: Monday, October 12, 2015 11:22 AM To: Peter Bernard Ladkin
Cc: RICQUE Bertrand (SAGEM DEFENSE SECURITE); The System Safety List Subject: Re: [SystemSafety] The VW Saga

'm sure it could be done. But maybe testing more realistically so that the test can't be spoofed might be easier? As I understand it that's how the VW issue was found in the US?

Matthew Squair

MIEAust, CPEng
Mob: +61 488770655
Email; Mattsquair_at_xxxxxx Web: http://criticaluncertainties.com


-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

On 2015-10-12 10:48 , RICQUE Bertrand (SAGEM DEFENSE SECURITE) wrote:

It depends.

It sure does!

(I'm slowly beginning to think this is your way of saying "Hi everyone!" :-) )

It raises interesting questions. Can the retrofit be mandatory ? How can the usual periodic tests (very generic) discover a problem designed to be hidden ?

The questions are indeed interesting, and complicated. I raised this issue a while ago (in 2014, I think) privately. Both colleagues thought one could never get companies to agree to open up their SW IP (as Naughton points out, an increasing portion of the value of a product) to third-party inspection. But one of them thinks it an appropriate measure, as I do.

It can't be impossible. For a long time, companies have had to open their finances to independent inspection once a year. For financial companies (some of the very biggest companies), almost their entire IP consists in that. It also doesn't always work (Enron, WorldCom, Lehmann, Madoff). But it mostly does.

So it can be done. What's different about the case for SW?

It would have to be done through legal instrument, as with finances. And if just one country passes such a law, then there is the danger that multinationals will just stop selling their products there.

But I bet there's a way somehow.

PBL Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany Je suis Charlie
Tel+msg +49 (0)521 880 7319 www.rvs.uni-bielefeld.de<http://www.rvs.uni-bielefeld.de>

-----BEGIN PGP SIGNATURE-----
iQEcBAEBCAAGBQJWG3omAAoJEIZIHiXiz9k+7TkH/jHrosRlDEP8ZXPabMl/a376 uxSPWeghLO+2Vrtf3Q1PxkWt5Ry57IM05A665P+hDEm4raQWuSXwG7HPNMlDyZH4 j+nVSO+sFYN45ZUM38gev0msv2FYKSym9DrVASv/GXFDJ8mDUKYlAo/ClWipCamC pxpUzC+D/W4eMd+as1BeIwUco1NaNZjbiDtOKq48FfVajkz0iszXdBo0Hx/L5srh SJF7466TNgmHxrwI/rFkCcTm1fCqdCwI9iVdVshmj5gvpWhCzNOnz0mTvArqRibp vD1TeLXrDaY/Ewjph8LM4xkg2ud1zw2RFq4vTCs3dP6ch2UteYQYgLn4IZj62oI= =DMHm
-----END PGP SIGNATURE-----



The System Safety Mailing List
#
" Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles, être soumis aux règlementations relatives au contrôle des exportations ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Toute exportation ou réexportation non autorisée est interdite Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés."

" This e-mail and any attached documents may contain confidential or proprietary information and may be subject to export control laws and regulations. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. Unauthorized export or re-export is prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system." #


The System Safety Mailing List
systemsafety_at_xxxxxx Received on Mon Oct 12 2015 - 11:33:12 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:07 CEST