Re: [SystemSafety] The VW Saga

From: Andrew Banks < >
Date: Sat, 17 Oct 2015 14:36:01 +0100


Hi all  

>> This is more or less like reconfiguring your mobile from scratch.
 

Given the growing use of Android based systems in cars, this analogy is (perhaps) very prescient !  

Andrew    

From: systemsafety-bounces_at_xxxxxx Sent: 12 October 2015 10:33
To: The System Safety List
Subject: Re: [SystemSafety] The VW Saga  

I am in a trans sector workgroup. One of our automotive colleagues explained us that there is already an emerging “market” of tools to access the SW of cars and that the trend is that such tools will be more and more accessible on internet. This will slowly but surely enable any automotive geek to customize increasing parts of his car. This is more or less like reconfiguring your mobile from scratch.  

Bertrand Ricque

Program Manager

Optronics and Defence Division

Sights Program

Mob : +33 6 87 47 84 64

Tel : +33 1 58 11 96 82

Bertrand.ricque_at_xxxxxx  

From: Matthew Squair [mailto:mattsquair_at_xxxxxx Sent: Monday, October 12, 2015 11:22 AM
To: Peter Bernard Ladkin
Cc: RICQUE Bertrand (SAGEM DEFENSE SECURITE); The System Safety List Subject: Re: [SystemSafety] The VW Saga  

'm sure it could be done. But maybe testing more realistically so that the test can't be spoofed might be easier? As I understand it that's how the VW issue was found in the US?

Matthew Squair  

MIEAust, CPEng

Mob: +61 488770655

Email; Mattsquair_at_xxxxxx

Web: http://criticaluncertainties.com

On 12 Oct 2015, at 8:15 PM, Peter Bernard Ladkin <ladkin_at_xxxxxx

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 2015-10-12 10:48 , RICQUE Bertrand (SAGEM DEFENSE SECURITE) wrote:

It depends.

It sure does!

(I'm slowly beginning to think this is your way of saying "Hi everyone!" :-) )

It raises interesting questions. Can the retrofit be mandatory ? How can the usual periodic

tests (very generic) discover a problem designed to be hidden ?

The questions are indeed interesting, and complicated. I raised this issue a while ago (in 2014, I think) privately. Both colleagues thought one could never get companies to agree to open up their SW IP (as Naughton points out, an increasing portion of the value of a product) to third-party inspection. But one of them thinks it an appropriate measure, as I do.

It can't be impossible. For a long time, companies have had to open their finances to independent inspection once a year. For financial companies (some of the very biggest companies), almost their entire IP consists in that. It also doesn't always work (Enron, WorldCom, Lehmann, Madoff). But it mostly does.

So it can be done. What's different about the case for SW?

It would have to be done through legal instrument, as with finances. And if just one country passes such a law, then there is the danger that multinationals will just stop selling their products there.

But I bet there's a way somehow.

PBL Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany Je suis Charlie
Tel+msg +49 (0)521 880 7319 www.rvs.uni-bielefeld.de

-----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJWG3omAAoJEIZIHiXiz9k+7TkH/jHrosRlDEP8ZXPabMl/a376 uxSPWeghLO+2Vrtf3Q1PxkWt5Ry57IM05A665P+hDEm4raQWuSXwG7HPNMlDyZH4 j+nVSO+sFYN45ZUM38gev0msv2FYKSym9DrVASv/GXFDJ8mDUKYlAo/ClWipCamC pxpUzC+D/W4eMd+as1BeIwUco1NaNZjbiDtOKq48FfVajkz0iszXdBo0Hx/L5srh SJF7466TNgmHxrwI/rFkCcTm1fCqdCwI9iVdVshmj5gvpWhCzNOnz0mTvArqRibp vD1TeLXrDaY/Ewjph8LM4xkg2ud1zw2RFq4vTCs3dP6ch2UteYQYgLn4IZj62oI= =DMHm
-----END PGP SIGNATURE-----



The System Safety Mailing List
systemsafety_at_xxxxxx

#
" Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles, être soumis aux règlementations relatives au contrôle des exportations ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Toute exportation ou réexportation non autorisée est interdite.Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés."



" This e-mail and any attached documents may contain confidential or proprietary information and may be subject to export control laws and regulations. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. Unauthorized export or re-export is prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system." #
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus




_______________________________________________ The System Safety Mailing List systemsafety_at_xxxxxx
Received on Sat Oct 17 2015 - 15:27:29 CEST

This archive was generated by hypermail 2.3.0 : Wed Feb 20 2019 - 20:17:07 CET