Re: The role of FOSS in preventing a recurrence of vehicle emissions scandals

[John Sullivan <john@wjsullivan.net>]

On Mon, May 08, 2023 at 08:57:22AM -0700, Matt Ivie wrote:
> On Sat, 2023-05-06 at 16:58 +0300, Lars Noodén wrote:
> > Recent news¹ reminds us that back in 2015 a whistleblower exposed the
> > VW/Audi emissions scandal, which I guess had been going on since
> > 1999.
> > The companies executives used closed source, proprietary software in
> > the
> > vehicles to hide the fact that the vehicles were emitting 40 times
> > the
> > allowed NOx when actually out on the roads and not in the testing
> > centers.  Even with fines and prison sentences, there is no way to be
> > sure the companies are not working on more of the same -- unless the
> > development is done out in the open.
> > 
> > Clearly we see both physical and economic harm from neglecting to
> > require FOSS even in embedded computers, such as the 100+ now found
> > in
> > each new car.  because these companies have already shown that the
> > closed source model *cannot* be trusted such style of development
> > should
> > not be allowed any more in regards to vehicles.  Surely a FOSS-based
> > workflow can be figured out.
> > 
> > Perhaps it is a timely and appropriate topic for institutions like
> > FSF,
> > OSI, EFFI, and so on to address that publicly?  Even a short
> > statement
> > in passing would at least raise awareness and provide an opportunity
> > to
> > ratchet things forward in regard to Software Freedom.
> > 
> > /Lars
> > 
> 
>  remember this scandal very well. There is a large incentive for car
> companies not to use Free Software on their embedded controllers. The
> emissions problem you highlight actually has a reverse effect if ANYONE
> can change or modify those programs. The intention of using Free
> Software on the controller to allow everyone to see what the code is
> telling the vehicle to do is good but given the ability for anyone to
> change the code and install their changes opens the door for those that
> don't care about emissions to tune their engine for performance instead
> of emissions. It could be argued that there are ways to avoid that, and
> I'm sure there are but how complex does that become?
> 

One way may be to have the software in question be a fully reproducible
build. The state (or whoever) maintains a list of approved hashes from
known reproducible builds that people can install on their own cars, and
there is a mechanism by which people can submit modified builds
"upstream" for approval.

Then cars in order to be street legal have a single "proprietary" box
(possibly this function could be performed with no modifiable software
at all) with a single responsibility of reporting the hashes of software
installed elsewhere in the car. This enables spot checks.

-john

_______________________________________________
libreplanet-discuss mailing list
libreplanet-discuss@libreplanet.org
https://lists.libreplanet.org/mailman/listinfo/libreplanet-discuss