As the story about Volkswagen's emission test failure evolves and "defeat device" enters into everyday parlance, I believe I have some insight to provide on software testing.
The Electronic Frontier Foundation says that "Researchers Could Have Uncovered Volkswagen’s Emissions Cheat" if they had access to the source code. As a professional software developer, I feel that this may be a hard argument to make.
The process of building of high quality software is no different from that involved in building something more physical such as say Gorilla Glass or even a new pharmaceutical drug. Simply making it available for others to copy would eventually de-incentivize the development of Intellectual Property that I believe is the foundation of the higher living standards in the United States. Instead I propose what I consider a reasonable middle ground
Open Interfaces
Instead of making the source open, companies making products that affect public safety must be asked to:
1. Modularize their code (this is a necessary step to identify #2)
2. Publish the interface to each module
3. Provide simulation based test platforms and test cases, where the vehicle is simulated but the ECU software is identical to the software on the vehicle.
VW's emission controller software would monitor the steering wheel position, how long the engine was at a steady speed, etc. and deduce that the vehicle was in test mode and accordingly reduce emissions. When the vehicle was driven in regular conditions, the emissions would fall back to a much higher level.
If VW had published the interface to their emissions ECU, then that itself would have raised questions - clearly, why would an emissions ECU need to know about the steering wheel position? By providing additional information required in #3 above, regulators and/or researchers could have further deduced that something was amiss.
Apart from keeping proprietary code secret, the Open Interfaces method has the following advantages:
1. A review of the test cases is easier than the review of every line of code
2. The system becomes testable and the tests can be used across manufacturers. If test case input and output data formats were standardized then the EPA/CARB could test the simulated behavior of the vehicle. This incidentally can be used to "fuzz" input data and enhance security too.
I'm already 15 minutes past lunch-time, so that's all for this time.
Kuntal.
No comments:
Post a Comment