Robert S. Maher Blog: Your car is about to go open source

Automakers want to standardize on a Linux-based OS that would make vehicle infotainment systems act more like smartphones

In Vehicle Infotainment

Automakers are working to standardize on a Linux-based operating system for in-vehicle infotainment (IVI) systems that would make it easier for cars to act more like smartphones.

An IVI is the “black box” that powers a car’s audio and entertainment systems, as well as hands-free phone service and satellite navigation systems. Most IVIs today have touchscreens and can be voice-activated, but many car buyers pass up those options.

“Today, automakers are having a hard time getting their customers to buy informatics systems because they only can do 10% of what a mobile phone can do,”

said Rudi Streif, who leads the Automotive Grade Linux workgroup for the Linux Foundation.

The main reason for the limited functionality of most IVIs is that car manufacturers use proprietary software developed by third-party suppliers to power their infotainment systems, meaning car-based apps are also proprietary.

Having an open-source IVI operating system would create a reusable platform consisting of core services, middleware and open application layer interfaces that eliminate the redundant efforts to create separate proprietary systems. By developing an open-source platform, carmakers can share upgrades as they arrive.

Automakers could then focus on differentiating their infotainment systems through their user interfaces, which only make up about 5% to 10% of the software in the IVIs.

“We’re leveraging essentially an $11 billion investment already made in Linux by many other companies including IBM and Intel,” Streif said. “We can essentially get the platform for free.& from a royalty sense. Of course, we have to spend resources to make it work in our particular platforms.”

So far, three automakers have rolled out Linux-based platforms on a limited number of models: GM’s Cadillac division uses Linux in its Cue IVI; Tesla offers a 17-in. IVI screen in its Model S all-electric cars; and Toyota recently said that it plans to use a Linux-based IVI in the 2014 Lexus IS.

Tesla’s Model S IVI system is designed to allow drivers to navigate using Google Maps with live traffic information, listen to streaming music from any online radio station and have access to an Internet browser for news or restaurant reviews. With Google Maps, Tesla drivers can also locate recharging locations.

BMW has announced plans for IVI based on the open-source platform, and Ford has developed SmartDeviceLink. SmartDeviceLink an open-source version of Ford’s AppLink mobile API, which used for connecting mobile devices to its Microsoft-based MyFord Touch infotainment system.

A major reason automakers are moving to adopt open-source IVI platforms is that the cost and complexity of maintaining their own systems over time is enormous.

IVIs are the largest software device in a car, requiring upwards of 40 million lines of code.

“In the past, we’ve had generations of infotainment systems where we buy a piece of hardware and some proprietary software from a tier 1 supplier to the auto industry. Then, two to three years later, we go and buy another black box from a different supplier. And you’re effectively wasting those efforts,”

said Matt Jones, a senior technical specialist for infotainment systems at Jaguar Land Rover.

By adopting a Linux-based platform that’s evolutionary, Jaguar Land Rover could continually add new features to its system instead of going back and reinventing and retesting the features drivers have come to expect.

For example, it’s not unusual to have a dozen developers working on a Bluetooth interface for an IVI. By standardizing on just one, any future upgrades would roll out industrywide. So an open-source operating system would allow an IVI to evolve over time instead of being replaced when new car models are introduced, according to Jones.

“We’re focusing on the elements of the IVI system that the customers don’t care about as long as it works,” Jones said. “It doesn’t enable the radio to interface to the user. It just enables everything else to happen.”

Jaguar Land Rover is a member of GENIVI, a nonprofit auto industry alliance committed to driving the broad adoption of an open-source IVI development platform. This week, representatives of the high-end automaker were among 180 GENIVI members who met in San Diego to discuss ways to foster broader adoption of an open-source platform. GENIVI is looking to align platform requirements, deliver reference implementations and offer certification programs to automakers.

Later this month, the Linux Foundation will hold its third annual Automotive Linux Summit in Edinburgh to discuss industry development efforts.

Carmakers today have to maintain their proprietary operating systems, which they buy from outside software providers. And that leaves them at the mercy of their vendors. For example, Microsoft supplies Ford’s MySync system, so Ford would be forced to find another supplier if Microsoft decided to abandon the automotive market.

With Linux, the auto industry has a full community of open-source developers supporting and updating the software.

In 2012, the Linux Foundation launched the Tizen Project, a reference architecture and software development kit (SDK) for a Linux-based IVI. Tizen’s SDK allows developers to use HTML5 to write applications for an IVI.

For example, Reaktor, a software services and consulting company headquartered in Helsinki, Finland, interfaces for existing popular mobile applications for the Tizen open source IVI; To date, Reaktor has created a user interface for the music streaming service Spotify and for the location-based social networking service Four Square.

“One shouldn’t have to re-implement [a mobile app] for the infotainment system every time a new one is created. We’d like to be able to use an existing application on the phone and access it through the user interface,” said Konsta Hansson, general manager at Reaktor.

“Spotify is a prime example,” Hansson said. “You want to be able to control it through your IVI like any other audio source, but to also be able to perform searches and use your existing playlists easily.”

Once an industry standard open-source IVI is created, work can begin in earnest on developing the user interfaces for any number of mobile apps already available.

For example, a navigation system could be integrated with a driver’s email account. With that type of setup, a salesperson traveling to a meeting could, for example, be notified to expect delays because of heavy traffic. And at the same time, someone the salesperson wanted to talk to at the meeting would get the same notification.

“My car knows about my location and it has my calendar from my email,” Streif said. “So, you’re combining the information. It could even suggest parking lots where spaces are open.”

From Computerworld

Vulnerabilities of the Connected Car

By 2020, 75% of cards shipped globally are expected to have internet connectivity. Connected cars feature over 100.1 lines of code, that’s ten Limes the amount found In a Boeing 787.

Attack Points

Interfacing MO the Infotainment System are apps running on the driver, personal mobile device. Many applications contain vulnerable binaries that expose sensitive data and access to critical vehicle controls. Hackers can intercept and control communication between your car and mobile apps acting as ignition keys.

OBD2

Located underneath the dashboard, the OBD2 port is a physical connection used to connect third party devices which monitor speed, braking, and location. On-Board Diagnostic devices lacking firmware encryption enable hackers to command a vehicle’s CAN bus. Most insurance dongles lack security, making them vulnerable to reverse-engineering, data theft and modification.

Infotainment System

One of the primary communication interfaces of a connected car, the infotainment system runs a well known standard operating system that may host high-value and sensitive applications that are easily hacked if not protected. Open network ports have shown to be an entry way for hackers to control critical car function. Internet and wifi coverage expose the vehicle to the same vulnerabilities as a house on wheels.