As much as I like DevOps, this scares me. There are a lot of employees (20%) at BMW that are software engineers. They want to increase that to a larger percentage, which I assume means that we’ll have more and more code in our automobiles, with more systems tightly integrated. We’re even gathering more and more data in modern vehicles. Maybe there are good database job opportunities for some of you with automakers.
If there’s one thing we’ve learned in a few decades of writing software, it’s that large monolithic systems are a mess. They contain vulnerabilities, and more importantly, they are very difficult to patch and change. All of the DevOps success stories I’ve seen from large systems have either been a complete rewrite, or a long term refactoring that removes dependencies and tight couplings between modules.
In cars, we’ve seen all sorts of hacking issues. Hackers can attack a vehicle remotely and a faulty (or hacked) update might leave you in trouble. Granted these things aren’t that likely, yet, though I think this piece understates the potential problems. I think that because once a hack is discovered, how sure are we that a) it will be reported to vendors (hackers might just exploit it), or b) that a fix will certainly be developed that works well and doesn’t cause any issues (remember 10s of millions of lines of code current year cars), and c) consumers will apply the patch. That last item worries me, especially if cars become more connected and share data about operation or as we move to autonomous (semi- or total) vehicles.
Personally I’m not against code in vehicles. I’m not even against some connected systems. What I am against is a monolithic, tightly coupled system. I don’t want engine control or drive by wire sharing a network or code with a CD player or navigation system. I don’t want one computer controlling vehicular functions, entertainment, and climate control. I also want to be sure that there is some protection for all this data, to be sure it doesn’t overwhelm any system. I’ll also admit I like idea of upgrading or replacing parts from different vendors, some of whom might do a much better job of building systems.
We’ve learned a lot about software and complex systems. While I don’t want all manufacturers to use one system or have tight regulations, I would like to see some mandates that separate critical systems from each other. Both in code, and physically. We don’t need to specify code standards, or encryption, or any details, but let’s ensure that a base bar of building software is being used in any of the mass produced vehicles, planes, trains, automobiles, or anything else of substantial size that is operated by the general public.