Thursday, July 17, 2014

A cloudy outlook for self-driving cars

Over at Gormogons, GorT muses on the prospects for self-driving (autonomous) cars, and thinks that it's more or less inevitable that these will come to dominate the market.

The Antiplanner looks at President Obama's recent call for mandatory use of this technology and delves into the downsides:
First, V2V [Vehicle-To-Vehicle communications - Borepatch] and V2I [Vehicle-To-Infrastructure - Borepatch] communications pose serious security risks for travelers and cities. With V2V communications, an automobile that suffers a fender-bender would communicate to all nearby vehicles that they ought to take a different route to avoid congestion.

That sounds good, but what happens when someone hacks the system and puts out radio signals in a hundred or a thousand critical urban intersections that effectively shut down traffic in an entire city? As one expert at the driverless vehicle symposium observed, “just think of the opportunities for chaos!”

Second, V2I communications will allow the nanny state to monitor and control when and where you travel. For example, PC Magazine observes that V2I is “so accurate a revenue-hungry town could write tickets for doing 57 in a 55 zone.”

Worse, suppose your state decides to cut per capita driving in half, which isn’t far fetched considering that in 2008 the Washington legislature passed a law mandating such a reduction by 2050. With V2I communications, the government could decide you have driven enough and simply shut off your car.

Third, what happens when all cars are dependent on V2I systems that the government can’t afford to maintain? The federal government is notorious for funding capital projects and then providing inadequate money to maintain them, and state and local governments are little better.

Finally, V2V and V2I communications will be unnecessary added expense to auto ownership.
Speaking professionally, the security risks are way, way worse than even this (pretty good) overview gives.  The idea of targeted attacks is very plausible, particularly if (as is likely) the comms systems are Internet-enabled (say, via OnStar).  Even if they are not directly Internet-enabled, they look to almost certainly be on the same comms bus with systems that are Internet-enabled.

This will be a very high value system to compromise, which tells you everything that you need to know to understand the nature of the attackers it will attract.  It ain't going to be Bobby Scriptkiddie.

And mandatory government tinkerable systems seem to be a stretch until issues like NSA metadata collection and use are resolved, which looks to be just a little before the heat death of the Universe.  Given that people's faith in the Government to be (a) competent and (b) non-malicious is asymptotically approaching zero, just how would Congress pass a law like this and survive the next election?

But it gets even worse - there will have to be controls over who can tinker with these systems, or Charlie Carowner will just disconnect the damn thing some Saturday.  So only licensed mechanics will be lawfully able to do this.  OK, how many mechanics are there in the good old US of A?
There are approximately 763700 people employed as an Automotive Service Technicians and Mechanics.
How many of these would be able to be bribed or intimidated to get access to the systems (i.e. facilitate compromise of the system)?  Consider a threat scenario when a large organization (Government Agency, Union, Special Interest Group, etc) really wanted to gather information on a particular individual.  Could you bribe a mechanic to add some code for, say, $25,000?  That's rounding error for these organization's budgets.

But GorT brings an even stronger reason why this is almost certainly not going to become widespread anytime soon:
There really is a bottom line as to why Google and other companies are looking into it: data.  The data that could be collected from the cars, passenger ids (for anti-theft / authorized usage) and travel patterns would be huge.  Toss in there the ability to market those passengers and it becomes even more enticing.
Google and Facebook are burning down any level of trust that they may once have had, because GorT is exactly right - the your data is worthless to them if they can't monetize it.  It's one thing to see pictures of your BFF's baby niece, it's another kettle of fish entirely for Google to know exactly where your car is (and if you are in it) every second of every day.

Why on earth would anyone ever want one of these cars under those circumstances?  So that you don't have to drive home after a couple too many beers at the pub?  Get a cab.

Right now you get free Internet search (and maybe email) - you get something of value from Google.  What of value do you get for letting them follow you around everywhere you go?

The potential downsides are so, well, creepy - and so hard to explain to your Mom without it sounding creepy - that these products will almost certainly be toxic in the marketplace.  And that's without adding in the Government-revenue-grabbing/busybody-in-your-bidness/NSA-stalker overlay of added creepy from the Fed.Gov.

Until the Government and Silicon Valley do a much better job of showing that they can be trusted with this sort of data, or showing that there is a much better ("killer app") benefit to the car owner, this isn't going anywhere other than the drawing board.


deadmandance said...

"How many of these would be able to be bribed or intimidated to get access to the systems"

Hell, man, all the mechanics I've ever known would do it for free.

burt said...

Hey BP, like the same guys who think Obama is so wonderful and self-drive cars would be so wonderful and rainbows and unicorns are so wonderful and everything are the same totally rad dudes who think you don't need that nasty car-thingy unless it is like totally wind-and-solar powered and let them plug their iThingys into it so they could, um, like locate which bar their friends were at. Because KITTENS!!!


It's impossible to explain network security fail to people who don't have the attention span G-D gave a goldfish. And I'm giving those oxygen-wasters more credit than they're due.

They have become the Deltas. Willingly. Voluntarily.

Goober said...

I don’t know, Borepatch. The benefits of self-driven vehicles just may overtake the downsides.

Consider 4-way stops. You’re driving towards one at 35 miles per hour, and three other cars are coming at the intersection at the same rate, on a collision course with you. V2V communicates between the four cars. Car one speeds up 1.5 miles per hour, car two maintains speed, car three slows down 1.5 miles per hour, and your car slows down three miles per hour. All cars proceed through the intersection at speed, missing each other by inches, but with the worst of them only being forced to slow down to 32 miles per hour from 35. No one has to stop. Even in high traffic situations, the cars could “weave” through the intersection at close to travel speeds, with small changes being made a couple hundred feet prior to entering the intersection to ensure no collisions.

Multiply this by ten intersections a day that you don’t have to stop anymore, and your fuel economy for in-town suddenly is better than your best highway fuel economy, and your trip time is cut by 25%.

Also, the 60,000 people a year that die on our highways every year stop dying, for the most part, anyway.

Also, traffic jams no longer exist, because you can fill a highway bumper-to-bumper to full capacity and still drive cars through it at 60 mph, something you could never do with meat computers driving.

Yeah, there are some creepy ramifications, but so are there for carrying a smart phone, and everyone does it, anyway.

My guess is that self-driving cars will be so much better that they will be mandated very soon after the technology is “perfected” and self-driving vehicles will either become illegal, or will be constrained to certain hours, only. Any downsides associated with that will more or less be overshadowed by the fact that we aren’t losing a Vietnam War’s worth of people every year to traffic collisions, and city folk aren’t living half their lives in a car parked on a clogged freeway.

I don’t necessarily LOVE the idea, because I’m a car guy and love the vehicle/human interface with all of my heart, but as long as I can hook up to my trailer, set my destination, and then play tea parties or read books with my daughter until we get there, I guess I can live with it. I think about my yearly salmon fishing trip to Canada, and consider the amount more fishing I could do if I could just set the destination for my truck the night before we leave, then sleep in the truck while it’s getting us there, bright and early the next morning, and go fish, instead of losing a day to driving every trip. When I want to be on the water at 6 in the morning, and have a three hour trip down to Hell’s Canyon, for instance, I have to leave my house at 3 am, and stay awake the whole way down.

OR, I could just sleep in the damn truck while it’s driving me down there.

I think it will be the cat’s ass, and I’m as much a car guy as the next person.

Security issues aside, that is...

But I've said it before, I doubt i'll ever be of any interest at all to the government...

FrankC said...

"puts out radio signals in a hundred or a thousand critical urban intersections that effectively shut down traffic in an entire city?"
Pah! I've been in a traffic jam caused by one car grinding to a halt in rush hour.

jon spencer said...

Another drawback, there will be no need to find a driver willing to suicide to deliver a boom.

burt said...

Goober (and BP):

The government can't even get air traffic control right, and there are fewer aircraft in a much more open space than the nation's highways. And unlike drivers, who may make unexpectedly decide to stop and get a cup of coffee on the way to work, the nation's airways are populated with "buses with wings" that follow (usually) specific routes between airports.

When automated crash-avoidance, takeoff and landing, taxiing, weather avoidance, and flight routing are completely automated and require **NO** human intervention - and that includes a pilot in the cockpit - let me know. Then, I'll trust a car's computer and government-mandated control systems to drive my car.

Stephen said...

Goober, et al. --

You fail to consider a. failure modes, b. bureaucrats, and c. liability.

a. means the actual sequencing won't be as tight as you suggest (what about cars not yet equipped?). b. means the four way intersection case will be programmed like the manual case -- all stop, then a priority selection rule will be applied. Liability? The law will require a licensed driver be awake and ready to take over. No one will pay attention to that, but you can forget about sleeping on your way to vacation. Better leave a day early. I think autonomous cars will help us with highway driving and parking, but hands off driving will come when we also get flying cars. We were promised FLYING CARS! You'd better believe I don't want my car hooked up to any network.

Rick C said...

Goober, you also fail to take into consideration Borepatch's idea about the government deciding you've driven too much. Maybe your road trip puts you over your allotted mileage for the year.

FrankC, didn't you see Live Free or Die Hard? Imagine someone creating virtual accidents in a pattern designed to shut down the entire city. At least with normal city traffic jams, they peter out as you get farther away, so you can just turn off and go up the next major street, or the one after that. Worse, what if our putative bad guy wants to actually create real trouble, by selectively altering the control signals so two or more cars do hit each other? I don't know how many tow trucks the average city has but imagine creating enough accidents that they're all busy: now the jam could last ALL DAY or longer, because the damaged vehicles can't be moved.

Based on past experience, you can bet the people designing these things haven't given a single thought to this.

burt said...

One other comment if I may: the auto-drive vehicle blows a fuse or blue-screens (please, no jokes about Microsoft regardless how appropriate), the controls lock up, and the car - now a missile - crosses the double-yellow directly into the oncoming lane, hits 3 other cars and kills 2 passengers, and ends up on the sidewalk killing and maiming several others.

Who has liability here? The owner of the car who was sitting in the back seat letting the car drive *as he was told to do*, the car's manufacturer who will surely blame the government's network (they couldn't get a web site to work and we're going to put them in charge of driving cars????), the government who will quickly put the blame back on the manufacturer (who should have known this could happen) and the car's owner (who should have been in the front seat at the controls just in case something goes wrong)?

If the driver should have been in the front seat and at the controls... then what's the purpose of a self-drive car that needs to be watched in case it stops self-driving? Why not just drive the car yourself? Back to first principles.

I teach courses in the computer science department as an adjunct professor at a local college. The first night I teach "Introduction to Artificial Intelligence", I give one example of why "skynet" and "autodrive cars" are in our distant future - if ever. Here's the example:

"Think about a young child playing on a Little League team. That child is playing right field. Now, imagine what happens when the batter hits a fly ball.

Quickly and simultaneously, the player must calculate the continuously changing azimuth/elevation calculations as the ball flies toward him, while simultaneously running backwards across uneven ground and stumbling on gopher holes, while looking at the ball which is being pummeled by the local breeze, and holding up one hand covered by a glove - all in the hope that, when the ball hits the glove, the force of impact won't prevent fingers from closing the glove sufficiently to keep the ball from bouncing out of the glove onto the ground... which results in an entire different combination of calculations altogether."

And you think auto-drive cars on our pothole-filled, snow- and ice-covered roads will be able to cope with those humans who are still walking along the side of the road because the sidewalks weren't cleaned off? And that the slush won't cover the cameras that provide the computer vision necessary to correct for the lack of a GPS signal blocked by buildings and trees?


Auto-drive cars are a fantasy by people who live in Silicon Valley. Send them to live in Boston or Albany for a couple of years and they'll understand that auto-drive cars are a wonderful - but not achievable - fantasy.

And as far as skynet goes: at the end of the third movie, skynet bombed the cities and population centers... just where many of its data and telecommunication centers were located. Not very smart, even for a computer.

Jake (formerly Riposte3) said...

"Multiply this by ten intersections a day that you don’t have to stop anymore, and your fuel economy for in-town suddenly is better than your best highway fuel economy, and your trip time is cut by 25%."

Now take all the situations you describe that happen in one region in a single minute, add in all the cars passing in opposite directions on non-divided highways in that same minute, and all the vehicles on the interstate in a position to go off a cliff/hill/mountain or into a bridge/ditch/other cars at that time, and multiply by one terrorist hacker.

The number of potential casualties makes that "60,000 people a year that die on our highways" figure look like nothing more than statistical noise.

Do you really think the same governments that were behind the ACA website insanity are going to be able to build adequate security into a nationwide network where they're mandating that everyone must have a device capable of accessing it?

Differ said...

I expect autonomous cars sooner rather than later, though probably limited to highway operation at first. The processing would be primarily on the car with overarching external ATC, helping but not required. I posted a paper on anenglishmanindixie blog

Richard Blaine said...

A default behavior for an autonomous system should always fail to manual control - which means, yep that idiot behind the wheel (who's actually crawled into the back seat to take a nap) must take over. Opps

We still have cars from 1908 on the roads (yes, very few and not very often) many more from the 60's and boatloads from 90's. Under what conditions do they see these not creating a problem? I can't imagine one.

Your car will be hacked. Your car will be jammed. If you can't talk to traffic control - you're on manual (assuming they even let you)

freeway - hack one car to slam on it's breaks when it loses traffic control signals - the set up a jammer, see how many cars you can pile up in one crash.

Pull into the turnaround at that fancy hotel and some hacker decides full accelerator is the appropriate action.

Where might it work? special highways for electric cars where you have to go though a manned toll both to get access. Even then I wouldn't trust it.

There's a big difference between getting something to work when EVERYONE is trying to make it work, and getting something to work DESPITE everyone's indifference (or worse)