|
>Unless you can show that you are competent to modify safety critical software, and have a certified process in place > require the full lifecycle documentation to allow you to understand the impact of any modifications you make, and be required to do a full impact analysis to prove that any modifications you make do not reduce the integrity of the existing safety functions Car manufacturers does not use formal verification, even though it exists, and would be able to give hard guarantees about safety and the like. And given recent history about analysis of code that resulted in run away bugs, I, as a professional developer, are completely confident that few if any manufacturers do the above. They have an extensive testing procedure, surely, but they're not trying to avoid the bugs earlier in development, nor try to enforce a coding style that reduce the risk of bugs. But besides that point, many people are not arguing that they should be allowed to tinker with safety settings and drive on the road. That would be illegal, just as it is illegal to remove the lights and drive at night. But I as an owner of the car, should be able to see and change that code for auditing purposes, or use on a closed road. If the entire system of the car is open, it is also trivially easy to compare the running code with the version supplied from the manufacturer and see if any modifications have been made. |
If you change the code outside of the development process, you could unwittingly compromise the safety of the vehicle. The manufacturer is required to use access controls to prohibit people from changing the software for exactly this reason.