| Nothing about my comment advocates for perfectionism. My point is that V2V systems and research papers I've seen just don't make meaningful claims about safety. They instead make claims about convenience and efficiency, which are not substitutes for safety. We know to test vehicles for crash safety before putting them on the road. While I believe there are certainly ways to make use of V2V communication that increase overall safety, I haven't seen anything remotely resembling a crash test for V2V systems. Creating a system that relies on the correct behavior of all components is not a recipe for safety or reliability. This is especially true as the number of components increases (this happens when a car exchanges messages with all the cars around it). We need V2V systems that rely only on correct behavior of any component and allow for malicious behavior of some components. The idea that a protocol version mismatch from some rolling deploy can cause injuries in cars made by other manufacturers is the sort of thing that I haven't seen a single person point out. How would something like this even be caught and debugged? Advocating for an ecosystem where these things are likely but neither addressed nor considered is just plain irresponsible. |
The level of security and approach to security will largely correlate to the types of messages that such a system ultimately needs. This sounds obvious, but I think it really isn't. In a world of self-driving vehicles with lidar + optical sensors, how much v2v communication is required beyond the sensor data?
Until that question is answered, it might not make sense to primarily focus on the security and reliability of said data.