[adamb]

Fair enough. Though my point was trying to say that protocols should assume a variety of component failure modes.

I'd rather just have to trust the safety standards of the manufacturer of my car (and to a lesser extent the cars I might directly collide with), not the safety standards of every vehicle within transmit distance.

[Ninn]

If someone has access to control an ECU on your can bus you are just as bad off as you would be in the case you worry about. And on top of that i promise you the ECUs in modern cars are not works of art with good error handling. But consider that there are many currently unemployed technologies that can work to make for example the sharing of sensory data signed and trusted, for example by deploying technologies which apple uses today with great success amongst others?

[adamb]

I am not aware of any sensor system that involves meaningful cryptographic claims about sensor readings. I'd love to learn more about anything along those lines.

Especially the associated threat modelling and engineering principles!