[Rayhem]

This is an incredibly myopic take bordering on arrogance. The infotainment system of a vehicle needs (as in, is mandated) to be as safety compliant as the rest of the vehicle's software so your steering doesn't lock out when the display crashes. Writing software for safety critical systems is not a task most developers are familiar with.

[blcArmadillo]

This is not correct. The main infotainment system is not considered safety critical. There are some functions such as rear view camera that are but often this is handled by a real time os that overlays the video on top of the infotainment output. The infotainment system crashing will not take down your steering or braking.

[seanmcdirmid]

Can confirm that. My xdrive unit in my BMW died a few months after buying, and everything worked, I could even hear the parking sensors even if I couldn’t see the camera feed anymore because that was piped through the X-drive unit.

[shiroiuma]

Absolutely wrong. Infotainment systems in cars these days typically run on Linux, not a hard realtime OS, and are definitely not any kind of safety-critical system whatsoever. There's no need for it either; they're isolated from critical systems on the car, in case there's a problem (and there frequently is).

[foobazgt]

Dear no, rather exactly the opposite. In fact, I wouldn't be surprised at this point if all new cars have the capability to reboot the display system in the middle of driving.

You definitely don't want these systems intertwined. It has the side benefit of allowing you to do pretty aggressive things like using more modern hardware, software, etc. E.G. last time I checked, Tesla uses Godot for a decent amount of their UI.

[yourusername]

I don't think that's right. VAG's software is terrible and crashes all the time. I've been locked out of adjusting my AC on a long drive because the infotainment system crashed.

[mulmen]

Uh, what? If my infotainment system is capable of influencing my steering or any safety-critical function then malpractice has been committed. Infotainment needs only read (one-way) capability on the vehicle.

[sterlind]

I do wonder about the CAN bus. there's no access control on the CAN network, there's one shared bus for the whole car, and any controller can starve the bus by spamming with a high address, unless that's changed.

you'd hope that there'd be some kind of filtering to prevent the infotainment system from sending (arbitrary) CAN messages, but I recall some crazy demos of researchers pwning a car's accelerator after rooting the center console.

[fallingknife]

Is that really a security issue, though? If someone has access to your center console, they have access to your car. If someone has access to your car, they can cut your brake lines or do a million other things that are impossible to defend against.

[sokoloff]

The concern is that the attack could be carried out remotely.

https://www.wired.com/2015/07/hackers-remotely-kill-jeep-hig... is one such example (might be the one GP is referring to).

[fallingknife]

I agree that is a serious concern, then. I thought it sounded like voting machine hacking where the dramatic headlines are hiding the fact that the hackers had physical access to the machine.

[mulmen]

Voting machines are scary for different reasons.

1) The general public has private physical access by design.

2) The chain of custody is unclear and hard to prove. This undermines trust in the system.

[sokoloff]

Most modern cars have more than one CAN bus.

(And it’s lower ID messages which have priority over higher, which is more trivia than argument against your premise.)

[mulmen]

The Tesla Cybertruck doesn’t use CAN for steer-by-wire. It uses Gigabit Ethernet. According to my mechanic my ABS system is using something similar. CAN isn’t the only bus in the car. According to Wikipedia the LIN bus is intended to supplement CAN with non-critical components.

[willvarfar]

I have heard from industry insiders that this is true for some major manufacturers, and not for others. If the infotainment is integrated with the driving functions then every release of the infotainment system needs recertifying. Some manufacturers avoid this by having completely separate systems.