HW7: Reflection

I think I am truly stumped as to what ties all these articles together if anything at all.  Obviously the SPY Car Act of 2015 and the Rouf and Miller paper from 2010 have a lot of the same concerns.  They deal with the Tire Pressure Monitoring System implemented on most cars after 2008 that use wireless technology to feed a sensor TPM electric control unit about any changes in tire pressure.  That’s actually a good technology because it keeps miles per gallon up, is safer for braking distances, and probably keeps your car aligned well and saves you money by making the most out of your tires.  However the Rouf and Miller paper seek to see what are some of the disadvantages of such a system and how dangerous can this really be.  I was able to find some open source software that claimns all we need is about $50 in hardware mostly for an antenna and a computer capable of running GNU Radio and we can be doing the same thing these researchers did (https://github.com/jboone/tpms).  The findings from the paper do state that while possible to use this as a tracking system the resulting hardware needed to actually accomplish this would be cost-prohibitive.  A significant limitation when dealing with TPMS is that it’s only required to send a signal every 60 to 90 seconds.  Traveling at a high speed makes it more difficult to track any one specific car.  But we aren’t exactly out of the woods.  It’s very easy to set a spoofing attacks on this system from what the authors were able to find making it easy to trick the car into thinking its tires were low on pressure.  If this was ever a highly critical safety system they could do a lot more than trigger a warning light on a dashboard.

Which leads us to Congress and the SPY Car Act which sets to ensure that all auto manufacturers implement cybersecurity standards.  The bill reads a bit like a Software Requirement Specification (SRS) heavy on security.  For instance 2a of 30129. Cybersecurity Standards reads “all entry points to the electronic systems of each motor vehicle manufactured for sale in the United States shall be equipped with reasonable measures to protect against hacking attacks.”  It goes on to specify what’s to be done with driving data and even cyber dashboards.  I’m still driving a 2008 so I don’t think I made the cut but I imagine all cars will be as secure as anything and probably a good many jobs developing new secure and robust systems for car manufacturers.

The last two articles go on to talk about a psychology experiment that says on average the the number of objects human can hold in short-term memory is 7 +- 2.  I had studied this in Psychology before and found it fascinating.  It goes on to say that this has been debated since the study was published in 1956 by George Miller.  And the last article dealing with Test Driven Development has to do with writing a test before you write just enough production code to fulfill that test and refactoring your code so that you’re always improving.  You’re also ensuring the code maintains the original requirements by running all the previous tests plus the new one and ensuring those pass and are valid.  TDD is probably one way car manufacturers implement their software systems in their cars and ensure they meet all the regulatory requirements from all the previous laws and can quickly modify their or add new requirements for laws that are to follow.  At least that’s what I would recommend in today’s world where security and completeness and fastest to market all play on the profits and prestige received from those on the outside.

Post a comment

You may use the following HTML:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>