The GENIVI Alliance, a six-year old organisation which promotes the broad adoption of specified, open source, in-vehicle infotainment (IVI) software, is a worldwide organisation with a mission to involve as many participants as possible, be they in the Americas, in Europe or in Asia.
October 2015 sees the GENIVI Alliance take its All-Member Meeting and Open Days to South Korea, (http://www.genivi.org/amm-2015-october) where much of the focus will be on Korean suppliers, including LG and Hyundai.
In the lead-up to the Seoul event, Automotive World spoke to Matt Jones, President of the GENIVI Alliance. Jones, who is also Senior Technical Specialist, Infotainment at Jaguar Land Rover, discussed the importance of including as many geographic regions as possible in the development of GENIVI’s open source software, and emphasised that open source software is not an open target when it comes to hacking and cyber crime.
Asia is home to some of the world’s leading technology companies. Does the reception to open source differ in Asia to the more traditional European and US automotive stakeholders?
Luckily, no! Companies like Panasonic, LG, and Samsung have been participating in open source with their consumer electronics arms for many years. They have an upstream-first approach, pushing the patches and the changes directly into those projects, and many of the projects they host. And in the past, we’ve had GENIVI systems built on Tizen, a Linux distribution brought about by Samsung and Intel partnering together, linking East and West with the GENIVI elements on top.
Given that South Korea is home to some of the world’s top technology companies, do you find the approach to open sourcing to be bullish than in Europe and North America?
There’s no longer a marked regional difference. If we think about open source and what BMW has released for automotive, or Intel has released to the Linux distribution, or Panasonic or LG or Samsung, they all play in a very similar way. They have intellectual property that is generated on top of those Linux or open source platforms, but when it comes to specific projects, they operate in a very similar way. And that’s the great thing about open source in general.
That suggests that it’s not a question of geography, but about people from anywhere looking to understand what’s going on, and seeking to contribute?
Yes, people from all over the world want to contribute, some people with code, others with ideas on how the code or the architecture – that is, the software – could be structured, and others still with requests. A mass of people all coming together on mailing lists and in chat rooms really helps to accelerate that software production. It’s no longer the ideas in one software developer’s head, or even one office; now it’s multiple offices from multiple companies in multiple countries. And that really helps us to accelerate these features and develop feature sets that multiple people in multiple geographies really want. The power of GENIVI lies in managing to pull all of that together through its mailing lists, through its commitment to Linux and its open source methodologies.
This isn’t about any one company. We will end up with a better platform and, ultimately, people will develop that and use it in better products for the future. And we will all get to see that in a variety of OEMs’ vehicles in the near future.
Given that we’re talking about automotive software, can you please share some thoughts on cyber security and the threat from car hacking and cyber crime?
In the last few months, there have been some big announcements and some big headlines, and the first massive cyber security-related recall. There are also many sensational headlines out there.
But at the same time, none of the GENIVI systems, none of the Linux-based units have been compromised.
What would you say to the notion that, when it comes to security, open source means open target?
That’s really not the case. Imagine if you had all of the best safe designers in the world and they all come together into one forum and make the ultimate safe. It would have all of those different security elements on it that those designers could not have produced independently. Providing the key to that safe is kept secret, it’s absolutely secure. But if the individual safe manufacturers just work on their own without anyone peer-reviewing their design, once one of the burglars figures out how to get through that one piece, that one thing that they’d forgotten, they announce it and everybody can get in through that door. By coming together and peer-reviewing it, keeping the key safe, it’s much more secure.
What has GENIVI been doing in the area of cyber security?
Over a year ago now, GENIVI established a cyber security strategy, and is now working with experts from NHTSA and other government funded agencies worldwide. Ultimately, GENIVI is still based on Linux and Linux is in use today in a variety of applications, from military to telecoms. It still supports SSH and SSL and all of those well-used encryptions that you would use on a day-to-day basis for banking, telecoms or any critical infrastructure. The GENIVI platform didn’t create that, but we’re piggybacking on best practice across the globe because of those foundations on the Linux platform.
On top of that, we do have the Remote Vehicle Interaction, or RVI project, and again the security team and other people from inside and outside GENIVI are constantly peer-reviewing that code. That project is a long way from being a product at this point, but it is fantastic to see people taking an interest and trying to hack that project whilst in an open source arena.
What happens if or when it does get hacked?
If someone manages to hack it, it gets patched, and the foundations of the design are actively changed. Because literally thousands of people have access to this code on a day to day basis, it’ll be so much more robust by the time it makes it anywhere close to a product than something that has been dreamt of in a back room somewhere for nobody else to see.
Are hackers just hacking, or are they coming up with ideas and suggestions?
They’re not just hacking – they are committing code, patching it and making suggestions. This peer-review process that GENIVI is effectively enabling is making a huge difference to the quality of each of these projects. And it’s essential when it comes to things like cyber security.
We will end up with a GENIVI platform that is as secure at a point in time as we can make it because we have all of the best practices from all of our different members – OEMs, Tier 1s, telecoms; it’s also constantly being updated and that will lend itself to use in far more robust products of the future.