W3C home > Mailing lists > Public > public-automotive@w3.org > August 2015

Re: REMINDER: W3C Automotive WG Phone Meeting

From: Gavigan, Kevin <kgavigan@jaguarlandrover.com>
Date: Tue, 4 Aug 2015 15:30:53 +0100
Message-ID: <CAKaHsmfP2uWbWLzziWxQ-U5N9ufd_D_pqs-1932+U-LxEG14-Q@mail.gmail.com>
To: Junichi Hashimoto <xju-hashimoto@kddi.com>
Cc: public-automotive <public-automotive@w3.org>, Lovene Bhatia <lbhatia@jaguarlandrover.com>, Jonathon Crowley <jcrowle3@jaguarlandrover.com>, Adam Crofts <acrofts1@jaguarlandrover.com>
Hi,

I've also added comments to the spreadsheet referenced by Junichi.

Re: Set Function

I agree with Junichi's comments that it is problematic to provide this
capability until it can be done securely, but would like to develop the
argument at little further:

If sufficiently secure mechanisms cannot be created to prevent an attacker
taking control of safety critical functions, it may be the case that such
systems will have to be protected using an 'Air Gap' - please see
https://en.wikipedia.org/wiki/Air_gap_(networking)

It may be the case that sufficiently secure mechanisms for authenticating
and authorising the entity sending the request will be created to allow
setting values on non safety critical systems like the Infotainment System
(or in most climates) the Comfort Bus and that setting safety critical
values like steering wheel, brake or accelerator position are either not
allowed at all (because of security concerns) or are only allowed if
vehicle is in a special mode where e.g. speed is very restricted to e.g.
5mph.

I'm afraid I won't be able to attend the call today as it is at 12-1am
local time, but will read the outcome with great interest.

Best wishes,

Kevin



*Kevin Gavigan BSc (Hons), MSc, PhD, MCP MCTS*
*Software Architect*

*Connected Infotainment*


*Mobile: 07990 084866*
*Email:* kgavigan@jaguarlandrover.com

*Office address:*
*GO03/057** • **Building 523, **Gaydon** • **Maildrop: (G03)*
*Jaguar Land Rover • Banbury Road • Gaydon • Warwick • CV35 0RR*

On 4 August 2015 at 11:53, Junichi Hashimoto <xju-hashimoto@kddi.com> wrote:

> Hi,
>
> I’ve reviewed the use cases and added my comments on the spreadsheet[1]. I
> think there are two discussion points which would affect the spec
> significantly.
>
> (1) 'Set' function
> Personally, I disagree to provide the 'set' function at this moment for
> security reason, but there a few use cases that requires the functionality
> for window, sunroof, door lock, air conditioner and seat setting.
>
> (2) Controlling data-set or data-granularity depending on app, regulation
> or situation(e.g., in accidents)
> Current spec seems to have only one all-or-nothing permission for the API
> and doesn't care more complicated cases.
>
> Regards,
> Junichi
>
> [1]
> https://docs.google.com/spreadsheets/d/14ij-2I-H4HbilVQ_muCmUayVqmVfdbkoke690MA0kdo/edit?usp=sharing
>
>
> On 15/08/4 13:41 , Paul Boyes wrote:
>
>> *This is a reminder that we have a meeting tomorrow at 5pm PST.
>>   Proposed agenda:*
>>
>>
>> —F2F Recap
>> —F2F Sapporo
>> —Use Case Process and Progress
>> —Spec Issues and Progress
>>
>> Thanks,
>>
>> Paul
>>
>> *
>> *
>>
>> *W3C Automotive WG Phone Meeting*
>>
>> Scheduled: Aug 4, 2015, 5:00:00 PM to 6:00:00 PM
>>
>> Invitees: member-automotive <_member-automotive@w3.org_
>> <mailto:member-automotive@w3.org>>, Lam Tran <_ltran@opencar.com_
>> <mailto:ltran@opencar.com>>, Brannon, Greg <_gbrannon@national.aaa.com_
>> <mailto:gbrannon@national.aaa.com>>, Jorg Brakensiek
>> <_jorg.brakensiek@microsoft.com_
>> <mailto:jorg.brakensiek@microsoft.com>>, 王友光(全家)
>> <_youguang.wang@alibaba-inc.com_ <mailto:youguang.wang@alibaba-
>> inc.com>>, 刘大鹏(鹏成) <_max.ldp@alibaba-inc.com_
>> <mailto:max.ldp@alibaba-inc.com>>, Jeff Payne <_jp@opencar.com_
>> <mailto:jp@opencar.com>>
>>
>> 1.Please join my meeting.
>>
>> https://global.gotomeeting.com/join/524004349
>>
>>
>> 2.Use your microphone and speakers (VoIP) - a headset is recommended.
>> Or, call in using your telephone.
>>
>>
>> Dial +1 (571) 317-3131
>>
>> Access Code: 524-004-349
>>
>> Audio PIN: Shown after joining the meeting
>>
>>
>> Meeting ID: 524-004-349
>>
>>
>>
>>
>> Paul J. Boyes
>> --------------------------------
>> Mobile:   206-276-9675
>> Skype:  pauljboyes
>>
>>
>>
>>
>>
>
>
Received on Tuesday, 4 August 2015 14:31:44 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 24 October 2017 18:52:42 UTC