Re: [w3ctag/design-reviews] VISS (Vehicle Information Service Specification) 2 Core and VISS 2 Transport (Issue #768)

The W3C Auto WG has met with PING on a couple occasions, describing the political/legal landscape challenges, our access control architecture and recently added consent management framework hooks to support and out of band [consent management system we are encouraging in COVESA](https://wiki.covesa.global/download/attachments/75727182/CV_BoF-Consent_Management.pptx?api=v2).

We had also added privacy/security principles statements to the specifications with similar wording of other W3C specifications.

We have prepared responses to the [Societal Impact](https://github.com/w3c/automotive/blob/gh-pages/societal-impact-questionnaire.md) and [Security and Privacy](https://github.com/w3c/automotive/blob/gh-pages/security-privacy-questionnaire.md) questionnaires.

As for the an architectural diagram, there are several ways VISS can (and is) be used.

- vehicle to cloud interactions, limited and controlled by vehicle manufacturer
- in-vehicle API to support headless applications for data sampling, currently [AutoSAR](https://www.autosar.org/) is evaluating VISS in their collaboration with [COVESA](https://covesa.global) for this purpose
- web based apps running in a browser in the head unit (stereo/infotainment system) - implementation by BMW on Android Automotive 
- web based apps running from a paired smartphone either directly to VISS on the vehicle or indirectly (for security and other considerations) from data off-boarded and residing in the cloud

See also [COVESA Architecture Miro](https://miro.com/app/board/uXjVPoh2zow=/)

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/768#issuecomment-1830379864
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/768/1830379864@github.com>