2024-12-26 - 16:22

Dates and Events:

OSADL Articles:

2024-10-02 12:00

Linux is now an RTOS!

PREEMPT_RT is mainline - What's next?


2023-11-12 12:00

Open Source License Obligations Checklists even better now

Import the checklists to other tools, create context diffs and merged lists


2023-03-01 12:00

Embedded Linux distributions

Results of the online "wish list"


2022-01-13 12:00

Phase #3 of OSADL project on OPC UA PubSub over TSN successfully completed

Another important milestone on the way to interoperable Open Source real-time Ethernet has been reached


2021-02-09 12:00

Open Source OPC UA PubSub over TSN project phase #3 launched

Letter of Intent with call for participation is now available



OSADL Seminar on Software Patents and Open Source Licensing

OSADL Legal Seminar 2016 - Aspects of licensing Open Source software in the context of safety and security certification

Case 5 - Interaction with regulatory authorities (Interaktion mit Zulassungsstellen)

An automobile manufacturer has developed a driver assistance system with such an extensive functionality that it not only requires an ASIL C qualification, the KBA (German Federal Motor Vehicle And Transport Authority) must also grant a type approval and a general operating permit for vehicles equipped with this particular system. The driver assistance system uses Embedded Realtime Linux as an operating system and was qualified (in a post-qualification procedure) on the basis of the SIL2LinuxMP project OSADL for ASIL C. Google’s OTA (Over The Air) was implemented to update the software and steps were taken to ensure that the OTA code itself and the software of the driver assistance system could be separately updated.

Approximately one and a half years after the start of serial production, Google announced that a security vulnerability in its OTA procedure had been discovered and that hackers had already exploited this vulnerability. Google, therefore, urgently recommended that users update the OTA subsystem. If this update was not installed, a hacker could insert malicious code, compromising the driver assistance system.

Questions

  1. Do all the vehicles equipped with this driver assistance system lose their general operating permit when the security vulnerability is announced?
  2. Would the KBA possibly react to the announcement by withdrawing the general operating permits for all motor vehicles equipped with this driver assistance system – and only issue the permits again when the update has been carried out?
  3. Can the KBA even order such a permit withdrawal? If so, can an offending motorist say that he has not received this order and continue to use his vehicle?

Answer
(Please note that the answer is only available when logged in as OSADL member.)

Case 1    Case 2    Case 3    Case 4    Case 5   

Best practices I                  Best practices II