Making Driverless Car Software Updates Automatic, Seamless
JFrog sponsored this article, which was written independently for The New Stack.
Despite all the development to perfect autonomous cars, many challenges remain. In fact, Gill Pratt, director of the Toyota Research Institute, an article from The New York Times referred to a “trough of disillusionment” in the field.
Enter JFrog, with its idea of liquid software, JFrog’s term for software that gets continuously updated with no impact to the user. At its annual swampUP 2019 user conference last week in San Francisco, it set up a demo of over-the-air updates with remote-control models in which developers could update code on the fly.
“The idea is you should just turn the car on and it should have the software it needs. You shouldn’t have to plan a downtime or schedule [maintenance],” said Kit Merker, vice president of business development, in a keynote session equating software engineers with mechanics.
The idea of driverless cars is creating anxiety all around — including users, other drivers, pedestrians and even developers.
“You don’t want to be the developer who wrote the code, probably on a Friday, that caused a recall,” he said.
Among the news stories feeding into that anxiety: In China, a driver inadvertently triggered an update that stalled traffic for an hour with the driver trapped inside unable to open doors or windows.
In addressing the software update issue, the JFrog team came up with a few basic rules.
What it called Rule 0, but is obviously a given: Don’t kill anyone!
“For most software, life and death aren’t hanging in the balance,” Merker said, noting that it’s essential to build trust between the driver and developer.
Other rules for the project:
- The car should be up to date with the turn of a key. Updates should flow constantly and be applied at the safest moment in a way that’s largely invisible to the user. Only in critical circumstances should users have to go to a service center or to schedule maintenance. While people want to feel in control of their maintenance, ideally it’s an automated, seamless process that avoids the problem of users not understanding the critical nature of a fix.
- The car should get better over time. The only way to improve is through iteration, quickly updating the software. Security, in particular, remains difficult and erodes trust. He pointed to JFrog Pipelines as a way to iterate and automate all the stacks and the company’s integration with Risk Based Security’s VulnDB in its security and compliance tool XRay to identify and isolate vulnerabilities.
- It should reduce anxiety for drivers and developers. Automated testing, better tracking of build metadata, virtual driving environment and more are essential to creating a strong trust relationship between driver and developer.
The company used its Enterprise+ platform to demonstrate how updates could be implemented even while the car is in motion. It incorporated the Yocto build system for embedded Linux; Conan, its C/C++ package manager; Automotive Grade Linux, and the IoT tool Lava for automated device management and testing.
It relied on JFrog Distribution to deliver release bundles to Artifactory Edge nodes to separate download from install, then employed open source update manager Mender for side-by-side deployments onto the devices, enabling a quick rollback to the last safe version on any failure.
“It’s at the scale of an RC car, but we’d love to work with all of you to build it out all the way,” Merker said of the demo. “Not just for us. We want to make this entire platform for the automotive industry much, much stronger, and we’d like to do it together.”