undefined | Better HN

0 pointsqmarchi2y ago0 comments

So, using Polestar as a reference as it's both a vehicle that I've worked on, and one that I personally drive.

> Maybe they've got a test fleet, but it accepts code signed with the test build key.

Polestar solves this by only delivering signed updates to their vehicles. The vehicle headunit will refuse to flash a partition that isn't signed by the private key held by Polestar. Pulls double duty to prevent someone from flashing a malicious update, as well as corruption detection.

> Maybe they've got a watchdog timer, but it doesn't get configured until later in the boot process.

Based on what the Rivian reports are showing (Speedometer, cameras, safety systems are working), they likely are running their infotainment as a "virtual machine" within their systems. Again, something that Polestar does.

Implementation of a watchdog with a "sub-system" like this is relatively braindead simple.

> Maybe they've got A/B boot partitions, but trouble counting their boot attempts - maybe they don't have any writable storage that early in the boot process.

Generally, A/B partitioning is part of the bootloader, the first program that executes after the reset (on many modern processors) pin is released. This also leads to reboot counters and such being stored as part of the NVRAM that is available at boot.

Opinion: Maybe I'm biased, but maybe if you can't develop something yourself, there's reason for you to get an off the shelf option that handles a lot of these things.

Disclaimer: Former Googler, Worked closely with Automotive.

0 comments

Gud2y ago

To be honest, I don't think Polestar set a very high bar for software quality. I am currently renting a Polestar 2 from Hertz, and sometimes the HUD doesn't work(it's 50/50 if it will turn on). That means, I don't see speed, battery charge, etc, while driving. Infotainment system is working though.

qmarchiOP2y ago

You're definitely correct in the fact that Polestar isn't the highest in software quality, but it was the examples of what they did right that I wanted to focus on.

They're garbage when it comes to their mobile app and some of the controls on the infotainment system.

> sometimes the HUD doesn't work(it's 50/50 if it will turn on).

You should definitely reach out to Hertz and ask for a car swap. Sounds like there's a bad connection between the display and the IHU. Both screens are operated by the same system, so it's unlikely to be a software failure.

BlueTemplar2y ago

Sounds ridiculous. How is that even road legal ?!?

FireBeyond2y ago

Teslas occasionally need to reboot / hard reset their software too, when driving no less, and during that period all that information, and most of the controls, are unavailable (like windshield wipers, etc.)

5 more replies

refulgentis2y ago

Opinion: I'm a little confused as to how you're confused as to how test might not match prod sometimes.

Observation: "[if you write buggy software], there's reason for you to get an off the shelf option"

Question: Are you saying if they used Android Automotive this could never have happened?

Reference: similar event for Android, last week: https://linustechtips.com/topic/1538248-pixel-phones-using-m...

Disclaimer: Former Googler, did not Work closely with Automotive, Worked closely with Android.

qmarchiOP2y ago

Answer: To clarify, more that a company should stick to their core competencies unless there's a drastic need or opening in the market that could be filled (and to build a new competency).

In this particular case, there's nothing particularly unique that Rivian is doing with their Infotainment system that couldn't already be handled by an incumbent in the space, (Android Automotive, QNX, etc.) especially given how modular the systems themselves are.

As State Farm says, "We know a thing or two because we've seen a thing or two".

hermitdev2y ago

> As State Farm says, "We know a thing or two because we've seen a thing or two".

That's Farmers, delivered by J.K. Simmons, not State Farm. State Farm is Jake, in his khakis.

bo10242y ago

Rivian thinks of itself as a software company. The first thing you sign when you go to buy a vehicle is a software copyright notice IIRC. The first thing in the owner's manual is a notice that the software copyrights and intellectual property belong to Rivian, etc etc.

1 more reply

paledot2y ago

> The vehicle headunit will refuse to flash a partition that isn't signed by the private key held by Polestar. Pulls double duty to prevent someone from flashing a malicious update, as well as corruption detection.

And of course preventing people from modifying and controlling hardware that they own, having paid 6 figures for (in the case of the Polestar 3 anyway). But that's table stakes for embedded systems in this day and age. Security for me, not for thee.

j / k navigate · click thread line to collapse

0 pointsqmarchi2y ago0 comments

So, using Polestar as a reference as it's both a vehicle that I've worked on, and one that I personally drive.

> Maybe they've got a test fleet, but it accepts code signed with the test build key.

> Maybe they've got a watchdog timer, but it doesn't get configured until later in the boot process.

Implementation of a watchdog with a "sub-system" like this is relatively braindead simple.

> Maybe they've got A/B boot partitions, but trouble counting their boot attempts - maybe they don't have any writable storage that early in the boot process.

Opinion: Maybe I'm biased, but maybe if you can't develop something yourself, there's reason for you to get an off the shelf option that handles a lot of these things.

Disclaimer: Former Googler, Worked closely with Automotive.

0 comments

Gud2y ago

qmarchiOP2y ago

You're definitely correct in the fact that Polestar isn't the highest in software quality, but it was the examples of what they did right that I wanted to focus on.

They're garbage when it comes to their mobile app and some of the controls on the infotainment system.

> sometimes the HUD doesn't work(it's 50/50 if it will turn on).

BlueTemplar2y ago

Sounds ridiculous. How is that even road legal ?!?

FireBeyond2y ago

5 more replies

refulgentis2y ago

Opinion: I'm a little confused as to how you're confused as to how test might not match prod sometimes.

Observation: "[if you write buggy software], there's reason for you to get an off the shelf option"

Question: Are you saying if they used Android Automotive this could never have happened?

Reference: similar event for Android, last week: https://linustechtips.com/topic/1538248-pixel-phones-using-m...

Disclaimer: Former Googler, did not Work closely with Automotive, Worked closely with Android.

qmarchiOP2y ago

Answer: To clarify, more that a company should stick to their core competencies unless there's a drastic need or opening in the market that could be filled (and to build a new competency).

As State Farm says, "We know a thing or two because we've seen a thing or two".

hermitdev2y ago

> As State Farm says, "We know a thing or two because we've seen a thing or two".

That's Farmers, delivered by J.K. Simmons, not State Farm. State Farm is Jake, in his khakis.

bo10242y ago

1 more reply

paledot2y ago

j / k navigate · click thread line to collapse