Remote Vehicle Shutdown Service
Recently (in light of yet more issues with my EV) I've been thinking about the level of information/control a manufacturer has about a vehicle post-sale, and what the potential implications to the owner/driver are.
Connected cars are nothing new and aren't specific to the recent influx of electric vehicles. From the days of bring-your-own-SIM to the current trend of a non-replaceable eSIM, vehicles have had some form of connection to the internet and in most likelihood a connection to the manufacturer (as pre-empting component failure / having your local dealership notify you of an impending service requirement isn't a bad idea).
The landscape has changed however... Manufacturers have moved towards to over-the-air updates to ensure fixes can be deployed in a timely fashion (and without overloading service teams), which requires the ability to make changes to the vehicle. No longer is the connection to the internet solely for sending data in a read-only fashion.
While having your car receive fixes on a regular basis is great in principal (this is one of the selling points of Tesla and for good reason), this also brings the possibility of more disruptive actions to your vehicle should a manufacturer choose to implement them, which is double-edged in itself.
Examining the case of a stolen vehicle, the ability to have it remotely lose power / shut down could be the difference between getting your vehicle back or having it make its way to a chop-shop / abroad. It could also help prevent high-speed chases using the same approach, something that could save lives in the long-run.
As with everything there is always the possibility for misuse, and this is no exception. A different take could be that the police have the ability to stop your vehicle because they want to ask you questions (regardless of their importance/time-sensitivity). While that may not sound bad in principal, how about if you are heading to the hospital to say goodbye to a loved one? Or are left stranded in the middle of nowhere / in a rough area where your safety is at risk?
Another take on this is what happens if the manufacturer is compromised, resulting in the ability for an attacker / foreign nation to shut down your vehicle (or worse). If you consider how traffic jams can cause major disruption, imagine how shutting down a large percentage of the vehicles in a country would be (and the loss of life as a result).
An additional angle to the above is added when you factor autonomous/self-driving into the mix. From the perspective of the law enforcement the capability to have someone brought to the police station in the vehicle they tried to escape in, in a safe / controlled manner is very appealing. That said, the ability for an attacker to override your steering / acceleration / brakes and send you over the cliff-edge is less appealing.
The reality is that this capability will likely be implemented in the coming years (if not already implemented in a non-disclosed fashion). My largest concerns here are:
- Where is the accountability for the manufacturer to prove it cannot / isn't being misused?
- Where is the accountability for the times it is used? (And is it public)
- What level of control does a user of said system have?
- How do you opt-out?
With how cars are evolving to be more digitally connected it will be interesting to see how long it takes before RVSS becomes the norm.