Commit 93551f2df87e794a7fbd1278d35788bbcfaeda86
Add entry: Self-driving cars
Greg K Nicholson committed on 2/25/2018, 11:29:02 PMParent: fc5a0e958c95593c2959382c9db90e473b608713
Files changed
| content/selfdrivingcars.md | added |
| content/selfdrivingcars.md | ||
|---|---|---|
| @@ -1,0 +1,159 @@ | ||
| 1 … | +--- | |
| 2 … | +title: > | |
| 3 … | + Self-driving cars: software crashes | |
| 4 … | +date: 2018-02-25 23:28 | |
| 5 … | +description: “It just works automatically!” | |
| 6 … | + | |
| 7 … | +tags: software, Free Software, technology, trust, law, politics, capitalism | |
| 8 … | + | |
| 9 … | +links: | |
| 10 … | + - url: https://www.youtube.com/watch?v=nFZGpES-St8 | |
| 11 … | + title: > | |
| 12 … | + Karen Sandler's talk about having a pacemaker-defibrillator | |
| 13 … | + that runs proprietary software | |
| 14 … | + (video) | |
| 15 … | + description: > | |
| 16 … | + It's literally screwed into her heart, | |
| 17 … | + but she can't legally fix it, or even see how it works | |
| 18 … | + - url: http://fortune.com/2016/04/12/self-driving-cars-safety-study/ | |
| 19 … | + title: > | |
| 20 … | + It's Impossible to Find Out If Self-Driving Cars Are Safe: Report | |
| 21 … | + description: > | |
| 22 … | + “Even if autonomous vehicle fleets are driven 10 million miles, | |
| 23 … | + one still would not be able to draw statistical conclusions | |
| 24 … | + about safety and reliability.” | |
| 25 … | + — if only you could inspect the instructions… | |
| 26 … | + - url: https://opensource.org/osd-annotated | |
| 27 … | + title: The Open Source Definition | |
| 28 … | + rel: related | |
| 29 … | + type: text/html | |
| 30 … | + - url: https://reproducible-builds.org/ | |
| 31 … | + title: Reproducible builds | |
| 32 … | + rel: related | |
| 33 … | + type: text/html | |
| 34 … | + - url: https://www.washingtonpost.com/news/energy-environment/wp/2015/09/18/epa-volkswagen-used-defeat-device-to-circumvent-air-pollution-controls/ | |
| 35 … | + title: Volkswagen used ‘defeat device’ to illegally skirt air-pollution controls | |
| 36 … | + rel: related | |
| 37 … | + type: text/html | |
| 38 … | + | |
| 39 … | +--- | |
| 40 … | + | |
| 41 … | +No car is self-driving. | |
| 42 … | + | |
| 43 … | +A “self-driving” car is piloted by software, | |
| 44 … | +which is ultimately written by a person. | |
| 45 … | +You don't know who that person was; | |
| 46 … | +only that they were employed by a particular company. | |
| 47 … | + | |
| 48 … | +They were probably sitting in an office somewhere in California | |
| 49 … | +when they wrote the code driving your car. | |
| 50 … | +Maybe it was 17:30 on a Friday and, | |
| 51 … | +despite caring sincerely about the work they were doing, | |
| 52 … | +they happened to be distracted by the prospect of going home. | |
| 53 … | +Maybe not. You don't know. | |
| 54 … | + | |
| 55 … | +**Do you trust that person with your life?** | |
| 56 … | + | |
| 57 … | +Well, the company hired them, so they can't be *completely* useless. | |
| 58 … | +You trust the company's recruitment procedures. | |
| 59 … | +…What *are* the company's recruitment procedures? | |
| 60 … | + | |
| 61 … | +Anyway, presumably there are processes in place to review the code, | |
| 62 … | +and stop mistakes from making it into the final software. | |
| 63 … | +Presumably. | |
| 64 … | +You trust that there are, and that they work, and never fail. | |
| 65 … | + | |
| 66 … | +Now imagine the company has made it illegal | |
| 67 … | +for you to see how the software works. | |
| 68 … | +**Are you *sure* you trust this company with your life?** | |
| 69 … | + | |
| 70 … | +--- | |
| 71 … | + | |
| 72 … | +There should be a law saying that if a vehicle can be piloted by software, | |
| 73 … | +and it's capable of containing or hurting a human, | |
| 74 … | +then all installed software must be [open source], | |
| 75 … | +and you must be able to *prove* that | |
| 76 … | +the source code corresponds to the software running in the car. | |
| 77 … | + | |
| 78 … | +[open source]: https://opensource.org/osd-annotated | |
| 79 … | + | |
| 80 … | +It has to be legally possible for the vehicle's owner (or prospective owner) | |
| 81 … | +to discover how their car might behave in a life-or-death situation, | |
| 82 … | +so they can decide whether they want to be responsible for the car's actions. | |
| 83 … | + | |
| 84 … | +#### Responsibility | |
| 85 … | + | |
| 86 … | +Logically, the manufacturer who wrote the software would be responsible, | |
| 87 … | +but they have no incentive to take responsibility | |
| 88 … | +for their cars' imperfections. Doesn't make money. | |
| 89 … | +Why admit your own flaws while your competitors keep schtum, | |
| 90 … | +look better, and rake it in? | |
| 91 … | +Any goodwill from better transparency will evaporate | |
| 92 … | +as soon as someone dies in an accident. | |
| 93 … | + | |
| 94 … | +It's much safer to claim that | |
| 95 … | +the human pilot should have taken control at the critical moment. | |
| 96 … | +Capitalist governments won't argue with rich, profitably-taxable businesses. | |
| 97 … | + | |
| 98 … | +Car makers will only be transparent about how their cars behave | |
| 99 … | +if they're obliged to by law. | |
| 100 … | + | |
| 101 … | + | |
| 102 … | +#### Open source | |
| 103 … | + | |
| 104 … | +Merely having access to the software's source code isn't enough. | |
| 105 … | +It must be legal to reuse the source code, for several reasons. | |
| 106 … | + | |
| 107 … | +Morally, if Non-Specific Engines Ltd writes an algorithm | |
| 108 … | +that's better at saving lives than any other algorithm, | |
| 109 … | +shouldn't Acme Motors be *obliged* to used the safer algorithm | |
| 110 … | +in their cars, rather than forbidden? | |
| 111 … | + | |
| 112 … | +Practically, you need software experts to audit the code. | |
| 113 … | +You want the code checked by an independent expert | |
| 114 … | +in the field of vehicle automation | |
| 115 … | +— not a business partner of the manufacturer — | |
| 116 … | +and that person will be a software developer. | |
| 117 … | + | |
| 118 … | +If they use a similar concept in their own work later, | |
| 119 … | +Mom's Friendly Car Company could threaten to sue them, | |
| 120 … | +claiming they copied the code illegally. | |
| 121 … | +Software developers are rarely as rich as car companies; | |
| 122 … | +even the threat of a lawsuit would mean that in practice | |
| 123 … | +the code would go unchecked. | |
| 124 … | + | |
| 125 … | +And again, morally, you can save lives here, | |
| 126 … | +by letting the developer reuse the good code. | |
| 127 … | + | |
| 128 … | + | |
| 129 … | +#### Reproducible builds | |
| 130 … | + | |
| 131 … | +Lastly, it needs to be possible to prove that | |
| 132 … | +the audited code is actually the code running in the car. | |
| 133 … | +You want an independent auditor to build the software for themself, | |
| 134 … | +in a development environment they trust, | |
| 135 … | +and get the exact same output as what's in the car. | |
| 136 … | +It must be possible to [build the software reproducibly]. | |
| 137 … | + | |
| 138 … | +[build the software reproducibly]: https://reproducible-builds.org/ | |
| 139 … | + | |
| 140 … | +Otherwise checking the code is pointless — | |
| 141 … | +you still have to trust the car manufacturer, | |
| 142 … | +and you can't be sure the software's behaviour doesn't | |
| 143 … | +[deviate in subtle ways in very specific situations]. | |
| 144 … | +Maybe you don't care about any subtle differences, but maybe you do. | |
| 145 … | +The driver should at least be honest with you, and you can decide for yourself. | |
| 146 … | + | |
| 147 … | +[deviate in subtle ways in very specific situations]: | |
| 148 … | +https://www.washingtonpost.com/news/energy-environment/wp/2015/09/18/epa-volkswagen-used-defeat-device-to-circumvent-air-pollution-controls/ | |
| 149 … | + | |
| 150 … | +--- | |
| 151 … | + | |
| 152 … | +None of this will make sure a self-driving car is perfectly safe. | |
| 153 … | +All software has bugs. | |
| 154 … | +But at least you'll know the driver was acting in good faith. | |
| 155 … | + | |
| 156 … | +Trade secrets and competitive advantage are not worth dying for. | |
| 157 … | + | |
| 158 … | +…Or you *could* just trust the big friendly company… right? | |
| 159 … | + | |
Built with git-ssb-web