Guest Post: Software and Security of Connected Products, Part One

Part 1: Role of software in product development
by Oleg Shilovitsky @ Beyond PLM

We live in the era of smart products. The last decade of mobile device technology created a new platform – smartphones. Originally designed as a communication device, smartphones transformed into a ubiquitous platform of elements – chip, WiFi, memory, display, Bluetooth, storage, and similar products that can be reused in every product.

The cost of these components has declined significantly in the last few years. The average person today travels with a mobile device that has the computational capability equal – or even more powerful – than computers that the aerospace industry uses for navigation. If you think about the cost and availability of Raspberry Pi and Arduino, computers built on single circuit boards, you can understand why and how it revolutionizes many products in the modern era. However, widespread use of these devices has drawbacks that must be properly addressed.

Smart products are bringing a new level of complexity everywhere. It begins with engineering and manufacturing, where you need to deal with complex multidisciplinary issues related to a combination of mechanical, electronic and software pieces.

Role of software in connected products

Our dependency on software is increasing. Imagine your life without the few software products you use on a daily basis. But here is the thing: software is changing traditional products around us.

Think about a car. Just a few decades ago, a car was mostly a mechanical product with lots of complex mechanical units.

To design vehicles was absolutely critical. Throughout the past decade, we’ve seen a massive introduction of software elements in an average car, so today it’s impossible to even think about a car without software. The same can be said about most products today.

Image courtesy of Tesla

Software absolutely opens the door to new ways of developing product features. A decade ago, new mechanical and electronic components were required to develop enhanced car features. As we’ve recently seen, however, things are changing. The last feature of Tesla Model S – Autopilot was delivered as a software update and installed in the car remotely.

Software is important, but is the Achilles’ heel of modern products

The importance of accessing the appropriate information about software and electronics operating in your products can be hardly overestimated. For many manufacturing companies, the information about mechanical, electronic and software components is siloed into different data management systems. The importance of new tools capable of managing multidisciplinary product information is increasing.

Hardware – software integration is complex and few companies today are doing a great job of combining the two. This leads to a variety of possible process improvements that can be made.

Here is just one example of potential danger that comes from poor embedded software management practice. The following Wired magazine article can give you a potential perspective of the danger – Hackers Remotely Kill a Jeep on the Highway – With Me In It. The article speaks about a test done by cybersecurity researchers. In this experiment, they were able to remotely control aspects of the vehicle, including tampering with the transmission and toying with various in-car features.

Image courtesy of: Whitney Curtis / Wired

Here is an interesting passage:

All of this is possible only because Chrysler, like practically all carmakers, is doing its best to turn the modern automobile into a smartphone. Uconnect, an Internet-connected computer feature in hundreds of thousands of Fiat Chrysler cars, SUVs, and trucks, controls the vehicle’s entertainment and navigation, enables phone calls, and even offers a Wi-Fi hot spot. And thanks to one vulnerable element, Uconnect’s cellular connection also lets anyone who knows the car’s IP address gain access from anywhere in the country.

According to some estimates, there are as many as 471,000 vehicles with vulnerable Uconnect systems on the road.

Conclusion

The complexity of modern manufacturing products raise questions regarding how to manage multidisciplinary information about products – mechanical, electronics and software. We’ve seen that software was largely missed as part of the product data and lifecycle management solutions. It is absolutely critical to expose the appropriate information about electronic and related software to improve security of products.