Chevy Bolt - 200 mile range for $30k base price (after incentive)

[scaesare]

I'm referring to litigation. If a remote flash causes 1:100,000 GM cars to require towing to the dealer, there can be a class action suit. It's not a big risk to Tesla. Yes, the tech is out there and it works. But the failure level needs to 0, even with the stupidest possible owners, intentional disruption, and Acts of God such as lightning. It's not like you could sue Tesla for $10,000,000,000 and have the lawyers collect a check. You could sue GM though.

Well, there's nothing with a 0% probability of risk, so that threshold is not a real reason. Apple has deep enough pockets that if they prick 1:100,000 of their phones to die, they are in a similar boat. Ditto Microsoft and their OS.

What's the risk that OnStar doesn't work in some life & death scenario, and GM gets sued as a result of a customer not being able to rely on it after an accident like is depicted in the TV commercials? It's non-zero, yet GM still sells On-Star.

VW and Toyota are the two biggest car companies, and the most successful. OTA reflashing is well-known off-the-shelf tech.
They are still waiting just like GM is. I think everybody wants to see what happens in the first lawsuit.

Courts are run by lawyers. Politicians are mostly lawyers. Lawyers do not want tort reform. So that's how large businesses with deep pockets must play the game. And why car prices are not going down.

There's lots of things that car makers don't implement, and many reasons for it.

Resting on their laurels, the desire to gradually implement tech on order to continue to drive model year sales, and the potential for alienating the dealer/service are much more likely, IMO. And the reason is precisely as you described: the tech is well known, mature, and has been around for a decade... not implementing for fear of reliability is either disingenuous, or an indicator that they aren't really in touch with what tech is capable of.

 

[scaesare]

Is almost good enough? For some companies it is. GM is tested a truck for 11 million miles before releasing it.

I've had OnStar since it was first released about 15 years? ago.
It's been in 1-2 dozen of our vehicles. Other than switch over from analog, which was painless, I've had extremely few issues, and literally used it thousands of times all over the US, about 38 states.

The internet is often populated by folk who do did not read the manual, refuse to ask for help from OnStar, and assume something is broken. Like an NFG who is put on a IBM PC, and he can't make it do something. "THE COMPUTER IZ BUSTED!!" No wonder Abu asks if he turned the power on.

If you have a closed system update management system and you've designed it to require the customer to read the manual to make it work, you are doing it wrong.

 

[scaesare]

But nobody seems to be able to answer why Tesla is the only auto company in the world who has heard about OTA updates, even though they predate the Roadster. VW, Toyota, Mercedes, BMW, Ford, Fiat/Dodge, Subaru, etc, etc, have all just found out 15 years later that OTA two way communications and reflashing is a possibility.

Actually I think somebody DID answer that:

Yeah, the fact that the standard dealership contract (and a few state laws) preclude GM directly servicing customer vehicles aftermarket has no impact on this?

​

 

[McRat]

There are a few theories out there why most automakers are going slow with OTA update tech. I'll automatically discard those that make sense:

1) Dealers make huge bucks doing updates. Truth is it's a loss of $22B/yr. Nearly all are free and are warranty expenses. No, they seldom issue ECM updates for 3 year old cars. A company that does OTA has an advantage over it's competitors financial speaking.
2) Automakers do not have good enough embedded control developers. Modern cars can have 5 or more digital chassis control settings, digital shocks that react in 1 ms, digital 4 wheel steering, digital differentials, digital center cases, digital 4 wheel vector control for peak acceleration, flying-car-logic that keeps the wheels at the right speed to maximum performance on landing, Drift Mode so rookies can look like pros, 755++ HP engines that meet the tightest ICE emissions standards due to the way they handle digital fuel control, EV 1 pedal driving, surround vision, track computers, Vehicle 2 Vehicle safety communication system in retail cars, etc.
3) They are lazy. We are seeing the auto industry changing faster today than ever before.
4) They just hate change. There is nothing that points in that direction at all.

 

[ZsoZso]

There are a few theories out there why most automakers are going slow with OTA update tech. I'll automatically discard those that make sense:

That's a nice filtering technique! Just discard everything that make sense, then it is easy to argue with the rest.

ps: I know it was a typo, you left out the negating word, but it turned out so funny, I could not resist this high ball...

 

[McRat]

That's a nice filtering technique! Just discard everything that make sense, then it is easy to argue with the rest.

ps: I know it was a typo, you left out the negating word, but it turned out so funny, I could not resist this high ball...

No typo.

Ones that make sense:

• Potential for security breaches. If massive datacentric companies with 1,000's of IT staff and 24/7 security pros get hacked by people who have never been in the same country as the computer, what chance does a car stand that is inside a garage torn apart hooked into a bench harness and packet sniffer with a couple black hats dinking to find a hole.
• Potential for an interrupted flash of the bootstrap segment effectively rendering the ECM useless until taken to a bench harness outside the car. It happens even with dealer tools sometimes.
• Unintended side effects of a coding change.
• Non-techy folk who are not hip slick and cool with their car being altered while they sleep.
• Handling of emergency interruptions during flash. Doctors, LEOs, firefighters, etc, could be angry if their car wants to wait 15 minutes before it can be used.
• Fear of litigation.
• NDA - There is some problem we don't know about, and they aren't going to volunteer the information.

The rest are of the reasons are unlikely to occur at a For Profit business.

 

[Saghost]

No typo.

Ones that make sense:

• Potential for security breaches. If massive datacentric companies with 1,000's of IT staff and 24/7 security pros get hacked by people who have never been in the same country as the computer, what chance does a car stand that is inside a garage torn apart hooked into a bench harness and packet sniffer with a couple black hats dinking to find a hole.

In this day and age, finding vulnerabilities in the software is probably a fact of life. The difference is that when someone came up with one that had a risk of giving control of Teslas, Tesla came up with a patch and sent it to the entire fleet within 48 hours last year. Jeep had a worse breach around the same time, and they had to send recall notices to people and wait for cars to come in and I think I read 40% of the fleet was still vulnerable a year later.

You can't prevent the risks without losing the conveniences, but OTA can mitigate the risk by allowing quick patching after it's found.

 

[WannabeOwner]

1) Dealers make huge bucks doing updates. Truth is it's a loss of $22B/yr.

I've seen that figure mentioned before and I'm struggling to get my head around the number of cars TIMES the time it takes to flash-an-EPROM and coming up with $22B as the answer ... but maybe there are additional actions on the Dealer that escalates to that figure?

 

[MP3Mike]

1) Dealers make huge bucks doing updates. Truth is it's a loss of $22B/yr.

It is a loss for the manufacturer but not for the dealers. (You think dealers do warranty work for free?)

 

[WannabeOwner]

It is a loss for the manufacturer but not for the dealers

Understood, but its the $22B total that I'm struggling to do the maths for ... at $100 a "flash" (which seems pretty generous to me) that 220M events. A YEAR. Nearly a million per working day ...

 

[McRat]

I've seen that figure mentioned before and I'm struggling to get my head around the number of cars TIMES the time it takes to flash-an-EPROM and coming up with $22B as the answer ... but maybe there are additional actions on the Dealer that escalates to that figure?

It could have been a 'manipulated' number. I had read that number somewhere in an auto business pub with the topic of OTA.

There are over 1 billion cars on the road today. Typical service rate in US, $100/hr. But there is development and testing of the flash in a captured test fleet, contacting affected vehicles, towing if necessary, dealer tools and subscription price, and potentially multiple flashes during a car's life.

I would guess that number is a worst case 2017 number, but there is little doubt that with more and more requirements for infotainment changes and navigation changes, that the cost per year lost due to warranty reflashes will climb. And cars no longer have one computer, or even 5. IIRC, our truck has 11 computers. A Volt had 10 million lines of source code in 2010. I don't see that number falling over time.

 

[McRat]

It is a loss for the manufacturer but not for the dealers. (You think dealers do warranty work for free?)

Dealers do not build cars. They buy them. Automakers do not profit on warranty work.

 

[scottf200]

Dealers do not build cars. They buy them. Automakers do not profit on warranty work.

I thought he was saying that GM dealers charge warranty work back to GM corporate. i.e. it appeared that when I got my Volt battery partially replaced recently that the GM dealer charged GM corp for that 8yr/100K mile voltec warranty work.

 

[McRat]

I thought he was saying that GM dealers charge warranty work back to GM corporate. i.e. it appeared that when I got my Volt battery partially replaced recently that the GM dealer charged GM corp for that 8yr/100K mile voltec warranty work.

The point I was trying to get across is 'the reasons for not having OTA updates' starting back in 2004 when they were first applied, nor even 2018 for most automakers.

The idea that an automaker wants the dealer to bill them for it, isn't a very good reason. It's the automaker who does the OTA, not the dealer. The automaker does not WANT dealers to do warranty work. So the fact dealers make money on reflashing cars is actually an argument why mfrs should have forced OTA over a decade ago. It's not an argument why mfrs are resisting OTA.

 

[McRat]

Sidebar, partially related. It appears some 2019's are going active with the OTA updates. But it sounds like only the Infotainment/NAV systems, nothing safety related.

 

[diamond.g]

No typo.

Ones that make sense:

• Potential for security breaches. If massive datacentric companies with 1,000's of IT staff and 24/7 security pros get hacked by people who have never been in the same country as the computer, what chance does a car stand that is inside a garage torn apart hooked into a bench harness and packet sniffer with a couple black hats dinking to find a hole.
• Potential for an interrupted flash of the bootstrap segment effectively rendering the ECM useless until taken to a bench harness outside the car. It happens even with dealer tools sometimes.
• Unintended side effects of a coding change.
• Non-techy folk who are not hip slick and cool with their car being altered while they sleep.
• Handling of emergency interruptions during flash. Doctors, LEOs, firefighters, etc, could be angry if their car wants to wait 15 minutes before it can be used.
• Fear of litigation.
• NDA - There is some problem we don't know about, and they aren't going to volunteer the information.

The rest are of the reasons are unlikely to occur at a For Profit business.

Why wouldn't they have a secondary partition that would house the old code in case of update failure? Cisco does that with all their enterprise routers, Google does it with Android 8.0 devices. Seems like auto manufacturers should be able to do the same. The update could be downloaded in the background not affecting anything and then the next time the car boots/starts just run from the new code instead of the old. If boot failure restart to run from old code.

 

[MP3Mike]

Why wouldn't they have a secondary partition that would house the old code in case of update failure? Cisco does that with all their enterprise routers, Google does it with Android 8.0 devices. Seems like auto manufacturers should be able to do the same. The update could be downloaded in the background not affecting anything and then the next time the car boots/starts just run from the new code instead of the old. If boot failure restart to run from old code.

It is a little more complicated than that because there are lots of different devices in the car and their firmware levels have to be in sync. So if one of them rolls back they have to all rollback. And then of course there is the issue that you have to approve the install, since Tesla doesn't want to get in trouble for applying an upgrade without your permissions. (Especially when they take features away.)

 

[bro1999]

OTA updates for the Bolt are imminent.

 

[McRat]

Why wouldn't they have a secondary partition that would house the old code in case of update failure? Cisco does that with all their enterprise routers, Google does it with Android 8.0 devices. Seems like auto manufacturers should be able to do the same. The update could be downloaded in the background not affecting anything and then the next time the car boots/starts just run from the new code instead of the old. If boot failure restart to run from old code.

This is just based on personal experience: If the initial segment of the ECM is corrupted, the vehicle does not respond to the ON position signal. Unlike many dual BIOS devices, there is not a button or module on a car that could 'fix' things by using another bootstrap loader.
Corruption after those first few critical lines of code can often be fixed by a second attempt at flashing after disconnecting the power.

Past that, I do not know. Nor do I know what happens in a Tesla if it needs a 'full flash' instead of just a typical flash that does not require an edit of the first segment. Sometimes, cars do need a full flash because that first segment establishes communications with other computers on the bus.

 

[scaesare]

No typo.

Ones that make sense:

And evidence that school of thinking may be outdated or disingenuous:

Potential for security breaches. If massive datacentric companies with 1,000's of IT staff and 24/7 security pros get hacked by people who have never been in the same country as the computer, what chance does a car stand that is inside a garage torn apart hooked into a bench harness and packet sniffer with a couple black hats dinking to find a hole.

Yet OnStar can track location, unlock vehicles, gather vehicle data, has access to navigation info (addresses?), has access to in-vehicle microphones, etc... Fear of litigation for security issues are present on all of the above, yet it's rolled out.

Potential for an interrupted flash of the bootstrap segment effectively rendering the ECM useless until taken to a bench harness outside the car. It happens even with dealer tools sometimes.

As mentioned earlier: then they are doing it wrong. This is a technical problem that has been solved for some time.

Unintended side effects of a coding change.

A code bug introduced can be delivered via dealer USB flash as well as OTA update. This is a software engineering issue... if you are depending on "lack if efficient delivery" of updates to your endpoints to insulate you from the widespread effects of coding errors, you are going about things the wrong way.

Non-techy folk who are not hip slick and cool with their car being altered while they sleep.

Nothing prevents GM from opting how to USE the mechanism. They can notify people ahead of time, make it optional, provide on-screen acceptance/deferral/scheduling options, etc...

Handling of emergency interruptions during flash. Doctors, LEOs, firefighters, etc, could be angry if their car wants to wait 15 minutes before it can be used.

See above. Just because you provide OTA as a delivery option doesn't mean you have to cram it down anybody's throat. For EMS vehicles you could allow it to be turned off by the user completely.

Fear of litigation.

Which seems predicated upn the above issues, which are incongruous at best.

NDA - There is some problem we don't know about, and they aren't going to volunteer the information.

This doesn't make sense. Who would be under NDA? If GM thinks there's some problem with how they could implement OTA updates, they wouldn't be under NDA to themselves, they just wouldn't do it. Are you saying they would, or are, holding customers to some NDA?



GM is certainly well within it's right to not implement for whatever concerns they have, regardless if that continues on the clumsy "schedule with the dealer so they can plug in a USB drive for 5 minutes" program.

But the implication that Tesla can do it because they have an inconsequential number of vehicles out there and GM can't because it is so much bigger and has so many more complicating factors doesn't really hold water.