Opinion: “Digital disempowerment on and off the road”

Driving bans on German roads, the worst-case scenario for owners of diesel cars, may come, according to German jurisdiction. This is despite the fact that experts agree that a diesel engine can be operated in a more environmentally friendly way than a gasoline engine. For this, the right components need to be on board, i.e. the hardware for exhaust gas recirculation and exhaust after-treatment. And these components have to be orchestrated so that the diesel does not stifle us. This is achieved by software; at least it can be achieved by software. The core of the problem, however, is the question of whether the software does so.

Holger Hermanns is a full professor of computer science at Saarland University in Germany, heading the Dependable Systems and Software group.

The root of the diesel scandal is that the software has largely failed to provide this correct operation. In the past, the manufacturers bent the existing rules via software so that the result was to their benefit. The software used was sometimes very sophisticated in recognizing at any time whether it is in the interest of the manufacturer to pollute the environment or not. Sometimes, however, the software was of low sophistication, as recently at BMW, where a part of the diesel fleet was by accident equipped with simply the wrong software, according to the manufacturer.

In this situation, the driver is entirely void of power. He neither has the possibility nor the right to take a look at the software in his car. The car is his property; the software is not. Nobody has the right to inspect the software – except for the Kraftfahrt-Bundesamt (KBA) – the Federal Motor Transport Authority. However, the KBA carries out test drives and then discusses the results, with, for example, Audi over several weeks. Test outcomes do not say anything about the behaviour of the software as a whole. A test can only serve as an indication that the software is working incorrectly, thus discovering errors or even criminal offenses. Tests, however, never show that everything is right.

In order to save the diesel technology, what is needed is confidence that the software in our cars does the right things, always. In this regard, it is obviously hopeless to put reliance on the manufacturers. And the KBA appears overstrained, too. Why doesn’t the KBA analyse the software in detail? It would be ideal if a software were only allowed to enter the car provided it is guaranteed that it will always do the right things. Unfortunately, nobody can give such absolute guarantees currently. This problem is still unsolved scientifically.

Hence, software is no cure-all. Nevertheless, the belief in software as a problem-solver is very widespread. In the wake of the diesel chaos, for example, astonishing rules currently apply to determine the vehicle tax for a new vehicle model. To this end, the European Commission’s “co2mpas” program estimates carbon dioxide emissions in order to then derive the resulting motor vehicle tax. The good news: The 5000 lines of code, written in Python, are open to everyone. The bad news: The program does not consider what software will run in the car. The rating it computes is based only the hardware installed in the car. Ouch.

The problem of modern diesel engines is solvable from an engineering perspective – but unsolved from a software engineering perspective. Why? Because software is complicated, and is usually proprietary to a manufacturer, who, as a rule, must be assumed driven by self-interest – at the disadvantage of the customer or the general public. And software that, at best, only the manufacturer can understand, is a fundamental threat to and disenfranchisement of the customer. This applies to the software in cars as much as it applies to the software in smartphones and printers.
Holger Hermanns


newsarchive >>