Autonomous vehicles (AVs) have been taking shape in the form of robotaxis around the world, especially in the US where AV fleet operator Waymo currently operates in Phoenix, San Francisco, Los Angeles, and Austin, and provides over 250,000 autonomous paid rides per week.
Although the popularity of robotaxis is increasing, some still express concerns around the safety of AVs. The safety concerns were illustrated in a recent Waymo case which saw the company recall over 1,200 robotaxis after crashes caused by outdated software.
This issue highlights the critical challenges of ensuring real-time software reliability and safety in autonomous fleets – challenges that any country rolling out driverless cars must take seriously.
We spoke to David Kelly, chief corporate officer, Cubic, to learn more about software vulnerabilities in AV fleets, and what the future of AV looks like in the UK.
Just Auto (JA): Could you discuss the Waymo recall and what it means for the AV space?
David Kelly (DK): Waymo are in a position now where their fleet of AVs is pretty significant. There are two angles to it for me. You’ve got the real benefits of software updates; you can change the car over-the-air (OTA). You don’t have to do the physical recall of a vehicle anymore. We saw that with the steering issue Tesla had two years ago; they just corrected that over the air – that’s fantastic, real progress.
I think the negative side of things is where, in an AV context, you’ve got software which is essentially the driver of the vehicle; you can’t test for all real-world environments – it’s just impossible.
The Waymo issue was a scenario of gates and fences that the driverless vehicle tech was missing. I think if we see issues like this continuing to crop up, consumer confidence is going to become an issue. I think there’s probably a safety aspect to that, but there’s a security aspect as well. We did a survey recently that suggested one of the main concerns people have has been with the hacking of vehicles. Almost 50% of people were concerned about the potential hacking of these vehicles.
What does the Waymo recall reveal about software vulnerabilities in AV fleets?
From the software context, I think you’ve a couple of natural vulnerabilities there. You obviously have a larger threat vector.
As we’re moving towards more connected vehicles we do see issues arising. We can’t test all the real-world scenarios. So then you’re putting in more software and you’re relying on more software in the vehicle. Even a small issue with an update can have big knock-on repercussions.
The car manufacturers are used to this testing capability, but they’re more used to it from the background of being a hardware manufacturer, so it’s all a bit new to them. At the same time, they’re not going to be able to shortcut here; they’re not going to be able to cut corners. I think over time, people will get used to it and will become more confident.
I think even the OEMs themselves are becoming more confident in the release of their software updates, and the frequency of the release, and the way in which they’re releasing it, so that if they need to do a rollback, it’s more straightforward, because they’ve compartmentalized their software updates.
What are the key challenges when looking at AV software specifically?
Software updates are agile by nature, they should be like drip-feeding, constantly updating. They should be seeing continuous improvements at an incremental rate over time. A lot of software companies, especially the ones that have grown up with software defined vehicles, are working in that way.
You’re seeing many software updates on an over-the-air basis, and they’re continually adjusting, correcting. It’s iterative, as software updates should be.
I think what we’ve seen with some of the incumbents – well, they are traditional metal press companies. They have a waterfall kind of approach to software updates where they kind of bundle them all together and then release them in one large burst.
In that scenario, it becomes very difficult to identify a specific issue that has arisen. How do I roll it back? How do I test it in a in a real way? How do I get feedback from customers as to what the impact of the issue is? How might I ringfence it to a certain cohort of impacted vehicles? All those things become very challenging.
However, what we’re seeing is that the incumbents are now getting to grips with this a little bit. They’re starting to release software updates in a more iterative manner, in the way we believe they should. There is still a cultural challenge with some of the incumbents that I think they’ve struggled to get to grips with, but they generally seem to be getting their heads around this issue now.
What do companies looking at deploying AV fleets need to focus on?
Waymo are taking the right approach. They’re working with city councils, they’re working with enclosed spaces. What we see with some of the partners we’re working with is that their vans, for example, on site, or their busses on site, are autonomous vehicles, and they’re testing in these environments where it’s safer to test. An awful lot of them have drivers sitting there to override if anything does go wrong.
Waymo are taking the right approach
My own view is that this ‘walk before you can run’ approach is the right approach. Some of our colleagues were in China two weeks ago. It feels in China they’re maybe at a bit of a jog rather than a walk; there’s more going on. They’re not quite running yet, but the capability seems to be there.
The introduction of AI tech represents an opportunity for the industry and a whole new space where AI intersects with autonomous vehicle ambitions. There’s a real opportunity for people to redesign the blueprint a little bit; we sit at the intersection of where connectivity needs software, we provide the connectivity and we provide the software.
Working with our partners, we think that there needs to be almost a step back approach to safety. How do we ensure that we’re not just using the same infrastructure that we would have grown up with for a mobile phone? It has to be different. If a mobile phone goes wrong, someone can make calls for a few hours, and you can roll it back. If something goes wrong with cars, it’s potentially a life and death issue. You have to be very careful to have the right things in place, and then you have to have the right mechanisms to either roll back or to stop the connectivity.
We see that connectivity is the key enabler for hackers, or for denial of service attack, or for anything like that. So for us, we’re working with our partners to understand if we can identify an issue early, for example a software update that hasn’t landed; can we shut down the connectivity on that vehicle for a period to allow for a patch to be created, and allow that breathing space so the denial of service attack doesn’t spread more readily to other cars?
There’s definitely going to have to be a more robust infrastructure. There are going to have to be more robust rollback mechanisms for cars than there ever have been.
What does the timeline look like for AVs in the UK?
I don’t think the issue is with the technology, I think it’s a confidence issue. There need to be test beds.
It’s almost like drone technology. Drones are probably ahead of where autonomous vehicles are. From a drone perspective, it’s all licensed by the aviation authorities. If something goes wrong with a drone where it loses its connectivity, or it identifies an issue, the aviation authorities have very strict rules. In Ireland you get back to your base through a route that you had previously worked. In Scotland, it flies to a certain altitude until it reconnects.
I don’t think the issue is with the technology, I think it’s a confidence issue. There need to be test beds.
I think there needs to be a universal approach to autonomous vehicles. The way to get that is there must be test beds. You have to have them in Europe, in the US, China and APAC, and in those regions, get them into the cities, have ring-fenced areas where they’re going to be working within the cities, and then allow them to be in a controlled environment.
If it’s a controlled environment you’re working with, then it allows the authorities to put the right guardrails and ring-fencing around to make sure that there’s safety. It’s going to be about those controlled environments, ensuring that you have the controlled environments, and allowing you to observe for a period as to what safety measures are needed.
The European region needs to be at the fore of this. England has been at the forefront of common law around the world; they’ve been very good at creating rules and setting standards. The UK has this expertise within its government. There’s a more conservative approach to things, where innovation doesn’t necessarily trump safety.
I think in other regions, you could see that people will be more inclined to take a chance for commercial reasons, and to try and to make money out of these things. I think within the UK and Europe, while it can be sometimes felt that there’s too much red tape in an area like this, you need to get the right balance. I would be confident that the UK and Europe are the right places to do that correctly.
There’s a massive opportunity for the authorities in those regions to set the rules and to be the real Avant Garde and standard setters of this; it’s about striking the right balance. You don’t want to hamper innovation, but you need the ability to rollback and to ensure that adequate testing has happened and that it’s been done in a controlled environment.
How can other countries learn from successful AV rollouts in countries such as China?
In China they balance the in-car experience with the autonomous vehicle. They’re freeing up your time as the driver, they’re taking away your commute time, and they’re turning that into productive time. The vehicles have screens, they have passengers connected to Microsoft Teams, the kids in the back are able to play on the PlayStation. The in-car experience has grown with the Chinese OEMs at the same pace as autonomous technology has.
I think others have struggled with that a little bit. They’re still grappling with what the in-car experience should be. Drivers are asking: “What am I going to be doing in the car?”
