ETI Names Greg Potter CTO

Press Release

ETI Names Greg Potter CTO

New role champions technical advisory content and IP protection for members
ETI seeks an Executive Director

FARMINGTON HILLS, Mich., – The Equipment and Tool Institute (ETI) is pleased to announce the naming of Greg Potter as Chief Technology Officer, and the commencement of a search for an Executive Director. In the newly created CTO position, Potter will drive ETI’s purpose of enabling the success of its members via advocacy of our collective interests in an environment of increasing vehicle complexity, rapid change and heightened concern over the safety and security of vehicle repair.

“Potter is a thought leader in advanced vehicle technologies including connected vehicles, vehicle data access and security, and cybersecurity” said Jim Fish, ETI President and Chairman of the Board. “Greg will be a champion for the protection of our member’s intellectual property and the evolution of a viable Aftermarket.”

The acceleration of vehicle complexity compounded by security implications continues to shift ETI’s attention into more technical areas. Extending the ETI leadership team with the addition of a CTO is a natural progression and necessitates the search for an Executive Director to lead the Institute. ETI has hired an executive recruiter to help with the search.

“Recent trends have sharpened the focus of ETI, and our continued mission re-quires the dedicated energy of a seasoned technical leader, and the recruitment of an Executive Director,” said Robert Vogt, ETI Board Vice President of Marketing. “ETI offers an unparalleled networking ecosystem characterized by a collaborative environment with OEMs. These moves continue to position ETI as a highly valued, member-focused organization.”

Potter has more than 30 years of experience in the automotive industry and currently participates in over 25 SAE and ISO Committees. He served on the Board of Directors for I-CAR International from 2006-2013 and been involved in NASTF since its inception. He holds a Master of Business Administration, BS – Electrical Engineering and an A. ApS – A.E. – Mechanical Engineering Technology.

 

Editorial Contact: Juli Sweet
Company: Equipment & Tool Institute (ETI)
Phone: +1 248-656-5085
jsweet@etools.org

About ETI
ETI’s mission is to enable the success of our members via championing of collective interests in an environment of increasing vehicle complexity, rapid change and heightened concern over the safety and security of vehicle repair. We promote the evolution of a viable Automotive Aftermarket by protecting the intellectual property of our members and maintaining a secure repository for OEM data. ETI offers an unparalleled networking between members and OEMs in a collaborative environment.

Over the past half century, ETI has become the forum to resolve common issues concerning equipment and tools for the automotive industry. Though our programs and services, the Institute has made possible the sharing of information and meeting the changing needs of the automotive service market.

Learn more at etools.org


Secure Vehicle Communication Tool Authentication Resolutions

The membership of the Equipment and Tool Institute (ETI) has completed its position paper on secure vehicle communication tool authentication. The document titled “Secure Vehicle Communication Tool Authentication Resolutions” addresses ETI’s stance on key issues surrounding the methods involved with diagnostic tools communicating with secured modern vehicle networks.

The paper addresses five categories of this eco-system:

  • Business
  • End User and Customer
  • End User Privacy
  • Marketplace
  • Product

Document summary “Institute membership acknowledges that vehicle security is of paramount concern to vehicle manufacturers, as design of electronic control unit and datalink communication networks now may include requirements from the cybersecurity community. The Institute also acknowledges that a majority of vehicles in operation are diagnosed and serviced in an aftermarket repair center. By preparing these resolutions, the Institute is transparently sharing its requirement for diagnostic products to be included in the discussion with vehicle manufacturer electronic system and cybersecurity designers to ensure they can continue to provide diagnostic products to the aftermarket service centers which in turn can then continue to service the complex vehicles of today and in the future.”

The full document is available for download from the ETI website www.etools.org under the “About ETI”- “Key Documents”


J1939 Q4 Quarterly Meeting Notes

By Rick Matz November 14, 2018

The J1939 Quarterly meeting was held in Indian Rocks, FL on Nov 5 – 7.

The Engine Manufacturers Association (EMA) has wrapped up their comments for the new heavy duty regulations. The hearing will be held Nov 15 or 16. The actual meeting invitation hadn’t gone out as of the date of the J1939 meeting update.

The EMA strongly objects to the NoX binning requirements as the technology for flash memory endurance for erase/write cycles won’t support the CARB requirements.

With the exception of the SAE ISO 21434 Cyber security design process document, Mark Zachos from DG Technologies is chairman for all of the SAE specifications related to cyber security for both light and heavy duty vehicles. He’s also the chair of the working group for the Technology Maintenance Council (TMC). Additionally, he is active in some of the ISO activities.

He presented a number of liaison activities that are taking place, how the various documents relate to one another, how they are being organized and some of the approaches various entities are taking.

The representatives of the HD industry that were in the room were very vocal that they wanted the J1939-91 document, which specifies cyber security for the HD industry, to have a model similar to what we’ve known as the Security Vehicle Interface(SVI). They want all vehicle communications to the outside world to pass through a single interface.

Something that will be required for cyber security throughout the industry is a standard for PKI management. The University of Michigan has had a research project called OASIS, which has been funded by several automotive OEMS, Tier 1s and the DOT.

A New Work Item Proposal (NWIP) based upon OASIS is being drafted and a specification proposal will be made soon.

OASIS is an open standard and open source code. More information may be found at: http://oasis-open.org

A European standards organization, ASAM, has become active with heavy duty. There is a proposed SAE/ASAM workshop to take place at the next quarterly J1939 meeting in February.

A presentation was made by the U of Tulsa on J1939 messages being transmitted with authentication and watermarking.

John Deere made a presentation on the adversary model that they are using in their own cyber security work which is based on AUTOSAR Sec OC.

Some of the assumptions John Deere is working under are:

  • They are indifferent to tools. The end points are secure, in between don’t care
  • They are using a Sec OC extension which transmits plain PGN (Parameter Group Number), but with encrypted data
  • The goal is to limit damage to a specific module; failing that, a specific vehicle
  • They employ multiple layers of independent security
  • There is no single answer for a single adversary at a single point
  • The security risks depends on the point of view

Work has been done on imposter detection on existing systems. This will be included into J1939-91.

The work being done on cyber security has hardware security implications on J1939-31.

I volunteered to help work on the SAE diagnostics specifications being chaired by Mark Zachos.

In the J1939-13 Off Board Diagnostics Task Force, which was last published Oct 2016, the discussion came to whether or not to specify CAN FD on the diagnostics connector.

Right now, the assumption is that CAN FD will be used for internal networks and NOT brought out the outside world under any SAE specification.

Classic CAN for OBD emissions related data is mandatory and is not going away.

Several manufacturers are planning on leap frogging over CAN FD on the connector and going directly to Ethernet since systems in ~10 years will require this any way. Then the discussion moved to Ethernet on the diagnostics connector.

The conclusion was to do nothing at this time. If CARB mandates CAN FD or Ethernet, then the document will address this. Otherwise, the committee will await direction from industry.

The J1939 Next Generation Task Force would be interested in seeing the results of our upcoming ADAS survey after we’ve presented this to our members. That would be the May J1939 meeting.

With regards to J1939 Functional Safety, several large truck manufacturers are going to use AUTOSAR. AUTOSAR has Sec OC for cyber security and the E2E (End to End) Libraries for functional safety. Just as cyber security and functional safety overlap, but are different things; Sec OC and the E2E Libraries have much overlap but are different.

The Tier 1 supplier community in HD in particular sees the needs for the J1939 specifications for cyber security and functional safety to be in alignment with AUTOSAR.

The J1939 committee is going to reach out to AUTOSAR through member contacts at Vector, CiA (CAN in Automation) and Kvaser to get some sort of dialog started and perhaps a workshop.

The J1939 Physical Layer Task Force reported that as of right now, CAN FD is not going to come out of the diagnostic port.

Also, ISO 14765-5 DoIP (Diagnostics over IP) ballot is in progress. This will have implications on the physical requirements for point to point CAN FD, intended for a gateway an the diagnostic port with a maximum length of 10m.

There was quite a bit of discussion on reorganizing the Classical CAN and CAN FD specifications so that common content(PGN, CAN ID structure, etc) can be separated out from technology specific content (data size, speed).

It was a lengthy discussion and at the end, it was decided to leave everything alone for now.

The J1939 Diagnostic Task Force wants to wait to make any updates to the specification until after the new regulations have been issued.

The J1939-84 Task Force reported that the statement of work for the new round of software is almost ready to be issued for a RFP. Some changes are expected as a result of the new final HD regs. Target for RFP to be issued is Jan 2019.

The IUMPR maintenance contracts are in place and Solid Design has been working on bug fixes and additional features.

The CAN FD Task Force is focused on the Transport Layer. Everything on CAN FD will be in a multi PG format with the exception of the Address Claim message. Messages may be shorter than 64 bytes in length. In multi frame transfers, all messages except he final one will have to be 64 bytes long.

Message priorities may well get messed up with this scheme. There is continual discussion hashing it out.

The only CAN FD stack available from Vector is an AUTOSAR stack. Is the same true for light vehicles?

Classic and FD CAN can’t exist on the same bus under this transportation protocol. This will have an impact on network architectures: Classic CAN sub nets, gateways and FD backbones.

There was also some discussion on the transition to FD and sunsetting Classic CAN. Security and Functional Safety will be the drivers.

TMC wants to work closely with SAE as they establish a position paper for trailer busses. They are planning on presenting at paper at the March TMC meetings which will state that it is TMC’s position that trailers should have a J1939 250K Classic CAN backbone for non brake, non running gear, non command and control functions.

This marks the beginning of what will probably become a long and close relationship between the organizations.

 


Challenges of Repairing Cyber-Secured Vehicles

Is your shop prepared?

by Robert Vogt IV   October 9, 2018

The cyber-secure vehicle is here. Fiat Chrysler Automobiles (FCA) introduced the Secure Gateway Module into roughly half of their 2018 product line and nearly 90 percent of their 2019 vehicles.

The Secure Gateway Module, which FCA refers to as the SGW, is essentially a firewall providing moderated access to the in-vehicle network diagnostic services. The gateway will ensure that the tool and user are authenticated (known) and authorized to perform certain levels of communication with the vehicle.

Prior to 2018, access to FCA diagnostic services was unregulated and open to anyone who obtained the knowledge to do so.

With current concerns about vehicle cyber security highlighted by a very public 2015 hacking of a Jeep, and a subsequent expose on 60 Minutes by DARPA, NHTSA has emphasized that the industry must find ways to prevent unauthorized access to the in-vehicle network that could potentially provide the ability to remotely control certain vehicle functions (acceleration, braking, steering, etc.). FCA’s answer to this concern is to introduce this SGW firewall to control access to certain functions, either through the diagnostic connector or the infotainment system in the vehicle.

So what does this mean to you as a technician? As of today, if you are trying to perform any routine diagnostics on vehicles with the SGW, you will need to have the FCA dealer tool, wiTECH2 and a license with FCA, along with a live internet connection to the FCA server.

In the near future, FCA is planning to initiate a process that will allow certain aftermarket scan tools to be able to unlock the SGW as well. This process will introduce a bridge server that will manage the connections from aftermarket scan tools and their respective manufacturer’s server and the FCA server that will provide the unlock keys.

But what will this entail?

  1. The scan tool manufacturer must be a licensee of FCA’s scan tool data.
  2. The scan tool must be capable of connecting to the tool’s manufacturer server to be able to request and receive the unlock key from FCA.
  3. A live internet connection must be maintained to the tool as it is connected to the vehicle in order to complete the unlock process of the SGW for that particular diagnostic session.
  4. If the diagnostic session is terminated or dropped, the full process must be repeated.
  5. The user of the tool and shop owner/administrator must register and provide a credit card to the FCA facilitator and pay a yearly fee.
  6. Every tool that needs access to unlock keys will have to be registered with FCA.

There are many concerns about this process.

  • How can I diagnose a vehicle where I cannot get a solid internet connection?
  • Are the scan tools I have capable of this online procedure?
  • Who is in control of my information, including credit card info?
  • Can I be turned down by FCA and not allowed to work on their vehicles?

But, the larger underlying issue is that FCA will not be the only car company introducing security methods for in-vehicle networks. It is assumed that all vehicle manufacturers will soon introduce enhanced security measures and, unfortunately, that they are all unilaterally developing unique non-standardized solutions that will wreak havoc for aftermarket scan tool manufacturers and their customers in repair facilities.

With no coordination or standardization, it will become nearly impossible for aftermarket repair facilities to use traditional all-makes scan tool solutions.

The Auto Care Association, The Equipment and Tool Institute and other aftermarket stakeholders have been encouraging auto manufacturers to develop a standardized process for repairers to safely and securely access vehicles for repair and maintenance.

Information provided by: IOSiX

 

 

 

 


Cybersecurity: A threat to repair industry that can’t be ignored

Article by Aaron Lowe –  Friday, September 28, 2018

There is no doubt cybersecurity is a growing issue for carmakers. It seems like the issue exploded in 2015 when two computer guys remotely hacked into a Jeep Cherokee to show how anyone could take over a vehicle’s internal systems and create mischief. The event, which went viral, caused Chrysler to recall over 1.4 million vehicles to try to prevent future intrusions. The hacking also caused Congress to put pressure on the National Highway Traffic Safety Administration (NHTSA) to look into the possibility of hacking through the on-board diagnostic (OBD) port. NHTSA subsequently put pressure on vehicle manufacturers to take action to protect the OBD port from intrusions. The final result was a standard (J3138) developed by the Society for Automotive Engineers (SAE) that was really less of a standard and more of a “best practices” for OEMs in trying to protect the port from intrusions from diagnostic tools and dongles.

While there is nothing inherently wrong with the SAE OBD port protection standard, it fails to address a major issue: mainly that every manufacturer is now attempting to address cybersecurity in its own way. Such action threatens to create huge issues for those involved in vehicle repairs, including shops and tool suppliers.

The absence of a standardized approach to vehicle cybersecurity has become overly apparent with FCA (Chrysler). FCA has built into its model year 2018 cars a gateway that requires any scan tool attempting to connect to the OBD system to obtain authorization from FCA before being able to access many key areas of the on-board diagnostic system. While details are still coming out, it is not apparent yet how that authorization will be obtained and who will be responsible for getting it — technicians or scan tool companies.

I am not faulting FCA for attempting to develop a comprehensive gateway for their vehicle systems. The problem is every OEM is seeking its own solution for cybersecurity without accounting for the reality that those cars will be repaired in shops that fix multiple makes and models. While many car companies might prefer that their vehicles only be repaired by an “authorized dealer,” most off-warranty cars are  repaired by independent repair shops.

Having standardized systems, such as an OBD connector, has worked well for everyone – OEMs, repair shops, dealers, and most importantly, vehicle owners. Shops armed with better service information and tools are able to ensure that cars are repaired properly the first time, making for more satisfied customers. Therefore, instead of developing silos for their cyber systems, OEMs should be seeking standardization that protects vehicles while still providing access to diagnostic systems.

The aftermarket, meanwhile, needs to help identify solutions that ensure independent shops can have safe access to vehicles so that they can still be diagnosed and repaired. The Auto Care Association, working with other groups, has developed a solution known as the Secure Vehicle Interface. SVI is a collection of 20-plus industry standards that provides for a firewall protecting critical vehicle systems while permitting an interface between the internal vehicle network and an external device or network — enabling secure information exchanges. The same firewall can protect wired and wireless connections, and identity and access are managed using digital certificates. Further, it is retrofit-able, so it can be used on cyber-vulnerable vehicles already on the road.

A major difference between the FCA system and SVI is that the latter is standardized, which means every OEM would implement it the same way. This would enable scan tool companies and shops to access the data they need to repair a vehicle, and it would protect vehicle systems from unauthorized access.

SVI is not a dream nor some far away goal. If you are attending AAPEX in Las Vegas, you will have the opportunity to see SVI in action during demonstrations of its capabilities. Hope to see you there.


Fall Conference Summary – SAE OBD Symposium, TMC Fall Meeting and Auto ISAC Conference

Fall Conference Summary

by Rick Matz

 

2018 SAE OBD Symposium

The SAE held the 2018 OBD Symposium in Indianapolis this year.

By mistake, the SAE scheduled the OBD Symposium the same week as the Commercial Vehicle Conference (COMVEC), which took place in Chicago. Many people and exhibitors attend both events and had to make some choices this year.

Even with the error, the >350 people who attended the OBD Symposium set a new record for the Indianapolis event, which is held every other year. The alternate years are held in Southern California.

More and more countries are instituting their own OBD standards. Fortunately, none of them are creating regulations from scratch, but are leaning heavily on either the US OBD II or the Euro 6 regulations.

As these countries get involved with their own OBD regulations and certifications, without having the prior history or experience, more opportunities are opening worldwide for scan tools, test equipment and consulting.

There were several cyber security related presentations. Many different approaches to secure vehicle communications continue to be proposed.

It’s clear that all the automotive OEMs are working very hard, at a fast pace to implement some type of security on their vehicles. It also became very clear that these multiple approaches will be nothing short of a nightmare for not only the aftermarket, but for downstream suppliers as well.

With regards to cyber security, the high point was the agreement in the room that talking about cyber security to OBD people, as though these were the people who set policy, was misguided. The people who are responsible for meeting OBD II requirements are consumers of cyber security, not producers.

It was suggested loudly, vigorously and repeatedly that the SAE convene a forum inviting OEM cyber security and networking management and engineers, as well as other stake holders such as the aftermarket, to voice what are everyone’s interests and concerns and to begin working towards some consensus.

2018 TMC Fall Meeting

The 2018 TMC Fall Meeting was held in Orlando, FL.

Where the spring meeting featured a very large exhibition area, the analogous space at the fall meeting was taken up by the technician competitions.

A constant theme that ran throughout the meeting was a chronic shortage of drivers and technicians.

As SAE level 3 and 4 ADAS systems take root in the heavy duty space, and level 5 (fully autonomous) comes into view, the fleet operators have every incentive to aggressively adopt the technology to mitigate the ability to hire perhaps less skilled drivers to fill their needs.

Under the new tax laws, fleet operators can amortize a truck in only 3 years, which will allow them to upgrade their fleets rapidly.

With regards to the technicians, the large fleets are adopting big data and prognostics, the ability to predict failures before they happen, to streamline maintenance and help to reduce the stress.

The fleets are also asking for smarter, more powerful tools to help offset the shortage of technicians.

The plan for RP1210D is to have it up for ballot in the spring of 2019.

The cyber security session began with a review of the liaison activities that are underway between the light and heavy duty SAE committees and with CyWatch, the trucking industry equivalent to the Auto ISAC. Not much was said of ISO activities.

The ISO activities in cyber security should not be overlooked as the ITS committee is going to determine the future course of V2X, which will be the enabler to smart infrastructure, upon which the fleets will be heavily dependent.

There was a good presentation for CyWatch. Like light duty, heavy duty vehicles are not yet being attacked by anyone other than researchers, but like every company, fleet operators are enduring thousands of attack every day on their servers.

CyWatch is operated by the ATA (American Trucking Associations) and is the equivalent of the light duty Auto ISAC. The prime difference is that the main members of CyWatch are the major fleet operators rather than the automotive OEMs. CyWatch is partnered with the Auto ISAC and exchanges information with them.

2018 Auto ISAC Conference

The 2018 Auto ISAC Conference was held in Detroit. The conference was heavily supported by government agencies such as NHSTA and DHS. Every single panel has someone from government represented. I think this shows the commitment and concern by the government regarding cyber security in the automotive segment.

Except for researchers who have funding, time and access, a car hasn’t been hacked in the wild yet. The attacks automotive companies are seeing, like those in heavy duty are at the server level. Having said that, Bill Evanina, the Director of the National Counterintelligence and Security Center says that after human threats (employees stealing technology for foreign entities) a ransomware attack on vehicles is what he fears most.

The DHS hosed a recent wargaming exercise which included thousands of participants spread over dozens of companies, which mimicked a ransomware attack on cars. What caught the OEMs off guard was the (simulated) damage done by the resulting social media firestorm because of the attack.

The one activity in the SAE which was often referenced and had a presentation dedicated to it was the joint ISO/SAE 14234 document which lays out a “Security Framework.” ISO/SE 14234 grew out of the SAE J3061 activity.

This framework doesn’t specify what technology anyone should employ when designing a cyber security system, but rather suggests how to go about designing one.

ISO/SAE 14234 has created something names a Cybersecurity Assurance Level (CAL) which is analogous to the ASIL lever in Functional Safety. The CAL doesn’t guarantee how secure a system is; it indicates the rigor that went into the design of the system.

In the future, you can expect that a CAL level will be used by purchasing organizations in sourcing systems.

The Department of Defense is beginning an exercise this fall, where they will be developing a framework for purchasing elements which contains cybersecurity. The DOD has the biggest fleet in the world. It will be a (short) matter of time before this framework is used in all Federal fleet purchasing and will filter out to state and local jurisdictions as well as privately owned fleets.

There was a section on autonomous vehicles and cybersecurity. The risks of tampering are heightened in a driverless vehicle.

As with every other segment, the shortage of cybersecurity specialist was a constant theme. Universities are now beginning to issue degrees specifically for cybersecurity, but it will be years before the pipeline feels the impact. In the meantime, industry is going to have to convert existing engineers into cybersecurity specialists.

The field of cybersecurity is huge, and the task will be never ending. Even when defenders are successful in thwarting the attackers, the defensive systems are going to constantly need to be refreshed to prevent the attackers from having a static target which they can analyze.

This is a big enough task, but there is a new wave of regulations coming to consider: privacy laws.

The EU adopted the Genera Data Protection Regulation in 2016, which became enforceable in May of 2018. This regulation has very strong language regarding data ownership and protection. This year, California passed a sweeping privacy law which is to take effect in 2020. With the adoption by California, it is only a (short) matter of time before a Federal law is passed.

Are you taking a VIN number off a vehicle with your scan tool? What are you doing with it? How is it stored? Do any third parties have access to it?

GDPR will be our next hurdle before we even get cybersecurity fully sorted out.

 

 

 

 


John Deere Just Swindled Farmers Out of Their Right to Repair

The fight for our right to repair the stuff we own has suffered a huge setback.

As anyone who repairs electronics knows, keeping a device in working order often means fixing both its hardware and software. But a big California farmers’ lobbying group just blithely signed away farmers’ right to access or modify the source code of any farm equipment software. As an organization representing 2.5 million California agriculture jobs, the California Farm Bureau gave up the right to purchase repair parts without going through a dealer. Farmers can’t change engine settings, can’t retrofit old equipment with new features, and can’t modify their tractors to meet new environmental standards on their own. Worse, the lobbyists are calling it a victory.

The ability to maintain their own equipment is a big deal to farmers. When it’s harvest time and the combine goes kaput, they can’t wait several days for John Deere to send out a repair technician. Plus, farmers are a pretty handy bunch. They’ve been fixing their own equipment forever. Why spend thousands of dollars on an easy fix? But as agricultural equipment gets more and more sophisticated and electronic, the tools needed to repair equipment are increasingly out of reach of the people who rely on it most. That’s amplified by the fact that John Deere (and the other equipment companies represented by the Far West Equipment Dealers Association) have been exploiting copyright laws to lock farmers out of their own stuff.

Repair is a huge business. And repair monopolies are profitable. Just ask Apple, which has lobbied over and over against making repair parts and information available to third-party repair shops. That’s why Big Ag has been so reluctant to make any concessions to the growing right-to-repair movement.

At first blush, last week’s deal between the Farm Bureau and the equipment dealers might look like a win for farmers. The press release describes how equipment dealers have agreed to provide “access to service manuals, product guides, on-board diagnostics and other information that would help a farmer or rancher to identify or repair problems with the machinery.” Fair enough. These are all things fixers need.

But without access to parts and diagnostic software, it’s not enough to enable farmers to fix their own equipment. “I will gladly welcome more ways to fix the equipment on my farm. Let’s be clear, though, this is not right-to-repair,” explained San Luis Obispo rancher Jeff Buckingham. “At the end of the day, I bought this equipment, and I want everything I need to keep it running without relying on the manufacturer or dealer.”

There’s also nothing new in the agreement. John Deere and friends had already made every single “concession” earlier this year, and service manuals had already been available to purchase. They must have read the writing on the wall when California’s Electronics Right to Repair Act was introduced in March. Right-to-repair bills have proved overwhelmingly popular with voters—Massachusetts passed its automobile right-to-repair bill in 2012 with 86 percent voter support.

Just after the California bill was introduced, the farm equipment manufacturers started circulating a flyer titled “Manufacturers and Dealers Support Commonsense Repair Solutions.” In that document, they promised to provide manuals, guides, and other information by model year 2021. But the flyer insisted upon a distinction between a right to repair a vehicle and a right to modify software, a distinction that gets murky when software controls all of a tractor’s operations.

As Jason Koebler of Motherboard reported, that flyer is strikingly similar—in some cases, identical word-for-word—to the agreement the Farm Bureau just brokered. The flyer and the agreement list the same four restrictions:

  • No resetting immobilizer systems.
  • No reprogramming electronic control units or engine control modules.
  • No changing equipment or engine settings that might negatively affect emissions or safety.
  • No downloading or accessing the source code of any proprietary embedded software.

These restrictions are enormous. If car mechanics couldn’t reprogram car computers, a good portion of modern repairs just wouldn’t be possible. When you hire a mechanic to fix the air-conditioning in a Civic, they may have to reprogram the electronic control unit. When electronics control the basic functions of all major farm equipment, a single malfunctioning sensor can bring a machine to its knees. Modifying software is a routine part of modern repair.

Prohibiting modifications to systems that might affect emissions also means that farmers can’t upgrade tractors to meet new requirements. This could force farmers to buy new equipment when emissions standards change—an insidious move toward planned obsolescence.

That’s why a national group of farmers has been fighting for their right to modify software. Together, the American Farm Bureau Federation, the National Corn Growers Association, the National Farmers Union are working with the Electronic Frontier Foundation to petition the US Copyright Office to exempt farm equipment from the anti-modification provisions of the Digital Millennium Copyright Act, which has been bafflingly stretched to cover tractors and combines (equipment manufacturers claim they’re worried about piracy). The petition explains:

It is necessary to access the electronic control units to diagnose and repair a malfunctioning agricultural vehicle, as well as to lawfully modify the functions of a vehicle based on the owner’s specific needs in cultivating his or her land.

There are many farmers modifying their equipment to fit their land’s needs. Members of the farm equipment electronics community Farm Hack have designed custom 3-D-printed seed rollers, programmed Arduinos to consolidate greenhouse operations, and developed all kinds of sensors and warning lights. A group of university students at Cal Poly is working to reverse-engineer John Deere’s software protocol. And a third-party company called Farmobile makes a device that plugs into all different kinds of large farm equipment so farmers can access their data without going through John Deere.

Where California farmers go, the rest of America follows—and in this case, that’s dangerous. The state produces more food by far than any other in the nation, accounting for two-thirds of all US-grown fruit and nuts. By agreeing to the spurious distinction between “repair” and “modification,” the California Farm Bureau just made the EFF’s job a lot harder. Instead of presenting a unified right-to-repair front, this milquetoast agreement muddies the conversation. More worryingly, it could cement a cultural precedent for electronics manufacturers who want to block third-party repair technicians from accessing a device’s software.

As a nation of repair advocates, we need to reject toothless deals like this. We must define right to repair in a way that supports the needs of individuals and small growers, not the bottom line of enormous corporations.

This deal is no right-to-repair victory. Don’t let John Deere—or the California Farm Bureau—call it one. Real progress isn’t going to come until a state passes real Right to Repair legislation. And momentum is building. Twenty states, including Iowa, Kansas, and Nebraska, considered bills this year. Although none have passed yet, John Deere is clearly feeling the heat.

WIRED Opinion publishes pieces written by outside contributors and represents a wide range of viewpoints. Read more opinions here.

 


Telematics Update – Detroit

Telematics Update – Detroit 2018
By Rick Matz

Telematics Update Detroit 2018 took place in Novi Mi, on June 6-7, 2018.

TU suffered from the fact that the ITS America conference also took place at the same time, in downtown Detroit. The reduced participation of the OEMs and major Tier 1 suppliers was evident.

The themes of TU were as expected: Cyber Security, Connectivity and Autonomous Vehicles. The hype about electric and hybrid vehicles was absent. Are these technologies considered mature enough where the excitement over new developments no longer gains traction?

The Cyber Security situation in automotive has come to remind me a lot of the Y2K “Crisis” at the turn of the century. While it was a good idea to review the legacy software at the time, many consultants made a lot of money and you have to wonder just what it is that they contributed.

The OEMs are individually working at a breakneck pace trying to lock down their vehicles. Organizations all around their world are holding countless cyber security conferences. It seems that there is no end to the list of cyber security standards and recommended practices that are being published.

The AUTO-ISAC appears to be the most sensible place to begin making sense of automotive cyber security. They promote open communication among their expanding membership and between members and non-members. They too publish recommended practices based upon the experience of the members and from other ISACs. They facilitate spreading the news of a security breach and actions taken among the membership and to effected outside parties.

The AUTO-ISAC has reached out beyond the OEMS to include Tier 1 suppliers and even the Heavy-Duty manufacturers.

The rollout of 5G communications is going to be the big enabler for connected vehicles. 5G promises higher speeds, lower latency and power consumption. It is with 5G that at least the underlying communications technology will exist to have “everything connected to everything else.”

Infotainment systems that are enabled for 5G will be in production by 2021. That is just around the corner.
Expect this to be a long rollout. The communications companies have a lot already invested in 4G (LTE) technology, which doesn’t appear to be going away anytime soon. The big driver for the technology change will be the cellular communications industry. A second headwind will be the cost and time it will take to build out the 5G infrastructure; particularly when it comes to V2I.

As always, there was a lot of discussion about autonomous vehicles. It seems that the expanding fleet of 1000 or so fully autonomous vehicles that are driving around on our roads right now are leading the way toward developing and refining new features, which end up getting implemented in increasingly advanced ADAS systems that go into production.

For wide spread adoption, even representatives from UBER thinks that we’ll see a bottom up approach through the growth of ADAS systems. UBER will however, introduce limited numbers of fully autonomous vehicles in restricted areas of operation to gain experience and limit their risks as they introduce new technologies. For example, humans are very good at improvising pick up and drop off spots. AVs are not. UBER will have to gauge how well customers accept that. They are also planning on operating their own service garages, as they anticipate that these vehicles will require maintenance daily and they realize that there is a lot that they don’t know about what they would be getting into.

Lastly, it seems that at every conference recently there is a presentation on Blockchain. Blockchain technology maintains an immutable ledger that records every transaction a data item takes. A data item could be a whole car, a component, a byte of data; virtually anything.

Blockchain will have an impact on supply chain management, data collection and maintenance among a myriad of other areas in the automotive industry. Being able to audit every transaction that takes place in a car, a component or a piece of data will change how business is conducted and will affect every one of us.


ETI Tech Week 2018

ETI Tool Tech 2018 Recap
Contributed by Bob Chabot

ETI ToolTech Focuses on Emerging Technology and Industry-Shaping Trends

The Equipment and Tool Institute hosted ToolTech 2018 — it’s annual open-to-the-industry event — in Tucson, AZ, from May 1-4, 2018. Here’s a recap of the annual ETI business session and the reports describing the macro forces shaping our industry.

Business Meeting — ETI’s foundation remains solid.
“The automotive industry in general and Equipment and Tool Institute (ETI) members in particular continue to grapple with ‘winds of change’ themes,” stated Executive Manager Greg Potter, when he opened the Business Session at ToolTech 2018 in early May in Tucson AZ.

“Electrification, shared mobility, connectivity and automated vehicles are the driving themes of our time in automotive service. Locking down vehicle networks to authorized users and devices, and standardizing ADAS are just a few of the near-term issues we are working on. In particular, key initiatives of interest to ETI members today include more proactive cybersecurity, establishing trust anchors for authenticated diagnostics and continuing access of scan and other diagnostic vehicle data. Those will be the focal points of the sessions and presentations that comprise this year’s ToolTech event.”

The ETI Business Meeting reviewed key metrics and featured the passing of the gavel to a new ETI President and Charmin of the Board. Total membership is 106, with 87 full members. From a financial perspective, ETI continues to remain in good shape. In 2017, ETI once again added marginally to members equity verses a predicted reduction.

Like at all ToolTech meetings, there is a changing of the guard. Brian Herron (of Drew Technologies) retired as Board President and passed the gavel to Jim Fish (of Lemur Vehicle Monitors). “Membership in ETI allows us to evolve,” noted Herron. “When I joined ETI in 2006, there were no J2534 devices or advanced driver assistance systems (ADAS), and if I recall correctly, fellow board member Robert Vogt only had one PhD”. New President Fish added, “We’re in a time where as rapid as change is, for us right now, it will be the slowest it will ever be. This year going forward, I want the year to be a year of lifting ETI members up.”

Economic Outlook — New Market Realities ETI Members Must Adjust to
William Strauss, Senior Economist and Economic Advisor, Federal Reserve Bank of Chicago, shared several insights in his economic outlook for the next few years. “In just a few days after this ToolTech event, we will reach the longest economic expansion in U.S. economy history. In fact, all the top 10 leading economic indicators the Chicago Fed follows (e.g. stock market, total employment) continue to rise. ‘Productivity growth,’ one of my favorite indicators, is up substantially, and if this trend continues, wage hikes will be more affordable.”

“In the automotive sector, 2017 hurricanes destroyed nearly 1 million cars, which led to a surge in sales near end of the year. But two major shifts are in play. Light trucks continue to rise (up 8 percent in 2017), at the expense of light duty passenger cars (down 13 percent year-to-date). In addition, import vehicles are poised to overtake and exceed domestics brand vehicle sales. The industry has to adjust to the market realities, so is anyone really surprised by Ford’s decision to scale back passenger car production to just three models?”

Legislative Update — Free Trade, Tariffs and Continued Vehicle Data Access
Chris Gardner, the ‎Automotive Aftermarket Suppliers Association’s Vice President, is responsible for technology and legislation. He briefed ToolTech attendees on activities related to finalizing a new NAFTA agreement, concerns over the impact of tariff policies on the U.S. aftermarket, measures to reduce the sales of counterfeit parts, and encouraging the U.S. Copyright Office to continue exemptions in its late 2018 decision that would allow the aftermarket to access software and data on automobiles.

“Our industry faces three distinct headwinds right now,” Gardner noted. “Nobody knows the next technology out there. We don’t know who is going to acquire and who is going to be acquired? And nobody knows what the current President and his Cabinet are going to do or say next. For example, NAFTA negotiating parties are close to a deal, but the ability to get approval from Congress remains up in the air; in particular, we are trying to get a 4-year phase-in of the proposed increase to 75 percent local content re: The Rules of Origin on Autos. Regarding tariffs, with respect to USTR Section 232, which protect national security interests, we are concerned that high tariffs, notably on metal companies in China, Canada and others, could negatively impact U.S. automakers.”

“AASA currently sees three technologies dominating in the future,” he continued, “Namely electrification, shared mobility, and autonomous driving. The recently passed HR 3388 (Self Drive Act) by the U.S. House should help open access to vehicle data, which is good news for the aftermarket. In addition, AASA and other aftermarket groups have informed the U.S. Copyright Office they support a continuation of exemptions that prevent the automakers from having full control of vehicle data, software and other information. We must all recognize that we can be stronger with more collaboration amongst our aftermarket associations.”

Emerging Technology — Are we Enabling Service-Readiness in Time?
“Emerging technologies — such as ADAS, advanced propulsion systems, automated driving, connectivity and others — has effects on the aftermarket,” said Joe Register, the Auto Care Association’s vice president for Emerging Technologies. The not only impact the automotive aftermarket in general, but service and repair shops and technicians specifically. Consumers and the general public are also impacted.”

“What’s critical is that emerging technologies, today and tomorrow, must be able to be serviced and repaired when necessary,” he added. For example, the thrust of ADAS technology has been in the collision review arena, with many presentations by automakers on the space, equipment, tools and other necessary requirements to effect repair. Given that motorists, on average, have an accident every seven years, it begs the question: Who is going to check ADAS systems, service them and repair them until then? The mechanical service and repair businesses in the aftermarket need to know what they have to do to check, inspect, diagnose and repair in the interim. These are the businesses that see vehicles two to three times a year. Where’s the training they need now, with many vehicles equipped with ADAS systems being sold now?

Register focused on how the aftermarket is organizing to address these and other effects of emerging technology. He noted aftermarket organizations have formed a collaborative coalition to speak with one voice to automakers, regulators, governments and other stakeholders. History has shown us that when the aftermarket comes together — be it right-to-repair, access to data, vehicle security or other issues — it is most effective.


The Equipment and Tool Institute Hires Julianne Sweet as Marketing and Events Manager

The Equipment and Tool Institute today announced that Julianne (Juli) Sweet has joined the organization as the Marketing and Events Manager.  Juli will be responsible for directing the Institute’s marketing programs, activities and events.  

Juli brings with her 15 years of experience coordinating, managing and delivering successful meetings and events. Juli has a proven track record of creating innovative and memorable experiences for attendees of all types.

In addition to events, she will also be responsible for ETI’s marketing efforts, overseeing ETI’s brand management across all platforms. She will handle marketing plans, strategies and implementation including ETI Social Media accounts e.g., Facebook, LinkedIn, and Twitter.

Juli worked at NGK Spark Plugs (U.S.A.), Inc. as their Corporate Events Planner responsible for highly-detailed development of events and promotions aimed at engaging sales staff and clients.  She has extensive knowledge in negotiating contracts, site and vendor selection, budget management as well as full execution of plans for all major corporate events, including North American sales and marketing meetings, international customer trips and other industry events for the Aftermarket and OEM departments.“Juli will bring us some hi-powered experience in creating and marketing memorable events. She is hitting the road in full stride in quickly grasping the wheel for our next Tool Tech event rapidly approaching April 30 through May 3 in Tucson, AZ!” stated Greg Potter, ETI’s Executive Manager.

Juli attended Central Michigan University and graduated with a Bachelor of Science in Education and Psychology.   

Founded in 1947, the Equipment and Tool Institute is a trade association of automotive tool and equipment manufacturers and technical information providers. ETI’s mission is to: Advance the vehicle service industry by providing technical data and open dialog between the manufacturers of transportation products, government regulators and the providers of tools, equipment and service information.

For more details about ETI programs and activities, contact Juli Sweet, Marketing and Events Manager, Equipment and Tool Institute, 37899 W. 12 Mile Road, Farmington Hills, MI  48331. Cell: 248-412-3460 / Office: 248-656-5085; Email: jsweet@etools.org.

Equipment and Tool Institute
37899 W. 12 Mile Road
Suite 220
Farmington Hills, MI  48331
248-656-5080
www.etools.org