Car Communications Testing

I’ve mentioned here a couple of experiments aimed at evaluating the feasibility and utility of more automated control systems for automobiles.  Google has been testing its self-driving car technology for a while now.  A European Commission research project called SARTRE has tested technology for “road trains”: groups of cars traveling together, with a leading vehicle being driven a selected driver, and the other cars following in an orderly fashion.

An article in Technology Review reports that a new project, being conducted at the University of Michigan, with funding from the US Department of Transportation [DOT], will test communications systems designed to let cars “talk” to each other, as well as to traffic control equipment.

Last month, the DOT awarded $14.9 million to the University of Michigan’s Transportation Research Institute to test the technology, known as vehicle-to-vehicle and vehicle-to-infrastructure communication. The system to be tested relies on dedicated short-range radio communication to allow cars to signal one another and receive messages from traffic equipment.

The system being tested will use GPS devices to get speed and position information for each vehicle; this data can be shared with other vehicles and traffic control equipment to enhance safety.  For example, a driver approaching a blind intersection might get a warning that another car on the cross street is approaching the intersection at high speed.  The driving portion of the test is slated to run for a year, and to involve about 3,000 vehicles.  Automakers participating in the project will provide 64 new vehicles outfitted with the communications systems; existing cars fitted with the new system will comprise the rest.

If the system proves successful in the test, it has the potential to significantly improve road safety.  The DOT estimates that something like 80% of serious crashes might be avoided or mitigated by using this technology.

DigiNotar Loses Accreditation

The fallout from the recent security breach at DigiNotar, a Dutch Certificate Authority [CA], continues.  As I’ve noted earlier, the major browser vendors have, effectively, “blacklisted” SSL certificates issued by DigiNotar.  Now, a diary post at the SANS Internet Storm Center reports that OPTA, the independent post and telecommunications authority in the Netherlands, has terminated DigiNotar’s accreditation as an issuer of qualified certificates, used to generate digital signatures, effective September 14.

These certificates are important, because the law in most member countries of the European Union, in accordance with EU guideliines, provides that digital signatures produced with a certificate from an accredited CA are legally equivalent to manual signatures.  The only way to contest such a signature is to prove fraud, so the existence of rogue signing certificates is potentially a very big problem.  (The diary post provides more detail on this, and references to the  pertinent EU directives.)  A process is now underway to notify holders of DigiNotar signing certificates.

OPTA reports there are about 4200 qualified (signing) certificates issued by DigiNotar. These will now have to be contacted by DigiNotar under supervision of OPTA. These certificate holders will have to seek another provider if they have not done so already.

OPTA’s report suggests that, in addition to failing to comply with the relevant EU technical standards, DigiNotar may have violated a number of local laws.

All of this will probably be somethings of a black eye for PriceWaterhouseCoopers, DigiNotar’s regular auditor.

The Economist also has an article on the DigiNotar situation.