The automotive fear of going open
Dr. Moritz Neukirchner
Technology strategist software-defined vehicle | LinkedIn Automotive Engineering Top Voice | Strategic Product Management
How many cases do you know, where companies have successfully build a business around an open-source project? The list is countless.
How many cases do you know, where companies have taken a software product and created a successful open-source project out of it - while still doing business with it? This list is incredibly short.
In the realm of the software-defined vehicle, everyone is shouting for collaboration and open-sourcing. Eclipse Software Defined Vehicle and Connected Vehicle Systems Alliance (COVESA) being the poster boys in the field trying to collaboratively develop the software-defined vehicle in open-source. Makes me wonder, if everyone - including OEMs - would love to have an open-source solution so much, why are we seeing so many proprietary Automotive OSes?
I think the root cause lies in my initial questions above. It is just way easier to build a business around an open-source project rather than converting a software product into an open-source project with a sustainable business model.
Where the Automotive industry is starting
First, we have to consider the starting base for the majority of the automotive industry. Software assets come from a fragmented supplier base. Operating system, middleware stacks, application components coming from highly specialized companies. There is a multitude of software suppliers (traditionally in the role of a Tier 2 supplier) delivering the software assets for integration into ECUs. These assets are either custom developed for the specific customer, or are software products sold to ECU projects for different OEMs, as for e.g. AUTOSAR stacks. The development processes are proprietary to the individual vendors, as the automotive-specific development processes like ASPICE or ISO26262 create a high entry barrier for the market and has historically made the use of open source software hard. In the past, the share of software development directly at OEMs has been comparatively low.
As a result, the supplier base with the domain-specific knowledge that are capable of qualifying and maintaining software for the automotive market is full of companies that have software products or develop software that they do not own the IP to as it was developed as a service contract for a Tier 1 or OEM.
Virtually, every supplier with own software assets is facing the situation that going open source means converting a software product that was developed with proprietary ASPICE processes into an open source project.
What it means to go open-source
The article "An in-depth guide to turning a product into an open source project" by Stephen Walli from 2016 gives very good insights what such a transition means (I highly recommend to read the full article - not just my very short summary here):
However, even these basic steps pose a significant hurdle. For the first step, you need to check whether you have the rights to open source and if libraries are used, whether they have a compatible license. In this case, e.g. the AUTOSAR standard is still posing issues today, because it restricts the use to AUTOSAR members. This is the reason why e.g. the SOME/IP implementation SommR in Eclipse Software Defined Vehicle cannot be published yet. Further, of course the published code must be "clean" in the sense of not exposing data of existing customers, as frequently found in code comments.
领英推荐
Publishing the build environment is where many suppliers see their secret sauce. They are capable of performing automotive qualification or safety certification - a major market entry barrier for many non-automotive companies. Further, these tool chains often make use of proprietary tools as e.g. safety certified compilers or tools for code analysis. Therefore, although rebuilding the source code may be easily possible for contributors, rebuilding it to be used in a productive environment is not. Even if the complete chain can be open-sourced, it would require a community to follow e.g. ASPICE processes in an open-source setup making the building of a community difficult. Therefore, this is not only about opening up the build environment but the process framework around the development to enable contributors to make "compliant" contributions.
Accepting contributions and building a genuine community is a cultural change for many companies in the automotive domain, but also requires a corresponding organizational change. How is the governance of potential code contributions handled? If liability shall still be assumed by a company (as part of an open-source business model), how does the governance model support this? Establishing a communication channel to moderate the contribution and review process is essential.
Further interesting thoughts on the topic can be found here.
The business side
The most fundamental questions are not technical though. How do you transform a business model for software products into a business model around an open-source project - especially when considering that the product has existing customers with the current model and existing projects with long maintenance requirements.
Already today most automotive software companies recognize the fact the value does not lie in the software itself but in the organization to build, qualify, maintain, and release the software. This is also the reason why most software solutions in the automotive domain are already delivered in source code to customers today.
Still, you cannot undo open-sourcing your product and most companies shy away with the fear of someone else picking up the software and doing the build, qualification, maintenance, and release on their own. Half-hearted open-sourcing of existing software like COMASSO for the Classic AUTOSAR software that still requires purchasing the original product to actually build an ECU is bound to fail as the community for contributions does not build up.
Current reality
Out of these considerations, we can easily understand the current state of open-source initiatives like Eclipse Software Defined Vehicle and Connected Vehicle Systems Alliance (COVESA) in automotive. Foremost, they provide a legal framework and communication/collaboration platform to organize an open-source community. Naturally, they do not take care of establishing a business framework for contributing companies.
Almost all contributions are original contributions. Not because existing software is bad and needs to be rewritten (although some comments on my previous articles assume that), but because creating new open-source projects and building a business around it is easier than transforming existing business. We see things like container orchestration for automotive workloads with Ankaios, or a middleware communication layer based on the vehicle signal specification (VSS) with KUKSA. Yet, we do not see open sourcing of an existing safety-certified operating system or middleware yet, i.e. transformation of a product into an open source project. What we do see are efforts to safety-certify open-source software like Linux, i.e. to build a business around existing open-source software.
I think the potential of open-source in automotive is not exploited today. It will take courage and a smart way of transforming existing business models. What is your take? What model will be the key to success in the future?
Technical Specialist at Google
1 年My assessment, Eclipse is more of a forum for service providers & tier1 to find new business opportunities in midst of Shrinking pie .?Best bet would be for like minded Tier1s to carve out a seperate company by pooling their resources with real business stakes & replicate Huwaei model facilitated by Eclipse . ( FYI; huwaei is top contributor to open source and building everything from scratch including for auto https://news.itsfoss.com/huawei-kernel-contribution/) Maybe I am wrong , but so far ,?I?find vision of Eclipse as a broker , too narrow or lack big vision to create any big impact on SDV landscape. So far traditional auto ecosystem is lacking big vision to embrace fast paced developments of SDV
Software architect at leading SoC
1 年EB has announced partnership with Ubuntu . Maybe you can share more insights based on it, on how you would take a lead in addressing the points you have raised in this blog & set a standard for the auto industry. waiting for some concrete steps EB is taking to addess the points you have raised, There are too many articles on pain points and roadblocks ,but industry need answers on path forward.
Senior Scientist, Senior Software Safety Engineer, Senior Software Engineer, Chemist
1 年During over 20 years working as a software safety engineer I have never seen a safety-certified operating system as implied by this post. Every safety certified operating system must be certified for each system. For instance, there are different certification issues for a uniprocessor system and a multiprocessor system. Automotive designs use many processors connected by a variety of network architectures. Each network protocol serving a safety critical system must be deterministic in both timing and temporal order of message packet delivery. The operating system must work correctly not only with the CPU architecture, but it must also work correctly with the networking protocols. The operating system must not create network traffic priority inversions while supporting guaranteed delivery of messages within a specified time window. Each safety critical operating system must be shown to be without error on the target hardware of a specific system, including all data I/O, error detection and recovery, and process and thread priorities. The same safety concerns apply to middleware. In an open system software environment who is going to pay for the expensive and time consuming certification of operating systems and middleware?
Head of Rapid Prototyping Software Platform Development (ADAS)
1 年Building a business model on OSS is certainly a challenge. But there is at least one more reason to provide your own OSS projects or to actively participate in OSS development - fairness. No modern company, not a single commercial software product, works without the excellent OSS building blocks it is based on. Last but not least, companies show their software competence and increase their attractiveness for talented developers. Long term a good OSS strategy will be business critical finally.
Senior Manager Quality & Reliability | Operations | SQM | E&E |SDV & ADAS | SOTIF | SAE 21434 | ISO 26262 | AUTOSAR | ASPICE Competent Assessor & CyberSec | VDA PSCR | ITIL | AI Zealot
1 年The automotive industry has been hesitant to fully embrace open source software due to concerns about safety, security, and protecting intellectual property. Safety-certified operating systems and middleware require rigorous testing and compliance with industry standards, which can be challenging with open source software. Additionally, automakers invest heavily in proprietary software that gives them a competitive edge, making them cautious about open sourcing their products. To convert existing software into sustainable open source projects, a careful approach is needed, including clear governance models, partnerships with stakeholders and regulatory bodies, and balancing community collaboration with protecting interests.