Expert: New OEM tech, security concepts raise questions about aftermarket accessBy on
Business Practices | Education | Market Trends | Repair Operations | Technology
As automakers race to produce and secure increasingly technologically advanced vehicles, aftermarket industries and vehicle owners could be at risk of being left in the cold, according to one expert.
Ellis and Associates founder John Ellis, whose resume includes work for Ford and Motorola, related some of the fascinating and worrisome concepts being kicked around by technical whizzes and OEMs on Thursday in a Guild 21 call.
Ellis described the recent “Jeep hack” and “Tesla hack” by white-hat techies, done to raise public awareness of how vulnerable connected cars actually are. Even on unconnected cars, the OBD-II port creates a huge security hole — particularly as more parties like usage-based insurers plug devices into it.
The threat of cyberattack via the Internet or OBD-II isn’t just limited to owners and OEMs. For or a theory on how hackers could turn a collision repair facility into an “auto brothel,” see this coverage.
Such security concerns — the “Jeep hack” famously killed a Wired writer’s engine in the middle of a freeway — are leading some OEMs to consider ideas like encrypting the CAN bus networking a vehicle’s electronics, according to Ellis.
While potentially protecting vehicles from cyberattacks, encrypting the CAN bus could theoretically put mechanics, collision repairers, modders and hobbyists in the expensive position of needing OEM scan tools and licenses to perform diagnostics, according to Ellis.
Third-party scan tools could be boxed out, due to their inability to access the coded system, hypothesized Ellis, who stressed his analysis was merely an “opinion answer,” not a fact.
“The tool would still exist,” he said. “It would just be a) built or managed by the OEM, identified by the OEM and then controlled by the OEM.”
If OEMs discontinued support for earlier generations of their own scan tools, “there is the potential for some significant economic harm in terms of the shop,” he said.
One alternative to both using mixed-results third-party scan tools and buying every single OEM scan tool has been for shops to use the asTech, which beams vehicle information back to Collision Diagnostic Services. CDS has the licenses to OEM scan tools, and it performs the actual pre- and post-repair scans and gives the results to the shops.
A CDS executive said CAN encryption wouldn’t affect its ability to serve as a middleman alternative.
“It would not affect us in any significant fashion,” product development Vice President Walt McIntyre wrote in an email. “We do not interpret the data being transmitted. We might have to change some packet handling strategy, but nothing dramatic.”
Another potential complication for the aftermarket could be region-encoded parts, according to Ellis.
“Geocoding of automotive parts is now a topic on the minds of the OEMs as they are beginning to deal with, in their minds, what they think, is ostensibly a safety issue,” he said.
For mechanics, repairers and modders, such a move to ensure security — and brand quality — could mean “you can no longer swap parts.” European components, for example, couldn’t be used on an American car, Ellis said. (Of course, de facto geocoding also already exists when different international standards prevent countries from trading parts — witness a fried BMW which received a European lamp by mistake.)
Such geocoding isn’t necessarily limited to the high-tech realm. Ellis gave the example of Keurig, whose CEO Brian Kelley announced in 2013 that non-Keurig coffee pods would no longer work in “Keurig 2.0,” according to a transcript on Seeking Alpha.
“While we’re still not willing to discuss specifics about the platform for competitive reasons, we are confident it delivers game-changing performance,” Kelley said, according to the Seeking Alpha transcript. “To ensure the system delivers on the promise of excellent quality beverages produced simply and consistently every brew every time, we use interactive technology to help us perfectly brew all Keurig brew packs. Because of this the system will not brew unlicensed packs.”
Media reports indicate competitors like RealCup have already beat the system, which the Verge reported is based on infrared light examining the ink.
Ellis also pointed out the “very cool, very interesting, very fun” but likely difficult-to-refinish color-changing Nissan paint.
The technology works by sending electrical charges to realign nanoparticles of glass on the Nissan, causing a different color of light to be refracted at the eye. Voila: The car has a different paint color.
Ellis didn’t know much more about the technology, such as who could sell the paint and what kind of equipment or credentialing might be necessary for a refinisher to apply it.
“Lots of questions, and that’s why we’re raising it,” said Ellis, who earlier noted that the paint and refinishing industry didn’t seem to be discussing it much at SEMA.
All of these examples indicated that OEMs “aren’t necessarily as aware as they probably should be” of the concerns of a gigantic aftermarket, including the collision repair industry.
“If we’re not careful, we will end up in a world that is so controlled by the OEM … that we have issues in terms of choice,” he said.
Featured image: As automakers race to produce and secure increasingly technologically advanced vehicles — and vectors like the OBD-II port — aftermarket industries and vehicle owners could be at risk of being left in the cold, according to one technology expert. (Yuri Snegur/iStock/Thinmkstock)