Read on Twitter
There's a little confusion on my post about GM's "Ultium" battery system, so let me clarify what I "think" I know.
Ultium replaces the power-management wiring harnesses inside of a battery w/with low-power wireless.
They call it "Wireless Battery Management System" or "WBMS."
Ultium replaces the power-management wiring harnesses inside of a battery w/with low-power wireless.
They call it "Wireless Battery Management System" or "WBMS."
Cells in the pack are grouped into modules.
Each module has the smarts to detect the individual condition of each of its cells (charge, discharge, voltage, cycles, temp, etc.) as well as the capability to set parameters for charging/discharging of each cell.
Each module has the smarts to detect the individual condition of each of its cells (charge, discharge, voltage, cycles, temp, etc.) as well as the capability to set parameters for charging/discharging of each cell.
Each module wirelessly communicates w/a master node that monitors/configs the pack according to the application (vehicle, house, data center).
The master node goes though the Vehicle Intelligence Platform which is connected to a cell radio that allows 2-way communications w/GM.
The master node goes though the Vehicle Intelligence Platform which is connected to a cell radio that allows 2-way communications w/GM.
This gives several advantages:
- Easier to build packs
- Easier to replace individual modules within a pack
- Better real-time info on pack condition
- Remote diagnosis & failure warnings
- Ability to reprogram individual cells for better performance though the life of the pack
- Easier to build packs
- Easier to replace individual modules within a pack
- Better real-time info on pack condition
- Remote diagnosis & failure warnings
- Ability to reprogram individual cells for better performance though the life of the pack
It's the last 2 items that have my interest:
OTA diagnosis & individual cell programming means GM can tell you when you have an imminent failure & even reprogram the pack as it get older in order to extend life.
But it also means an attacker can do really bad things.
OTA diagnosis & individual cell programming means GM can tell you when you have an imminent failure & even reprogram the pack as it get older in order to extend life.
But it also means an attacker can do really bad things.
GM has done work on the security side (good on em!) by building the "Vehicle Intelligence Platform" that should supposedly prevent unauthorized access AND they claim end-to-end encryption.
But what I'm worried about is what happens on the GM "end."
But what I'm worried about is what happens on the GM "end."
Even if they've protected the local wireless communication of the pack, even if the communications is encrypted, even if the VIP keeps away unauthorized access, you need to ask:
"What has GM done to make sure the AUTHORIZED access doesn't do something harmful?"
"What has GM done to make sure the AUTHORIZED access doesn't do something harmful?"
Even removing a deliberate attack, if the GM authorized network sends an OTA update that wasn't properly quality-controlled and it flips the nominal voltage of 1 cell of hundreds in the pack to 37 volts instead of 3.7 volts, you get a fire.
If the OTA system gets hacked, you could have an attacker sending commands to an authorized system to stop charging modules to an entire fleet of vehicles.
Now... I'm assuming that GM has measures in place to stop these sorts of events... but I'm also saying that I wouldn't trust them until I know what those measures are.
And in case you think I'm being paranoid.
And in case you think I'm being paranoid.
