Self-driving cars and "safety-critical" software updates

As noted previously, the Automated and Electric Vehicles Bill currently under consideration by Parliament includes draft rules concerning the insurance of “automated” vehicles – being vehicles “designed or adapted to be capable, in at least some circumstances or situations, of safely driving themselves”.  Tesla, Volvo, and BMW amongst others have already developed vehicles with limited self-driving capabilities, although fully autonomous vehicles (i.e. those actually capable of driving themselves) are still in the testing phase.

Automated vehicles rely on a huge amount of complex programming, covering routine driving actions (braking, gear changes, acceleration, etc.), more complex functions (such as accident avoidance) and general internal monitoring of the vehicle's condition.  Under the Bill, insurers will be permitted to exclude or limit cover for “insured persons”, or to recover moneys paid out under the policy from such persons, in certain circumstances including where the relevant accident occurs as a direct result of a “failure to install safety-critical software updates that the insured person knows, or ought reasonably to know, are safety-critical”.

But what is a “safety-critical” software update?  The Bill as drafted gives a circular definition: software updates are “safety-critical” if it would be “unsafe to use the vehicle in question without the updates being installed”.  As such, we must look elsewhere for guidance.

Under s40A of the Road Traffic Act 1998, a vehicle is “in a dangerous condition” if use of that vehicle involves “a danger of injury to any person”.  S75 states that a vehicles is “unroadworthy” by reference to the same measure.  The theme of a vehicle posing a “danger” to a person is also seen at s100 of the Road Vehicles (Construction and Use) Regulations 1986, which requires vehicles to be properly maintained.  For non-statutory guidance, the Drivers and Vehicles Standards Agency defines “safety-critical” defects or systems as those that “could affect the control or directional stability of the vehicle”.

So which software updates should be viewed as safety-critical? A patching update to the software may block a newly discovered route via which the vehicle could be hacked.  Such a hack “could affect the control” of the vehicle.  But so far, vehicle hacking has required the knowledge of expert software professionals, working as a team – so how likely is it that a hack would occur?  Would that upgrade be safety-critical nonetheless?

Also, how fast is a vehicle's owner expected to effect upgrades? Is the vehicle expected to pull over immediately to allow the upgrade to occur?  Should manufacturers be required to confirm whether a software upgrade is safety-critical (or will that lead to a blanket policy of labelling all upgrades as safety-critical)?  A vehicle's owner will generally be unqualified to understand the effect of each software update, and will be reliant on the manufacturer's assessment.  A manufacturer's assessment may come under significant scrutiny should an insured person challenge the categorisation of any given software update as safety-critical.

You can track the progress of the Bill, and the Parliamentary discussions of its provisions here.

Tags

Mills & Reeve Sites navigation
A tabbed collection of Mills & Reeve sites.
Sites
My Mills & Reeve navigation
Subscribe to, or manage your My Mills & Reeve account.
My M&R

Visitors

Register for My M&R to stay up-to-date with legal news and events, create brochures and bookmark pages.

Existing clients

Log in to your client extranet for free matter information, know-how and documents.

Staff

Mills & Reeve system for employees.