Hacker News new | past | comments | ask | show | jobs | submit login
Vehicle-to-Vehicle Communication Could Replace Traffic Lights, Shorten Commutes (ieee.org)
151 points by GG2 on Oct 18, 2018 | hide | past | favorite | 138 comments



Car manufacturers are extremely careful about the failure modes of components and sensors they put in their vehicles. Consider the design of the CAN bus, which has explicit support for failed and misbehaving peers.

I have yet to see these sorts of considerations in any V2V communication system. The idea that my car might act on (or propagate) incorrect/sabotaged information that it receives from a "peer" is a terrifying form of fragility.

This sort of failure mode needs to be studied and addressed directly before any of these systems are deployed.

It should also be assumed that these new patterns of information propagation will create a huge financial incentive for people to sell after market modifications that exploit the trust models of these protocols.


I feel like it will be introduced like how aerospace does it. They add a newer technology to an aircraft in a non-safety critical application. Reliability data can be collected without risking the safety of the aircraft. Then once a technology is proved safe it can be incorporated into a safety critical system.

So maybe car manufacturers will first incorporate a driver assist that tells you if that car is stopping in front of you. If that fails the driver is still in full control.


What bothers me is that this has to be designed under the assumption that the other car could be malicious and that any input received could be intentionally deceptive. I'm just not convinced that auto (or aerospace) companies have a high level of competency in thinking like this. They're used to thinking about physical defects, weather effects, bad users, and the like. It's very different if you have internet connected cars that could be (possibly in bulk) remotely hacked and given instructions to intentionally disrupt other cars.

Everything I have ever seen about vulnerabilities in car software systems has indicated a very poor understanding of the threat landscape on the part of car manufacturers and an embarrassingly weak ability to competently deal with these threats. So far this has been understandable since cars have been minimally networked, but going forward, I agree with GP that the appropriate term is "terrifying".


I think it’s one thing if you can spoof an input remotely and one hostile actor can target many vehicles simultaneously.

But if we can be certain based on the physics of the system that we are talking to the car in front of us, the fact is, there’s plenty of ways you can commit vehicular homicide today, and V2V doesn’t seem like a particularly “worse” way, and frankly, one of the most traceable ways you could probably try to hurt someone.

So while certainly you need to defend against broken and malfunctioning input, I’m not quite convinced the malicious input is actually a case that needs to be specifically defended against.

The vehicle will have a “flight envelope” based on its own local sensors and rules just like modern aircraft that don’t allow even bad inputs to stall the plane. The inputs from V2V would not let you leave the envelope any more than the autopilot inputs would. I believe the steering wheel would still be allowed to exceed the envelope, for as long as there is a steering wheel.


I think vehicular homicide is a lot less likely than pranks (causing traffic jams, etc.), or people trying to game the system so that they always get to pass through intersections without stopping.

However, intentionally causing injury isn't something that should be ruled out, either. It's only "traceable" if someone is sending the signal from their own car, registered under their real name. If someone pulls the transmitter from a junked car (or build their own, etc.), they could e.g. conceal it near an intersection, wait a day or two, and trigger it remotely, or attach it to the underside of someone else's vehicle, etc.

Someone could also jam the signals to potentially cause everything to stop working.

I'm with the crowd that thinks this is an inherently bad idea. The data is entirely untrusted, which makes it essentially useless for determining anything other than "there seems to be a radio transmitter at a particular location", and that's only if there are enough sensors to triangulate signal sources accurately.


I think auto manufacturing margins are slim enough where they will cut corners here by simply not hiring the best people and testing it long enough. It’s hard to know when you have a working system outside of astronomically expensive methods like formal verification, but it is really easy to know when you are out of budget.


The sabotaged info point could (would?) happen anyway. There's very little into securing the CAN, and that's how you get things like [1], even without V2V communication. There are a few papers out there describing similar attacks over bluetooth as well. I'd argue the security portion will become just as important as failure mode.

[1] https://www.wired.com/2015/07/hackers-remotely-kill-jeep-hig...


Good point.

V2V communication means BT exploits can become worms even more easily, spreading from phone to vehicle to vehicle.


Spoofing, Jamming, and Sybil attacks are what concern me, more than failing parts. Really, you'd need some sort of special hardware that makes the protocol hard to spoof with off the shelf parts. Maybe a very high frequency band (since you're only communicating in LOS at extremely short distances) so that you can't just use any old SDR to hop on. Then use some kind of gossip protocol to achieve consensus and identify bad peers.


Just because there aren't $200 SDR transceivers available that can handle 20+GHz right now doesn't mean there won't be in the next few years. These protocols have to be designed with more foresight than simple availability barriers because the second you mass produce something, it and it's constituent parts are suddenly available.

That said, if you want to lose sleep at night, I suggest you look into the strict authentication and jamming resistance of ADS-B (effectively the aircraft equivalent of such a network).


I would not specify that the communication can be considered fully Line Of Sight.

There are many intersections where the car would need to communicate with the crossing car and the intersecting road is behind a hill, trees, or building.

Yes, attacks are an enormous concern, but comms and hardware failure are also very significant & non-trivial to solve.


LOS was a poor choice of words. But on roads or highways within 500m is even smaller than LOS


You are asserting that because information may be wrong or misunderstood it should not be communicated. A more robust approach would be to share information promiscuously and hold people, in this case the drivers who are responsible for their vehicles, responsible for how that information is handled.

Turn signals also get misused and misinterpreted but no one suggests that means we must go without.


I'm actually just asserting that systems advocating for use of V2V messages should account for misinformation.

That is, as a human I know that the drivers around me might have broken lights or misuse their signals.

I also assume that other drivers do not have my best interest at heart.

A reasonable V2V system should be expected to handle these scenarios just as easily as they handle wireless interference and packet loss.


Wouldn't that invalidate the whole concept of autonomous V2V interaction?


I think this falls under the idea that we need to reach perfectionism before we deploy something. That simply isn't true in my opinion. Many accidents already happen every day. If this system reduces that dramatically it's a win. Even if there are some failures along the way they will be noticed and improved upon.


Failure due to the inevitable limitations of a system is one thing; failure because a hackjob, working 90% of the time, and catastrophically failing otherwise, was deployed? Thats just criminally negligent.

Even if total fatalities drop, if the reason for the remaining deaths is that your car will arbitrarily lie with no justification, then you’ll lose trust in the whole thing.

Systems that require trust should be reasonably perfect, so as to maintain that trust. Otherwise you’re really only going to get away with it by forcing it down the consumer’s throat, by top-down approaches (gov regulation, contracts with the ceo, etc).

And when you’re doing that, who cares what the failure scenario and rate is? Lies to you 20% of the time, and its still on your head. 30%? 80%? The only group that needs to trust it at this point is management; they’re n steps removed from the issue, so as long as you can keep them from looking too hard, you can go as awful and shitty as you want.

Trust takes years to build, seconds to break, and forever to repair. Or you just take it to management.

Your website doesn’t need much trust, and your text editor needs some but not much. But your car? It most certainly does


Nothing about my comment advocates for perfectionism.

My point is that V2V systems and research papers I've seen just don't make meaningful claims about safety. They instead make claims about convenience and efficiency, which are not substitutes for safety.

We know to test vehicles for crash safety before putting them on the road.

While I believe there are certainly ways to make use of V2V communication that increase overall safety, I haven't seen anything remotely resembling a crash test for V2V systems.

Creating a system that relies on the correct behavior of all components is not a recipe for safety or reliability. This is especially true as the number of components increases (this happens when a car exchanges messages with all the cars around it).

We need V2V systems that rely only on correct behavior of any component and allow for malicious behavior of some components.

The idea that a protocol version mismatch from some rolling deploy can cause injuries in cars made by other manufacturers is the sort of thing that I haven't seen a single person point out. How would something like this even be caught and debugged?

Advocating for an ecosystem where these things are likely but neither addressed nor considered is just plain irresponsible.


I agree with you. It has always been my hope that these oversights are a direct result of the projects struggling to find a baseline level of value rather than any underlying lack of forethought.

The level of security and approach to security will largely correlate to the types of messages that such a system ultimately needs. This sounds obvious, but I think it really isn't. In a world of self-driving vehicles with lidar + optical sensors, how much v2v communication is required beyond the sensor data?

Until that question is answered, it might not make sense to primarily focus on the security and reliability of said data.


I think there is something romantic about the siren's song that is "we don't need object detection or velocity estimation if all objects self-report their location, velocity, and intent".

I hope you're right and that once we establish best case utility, as a community we refocus on handling component failures more gracefully.

Although it's unclear if the second and third order system effects in our financial system will ever get that sort of treatment. So let's hope driving gets a bit closer to flying (and farther from wall street) in terms of attitude towards safety.

EDIT: clarity


It depends of the function of the system, it's not the same having yor infotainment freezing and losing the music than your drive-by-wire system crashing and engaging your parking brake at70Mph.


"Move fast and break people" isn't an acceptable way forward.


I've been exposed to designing software and electronics for vehicles (autonomous or otherwise). There is ISO 26262 which gives guidelines on safety for these systems. Generally, developers of components will be fairly conservative, and for events where serious harm is possible, where the driver is not expected to get control if the system fails, and if it may occur in a "likely" situation[1], there are stringent requirements for testing, etc.

[1]"Likely" means how often that function is used. As an example, applying brakes is extremely common. So any electronics/software involving brakes is considered very likely.

Now whether companies like Tesla actively follow the ISO - I don't know.


V2V, as far as I remember, has not yet be able to have reliable bandwidth and latency guarantees yet, right?

What you mentioned probably is going to be high-order technical problems.



Sounds like an attempted murder charge.


It can be whatever charge you want, but at the end, some people are dead anyway


TBH, you can do a lot of damage without a V2V communication system. I think that some people forget how much of the world is really ultimately run on various forms of trust relationships.


Transitive trust is the scariest form of trust in any system.

It's also the part of V2V that seems to be most powerful and least talked about.


> Consider the design of the CAN bus, which has explicit support for failed and misbehaving peers

How do you figure?


Low Speed/Fault Tolerant CAN offers baud rates from 40 Kbit/s to 125 Kbits/sec. This standard allows CAN bus communication to continue in case of a wiring failure on the CAN bus lines. In low speed/fault tolerant CAN networks, each device has its own termination.

From https://knowledge.ni.com/KnowledgeArticleDetails?id=kA00Z000...


In regards to German and otherwise European cars, I've never seen or heard of a modern car operating on anything other than a "high speed" CAN bus, with anything lower than 250Kbit/s and all the way up to 1 Mbit/s. While some cars do have two separate busses this is in no way a standard, and neither of those would necessarily be a fault tolerant one. Nor am I sure who your source might supply, but none the less, I feel like your trust in the quality of modern cars and their components might be a bit misguided.


Fair enough. Though my point was trying to say that protocols should assume a variety of component failure modes.

I'd rather just have to trust the safety standards of the manufacturer of my car (and to a lesser extent the cars I might directly collide with), not the safety standards of every vehicle within transmit distance.


If someone has access to control an ECU on your can bus you are just as bad off as you would be in the case you worry about. And on top of that i promise you the ECUs in modern cars are not works of art with good error handling. But consider that there are many currently unemployed technologies that can work to make for example the sharing of sensory data signed and trusted, for example by deploying technologies which apple uses today with great success amongst others?


I am not aware of any sensor system that involves meaningful cryptographic claims about sensor readings. I'd love to learn more about anything along those lines.

Especially the associated threat modelling and engineering principles!


Error counters and error-disabled states are baked into every CAN controller implementation.

The arbitration system is designed to let chatty-but-low-priority messages try to talk as often as they'd like, but only succeed when higher-priority messages allow it.

Short of faults that actually electrically disable the bus, it's pretty good.


From my fuzzy memory, CAN bus also supports one of the two wires being severed- obviously with a drop in speed.


> The principle behind the traffic light has hardly changed since the device was invented in 1912 and deployed in Salt Lake City, and two years later, in Cleveland. It works on a timer-based approach, which is why you sometimes find yourself sitting behind a red light at an intersection when there are no other cars in sight. The timing can be adjusted to match traffic patterns at different points in the commuting cycle, but that is about all the fine-tuning you can do, and it’s not much.

I guess these people never heard of common techniques to detect vehicles - in surface wire loops to detect inductance changes from a car or bicycle, and cameras. When the detectors are far enough back from the intersections, you have enough time to (safely) cycle the signal for lone cars in the middle of the night, without the car having to stop -- my experience with well tuned traffic controls was i would just need to take my foot off the accelerator, and the light would usually change to green before i would have started braking.

That works well in a grid based suburb, I understand Pittsburgh has a lot more constraints, but detectors are still useful, even if they're only at the limit line.

Reading further:

> It’s important to note that VTL technology needs no camera, radar, or lidar.

Yes, trusting the communications network, without verifying the situation sounds like a great idea. Just like I always hit the accelerator right when the light turns green, without regard to if the intersection is clear, or if there are any signs that any other vehicles are likely to pass through soon.

Sometimes, I feel like people working in the self-driving space, and the maps for driving space have never actually driven a vehicle on the road.


They also don't seem to care about other road users. The time cycles are a feature, not a bug, because you can't use technology to speed up how quickly an old grandma with a walker walks across the street. Grade separating roads and pedestrians is very costly, and more importantly, not desirable, because humans are much less able to deal with grade changes than cars, and because underpasses and overpasses remove people from the 'eyes and ears' of the street and create crevices for crime.


Sure you need some timing features, but that doesn't mean you need a cycle; for example, grandma could press a button to get the crossing light green during times of low pedestrian movement, rather than force cars to burn gas waiting on useless cycles.


In practice, I have never seen a beg button that works well for pedestrians. Even in the cities that I've lived in with high pedestrian mode share (New York, Seattle) beg buttons are almost always heavily tilted in favor of drivers; and as a result pedestrians can easily add a minute or two (dependent on where they're walking, how many legs of an intersection they need to cross, etc.) At one intersection, this is not a big deal, but at a lot of intersections this can very quickly pile up; and because pedestrians don't really accelerate quickly or have a high speed, the already small feasible pedestrian walking distance is reduced significantly.

Conversely, most major roads these days are designed to give green waves if you're traveling at the intended speed; you generally only catch the wrong light once. (If that's not the case, removing a pedestrian cycle would not really give your road any more significant priority than it already has, since your road is already being deprioritized for the crossroad.)


In the suburbs in southern california, I'm used to one of three things happening:

a) I walk up, the light is red in my direction; I push the button, and the other direction turns yellow within 10 seconds (often immediately), and shortly I get a walk sign

b) I walk up, the light is green in my direction, I push the button, and get a walk sign immediately

c) I walk up, the light is green in my direction, I push the button, and don't get a walk sign -- but soon the light turns yellow, and the other direction gets to go, then i get a walk sign.

It's not too far off in the south bay (SF bay area).

It's different in the middle of a city like Seattle, where there's always a lot of traffic, so the lights are changing frequently anyway, a lot of the lights just have the pedestrian cycle enabled almost always; and they often won't add the walk sign in the middle of a cycle, when it's already decided to change the cycle in less time than is needed for a pedestrian to cross.


I don't doubt your points, but in our town, bicycle underpasses on multiuse trails are, in practice, awesome.


> have never actually driven a vehicle on the road.

More importantly, have never driven a _variety_ of vehicles down the road. I ride a motorcycle, it's clear most of these plans have no concept of what that's like.


I don't even understand the objection. Is there something about a motorcycle that makes it impossible for it to be fitted with a radio transceiver?


I think you just demonstrated their point.

Motorcycles work quite differently than cars in many, unintuitive to car-driver, ways. Until I began riding, I thought I understood, but now my POV is forever changed in a great many traffic situations.


OK, but a great many traffic situations are not relevant here. Only one is.

This proposes to replace/augment traffic lights with radio transceivers and in-vehicle displays. What's different about how motorcyclists interact with traffic lights? Isn't it just stop on red and go on green like for any other vehicle?


Most of the traffic lights that have vehicle detection mechanisms don't pick up motorcycles so you end up treating red lights more like stop signs if there is no one around.


OK, I've dealt with that on a bicycle. And even a few times in a car when the sensor was flaky.

This system uses a transceiver in the vehicle that broadcasts its location. So in the case where a motorcycle has the transceiver, it is superior because you no longer are dealing with a sensor that performs poorly on your vehicle type.

In the case where a motorcycle doesn't have the transceiver, you'd still see a red light just like they do now. And you'd still have to visually check that nobody is coming before proceeding, so that seems identical.


This is not true, at least not in any place I've lived in the US. On a (motor)bike you do have to be careful with your wheel placement: align one wheel with black lines on the ground, which are sometimes circles and sometimes straight line segments, and stay there. Even with really skinny bicycle rims the sensor will note your presence. The only difference to cars is that automobile rims are much wider and twice as numerous, so it's harder to miss the sensor.


The motorcycle rider probably doesn't want their lane-splitting privileges taken away.


Furthermore, the real problem is cross-directional intersections when traffic is heavy. Assuming you need to give traffic in both directions roughly treatment, you're still going to have traffic jams whether the flow is mediated by a traffic signals or by this V2V communication scheme.

Roundabouts work better to keep traffic flowing in all directions, without complicated signaling of any kind.


Roundabouts are sort of fine if there is sparse traffic, but they don't scale very well -- if you need more than one lane of travel, you need a lot of space. If there's a dominant input that tends to go more than one exit through, it's hard for vehicles in the intervening entrances to get access, and it doesn't feel fair.


Roundabouts take a lot more space and suck for pedistrians.

They're great in certain use cases, but not city traffic lights


What's the problem with roundabouts for pedestrians? I live in a country with a lot of them, and I don't see why they would be worse than intersections.


> What's the problem with roundabouts for pedestrians?

Experience as a pedestrian and a cyclist, I don't drive:

1. Obscured sightlines over the roundabout make timing my crossing more difficult

2. Exit speeds are usually higher

3. Drivers on the roundabout seem to be more distracted than at junctions, since they're also watching the static traffic at each entrance they pass. They seem less focused on what's in the exit path than at muttering 'stay there' to the drivers trying to get on

4. Difficulty of integrating traffic lights for pedestrian crossings

5. Some drivers are just poor or lazy at navigating roundabouts and I can't trust their indicators, I have to wait to see their actual physical actions before I commit to crossing


It can really depend on the roundabout layout and the pedestrian. For multi-lane entry/exits, it can be daunting to cross for some pedestrians. The refuge island between the entry/exit can help with this. For individuals with sight limitations, roundabouts can be one of the most confusing intersections. A sight impaired individual uses the sound of the cars to orient themselves with the crosswalk. At a normal intersection this generally means to listen for traffic going the same direction, align with it, and proceed. (I skipped a few steps for brevity.) At a roundabout, there is not one direction of traffic. For example say you are standing on the southwest corner of a roundabout that is oriented with the cardinal directions. A vehicle making a westbound through movement will sound the same as a southbound through movement up until the southbound through vehicle exits the circulating lane.

I agree that these are both edge cases and vehicle drivers need to be away of the possible other users. However, as we all know from experience, there are a lot of inattentive (for whatever reason) drivers on the roads. I think roundabouts have their place and can be a great solution in the right situation. But like any intersection design, they are not a silver bullet for all problems.

[EDIT] To give some context to my response, I am a traffic engineer in a semi-rural part of the US. In my area we have around 12 roundabouts of various sizes and configurations serving a large range of traffic volumes and user mixes.


Roundabouts usually do away with traffic lights.

Crossing a road when cars are not held by traffic lights always 'suck' for pedestrians.


I love roundabouts, but past a certain traffic level, four-way stop signs actually move more traffic.


[citation needed]


I had the same thought - but I think perhaps its because it's focussing on less-developed nations.

Here in Thailand, they definitely don't have detection wiring in the road surface, and lights are definitely just on timers.

The difference here is, a) a good chunk of people ignore red lights anyway, and b) at night or other apparently less busy periods, they just turn the traffic lights off and it's a free-for-all of chicken.

Nothing that relies on the driver following an indicator (i.e. an in-car red light) will work here - most people would just put tape over it because it's annoying.


> I guess these people never heard of common techniques to detect vehicles - in surface wire loops to detect inductance changes from a car or bicycle, and cameras.

They explicitly addressed exactly those two things in the article:

"One early idea was to place a magnetic coil under the asphalt surface of a road to detect the approach of vehicles along a single route to an intersection and then adjust the duration of the green and red phases accordingly. Similarly, cameras placed at intersections can be used to count the vehicles in each approach and compute how best to time the lights at an intersection. But both technologies are expensive to install and maintain and therefore only a few intersections have been fitted out with them."


> "One early idea was to place a magnetic coil under the asphalt surface of a road to detect the approach of vehicles along a single route to an intersection and then adjust the duration of the green and red phases accordingly."

Huh? This is already common practice, why is this "an idea"?


I think the main difference with their solution is that, since vehicles carry the equipment, 100% of intersections would be covered. Some cities have synchronized lights, but as far as I know, it is only at key intersections. Presumably, the increased efficiency comes from shaving off time at every intersection on your entire trip.

Seems like they'd also get more data (number of cars, individual positions and headings) and may be able to do something smarter with additional data.


Using existing sensor to collect more data is an ongoing challenge for many municipalities. There is an add on module for signal controllers that can be used to count vehicles and depending on the detection type (video, inductive loop, or microwave) the counts can distinguish vehicle type and users such as car vs bicycle.


Yeah... they put that all the way at the end though, after they said that the design had hardly changed.

It's also not clear to me that adding a module to every car, plus adding modules for the traffic controllers at every intersection is less expensive than installing modules and detectors at every intersection for existing methods.


Also who sits at a red light when there are no other cars in sight?


Everyone?

Here some traffic lights have cameras that detect when you cross at red and automatically send you a ticket, and it's a grave offense (cost 4 points out of 12 on the license).


> Our solution for the short term, while physical traffic signals still coexist with the VTL system, is to provide pedestrians a way to give themselves the right-of-way. Ever since January of this year, our pilot program in Pittsburgh has provided a button to push that actuates a red light—real for the pedestrians, and virtual for the cars—at all four approaches to the intersection. It has worked every time.

This is what is described as a "beg button" by urbanists. Requiring pedestrians to press a button to give them a safe window in which to cross doesn't account for situations where pedestrians may not be able to request to cross due to construction, disability, or other factors.

https://usa.streetsblog.org/2017/03/24/seattle-campaign-to-g...


As a pedestrian, I feel safer if there's a button to push!

Drivers can see the walk signal too. It serves as an extra reminder to look for a pedestrian. If it's on every time, then it conveys no information about whether there's a pedestrian this time.

For example, I'm standing on the northwest corner, facing east and waiting to cross. A car is also facing east and will be making a left turn across my path. Ideally every driver looks all around, so they'll see me 90 degrees off to their left, but in practice drivers tend to look in the direction they're going to be driving. This means their field of vision includes the walk signal but not me.

For that matter, I wouldn't hate the idea of expanding the button's functionality to advertise my presence even more. Like sticking a flashing "PEDESTRIANS PRESENT" light right next to the red/yellow/green light.


Buttons for pedestrian signals are great for safety. The point I was trying to get across is that in the proposed system, a pedestrian would never get a dedicated window to cross unless they push the button.


Everything has trade-offs. Not having vehicles sit idling while nobody crosses the street reduces pollution even if it makes it harder to cross the street in some case.


Wait. It's describing a pedestrian push-button, to trigger a red-light for traffic, as some kind of new invention?


No, it's just describing how they fit the new system around current constraints.


And it's just demeaning. Any sensible urban transportation system needs to be a pyramid based on most trips being taken on foot. Anything that prioritizes cars over pedestrians in a city is a mistake. Yes, it's a mistake that 99.5% of American cities make, but it's still a mistake.

A far better system for connected vehicles would be pedestrian signals that are always green for pedestrians by default, which will change to permit vehicles to pass when vehicles are present. This is very expensive though. Far better and cheaper to just ban cars.


No, that would be a terrible system for us pedestrians, who already bear the brunt of air pollution in the cities. Just imagine how terrible it would be with all those cars constantly stopping, idling and starting.


That's what they're doing in the cities now anyhow. It's just a blocks long line of cars everywhere, idling, inching forward, waiting for the car in front of them to move. It's not the traffic lights that are creating all the stopping/idling, it's the traffic jams, due to too many cars.


Given that I still sometimes have trouble pairing my phone to my car, or my headphones to my phone, I think we're a long way from ubiquitous vehicle-vehicle communication that is reliable and secure enough to replace traffic lights.

It seems the safer solution is to let the cars still vote but keep the traffic lights and let them have the final say over who gets the green.

Traffic lights have fail-safes designed to make it impossible for both directions getting the green at the same time, an autonomous voting system among cars has fewer assurances of avoiding that state, even moreso if there's a malicious hacker in the mix that set up a bogus transponder at the intersection.


This seems 2060 type stuff. We cant even get potholes fixed in my city.

Why not have smart traffic lights as a starting point? Realtime traffic patterns using google maps and cameras with sensors. Data is stored for historical patterns and for new models to be tested against.


We already have this. Traffic lights in a given municipal area are often networked and have sensors to get traffic data.

For example, McCain (a popular manufacturer of traffic controllers), has their own TMS (Traffic Management System):

https://www.mccain-inc.com/images/mccain-files/products/cut-...

What I don't think there is yet is any sort of neural network training environment for a TMS, but I might be wrong.


This could fix potholes too. Having the cars avoid that section of road automatically.


BUt WHAT IF THE teRorrISTS HACK IT AND FREEZE THE tRAfffffic???


> It’s important to note that VTL technology ... let[s] nearby cars communicate wirelessly. DSRC developers envisioned various uses, including electronic toll collection and cooperative adaptive cruise control—and also precisely the function we are using it for, intersection collision avoidance.

I really hope that vehicle to vehicle and vehicle to infrastructure communication is architected to preserve privacy. I really don't want my car constantly transmitting its license plate number, VIN, or even a randomly-generated GUID all the time to all comers. If it does, it'll end up being like having a license plate reader at every intersection and on every police car: your movements would no longer have any privacy.

However, it's probably a super-hard engineering problem to build a privacy-preserving vehicle communication system, so it's unlikely it'll be done.

> The principle behind the traffic light has hardly changed since the device was invented in 1912 and deployed in Salt Lake City, and two years later, in Cleveland. It works on a timer-based approach, which is why you sometimes find yourself sitting behind a red light at an intersection when there are no other cars in sight. The timing can be adjusted to match traffic patterns at different points in the commuting cycle, but that is about all the fine-tuning you can do, and it’s not much. As a result, a lot of people waste a lot of time. Every day.

Isn't that false? Aren't a lot of modern traffic lights equipped with induction loops in the road surface [1], so they can detect if cars are waiting?

[1] https://en.wikipedia.org/wiki/Induction_loop#Vehicle_detecti...


It's important to safe guard how that data is used, but I'm not sure driving on a public road counts as a private activity. It's already illegal to drive an unregistered vehicle on a public road or to drive without the license plate displayed.


> It's important to safe guard how that data is used, but I'm not sure driving on a public road counts as a private activity. It's already illegal to drive an unregistered vehicle on a public road or to drive without the license plate displayed.

Correct, but pervasive, automated surveillance and tracking has quite a different quality than requiring identification that's always displayed but rarely read. Just because some new practice can be analogized to an old one doesn't mean it's the same.


Something the tech industry fails to notice is that cars are not the only road users—-let alone the only ones that use traffic lights.

As a pedestrian (or, when I was younger, a cyclist), I relied on traffic lights as much as (if not more than) pedestrian crossings to tell me when it was safe to proceed. Removing lights and signage may seem like a "simplifying" or "efficiency" measure to vehicle manufacturers, but it's creating a hostile and/or dangerous environment for other classes of road user ... not all of whom can afford, or can use, some variety of AR system to supplement their merely human senses.

Yes, there's a role for V2V signaling: but as a supplement to—not a replacement for—existing traffic control mechanisms.


Seconded. I bike to work every day in Manhattan, and always see many other cyclists, let alone the thousands of pedestrians. This system may work in a sterile environment where the only people present are in vehicles, but what about a lively multi-modal city? How do pedestrians and cyclists fit in here?


Note also that the authors' long-term solution for non-motorists is for everyone to carry an "IoT" device broadcasting their presence. Who pays for these? Note that every person needs one, including children and tourists. It adds a grave threat to privacy: in order to simply cross a street, I must agree to broadcast my whereabouts to the public. It also leads, inexorably, to a legal regime where if I fail to carry the IoT broadcaster, and get hit by car, it's my fault.


Yes, it does seem ridiculously fine-tuned to favor automobiles at the expense of everyone else. Despite the fact that many of our cities are completely congested and are going the other way already: Increasing mass transit, cycling, and walkability. Everyone using their own car simply doesn't scale well.


It's OK everyone will get an implant at birth....


Two things that I see as problems with this type of system: pedestrians/nonmotorized users, and the need for 100% of vehicles to be on the system. Starting with pedestrians, it is important to have adequate crossing time for a pedestrian for obvious reasons. The current standard in the US is to assume that the pedestrians are walking a 3.5 ft/s. This sounds slow but it is meant to account for elderly/disabled individuals. Using this speed, a pedestrian clearance interval is calculated. This value is commonly used as the minimum green time for a signal phase that includes a pedestrian phase. Even without a pedestrian call, pushing the button, this time is used. The reasoning behind this is due to the possibility of a pedestrian crossing without press the button first. This issue can likely be overcome through some fancy algorithms and pedestrian detection. However, you really want your ped detection to be perfect since one missed detection can easily result in a fatality.

The second issue, 100% of vehicles on the system, is more insurmountable. How many vehicles do you see on the road that are older than 5 years? 10 years? 20 years? Quite a few. Many of the people driving those cars fall into two categories, those that can't afford a newer car or collectors. Those that can't afford a newer car likely cannot afford to retrofit their existing car with V2V hardware. The second group, collectors, likely don't want to install aftermarket electronics into their vehicles. The presence of cars without the necessary equipment may result in very severe consequences for the system.

My opinion on improving traffic flow through a network is that improvements to a centralized monitoring system will work better and be more resilient to edge cases. With a centralized system, it is easier to ensure that it is operating as it was designed. If you have tens of thousands of individual systems all trying to operate in concert, it could only take a few to cause havoc. Bad actors and poorly operating units will happen.


Peer-to-peer protocols work just fine, and sure, we could design protocols that are resilient to adversaries (like the various iterations of bittorrent).

But client-server is so much simpler operationally with respect to NAT traversal and CGNAT and IPv4/IPv6 and latency and other real-world networking and compatibility concerns. So I expect a commercial enterprise building "smart" or "self-driving" cars will instead just go for the tried-and-true thing of cellular modems that phone home to a central server. (Or, SSH servers exposed to the Internet, I guess, like Tesla did: https://twitter.com/atomicthumbs/status/1032939617404645376) And if the server shuts down, then the devices become useless (like with so many other smart devices).

If you want to get rid of traffic lights, what you want is a dedicated right of way. It can have train tracks, or it can have asphalt (like transitways in Mississauga or Ottawa, or conventional freeways, highways, or tollways).


I used to work at a company that is very much involved in the field and you're right. I don't know any car manufacturer (and we worked with nearly all of them) that is interested in P2P. Even the ones that are willing to use and invest in an open communication platform will keep full control of the car to server communication, and proceed to share only a fraction of the collected data.


They say "completely distributed system" and "without a centralized control mechanism", so I wonder if they've worked through all the consistency questions (CAP theorem kind of stuff). I don't know how you safely deal with a network partition.

Imagine one car approaches an intersection and there are no other cars anywhere near. It gives itself a green and goes through the intersection without stopping.

Now imagine the same situation except there are two cars headed toward the same intersection at the same time, but neither one picks up the signal of the other. They both believe they are the only car headed toward the intersection, they both give themselves a green, and then they crash.

It seems like you either have to add some centralized infrastructure or accept that you are only safe to the extent that your radios are reliable.


> accept that you are only safe to the extent that your radios are reliable.

Won't you need to have the same assumption if you had a centralized infrastructure? Otherwise how would your car talk to the centralized system?


No because a motor vehicle would have to establish a connection to the centralized infrastructure in order to get a green light. If it can't, it assumes a fault and acts accordingly. The problem above is that there might not be another car so how do you detect the failure?


It is easy for this problem: In doubt, the pedestrian wins.


Ok. Lets play.

https://www.arrow.com/en/products/adalm-pluto/analog-devices

Take it from 300MHz-3.8GHz to 70MHz-6GHz

https://www.rtl-sdr.com/adalm-pluto-sdr-hack-tune-70-mhz-to-...

Buy some antennas for the freq's you want to RX/TX.

Sniff or investigate the protocol.

Cause wrecks and brake-checks and other bad things with cars.

I guarantee this will be as bad as ADS-B : https://www.youtube.com/watch?v=CXv1j3GbgLk


We would be healthier, happier, less harmful to environment, richer, have more friends, be better connected to our communities, etc. if we built mobility around walking, biking, transit, AND cars... not ONLY cars.


Walking, biking, mixed user development, and mass transit aren't nearly as marketable as a flashy consumer product.

We need to find a way to make car-optional transit profitable or socially desired.


I think this is a key paragraph:

> The concept of incomplete penetration of DSRC transceivers brings up one of the biggest potential obstacles to adoption of our VTL technology. Could it still work even if only a certain percentage of vehicles is equipped with DSRC? The answer is yes, provided that governments equip existing traffic signals with DSRC technology.

There is no way you can modify all cars on road to make them DSRC compliant any time soon. OTOH making the traffic lights understand the system is very practical and incremental way of improving the situation.


Buses and Coaches could reduce traffic jams and shorten commutes. There are maybe a dozen easy plays any city can make, and dozens more harder ones, to reduce traffic congestion long before anything like this reaches "safe enough for streets".

And one would guess the minute this billion dollar investment works, it will suffer the By-pass paradox and streets are back to the usual level.

(its been a week of traffic accidents and long long tailbacks in London, so i am feeling bitter :-)


This is the sort of idea that looks great on paper and simulations but that totally falls flat in the real world.

The system would require trusted communication.

The system would also have to cope with any number of vehicles not having this feature or with broken/defective feature...

What's the fail safe solution? To rely on traffic lights and priority markings.


Not going to happen. Not in our lifetimes. Human reactions times are not why cars keep their distance from each other. Even with perfect communication, perfect knowledge, a large number of cars that close together is extremely dangerous. Any small fault, a squirrel running into the road, will cascade into something major. All those little spaces between vehicles allow the system to iron out such things without impacting everyone.

We could see small trains of autodrive vehicles tailgating each other on highways, but not huge trains of random participants. The incremental advantage is far outweighed by the associated risks.

What will acceptable de-confliction space be? Ten seconds? Five? One? If you are a passenger in a car approaching an intersection, exactly how close do you want to be to the truck about to t-bone you?


We're still struggling to implement positive train control and they think we can implement this en-masse?


Apologies if I missed this in the article, but my first (hacker) question is how the algorithm handles a rogue actor trying to maximize its own efficiency to the detriment of others.

Is this accounted for? I’m envisioning roaming packs of nerds with the digital equivalent of the mythical Chrome Box...


If you can come up with some kind of standards for this, you could come up with a hybrid scheme where there is also vehicle to infrastructure communication. This would allow vehicles and infrastructure to do all sorts of intelligent routing, scheduling and congestion control. Using a hybrid system means that this can work even when most of the traffic is not able to communicate yet and when most of the infrastructure is not yet ready for this (i.e. right now).

For example, a vehicle equipped with this and with an intention to turn right at a particular crossing could communicate that intention to that crossing ahead of time to the controller that manages the traffic lights at the crossing and communicate an ETA or even negotiate a time slot. The crossing could than take this into account and schedule the light to be green for the vehicle when it arrives or tell it to slow down slightly to match the next possible green light to minimize congestion around the crossing.

This would allow infrastructure to start taking intelligent decisions based on the traffic that is communicating to it. It would provide immediate incentives for car owners to make sure their car is capable of participating. Even cars that aren't participating could benefit indirectly from other cars reporting their observations of other traffic (e.g. Tesla does a lot of object tracking) or by simply following cars that are equipped.

You could add priorities to this as well where e.g. ambulances or other emergency vehicles never encounter red lights and cars ahead are directed to make room. You could also allow people to pay for upgrading their priority so that they encounter less red lights and can get more reliable and faster ETA to their destination.


We've come full circle back to CB radios. 10-4 good buddy


Frankly, the ability to talk to those around us may go a long way to make us more civil people on the road and to strangers in general. And lead to some unique road rage of its own. I still use a cb and find it handy living off a highway.


This is a fascinating topic. I’m very curious to see how it evolves.

I’m trying to think about how V2V systems could improve traffic without introducing a huge element of risk. As I think about drivers, they make “offensive” and “defensive” moves all the time. An example of an offensive move is to pull into an intersection to cross through it. An example of a defensive move is to stop or slow your car when you see the path in front of you is obstructed.

Humans convey their offensive intentions in cars all the time, to help others execute defensive responses. When changing lanes, we can use our signal. When two cars arrive at an intersection with a stop sign at the same time, one car might slowly nudge their car forward (offensively), indicating to the other car to wait (defensively).

Perhaps cars will broadcast “offensive” information to allow other cars to respond “defensively” to improve traffic, but the lack of these offensive messages (or even in the event of an incorrect or rogue messages), safety is not compromised (although traffic efficiency would be diminished).

For example, if cars were traveling near to each other in adjacent lanes and car A communicated its intention to merge into the lane occupied by car B, car B could (defensively) make a small change in speed or change lanes to make room to accommodate car A’s (offensive) attempt to change lanes.

In the event that car A broadcasts an “offensive” message incorrectly (or fraudulently), the defensive response of car B does not jeopardize safety (although the rogue message would reduce overall traffic efficiency). If car A does not broadcast the offensive “lane change” message at all, car B should be designed to prevent collision (if necessary, applying the brakes sharply, or executing a quick maneuver to prevent collision). Traffic efficiency would be reduced, but hopefully safety would not.


It is easy to control the security of a traffic lights system.

It is near impossible to control all vehicles for the introduction of malicious actors.


Based on the summary in the article, it seems like their algorithm is entirely dependent on people behaving nicely. They don't seem to handle cases where cars collude to vote for the "wrong" leader, or a leader that chooses to be greedy and get themselves through the intersection faster.


There was a great idea from Audi designers where they said that light communication should be enhanced and in the future would be used for deeper level of communications. Perhaps, in this context it makes a lot of sense and developing a beautiful system of communication through light would be used for more than just auto, I always think how we've been sending radio waves and other audio messages into space, but never heard about alternative communications, such as light.

Also, the hardest part won't be the actual communication, it will be the standards that have to implemented through all manufactures who don't want to agree and potentially give up their advantages.


Some kind of vehicle-to-vehicle standard should be made. I don't think the first application will be intersections; that's really more suited for 'manual exclusion' zones, which are a ways off.

But one really interesting application would be road-trains for freeways. You'd cut down on drag significantly, and could probably make it work on manual-driving roads with object/hazard communication and real-time agreement on emergency maneuvers (e.g. every other vehicle swings out to the breakdown lane, simultaneous braking, etc.).

Drag is ~2/3^rds of the energy loss of a big-rig on the highway, so imagine the kind of range a battery electric truck could get in 'road train' mode.


First app is much more likely to be road to vehicle comm, not vehicle to vehicle, e.g. enforcing one-way streets, no turns, off limit areas, even traffic routing or congestion pricing.



This is pretty damn far-fetched. There's many lower hanging fruit that havne't been picked yet and will be picked before stuff like this happens.


Humans are in the way.

There is an intermediate "rich" communication light-set that speaks more than intentions, and more directions than backward.

If you go "no driver" then your market dies. It is going to be an ironic pain for Detroit, one that ranks up there with having your company realtime video your face for thought-crimes, when individual consumers don't buy cars that don't come with a steering wheel.


Although I'm sure we're heading in this direction eventually, it'll be interesting to see what kinds of protections this system and others like it have from "misbehaving" cars.

I imagine a "always try to give me the green light" patch will be created almost immediately after this system starts being used in public.


But if everyone installs the patch, the only way they'd get green lights faster was if their 3rd party system was smarter... Which is a net win. (Unless some people can't afford the 3rd party patch.)


I was in Porto a few weeks ago for ngiforum.eu, and Prof Susana Sargento spoke briefly there about her mesh research that has contributed to Veniam, a company building vehicle-to-vehicle mesh tech (selling to cities I think?). https://veniam.com/

Worth following them and learning more about this.


This reminds me of a sci-fi story from a few years ago where people didn't want to own cars, since one just showed up when you needed it due to a combination of surveillance and fancy algorithms. Prediction:

https://www.youtube.com/watch?v=gw-nvo4BzOM


I think the author is perhaps putting the cart before the horse. They pre-suppose widespread deployment of either DSRC, or Cellular V2X.

There is still debate as to which will win out (https://www.nytimes.com/2018/09/20/business/vehicle-communic...), but GM, Toyota, and Volkswagen seem committed to DSRC. As they are the biggies, my bet is within 5 years most new cars, some new pickup trucks, and some new delivery/heavy trucks will be using DSRC.

How useful will that be?

DSRC transmits a "Basic Safety Message" 10 times per second (range 1000 meters), containing velocity vector, pitch/roll/yaw vector, vehicle weight, status ("braking", "skidding", etc) and, critically, position. Current GPS (particularly in urban canyons) may only give 10m accuracy, or worse.

But if we could get 10cm accuracy (maybe with some kind of publicly deployed differential gps?), then a whole set of advantages become apparent.

1) Your Heads-Up-Display could warn of a (DSRC-equipped) vehicle that's about to blow through an approaching stop sign and will collide with your projected position. And your auto-braking could be activated.

2) You could be warned on the freeway of a vehicle 5 cars ahead of you that has just slammed on the brakes (because that vehicle just transmitted that info).

3) Special lanes could be reserved for platooning, with cars separated by only a meter or two (0.1-0.3s) rather than 2s. Voila -- much greater lane capacity.

4) If DSRC were cheap enough ($100-200), bicyclists and motorcyclists could buy one, and make themselves much more visible to every DSRC-equipped cager.

5) And if really cheap, many pedestrians might carry them, safe in the knowledge that if they step out into the street, the auto-braking cars will pro-actively avoid them.

And _none_ of these features require any type of cameras, lidar, or other (arguably problematic) self-driving technology. Heck, they don't even require a map.

A final point about privacy -- DSRC was designed so the vehicle identifier isn't anything traceable like VIN or license. Instead, the id is randomized every few mintues (or at least according to https://pdfs.semanticscholar.org/fd03/f4c5f3128db5c08e5e92f2... -- I don't know how GM/Toyoto/VW have implemented it).


> (maybe with some kind of publicly deployed differential gps?)

I believe this is supported/expected in the DSRC specifications. As I understand it, a well-known point, such as a post at a corner of an intersection, is located with high accuracy. A DSRC Roadside Unit can then broadcast GPS corrections to provide significantly higher accuracy to units that are able to receive and use this information.

It does require some infrastructure support, but it's something the specification group has thought of.


DSRC is under attack from the NCTA. They want the FCC to relinquish the DSRC spectrum to WiFi.

https://www.ncta.com/sites/default/files/2018-10/NCTA%20Fres...


Cool. Cox/Comcast/Viacom/Charter/Showtime/Disney/Fox (https://www.ncta.com/about-ncta) vs GM/Toyota/VW/wi-fi geeks. Grabbing popcorn for this one.


Yeah, so we replace a simple stuff for a complicated and uncertainly one, nice classic modern move... Also I suppose humans must be wearing some communication devices also... Do not make be vulgar about the kind of device and placement...

IMVHO V2V coms are good ADDITION, but only addition, no more.


> Even in a regime mandating DSRC transceivers for all cars and trucks

...which will never happen...


Increase capacity, and you’ll increase demand. I imagine traffic is limited only by the tolerance for a certain delay.

Although I only have a rough idea what I’m talking about, I should delve deeper to be more quantative.


Commutes could also be shortened by removing cars from the road.


...Get cars hacked.


This is going to be like ipv6, everyone can do it except we don't know for sure if that's true, so we won't.


this is the aspect of self-driving cars I've been most excited about for a while. But what's the incentive for any car to become the "leader" and take the VTL? surely people will hack this so that their car never does this. This might be a good application of a public ledger.


"Let's put self-driving cars on the blockchain."

Generally, I'd hope that my request to cross an intersection is confirmed in fewer than 10 minutes.


So how does this work with non-car vehicles? Bikes. Scoots. Pedicabs. etc.


Could be interesting as long as this stuff is encrypted properly.


Never trust the client.


(US citizen here)

I can foresee the day when this communistic approach to traffic management will be unacceptable, and the patriotic solution is to let the market decide. Whomever is willing to pay the most gets to run all the intersections, while poorer people get to use them when there aren't any richer people in the vicinity. Because the free market always finds the optimal solution.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: