A recent report, the 2024 OSSRA1, supports this claim. It reported that 100% of the automotive software scanned contained open-source software and 69% of the code originated as open source.
“Open source" refers to software whose source code is freely available for anyone to view, modify, and distribute – depending on the license associated with the code. This contrasts with proprietary software, which is typically controlled by a single person or organization, restricting access to its source. Open-source code can be created and maintained by individuals, communities, or organizations and evolves and thrives on collaboration.
In the automotive world, innovation is key. With open-source code, suppliers, manufacturers and developers don't need to “reinvent the wheel." Instead, they can leverage the collective knowledge of a global developer community to build and improve software systems. Open-source platforms like Linux and ThreadX allow automakers to build on established, reliable foundations instead of starting from scratch. This increases development speed and reliability and helps suppliers and manufacturers bring new features into the market faster.
Developing automotive software of any type from scratch is expensive and time-consuming. Open source reduces costs by offering ready-to-use, modular solutions. By embracing open source, projects can eliminate the need for expensive licensing fees and single vendor lock-in, allowing resources to be allocated toward more critical tasks such as customization, safety testing, performance optimization and other strategic priorities.
Furthermore, automotive companies can share the maintenance burden. In the open-source community, bugs, security vulnerabilities and performance issues are identified and resolved by a broad range of contributors and maintainers. This collective effort spreads costs and ensures faster, well-reviewed fixes, ultimately reducing expenses related to software maintenance and support.
Security is a major concern in the automotive world, where any system vulnerability can put lives at risk. The OSSRA1 reports that 33% of current automotive codebases contain “high-risk" vulnerabilities mostly stemming from the use of old and out-of-date code. While some argue that open-source systems are vulnerable due to their “openness," the opposite is typically true. A large, active developer and reviewer community can quickly review, identify and address security vulnerabilities, leading to more resilient and robust software systems. It is important for companies to stay on top of and active in open-source projects they use.
Automotive safety is non-negotiable, and open source allows for thorough peer review and continuous security auditing by experts across the world. Many open-source projects adhere to rigid, transparent security practices and frequently undergo third-party audits. Of course, companies are also free to integrate their own security measures on top of the open-source base, customizing it to meet specific safety standards.
For example, the Automotive Grade Linux (AGL) project, a collaborative open source effort within the Linux Foundation, is focused on developing a robust software platform for the connected car. Another example is the Eclipse ThreadX real-time OS project. It is already safety certified for automotive use.
The automotive industry consists of many players—OEMs, suppliers and various technology companies – and all must collaborate on a complex ecosystem of hardware and software. Open source facilitates interoperability between different systems by creating standards that everyone can understand and adhere to.
Standardization ensures that components from different manufacturers can work together seamlessly, reducing the fragmentation that can arise when proprietary systems are used. This is especially critical for ensuring smooth integration between various sensors, control units, and communication networks inside modern vehicles. For instance, the Eclipse UProtocol project strives to provide a common framework that can be used for various systems to talk to each other in a common way and can be adapted to a variety of protocols and tools.
This knowledge-sharing accelerates problem-solving and leads to higher quality, well-tested code. Moreover, the shared development model often results in faster bug fixes and new feature releases, helping the industry keep up with the rapid pace of technological advancement.
Open-source projects thrive on and rely on collaboration. Developers from different industries, academia and tech companies all contribute to improving the codebase. This collaboration leads to more diverse and innovative solutions that benefit everyone. For the automotive industry, open-source communities provide a wealth of knowledge, expertise, and resources, that can contribute not only code but also technical documentation, development tools, example projects and training resources to reducing the learning curve and making it easier to adopt a new technology.
Furthermore, automakers that contribute to open-source projects gain access to a network of experts who can help troubleshoot issues, offer insights, and improve overall system performance. This collaborative approach also creates a sense of shared responsibility for the quality, safety, and reliability of software components.
The automotive industry has diverse needs that vary by market, region, and vehicle type. Open-source software allows for a high degree of customization, enabling suppliers and manufacturers to tailor solutions to specific needs without being constrained by vendor-imposed limitations.
The automotive industry is transitioning toward more software-centric vehicles (Software Defined Vehicle or SDV), with trends like connected cars, vehicle-to-everything (V2X) communication, continuous updates, and autonomous driving taking center stage. Software development must be made to be flexible and adaptable to any situation and this is core to most open-source projects.
With open source, there is no reliance on a single code vendor for updates, security patches, or product continuity. Even if an open-source project is discontinued or its license changed, the community can branch the code and continue to develop and maintain the software. This longevity is crucial in the automotive industry, where cars are expected to have long life cycles, often spanning a decade or more. Open-source projects tend to receive continuous updates as long as there is community interest, ensuring that software remains current and secure over time.
Of course, there are challenges associated with adopting open source in automotive systems. One significant concern is ensuring compliance with licensing terms, as different open-source projects may come with varying (and conflicting) legal requirements. Another concern is the stability of open code since changes can come at any time and from any source. Automotive companies must carefully vet and review the code to ensure it meets their rigorous safety and performance standards. This takes time and resources. Moreover, open source does not inherently come with the same level of customer support as proprietary software. Companies using open source must often build internal expertise to handle issues that arise. However, many larger open-source projects do offer paid support options.
HARMAN Automotive, drawing on decades of experience in automotive and consumer tech, is set to lead the software-driven transformation in the automotive sector.
Earlier this year, HARMAN joined the Eclipse Software Defined Vehicle (SDV) Working Group at The Eclipse Foundation to help establish a vendor-agnostic, open-source ecosystem. The Eclipse SDV Working Group provides a collaborative, vendor-neutral platform where members work on open-source software for in-vehicle and around-the-vehicle systems, including immersive cabin experiences.
As part of its community-building efforts, HARMAN will host the Eclipse SDV Hackathon from November 20th to 22nd. This event aims to bring together automotive software enthusiasts to experiment with current SDV tools, develop new features, and engage with innovative technology in a fun coding environment.
The automotive industry stands at a technological crossroads, where the shift towards electric, autonomous, and connected vehicles is reshaping the future landscape. Open-source software has proven to be an invaluable resource in this transformation, offering unparalleled benefits in terms of innovation, cost savings, security and flexibility. As the industry continues to evolve, the adoption of open-source systems will play an increasingly important role in defining automotive technology.
By harnessing the power of open source, automakers can not only reap the benefits but, more importantly, can also contribute to, direct, and support a more collaborative, secure and innovative automotive ecosystem.
The introduction of cloud-native technologies to vehicles is a key milestone in shaping a new era of Consumer Experiences. Automotive Grade. HARMAN Automotive, with its unique positioning in intelligent cockpit solutions, intends to play a key role in empowering industry leaders to adopt these technologies using open-source initiatives and sharing best practices within the community. For more information on how HARMAN Automotive is involved in the Eclipse Foundation, click here.
1. https://www.blackduck.com/blog/open-source-trends-ossra-report.html
Brent Erickson
Distinguished Software Engineer, HARMAN Automotive
Connect with the Author: LinkedIn
