From Coin Grading to LegalTech: How ‘So Got Some New Finds Any Ideas as to Worth’ Principles Can Transform E-Discovery Platforms
October 1, 2025Optimizing Game Engines: Key Insights from High-End Game Development
October 1, 2025
Let’s talk about something that blew my mind after a decade in automotive software: modern cars and rare coins have more in common than you’d think. Both have passionate collectors. Both have “rare” finds. But here’s the kicker – in car software, there’s no such thing as a “rare” error worth keeping. At least, not if you value safety and sanity.
Think about it. A coin collector might pay thousands for a misprinted penny. But when a CAN bus message gets truncated every 10,000 transmissions? That’s not a collector’s item. That’s a ticking time bomb.
The Myth of the “Error” in Automotive Software
Coin collectors love “error coins” – misprints, funky planchets, doubled dies. These quirks make them valuable. But in automotive software? An “error” is just a bug. A dangerous one.
When “Rare” Becomes Risky: The CAN Bus Edition
Picture this: Your car’s ECU firmware has a timing glitch that occasionally sends malformed CAN messages. To a software engineer, this isn’t a quirky collectible. It’s a latent fault mode that could make your brake-by-wire system misread pedal input.
Here’s a real-world scenario: A race condition mangles 1 in 10,000 CAN messages. Sounds rare, right? Until you realize this “rare” bug could be exploited to trigger unintended acceleration or shut down your infotainment mid-drive.
The fix? Implement deterministic message validation using CANopen or UDS. Here’s a simple C implementation:
#include
#include
#define CAN_MSG_MAX_LEN 8
struct CAN_Message {
uint32_t id;
uint8_t len;
uint8_t data[CAN_MSG_MAX_LEN];
uint16_t crc;
};
int validate_can_message(struct CAN_Message *msg) {
uint16_t computed_crc = crc16(msg->data, msg->len);
if (computed_crc != msg->crc) {
return -1; // Malformed or tampered message
}
if (msg->len > CAN_MSG_MAX_LEN) {
return -2; // Buffer overflow attempt
}
return 0; // Valid
}
Those “Unique” UI Quirks? Probably Not Worth Keeping
Remember that infotainment system that took 45 seconds to boot? Or the dashboard that flickered like a haunted TV? Some OEMs tried selling these as “vintage-inspired” features. (Spoiler: Customers hated them.)
Instead of chasing quirks, focus on what matters:
- Functional correctness – Does it work reliably every time?
- Deterministic behavior – Is performance predictable?
My toolkit for avoiding these headaches:
- ETAS INCA to monitor CAN traffic in real-time
- Vector CANoe for simulating ECU interactions before hardware exists
- QNX Momentics to nail real-time scheduling
Why We Need a “PCGS” for Car Software
Coin collectors have PCGS and NGC to grade their finds. Where’s the equivalent for automotive software? Right now, every OEM uses different test suites, safety standards, and security checks. It’s like letting each coin owner grade their own collection.
Building an Independent Grading Standard
We need third-party validation for:
- Penetration testing (beyond ISO/SAE 21434)
- Functional safety audits (ASIL compliance isn’t optional)
- OTA update verification – signed, logged, and transparent
Tesla’s OTA system uses SHA-256 and ECDSA signatures. Solid, but still not enough. What about rollback attacks? Firmware downgrades? A proper grading service would test these vectors.
When an OTA Update Nearly Broke a Fleet
Here’s a story that still gives me chills. A team I worked with pushed an OTA update to fix a minor HVAC bug. Everything looked good in staging. But vehicles in cold climates started reporting CAN bus timeouts on boot.
Turns out the update increased message frequency, violating real-time constraints in the gateway ECU. Not a “rare” bug – a system-level timing analysis failure.
We fixed it with:
- WCET profiling for all ECUs (using RapiTime)
- Canary fleet rollouts with live CAN bus monitoring
Legacy Code: The “Retired Engineer” Curse
Ever heard “This CAN stack code came from a guy who retired in ’05”? I have. And that “proven” legacy code? Often full of non-reentrant functions and unbounded buffer copies – basically a hacker’s playground.
Modernizing Without Breaking Everything
How to clean up inherited code:
- Static analysis with tools like Klocwork or Coverity to find memory issues fast
- Hardware abstraction layers – wrap legacy code so you can test and replace it
- Automated regression testing with CANoe.DiVa to catch integration bugs early
Here’s a C++ wrapper I’ve used to modernize legacy CAN parsers:
// Modern C++ wrapper for legacy CAN parser
class ModernCANInterface {
private:
LegacyCANStack* _legacy;
std::mutex _can_mutex;
public:
int send_message(uint32_t id, const uint8_t* data, size_t len) {
std::lock_guard
if (len > 8) return -EINVAL;
return _legacy->send(id, data, len);
}
int receive_message(CAN_Message& msg, int timeout_ms) {
std::lock_guard
return _legacy->receive(&msg, timeout_ms);
}
};
Connected Cars: The Security Black Hole
Modern vehicles have over 100 ECUs. Each one is a potential entry point for hackers. Yet many OEMs treat V2X and telematics like afterthoughts, not core security domains.
Securing the Car-to-Cloud Pipeline
Essential security measures:
- Hardware security modules (HSMs) for crypto operations
- Zero-trust architecture for all cloud communication
- Secure boot with signed firmware (UEFI + TPM or HSM-based)
- ML-based intrusion detection on the CAN bus
A secure gateway ECU should:
- Authenticate OTA updates with PKI
- Validate CAN messages against known IDs/lengths
- Log everything to tamper-proof storage (think blockchain-style)
The Bottom Line: Build for Reality, Not Rarity
Coin collectors celebrate rare errors. Software engineers shouldn’t. In automotive tech, value comes from verification, not perceived quirks.
We need systems that are:
- Secure – audited, zero-trust, and monitored
- Reliable – deterministic behavior, WCET analyzed
- Maintainable – abstracted, tested, and modernized
Next time you see a “glitchy” feature, ask: Is this worth keeping? Or is it just another bug in disguise? The future of connected vehicles depends on getting this right.
Related Resources
You might also find these related articles helpful:
- From Coin Grading to LegalTech: How ‘So Got Some New Finds Any Ideas as to Worth’ Principles Can Transform E-Discovery Platforms – Ever held a rare coin and wondered, “What’s this really worth?” I used to. Then I realized the same qu…
- So Got Some New Finds Any Ideas as to Worth? A HealthTech Engineer’s Guide to Building HIPAA-Compliant Software for EHRs and Telemedicine – Introduction: The Challenge of HIPAA Compliance in HealthTech Let me share something I’ve learned after 10+ years buildi…
- How Developers Can Supercharge Sales Teams with Smart CRM Integrations and Automation – Great sales teams don’t just work hard — they work smart. And as a developer, you’re in a unique spot to make that happe…
