According to a recent article in the IEEE Spectrum, the cars we are driving (or at very least our managers) have more electronic control units (ECU) and lines of code than your typical commercial or military aircraft.

The avionics system in the F-22 Raptor, the current U.S. Air Force front line jet fighter, consists of about 1.7 million lines of software code. The F-35 Joint Strike Fighter, scheduled to become operational in 2010, will require about 5.7 million lines of code to operate its onboard systems. And Boeings new 787 Dreamliner, scheduled to be delivered to customers in 2010, requires about 6.5 million lines of software code to operate its avionics and onboard support systems. These are impressive amounts of software, yet if you bought a premium-class automobile recently, it probably contains close to 100 million lines of software code, says Manfred Broy, a professor of informatics at Technical University, Munich, and a leading expert on software in cars

Just like any other software, these millions of lines of code – parked in driveway – have exploitable bugs. A defect density rate of 0.4 defects per thousand lines of code combined with a conservative estimation of 5% of defects that are exploitable yields 2,000 exploitable bugs per 100 million lines of code!!!!!

So where does this leave the average commuter on the way from point A to point B. Probably quite afraid. Many of these bugs are an inevitable back door for hackers, raising serious security concerns.

Faulty lines of code are fact of life and there is not much we can do to pevent them, however some precautions can be taken to ensure that they are not exploited.

1. Identify malicious code introduction targeted  at using existing exploitable flaws (e.g. secure boot and run time integrity verification).
2. Allowing valid code images to be revoked and replaced with new, fixed images (renewability mechanisms).
3. Preventing roll backs to faulty images (again, thru mechanisms like Secure boot and others).