Design Con 2015
Breaking News
News & Analysis

Why Did It Take GM a Decade to Identify Ignition Switch Problems?

3/4/2014 11:32 AM EST
43 comments
NO RATINGS
More Related Links
View Comments: Newest First | Oldest First | Threaded View
<<   <   Page 4 / 5   >   >>
adornao
User Rank
Rookie
Re: Like Toyota?
adornao   3/7/2014 7:32:28 PM
NO RATINGS
And finally back to the article GM knew about the problem and made a fix but then decided not to implment it even after the same statistical and warentee information which showed serious reliablity issues to the point where they even wrote a notice to dealers about the switch but failed to recall it.

The same warentee and statistical evidence include strange EDR reports of cars switched off or in accessory mode during a crash which are a stark difference between Toyota where all the EDR reports point the finger at the driver (EDR is not part of the ECU main CPU task X by the way and is usually in a seperate module with sensor data being fed to it and is typically part of the airbag controller which before fully fledge EDR has a simplified version of an EDR)

Thats how different it is between GM and Toyota. One has statistics, their own engineers, warentee information, 13 dead, countless crashes, dealer warning, a recall on all affected parts, ...

Toyota hasn't recalled or modified the ECU software short of adding the pedal override which isn't ideal if you are a classic driver as you can't press both pedals at once. (Although most won't understand why/when you would do that)

Bert22306
User Rank
CEO
Re: Like Toyota?
Bert22306   3/7/2014 7:28:31 PM
NO RATINGS
You aren't even reading the excerpts reported here. Once again, EE Times covered the case extensively, even if the general press did not. Exerpts from the court hearings were published here and I'm sure you can still go and read them. It was demonstrated how Task X death can cause the throttle command to go full open. If this was not possible, it could not have been demonstrated.

In fact, according to this:

http://www.autoblog.com/2013/12/16/toyota-unintended-acceleration-cases-halted-judge-settlements/

it ain't over yet.

I see this and the GM case being very similar, in their effects on the driver experience, should the problem occur.

adornao
User Rank
Rookie
Re: Like Toyota?
adornao   3/7/2014 7:25:53 PM
NO RATINGS
Without an EDR (Event data recorder) report their claims are baseless given the mass of publicly released evendience and statistics to the contrary. Arguing that the main CPU might fail is not relevent when independent safety control exists. Sure the monitor CPU can't run the car properly but it can detect that very situation they are claiming which is something the DOT/NASA study proved works. (Old doesn't mean out of date)

 

Unless your claiming that two diverse CPUs fail at the same time I find it hard to believe you think an unreleased report is credible. Consider the hardware design before believeing in second hand information a main CPU failure can't take out the secondary CPU at the same time. And if you do think that then all safety related systems which rely on two processors are now considered unsafe? Technically their non-lockstep model dual safety system is safer than a shared lock step system in that the two processors must be running different code so even if "Task X" fails "Task X" can't exist on the other limited CPU.

adornao
User Rank
Rookie
Re: Like Toyota?
adornao   3/7/2014 7:18:58 PM
NO RATINGS
Report wasn't released to the public so I don't/can't consider it based on second hand reporting. In addition the software/hardware model showed how illeterate the report was as Task X the big thing that failed isn't like an app it is probably the main CPU's main loop. Even if the entire main CPU failed the secondary monitor CPU can detect independently the throttle commands to the sensor inputs and put the car into limp mode unless they are suggesting a SEU could simultaniously occur in both independent CPUs which is getting a bit improbable.

This case was also later settled out of court so it wasn't "successful" as the outcome in not avaible for us to see it was unknown and the only case to proceed is the class actions which have proceeded without secret settlements.

Bert22306
User Rank
CEO
Re: Like Toyota?
Bert22306   3/7/2014 7:17:49 PM
NO RATINGS
You owe it to yourself to read the evidence. The throttle is apparently not fail safe, when Task X dies. That was a key finding. And the lawsuits were not for lost resale value at all, in these 2013 cases.

adornao
User Rank
Rookie
Re: Like Toyota?
adornao   3/7/2014 7:14:19 PM
NO RATINGS
The case mentioned in your article was settled out of court and no useable information was released but a SEU and EMI/RFI would not have caused a uncontrolled acceleration as the electronic throttle is fail safe in that there are more than one controller monitoring the system and multiple redudant sensors. The case also had them claiming that a surging car could not be stopped which is also false.

Task X is probably the entire main control loop (We don't have that report and I doubt it was peer reviewed or anything) of the main CPU which isn't the fail safe in reality as most of the main protections are in the main control loop but should it fail to a SEU or external interference a secondary monitor CPU can detect a main CPU fault and drop the car into limp mode.


Unless they have the event data recorder logs to prove it everything in that case is conjecture and all the evidence upto now has shown it was the drivers at fault for the most part. History has proven this with indpendent manufacturers with decades apart and totally different software/hardware/electronics/engineers with the same pattern in these cases.

Bert22306
User Rank
CEO
Re: Like Toyota?
Bert22306   3/7/2014 7:12:09 PM
NO RATINGS
Sorry, Adornao, it appears your references are out of date. You might want to read these two articles to see what I'm talking about:

http://www.eetimes.com/author.asp?section_id=36&doc_id=1319910

And then the final outcome:

http://www.nytimes.com/2013/12/14/business/toyota-seeks-settlement-for-lawsuits.html?_r=0

This occurred between October and December of 2013.

adornao
User Rank
Rookie
Re: Like Toyota?
adornao   3/7/2014 7:05:02 PM
NO RATINGS
The DOT testing showed even under a single suprivsory control failure the engine control has at least two independent paths of control which would prevent an unitended acceleration event even under the case of an ECU failure.


Study of the event data recorders (Independent of the ECU) found that in all documented cases except ones involving entrapped floor mats it was the accelerator applied and not the break pedal. This data is recorded from dual redudant sensors which in some models could have failed in a double failure condition but this wasn't found either to be the case on inspection after the fact. Quite simply it was the drivers for the most part and this has happened in the past with other mfg as well.

http://www.dot.gov/briefing-room/us-department-transportation-releases-results-nhtsa-nasa-study-unintended-acceleration

Also in the report from DoT in partnership with NASA they bombarded the ECU with intense interference to attempt to induce a failure as you mentioned and all failure modes resulted in limp mode or stalling.

The NASA report had full access to hardware and source code and used in the cars in question. Also the use of the terminology of an control app isn't really correct as the ECU isn't like a typical operating system and basically runs one "app". Even in the even of a open throttle situation another failsafe exists in the software to control engine speed by fuel restriction. The pedal has double position sensors and pedal release sensor act as the redudant/diverse sensor system. It would arguably be more fail safe than a throttle cable strapped directly to the engine throttle as there are some cases where the wire you get jammed mechanically without electronic failsafes.

The only court case to succeed in any respect was the class action not about any failures but a class action due to the loss of resale value due to perceptions not facts.

Bert22306
User Rank
CEO
Re: Like Toyota?
Bert22306   3/7/2014 5:24:32 PM
NO RATINGS
Not like Toyota, the unintended acceleration was not a fault of design in electrical/mechanical/software and was almost entirely the fault of the drivers.

Not so, right? After extensive investigation, unintended acceleration was found to be possible in Toyotas if a particular supervisory engine control app crashes. Depending what is going on when this app crashes, it was found that such a crash could lead to a wide open throttle command.

A court case in Oklahoma, extensively covered by Junko Yoshida, brought this to light.

http://www.eetimes.com/document.asp?doc_id=1320013

That too was a long time before being figured out.

The similarity in both cases is that while the drivers did have some measure of control, it is very different from what a driver normally expects. For example, if the engine is off, or at wide open throttle, you no longer have vacuum assist in the brakes. So you really have to push on that brake pedal to get the car to stop. This happens whether the key has gone to the acc position (wheel unlocked but engine off), or whether the throttle is stuck wide open. (Yes, the brakes do overpower the engine.)

An additional twist in the Toyota case was that when this supervisory app crashes under certain unfortunate conditions, in order for the brakes to work at all, the pedal had to be pushed, released for a few tenths of a second, and then pushed again, to get the brakes to work.

adornao
User Rank
Rookie
Re: Like Toyota?
adornao   3/7/2014 4:51:22 PM
NO RATINGS
Not like Toyota, the unintended acceleration was not a fault of design in electrical/mechanical/software and was almost entirely the fault of the drivers.


Crashing or having keys on your keychain or even just bumping the keychain as in GM's case is not something you could exactly say is entirely the fault of the drivers. (Crashing is arugable, but the heavy keychain's are not as what kind of car requires you to have just the car key by itself) They also had a design revision of the out of spec switch so they clearly knew it wasn't performing properly even as designed.

 

GM has a design problem that should have been easy to identify and fix but something went wrong and it wasn't done in a timely fashion. Also shouldn't the airbag control not disable the airbag's if the car is still moving (Software issue is also unlike pedal override which has handling tradeoffs in that you can't use both on a steep hill situation but most drivers don't know how to do that anyways so whatever)? What happens if you crash in an unintended acceleration case (pedal misapplication applies to all brands) and the driver turns the car off intentionally but still crashes. (Pedal override would also work but so would neutral)

<<   <   Page 4 / 5   >   >>
Radio
LATEST ARCHIVED BROADCAST
EE Times Senior Technical Editor Martin Rowe will interview EMC engineer Kenneth Wyatt.
Top Comments of the Week
Like Us on Facebook

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
EE Times on Twitter
EE Times Twitter Feed
Flash Poll