The point is that car manufacturers have to go way beyond validation testing in critical areas such as braking and throttle control. Full system analysis and FMEA should have caught these issues- but everybody is in a rush to get to market. Individual components may have been tested to the Nth degree, but what happens when a critical sensor shorts and provides the wrong signal? The comments provided show an industry-wide failure to commit the necessary resources to FMEA at the system level. Are the bean counters going to take responsibility when the proverbial scat hits the fan? Nope- hang the engineers- again!
The window rolling down and back up isn't to seal properly (or only to seal) but to relieve pressure in the car so the door is sure to latch properly.
Vehicle safety isn't always a software bug, but improper thinking of when systems should become or remain active. I've got a mazda 3, and if the engine stalls the power steering goes away. It does have a mechanical backup which is far harder than a non-power system. This occurs even if the vehicle is in motion... it's an electric system so it can continue normally and should until the vehicle stops. But it's a lack of requirements.
In my opinion, electronic braking is going way too far. Electronic engine control, ok, as long as I have mechanical brakes to push on when the engine controller fails. Being an electrical engineer that builds high power energy converters(10MW+), I can never rely on a processor to perform human safety functions. Things like door switches, thermal switches, and other interlocks are not allowed to be controlled by a processor.
I also don't buy the human error argument either. In my short time driving an automobile (16 years) I have had 0 incidents. In that time I have owned 4 cars, countless computers and other electronic gadgets. 2 of the cars had electronic failures in their lifetime and all of the computers have had hardware failures of one kind or another that made them inoperable. Do I really want this lack of reliability in control of my brakes in an automobile? I don't think so. There are certain things that should not be replaced with electronics and brake control is one of them. I will take leaking brakes lines and worn linkages any day over sudden catastrophic failure that can't be prevented by regular inspection as is the case with mechanical systems. I can't have someone look at the processor and say,"ya I think you should have this replaced in the next 3,000 miles."
Thanks twk! Finally someone actually employed some reason about this article. All these issues are manageable and engineering discipline is the key to achieving reliable and safe automobiles. You are also correct that the least reliable and least safe component in a car is the texting, eating, drinking, HVAC twiddling & (ad nauseum), dipstick behind the wheel!
Love a good discussion! I started in automobiles with a Model A ford. Brakes were metal rods, clevis ends, pins and cotter keys. Reliability was known to be in question but it was easily inspected. Those guys weren't dummies though, the pedal moved all that but if that didn't work the hand brake was a totally seperate set of links to a totally seperate cam at the brake shoes (yes, drums) so if the pedal didn't work the lever sticking up from the floor would.
Some of you mentioned aircraft fly by wire. those folks use the same approach now called redundancy. We don't fly on one set of electronic controls. (Think the Concord had 4)
Give me well designed single redundancy and I have pretty much the same confidence I have in the single mechanical system. That is what I want for safety critical functions. Yes, two totally seperate control computers so you can completly remove one and the car still works.
Let the car put the seat back when I want to get out and move me back up when I close the door, That's fun and convienent. Just make sure that when it DOES fail I can still use the car with that fun thing not getting in the way of other fun things.
The basic things that will make the car run and be controlled need redundancy and the car must scream bloody murder when one of the two is down but keep running till I am stupid enough to let both fail.
Yell at me yes, but NEVER override me!
We have NOT gone to far, we have lots further to go, we just have to do it well and remember the least reliable part is still the nut behind the wheel.
I would think the question is not "have we gone too far?", but rather "is drive-by-wire safer than the alternative?" In this case the alternative is typically a manual linkage, and right now I would agree that the answer is no. That being said, I also believe that it has the potential to be.
Hydraulic brake lines leak, steering linkages fail, and throttle valves get stuck open. These are all known failure modes in mechanical systems that do not exist in "by wire" systems. However, those systems have their own problems which, owing to the immaturity of the technology, have not yet been overcome to the same extent.
The problem with software/electrical failures is that the relationship between the symptom of a failure and the location of the failure is not always obvious. A stack overflow in the iPod controller might cause the A/C to go haywire (or, more sinister, an unprotected data read during a traction control event could cause the throttle to open up). I would argue that this does not mean electronic systems are intrinsically less safe than mechanical ones, we just do not understand them to the same extent and so our implementations are less robust.
Disney a few years ago had an animated short about a monster that bought a fancy high tech car only to have it goes haywire. After the car runs amok does the guy say "I miss my old car". KISS is the way to go.
At the cursory level, you may be correct. But given more thought, your statements are merely emotional and reactionary. One fault in a billion is unacceptable? Give me a break! Driving a car has all sorts of hazards associated with it that have much greater odds of occuring than 1 in a billion. As mentioned earlier, spacecraft and aircraft (Airbus) are ALL fly by wire. Wake up and smell the 21st century dudes!!
The idea of no mechanical connection to brakes or throttle is kind of scary. We have all heard of airplanes having trouble with fly by wire schemes and yet we still fly. We should develop fail safe modes to prevent sudden acceleration or loss of brakes. This should not be impossible or expensive to do. Manual control is great until you consider the greatest hazard, the person behind the wheel. Someone texting, stoned or drunk is more likely to cause injury or death than anything else.
I agree with mad_b. The KISS paradigm has been overlooked. I am even more concerned with regards to future consolidation of functions into multi-core controllers. For any high-availability system, single points of failure must be avoided at all cost. It's not optional and can't be considered for cost savings.
What are the engineering and design challenges in creating successful IoT devices? These devices are usually small, resource-constrained electronics designed to sense, collect, send, and/or interpret data. Some of the devices need to be smart enough to act upon data in real time, 24/7. Are the design challenges the same as with embedded systems, but with a little developer- and IT-skills added in? What do engineers need to know? Rick Merritt talks with two experts about the tools and best options for designing IoT devices in 2016. Specifically the guests will discuss sensors, security, and lessons from IoT deployments.