Breaking News
Comments
Newest First | Oldest First | Threaded View
<<   <   Page 10 / 11   >   >>
_hm
User Rank
Author
Securing future for automobile electronics control
_hm   10/26/2013 9:13:45 AM
NO RATINGS
This may be true for other auto maker. The speed at which new technology come to market, they are also prone to similar error. What are the steps suggested to prevent future errors like this. Is it really possible to prevent it 100%?

Antony Anderson
User Rank
Author
Re: Single bit flip
Antony Anderson   10/26/2013 4:28:41 AM
NO RATINGS
Yes ISO26262 is correct standard and it does derive from IEC 61508. you may find the following open letter to the NAS Committee on Sudden Acceleration written in Nov 2010 a useful starting point.

"The poor state of functional safety in the Automobile Industry" by Armstrong, Kirk and Anderson www.insidefunctionalsafety.com/article/31.html‎ 

 

 

 

Sanjib.A
User Rank
Author
Re: Single bit flip
Sanjib.A   10/26/2013 2:47:53 AM
NO RATINGS
One of the safety standards for automotive electronics systems is ISO 26262, which was adapted from the standard IEC 61508, a popular safety standard followed in the industry for "Functional Safety" of programmable electrical and electronics system. I have worked on a number of safety programs per IEC 61508. From my experience, the possible causes of failures: such as  "unprotected critical variables", "...tasks can die without the watchdog resetting the processor", erroneous bit-flip undetected etc. could have been averted if the embedded design of the throttle control system was compiled as per the safety standard. Unfortunately ISO 26262 was introduced after 2007 (most probably in 2010-2011 time frame) and I guess it was not mandatory for the automotive industry to comply with IEC 61508 for the automotive electronics system safety before that.

 

prabhakar_deosthali
User Rank
Author
Manual "Master Stop"
prabhakar_deosthali   10/26/2013 1:41:37 AM
NO RATINGS
In most of the automated machine control systems - either hardwired, PLC based , or computerized, there is one big RED push button on the control panel, labelled "EMERGENCY  STOP"  This button when pushed deactivates all electronic controls and brings the machine to halt at whatever state it is.

A similar master stop button in the hand of the driver may be the solution for all kind exigencies arising out of hardware/software malfunction and avoid many a accidents because of the systems failures which require emergency manual intervention.

For the much touted "self-driven" car designers this is a lesson to learn.

tb100
User Rank
Author
Re: Single bit flip
tb100   10/25/2013 7:40:18 PM
NO RATINGS
I am in no way trying to defend buggy software or buggy hardware, I'm just asking how far does one have to go, and will it ever be far enough?


A fair question, but you don't want to go with the logical fallacy of "If it isn't 100% then it is useless."  Examples of this type of thinking:

A seat belt won't protect you from all accidents, so you might as well not wear one at all.

A car lock won't protect your car from all theives, so you shouldn't even bother locking the car. In fact, make it more convenient for yourself by leaving the keys in the ignition.

Is a seat belt good enough if people are still dying in car crashes? Do you see the fallacy of this type of thinking?

We'll never get 100% safe, but I'll defintely go for 'safer'. And we can have standards and tests for what is considered safe design practices that lead to what is safe enough.

We understand SEUs and their effect pretty well. To support military projects, many logical synthesis tools can automatically implement logic that isn't vulnerable to single bit flips. People here have given examples of how code can be designed to handle unexpected jumps or variable flips, and these kinds of effects can be predicted and tested.

You can never get 100% error free, but implementing certain design styles and testing can definitely improve safety. I'll go with that, over nothing at all.

rick merritt
User Rank
Author
Re: standard OS?
rick merritt   10/25/2013 5:58:42 PM
NO RATINGS
We live on a thin balance of the complexity not only of our biology but increasingly of our human-made electronics.

Caleb Kraft
User Rank
Author
Re: standard OS?
Caleb Kraft   10/25/2013 5:22:26 PM
NO RATINGS
Oh that is no good at all. Someone is going to get fired over that even if it has no bearing whatsoever on this specific issue. 

Bert22306
User Rank
Author
Re: Hard to tell what actually happened
Bert22306   10/25/2013 5:19:19 PM
True, Caleb, "mere humans" can be taken by surpise and perform all sorts of erroneous responses.

But in this specific case, where we're talking about the throttle, it's not clear what was involved. For example, it does not appear difficult to compare the throttle command to the fuel intake with the accelarator pedal position, as a reasonableness check. Is it that such a check was not done, or that for some reason, it failed? Or was it associated with a cruise control malfunction?

SSDWEM
User Rank
Author
Re: Hard to tell what actually happened
SSDWEM   10/25/2013 5:19:02 PM
NO RATINGS
"If unintended acceleration occurs, certaily in a 2005 car, put the car in neutral and shut off the engine!"

One thing you need to be aware of - in most modern automobiles with an automatic transmission, shifting gears is really more of a "suggestion" than a command.

Said another way, there is a CPU in between the gear selector switches that are being opened and closed, and the transmission.  If the very CPU which is causing UA is responsible for monitoring those "gear shift suggestions"... oh dear!  So much for shifting into neutral. 

I drive a manual transmission because it's fun, but I'm starting to see the value in the ability to physically disconnect the transmission from the engine.

I don't think we'll see the mechanical connection from pedal to brakes go away any time soon, but I wonder how far away we are from "Steer by Wire"

P.S.  Same thing goes for many of the "push button start" vehicles - there is no key to rip out of the steering column.  Press and hold the ON/OFF switch for a few seconds while hurtling down the road at 130MPH like Rhonda Smith?  (Just find her 10 minute testimony on YouTube and tell me she's not credible!)

junko.yoshida
User Rank
Author
standard OS?
junko.yoshida   10/25/2013 5:18:24 PM
NO RATINGS
Speaking of standards, though, the expert group did find that Toyota failed to comply"OSEK," an international standard API specifically designed for use in automotive software. Toyota's Ex-OSEK850 version was not certified as OSEK compliant, according to Barr.

<<   <   Page 10 / 11   >   >>


Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
Most Recent Comments
anon3901923
 
DCH0
 
spike_johan
 
spike_johan
 
perl_geek
 
elizabethsimon
 
realjjj
 
SectorInvestor
 
SectorInvestor
Like Us on Facebook
Special Video Section
5G LTE is on the way. These systems will require more ...
Protecting sensitive electronic circuitry from voltage ...
09:45
Watch as a web server authenticates or rejects a water ...
Protecting sensitive electronic circuitry from voltage ...
Watch as a web server authenticates or rejects a water ...
Protecting sensitive electronic circuitry from voltage ...
Power can be a gating factor in success or failure of ...
Get to market faster and connect your next product to the ...
00:44
See how microQSFP is setting a new standard for tomorrow’s ...
The LTC3649 step-down regulator combines key features of a ...
Once the base layer of a design has been taped out, making ...
In this short video we show an LED light demo to ...
The LTC2380-24 is a versatile 24-bit SAR ADC that combines ...
In this short video we show an LED light demo to ...
02:46
Wireless Power enables applications where it is difficult ...
07:41
LEDs are being used in current luxury model automotive ...
With design sizes expected to increase by 5X through 2020, ...
01:48
Linear Technology’s LT8330 and LT8331, two Low Quiescent ...
The quality and reliability of Mill-Max's two-piece ...