Embedded Systems Conference
Breaking News
Comments
Newest First | Oldest First | Threaded View
<<   <   Page 4 / 4
junko.yoshida
User Rank
Author
Re: The "Task X" failure testing
junko.yoshida   10/29/2013 4:11:43 PM
NO RATINGS
1 saves
Thanks, Bert. Well explained, as usual.

And as you wrote:

I have to agree that monitoring functions, especially in safety-critical systems, should be done independent of the control functions. A totally separate loop, software and also hardware.


And why Toyota didn't make that as a totally seprate loop, software and also hardware -- as you pointed out -- is mystery to me. 

Bert22306
User Rank
Author
Re: The "Task X" failure testing
Bert22306   10/29/2013 4:02:29 PM
Actually, what this throttle position algorithm does is translate the pedal position (which is apparently determined by an unregulated analog voltage, corrected by the program, according to a separate article) into fuel and air delivery to the fuel injection system. When the car is not in cruise control. In cruise control, presumably the throttle angle is not examined at all, and the fuel/air command is supplied as a function of vehicle speed vs requested speed.

Worrisomely, brake application did not override these control signals if that control algorithm app died. *That's* the crux of the issue here, I think.

I have to agree that monitoring functions, especially in safety-critical systems, should be done independent of the control functions. A totally separate loop, software and also hardware.

junko.yoshida
User Rank
Author
Re: The "Task X" failure testing
junko.yoshida   10/29/2013 3:45:21 PM
NO RATINGS
What caused the so-called "stuck pedal" wasn't the issue in this case. At issue was the software controlling the electronic throttle control system.

As the expert witness explained, the software in electronic throttle control is responsible for performing the sparking and the throttle control.

But there is another part of the software that is looking at the driver controls-- looking at the accelerator pedal and cruise control. So there is a part of the software looking at what the accelerator pedal position is, is it down, is it up, how much down. Then that is translating that into a calculatedthrottle angle.

That malfunction was the crux of the issue that was argued in this trial.

 

rick merritt
User Rank
Author
Re: The "Task X" failure testing
rick merritt   10/29/2013 3:20:10 PM
NO RATINGS
Do we know what's the relationship between task X and the stuck accelerator in the OK case?

junko.yoshida
User Rank
Author
Re: The "Task X" failure testing
junko.yoshida   10/29/2013 3:13:45 PM
NO RATINGS
The Toyota trial in Oklahoma is over. But Toyota still faces hundreds of other sudden acceleration lawsuits, many of which will probably make similar arguments.

The next trial, involving a Georgia woman who accelerated into a schoolyard, is set to begin in federal court in Santa Ana early Nov.

So, in light of that, nobody is publishing any results, even if the throttle function in the worst case scenario is being tested again.

Kinnar
User Rank
Author
The "Task X" failure testing
Kinnar   10/29/2013 3:02:48 PM
NO RATINGS
It is true that the throttle function will be affected by the software malfunction, but why the throttle function is not being tested again in the worst case scenario again to justify the findings after Toyota Trial?

junko.yoshida
User Rank
Author
Kitchen Sink
junko.yoshida   10/29/2013 3:00:29 PM
NO RATINGS
The expert witness aptly describes the Task X as "kitchen-sink" task. It is designed to do just so many thing. So what happens when the Task X does? So many things could go wrong, and one of which is a loss of throttle control. Talk about a bad design.

 

<<   <   Page 4 / 4


Radio
LATEST ARCHIVED BROADCAST
As data rates begin to move beyond 25 Gbps channels, new problems arise. Getting to 50 Gbps channels might not be possible with the traditional NRZ (2-level) signaling. PAM4 lets data rates double with only a small increase in channel bandwidth by sending two bits per symbol. But, it brings new measurement and analysis problems. Signal integrity sage Ransom Stephens will explain how PAM4 differs from NRZ and what to expect in design, measurement, and signal analysis.

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
Like Us on Facebook
Special Video Section
The LTC®6363 is a low power, low noise, fully differential ...
Vincent Ching, applications engineer at Avago Technologies, ...
The LT®6375 is a unity-gain difference amplifier which ...
The LTC®4015 is a complete synchronous buck controller/ ...
10:35
The LTC®2983 measures a wide variety of temperature sensors ...
The LTC®3886 is a dual PolyPhase DC/DC synchronous ...
The LTC®2348-18 is an 18-bit, low noise 8-channel ...
The LT®3042 is a high performance low dropout linear ...
Chwan-Jye Foo (C.J Foo), product marketing manager for ...
The LT®3752/LT3752-1 are current mode PWM controllers ...
LED lighting is an important feature in today’s and future ...
Active balancing of series connected battery stacks exists ...
After a four-year absence, Infineon returns to Mobile World ...
A laptop’s 65-watt adapter can be made 6 times smaller and ...
An industry network should have device and data security at ...
The LTC2975 is a four-channel PMBus Power System Manager ...
In this video, a new high speed CMOS output comparator ...
The LT8640 is a 42V, 5A synchronous step-down regulator ...
The LTC2000 high-speed DAC has low noise and excellent ...
How do you protect the load and ensure output continues to ...