Infact, the right question must be "Do we really need to hope anything?".
Because, even if we could write a perfect firmware that has zero bugs and failures that results in a perfect car, it ceases to be perfect until some other driver lost control of his vehicle and hits us. If so, the best answer, according to me, is to not hope perfection. The only thing we could do is to try writing better firmware that would result in better systems than that was previously.
It is possible to reduce errors to effectively zero, but it is very hard. Complex will always be less reliable than simple, unless that complexity is focused on reliability (for example, overlapped and crosschecked operation of independent systems). The system (hardware and software) has to be independently verified, since developers have blind spots around their own work. The real issue is that it can't be rushed. Making reliability trump schedule would avoid many problems of this type, but especially recently that is a hard case for engineers to make to management.
1. Complex software always has bugs, even latent ones that might rarely if ever show up.
2. No matter how imaginative the team is, they will never be able to think of all those bugs. Some bugs and their consequences will simply never occur to the team members.
3. Safety critical systems should follow standards, but even if they do, random events can still activate latent software bugs and take out the fail safe systems designed to protect against those latent bugs.
As we unveil EE Times’ 2015 Silicon 60 list, journalist & Silicon 60 researcher Peter Clarke hosts a conversation on startups in the electronics industry. Panelists Dan Armbrust (investment firm Silicon Catalyst), Andrew Kau (venture capital firm Walden International), and Stan Boland (successful serial entrepreneur, former CEO of Neul, Icera) join in the live debate.