Breaking News
Comments
Newest First | Oldest First | Threaded View
<<   <   Page 4 / 7   >   >>
Bert22306
User Rank
CEO
Re: A Radical Alternative?
Bert22306   11/2/2013 6:27:31 PM
NO RATINGS
"It seems to me that some cars have the gas pedal where other cars would have placed the brake pedal (everything is shifted a little to the left). This could be a contributing factor - especially if the drivers in the accidents often drove other cars with the pedals in a different relative geometry to the driver's seat."

It was many years ago now, mid 1980s, that the car company on the hot seat, for this same unintended acceleration problem, was Audi. That was one conclusion reached, back then. Pedal placement. The driver can swear up and down that he had his foot planted on the brake, when in fact he had the accelerator floored.

Here's a more general discussion of the Audi and other examples of this phenomenon, unrelated to electronic controls.

http://en.wikipedia.org/wiki/Sudden_unintended_acceleration

SSDWEM
User Rank
Rookie
Re: Simulating EDAC failure?
SSDWEM   11/2/2013 6:09:31 PM
NO RATINGS
Thanks for the thoughtful & detailed reply.

"Most of the major OS's such as VxWORKS, PSOS, Green Hills, etc should support something like this or better (possibly with an option) "


This is really the crux of what I was asking about.  Trying to see if there are any RTOS vendors who advertise fault-tolerant countermeasures such as mirroring critical RTOS variables & data structures.  I've haven't found one yet.  If I remember Michael Barr's testimony, some of the scheduler's task lists or whatever were right next to the stack, and some of the important application variables weren't mirrored.


Will be interesting to see if this type of functionality starts showing up in some of the more heavyweight RTOSes.  IMO it would be a reaction to this fiasco right here.





MS243
User Rank
Manager
Re: Simulating EDAC failure?
MS243   11/2/2013 4:54:52 PM
NO RATINGS
-- Safety and software

If one thinks about the software a bit both the OS and the OEM's code need to detect bit flips.

One way this can be done is via a checksum or a CRC.  A routine or object to wrie or read each data type in the OS+OEM code needs to be created that adds this element to the type as an element in a structure or similar.  If there is a checksum/crc error one must reboot or in some other manor re-test the entire memory to rule out a hard fault.


Another way might be to keep dupicate RAM  entries and re-boot / retest on the mis-compare of the  duplicates.

One also needs to do one of these on code both in RAM and FLASH.

Most of the major OS's such as VxWORKS, PSOS, Green Hills, etc should support something like this or better (possibly with an option)  

The FAA has several good papers on reviews of safery critical systems

Do a google search for SEU SOFTWARE FAA

Also look up Byzantine Generals Algorythm for Softtware.

See my profile for contact information for further advise

SSDWEM
User Rank
Rookie
Re: Simulating EDAC failure?
SSDWEM   11/2/2013 2:21:18 PM
NO RATINGS
"There are safety criticla OS'es that will detect an error like a bit flip in the tasking" -

 

Can you share any details / links?  Would be interesting to see who's doing this, and how.

 

Thanks.

junko.yoshida
User Rank
Blogger
Re: Vehicle Testing Testimony
junko.yoshida   11/2/2013 6:49:47 AM
NO RATINGS
Thank you, DrQuine. The testimony of this court transcript has been truly educational and enlightening to me. But even better is some of he comments I read in this forum. I learn something new every day here. Seriously.

junko.yoshida
User Rank
Blogger
Re: DOT specifications for critical SW?
junko.yoshida   11/2/2013 6:39:29 AM
NO RATINGS
@njamass, the more I look into this, the morbe convinced I am that NHTHA (http://www.nhtsa.gov/) is at fault here. They dropped the ball.

njamss
User Rank
Rookie
DOT specifications for critical SW?
njamss   11/2/2013 4:07:07 AM
NO RATINGS
Seems here that the DOT (and regulators in other countries) are at fault here.  They should have proper code/architecture guidelines!

When SW was introduced in flight control a few decades back, they had quadruplex channels to prevent such failures.  See for example "safety and redundancy"in http://en.wikipedia.org/wiki/Fly-by-wire

I have not been involved with this for a few decades, so they may be doing different things today, but cars should also adhere to similar standards required by the DOD/FAA.

 

DrQuine
User Rank
CEO
Vehicle Testing Testimony
DrQuine   11/1/2013 9:47:00 PM
NO RATINGS
The testimony cited here is quite remarkable. It is one think to speculate about the possibility that a corrupted bit might have serious consequences ... it is quite another to demonstrate in an operating car such a bit error does indeed have significant effects. Kudos to Junko for tracking down and publishing this very interesting evidence.

DrQuine
User Rank
CEO
A Radical Alternative?
DrQuine   11/1/2013 9:36:00 PM
NO RATINGS
I do a lot of business travel and experience many car model in my car rentals every three weeks. I've noticed that the pedal placement varies from model to model.  Has anyone investigated the positioning of the brake and gas pedals with respect to the centerline of the driver's seat? It seems to me that some cars have the gas pedal where other cars would have placed the brake pedal (everything is shifted a little to the left). This could be a contributing factor - especially if the drivers in the accidents often drove other cars with the pedals in a different relative geometry to the driver's seat.

Some Guy
User Rank
CEO
Re: You left out the most important error - no independent failsafe
Some Guy   11/1/2013 8:38:36 PM
NO RATINGS
I've got a pair of diagonal cutters. Won't stop me from adding an EMO to the circuit.

Just sayin'

<<   <   Page 4 / 7   >   >>


EE Life
Frankenstein's Fix, Teardowns, Sideshows, Design Contests, Reader Content & More
Max Maxfield

Dr. Duino Diagnostic Shield Deduces Dilemmas in Arduino Shield Stacks
Max Maxfield
9 comments
As you are probably aware, I'm spending a lot of my free time creating Arduino-based projects, such as my Inamorata Prognostication Engine, my BADASS Display, and my Vetinari Clock.

EDN Staff

11 Summer Vacation Spots for Engineers
EDN Staff
20 comments
This collection of places from technology history, museums, and modern marvels is a roadmap for an engineering adventure that will take you around the world. Here are just a few spots ...

Glen Chenier

Engineers Solve Analog/Digital Problem, Invent Creative Expletives
Glen Chenier
15 comments
- An analog engineer and a digital engineer join forces, use their respective skills, and pull a few bunnies out of a hat to troubleshoot a system with which they are completely ...

Larry Desjardin

Engineers Should Study Finance: 5 Reasons Why
Larry Desjardin
46 comments
I'm a big proponent of engineers learning financial basics. Why? Because engineers are making decisions all the time, in multiple ways. Having a good financial understanding guides these ...

Flash Poll
Top Comments of the Week
Like Us on Facebook
EE Times on Twitter
EE Times Twitter Feed

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)