Design Con 2015
Breaking News
Comments
Newest First | Oldest First | Threaded View
<<   <   Page 4 / 7   >   >>
Bert22306
User Rank
CEO
Re: A Radical Alternative?
Bert22306   11/2/2013 6:27:31 PM
NO RATINGS
"It seems to me that some cars have the gas pedal where other cars would have placed the brake pedal (everything is shifted a little to the left). This could be a contributing factor - especially if the drivers in the accidents often drove other cars with the pedals in a different relative geometry to the driver's seat."

It was many years ago now, mid 1980s, that the car company on the hot seat, for this same unintended acceleration problem, was Audi. That was one conclusion reached, back then. Pedal placement. The driver can swear up and down that he had his foot planted on the brake, when in fact he had the accelerator floored.

Here's a more general discussion of the Audi and other examples of this phenomenon, unrelated to electronic controls.

http://en.wikipedia.org/wiki/Sudden_unintended_acceleration

SSDWEM
User Rank
Rookie
Re: Simulating EDAC failure?
SSDWEM   11/2/2013 6:09:31 PM
NO RATINGS
Thanks for the thoughtful & detailed reply.

"Most of the major OS's such as VxWORKS, PSOS, Green Hills, etc should support something like this or better (possibly with an option) "


This is really the crux of what I was asking about.  Trying to see if there are any RTOS vendors who advertise fault-tolerant countermeasures such as mirroring critical RTOS variables & data structures.  I've haven't found one yet.  If I remember Michael Barr's testimony, some of the scheduler's task lists or whatever were right next to the stack, and some of the important application variables weren't mirrored.


Will be interesting to see if this type of functionality starts showing up in some of the more heavyweight RTOSes.  IMO it would be a reaction to this fiasco right here.





MS243
User Rank
Manager
Re: Simulating EDAC failure?
MS243   11/2/2013 4:54:52 PM
NO RATINGS
-- Safety and software

If one thinks about the software a bit both the OS and the OEM's code need to detect bit flips.

One way this can be done is via a checksum or a CRC.  A routine or object to wrie or read each data type in the OS+OEM code needs to be created that adds this element to the type as an element in a structure or similar.  If there is a checksum/crc error one must reboot or in some other manor re-test the entire memory to rule out a hard fault.


Another way might be to keep dupicate RAM  entries and re-boot / retest on the mis-compare of the  duplicates.

One also needs to do one of these on code both in RAM and FLASH.

Most of the major OS's such as VxWORKS, PSOS, Green Hills, etc should support something like this or better (possibly with an option)  

The FAA has several good papers on reviews of safery critical systems

Do a google search for SEU SOFTWARE FAA

Also look up Byzantine Generals Algorythm for Softtware.

See my profile for contact information for further advise

SSDWEM
User Rank
Rookie
Re: Simulating EDAC failure?
SSDWEM   11/2/2013 2:21:18 PM
NO RATINGS
"There are safety criticla OS'es that will detect an error like a bit flip in the tasking" -

 

Can you share any details / links?  Would be interesting to see who's doing this, and how.

 

Thanks.

junko.yoshida
User Rank
Blogger
Re: Vehicle Testing Testimony
junko.yoshida   11/2/2013 6:49:47 AM
NO RATINGS
Thank you, DrQuine. The testimony of this court transcript has been truly educational and enlightening to me. But even better is some of he comments I read in this forum. I learn something new every day here. Seriously.

junko.yoshida
User Rank
Blogger
Re: DOT specifications for critical SW?
junko.yoshida   11/2/2013 6:39:29 AM
NO RATINGS
@njamass, the more I look into this, the morbe convinced I am that NHTHA (http://www.nhtsa.gov/) is at fault here. They dropped the ball.

njamss
User Rank
Rookie
DOT specifications for critical SW?
njamss   11/2/2013 4:07:07 AM
NO RATINGS
Seems here that the DOT (and regulators in other countries) are at fault here.  They should have proper code/architecture guidelines!

When SW was introduced in flight control a few decades back, they had quadruplex channels to prevent such failures.  See for example "safety and redundancy"in http://en.wikipedia.org/wiki/Fly-by-wire

I have not been involved with this for a few decades, so they may be doing different things today, but cars should also adhere to similar standards required by the DOD/FAA.

 

DrQuine
User Rank
CEO
Vehicle Testing Testimony
DrQuine   11/1/2013 9:47:00 PM
NO RATINGS
The testimony cited here is quite remarkable. It is one think to speculate about the possibility that a corrupted bit might have serious consequences ... it is quite another to demonstrate in an operating car such a bit error does indeed have significant effects. Kudos to Junko for tracking down and publishing this very interesting evidence.

DrQuine
User Rank
CEO
A Radical Alternative?
DrQuine   11/1/2013 9:36:00 PM
NO RATINGS
I do a lot of business travel and experience many car model in my car rentals every three weeks. I've noticed that the pedal placement varies from model to model.  Has anyone investigated the positioning of the brake and gas pedals with respect to the centerline of the driver's seat? It seems to me that some cars have the gas pedal where other cars would have placed the brake pedal (everything is shifted a little to the left). This could be a contributing factor - especially if the drivers in the accidents often drove other cars with the pedals in a different relative geometry to the driver's seat.

Some Guy
User Rank
Manager
Re: You left out the most important error - no independent failsafe
Some Guy   11/1/2013 8:38:36 PM
NO RATINGS
I've got a pair of diagonal cutters. Won't stop me from adding an EMO to the circuit.

Just sayin'

<<   <   Page 4 / 7   >   >>


Top Comments of the Week
Flash Poll
Like Us on Facebook

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
EE Life
Frankenstein's Fix, Teardowns, Sideshows, Design Contests, Reader Content & More
Max Maxfield

Max's BADASS Display: A Comedy of Errors
Max Maxfield
5 comments
Good grief -- where does the time go? I first determined to build my Bodacious Acoustic Diagnostic Astoundingly Superior Spectromatic (BADASS) display way back in the mists of time we used ...

<b><a href=Betajet">

The Circle – The Future's Imperfect in the Present Tense
Betajet
5 comments
The Circle, a satirical, dystopian novel published in 2013 by San Francisco-based writer Dave Eggers, is about a large, very powerful technology company that combines aspects of Google, ...

Martin Rowe

Make This Engineering Museum a Reality
Martin Rowe
Post a comment
Vincent Valentine is a man on a mission. He wants to make the first house to ever have a telephone into a telephone museum. Without help, it may not happen.

Rich Quinnell

Making the Grade in Industrial Design
Rich Quinnell
16 comments
As every developer knows, there are the paper specifications for a product design, and then there are the real requirements. The paper specs are dry, bland, and rigidly numeric, making ...

Special Video Section
The LT8640 is a 42V, 5A synchronous step-down regulator ...
The LTC2000 high-speed DAC has low noise and excellent ...
How do you protect the load and ensure output continues to ...
General-purpose DACs have applications in instrumentation, ...
Linear Technology demonstrates its latest measurement ...
10:29
Demos from Maxim Integrated at Electronica 2014 show ...
Bosch CEO Stefan Finkbeiner shows off latest combo and ...
STMicroelectronics demoed this simple gesture control ...
Keysight shows you what signals lurk in real-time at 510MHz ...
TE Connectivity's clear-plastic, full-size model car shows ...
Why culture makes Linear Tech a winner.
Recently formed Architects of Modern Power consortium ...
Specially modified Corvette C7 Stingray responds to ex Indy ...
Avago’s ACPL-K30T is the first solid-state driver qualified ...
NXP launches its line of multi-gate, multifunction, ...
Doug Bailey, VP of marketing at Power Integrations, gives a ...
See how to ease software bring-up with DesignWare IP ...
DesignWare IP Prototyping Kits enable fast software ...
This video explores the LT3086, a new member of our LDO+ ...
In today’s modern electronic systems, the need for power ...