Breaking News
Comments
Newest First | Oldest First | Threaded View
<<   <   Page 4 / 7   >   >>
Bert22306
User Rank
CEO
Re: A Radical Alternative?
Bert22306   11/2/2013 6:27:31 PM
NO RATINGS
"It seems to me that some cars have the gas pedal where other cars would have placed the brake pedal (everything is shifted a little to the left). This could be a contributing factor - especially if the drivers in the accidents often drove other cars with the pedals in a different relative geometry to the driver's seat."

It was many years ago now, mid 1980s, that the car company on the hot seat, for this same unintended acceleration problem, was Audi. That was one conclusion reached, back then. Pedal placement. The driver can swear up and down that he had his foot planted on the brake, when in fact he had the accelerator floored.

Here's a more general discussion of the Audi and other examples of this phenomenon, unrelated to electronic controls.

http://en.wikipedia.org/wiki/Sudden_unintended_acceleration

SSDWEM
User Rank
Rookie
Re: Simulating EDAC failure?
SSDWEM   11/2/2013 6:09:31 PM
NO RATINGS
Thanks for the thoughtful & detailed reply.

"Most of the major OS's such as VxWORKS, PSOS, Green Hills, etc should support something like this or better (possibly with an option) "


This is really the crux of what I was asking about.  Trying to see if there are any RTOS vendors who advertise fault-tolerant countermeasures such as mirroring critical RTOS variables & data structures.  I've haven't found one yet.  If I remember Michael Barr's testimony, some of the scheduler's task lists or whatever were right next to the stack, and some of the important application variables weren't mirrored.


Will be interesting to see if this type of functionality starts showing up in some of the more heavyweight RTOSes.  IMO it would be a reaction to this fiasco right here.





MS243
User Rank
Manager
Re: Simulating EDAC failure?
MS243   11/2/2013 4:54:52 PM
NO RATINGS
-- Safety and software

If one thinks about the software a bit both the OS and the OEM's code need to detect bit flips.

One way this can be done is via a checksum or a CRC.  A routine or object to wrie or read each data type in the OS+OEM code needs to be created that adds this element to the type as an element in a structure or similar.  If there is a checksum/crc error one must reboot or in some other manor re-test the entire memory to rule out a hard fault.


Another way might be to keep dupicate RAM  entries and re-boot / retest on the mis-compare of the  duplicates.

One also needs to do one of these on code both in RAM and FLASH.

Most of the major OS's such as VxWORKS, PSOS, Green Hills, etc should support something like this or better (possibly with an option)  

The FAA has several good papers on reviews of safery critical systems

Do a google search for SEU SOFTWARE FAA

Also look up Byzantine Generals Algorythm for Softtware.

See my profile for contact information for further advise

SSDWEM
User Rank
Rookie
Re: Simulating EDAC failure?
SSDWEM   11/2/2013 2:21:18 PM
NO RATINGS
"There are safety criticla OS'es that will detect an error like a bit flip in the tasking" -

 

Can you share any details / links?  Would be interesting to see who's doing this, and how.

 

Thanks.

junko.yoshida
User Rank
Blogger
Re: Vehicle Testing Testimony
junko.yoshida   11/2/2013 6:49:47 AM
NO RATINGS
Thank you, DrQuine. The testimony of this court transcript has been truly educational and enlightening to me. But even better is some of he comments I read in this forum. I learn something new every day here. Seriously.

junko.yoshida
User Rank
Blogger
Re: DOT specifications for critical SW?
junko.yoshida   11/2/2013 6:39:29 AM
NO RATINGS
@njamass, the more I look into this, the morbe convinced I am that NHTHA (http://www.nhtsa.gov/) is at fault here. They dropped the ball.

njamss
User Rank
Rookie
DOT specifications for critical SW?
njamss   11/2/2013 4:07:07 AM
NO RATINGS
Seems here that the DOT (and regulators in other countries) are at fault here.  They should have proper code/architecture guidelines!

When SW was introduced in flight control a few decades back, they had quadruplex channels to prevent such failures.  See for example "safety and redundancy"in http://en.wikipedia.org/wiki/Fly-by-wire

I have not been involved with this for a few decades, so they may be doing different things today, but cars should also adhere to similar standards required by the DOD/FAA.

 

DrQuine
User Rank
CEO
Vehicle Testing Testimony
DrQuine   11/1/2013 9:47:00 PM
NO RATINGS
The testimony cited here is quite remarkable. It is one think to speculate about the possibility that a corrupted bit might have serious consequences ... it is quite another to demonstrate in an operating car such a bit error does indeed have significant effects. Kudos to Junko for tracking down and publishing this very interesting evidence.

DrQuine
User Rank
CEO
A Radical Alternative?
DrQuine   11/1/2013 9:36:00 PM
NO RATINGS
I do a lot of business travel and experience many car model in my car rentals every three weeks. I've noticed that the pedal placement varies from model to model.  Has anyone investigated the positioning of the brake and gas pedals with respect to the centerline of the driver's seat? It seems to me that some cars have the gas pedal where other cars would have placed the brake pedal (everything is shifted a little to the left). This could be a contributing factor - especially if the drivers in the accidents often drove other cars with the pedals in a different relative geometry to the driver's seat.

Some Guy
User Rank
CEO
Re: You left out the most important error - no independent failsafe
Some Guy   11/1/2013 8:38:36 PM
NO RATINGS
I've got a pair of diagonal cutters. Won't stop me from adding an EMO to the circuit.

Just sayin'

<<   <   Page 4 / 7   >   >>


Flash Poll
EE Life
Frankenstein's Fix, Teardowns, Sideshows, Design Contests, Reader Content & More
Max Maxfield

Juggling a Cornucopia of Projects
Max Maxfield
Post a comment
I feel like I'm juggling a lot of hobby projects at the moment. The problem is that I can't juggle. Actually, that's not strictly true -- I can juggle ten fine china dinner plates, but ...

Larry Desjardin

Engineers Should Study Finance: 5 Reasons Why
Larry Desjardin
26 comments
I'm a big proponent of engineers learning financial basics. Why? Because engineers are making decisions all the time, in multiple ways. Having a good financial understanding guides these ...

Karen Field

July Cartoon Caption Contest: Let's Talk Some Trash
Karen Field
127 comments
Steve Jobs allegedly got his start by dumpster diving with the Computer Club at Homestead High in the early 1970s.

Jeremy Cook

Inspection Rejection: Why More Is Less in a Vision System
Jeremy Cook
3 comments
Albert Einstein has been quoted as saying, "Everything should be as simple as possible, but not simpler." I would never claim to have his level of insight -- or such an awesome head of ...

Top Comments of the Week
Like Us on Facebook
EE Times on Twitter
EE Times Twitter Feed

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)