MADISON, Wis. -- As we continue to explore the Oklahoma court judgment against Toyota for unintended acceleration, EE Times readers have raised many astute engineering questions, ranging from the probabilities of bit-flip occurrence and safety standards applied to software and hardware to the safety system architecture built into Toyota cars.
Meanwhile, in a number of Toyota cases (including the Oklahoma one), one nagging question recurs among consumers: If there are software bugs in the system, why have millions of Toyota owners like ourselves never experienced unintended acceleration?
It turns out that Jean Bookout, the plaintiff in Bookout v. Toyota case, had driven her Toyota for several years and put 9,000 miles on the odometer without a problem -- until the crash that injured her and killed a passenger.
We would like to take you through how Michael Barr, CTO and co-founder of the Barr Group and an expert witness who testified in the case, concluded that a random hardware flaw -- combined with a software bug that's latent and lurking -- "can get through or knock down the fail-safes that are in place" under certain driving conditions on certain days.
Excerpt from the court transcript
EE Times is publishing a portion of the court transcript relevant to the Toyota Camry's electronic control module ECM. The following Q&A was carried out between Barr and Benjamin E. Baker Jr., an attorney representing the plaintiffs. This excerpt begins with Barr on the witness stand describing the ECM, which consists of two CPUs: a V850 supplied by NEC (which later became Renesas) and an ESP-B2 supplied by Denso acting as a second CPU (sometimes referred as a monitor CPU).
A. So this is a photograph of the ECM. And this ECM, or engine control modules, has two big chips on it. Has a bunch of other chips, capacitors, circuit tracers that you can see, and other things. This biggest one, the square one, is the main CPU. It is a type of a CPU or a model of CPU called a V850. That is kind of the equivalent of calling it a Pentium. V850 is the model number of that processor. Comes from a company, a supplier of Toyota that used to be called NEC. It has since changed its name.
Then there is a second rectangular chip here, and that chip is what has been referred to by various witnesses as the monitor CPU, the ESP-B2, and sometimes the sub-CPU.
Importantly, each of those is a processor with its own software. Then, of course, all together they comprise an embedded system.
Q. So the software that we're going to talk about is stored within components on this board?
A. Almost always when I'm talking about the software, I'm talking about the software on this main CPU, which performs the throttle control, the combustion, monitors the accelerator, and all those things, cruise control. But there is also software, and I will specifically call out when I'm talking about this monitor CPU and its software.
Q. This is from a 2008 Camry?
A. This particular photo is from 2008 Camry.
Q. Is the 2005 generally very similar to this?
A. The chips would be moved around a little bit, but in terms of the electronics of what is there, there is a V850 processor, there is an ESP-B2. From a substantial similarity point of view, they are very similar.
Q. Can you tell us what this is?