Posted on 11/01/2013 10:04:04 AM PDT by Freeport
MADISON, Wis. Among the hundreds of cases brought by individuals across the United States claiming their Toyota vehicles accelerated without warning, only Bookout v. Toyota Motor, tried in Oklahoma County, Okla., resulted in a verdict against Toyota. This was also one of the first unintended acceleration cases to go to trial since the Japanese carmaker began recalling millions of vehicles in 2009 over this very issue.
The Oklahoma case was also the first in which plaintiffs' attorneys put the fault squarely on a flaw in the vehicle's electronic throttle control system. They dismissed arguments about floor mats and sticky pedals and focused on the software that controls the electronic throttle. The attorneys supported their argument with extensive testimony from embedded systems experts.
Similar testimony and extensive software analysis reports had been filed previously in other courts looking into unintended acceleration. But none of that material became public, because Toyota paid settlements and obtained gag orders before those cases went to trial. The public and the engineering community had to wait until the Oklahoma trial, where all testimony became public.
A dozen embedded systems experts were allowed to review Toyota's electronic throttle source code in a secure room in Maryland -- described as the size of a small hotel room. The room, with a guard at the door, was disconnected from the Internet. No cellphones, paper, belts, or watches were allowed inside. The experts viewed Toyota's code on five computers in cubicles.
Having spent more than 18 months going in and out of the secure room to study Toyota's code, Michael Barr, CTO of the Barr Group, put together an 800-page report analyzing the 2005 Camry L4's software. On the witness stand, he walked a jury step by step through what the experts discovered in their source-code review. According ...
(Excerpt) Read more at eetimes.com ...
And they have never been happier!
The only one I had go bad was in a 1999 Jeep Wrangler. Could not find a tranny place that could work on it. I had to get a backyard mechanic fix it.
Couldnt you do the same thing with an auto, grab the column or console shifter and bump it into neutral? The majority, if not all of the automatic shifter gate/detents that Ive come across allow the driver to go from drive to neutral without engaging anything.
Yes. I’m not an expert at this but you can shift from drive to neutral in an auto (but not the other way) without hitting the brake. Furthermore, shifting to neutral at full throttle in a modern car will only cause the engine to rev up to it’s rev limiter and will not destroy the engine before you have a chance to turn it off. This fault in the article is very bad, but it doesn’t have to end badly every time.
he testified that his group's simulations in the source-code room were tested by a gentleman named Mr. Louden, using 2008 and 2005 Camry vehicles. The purpose was to perform the same testing and demonstration (originally done in the source-code room) to determine what the fail-safes would do in a vehicle in response to task death.I found a more precise description in a discussion at Reddit (Google, I don't follow Reddit)
The way I understand it from reading the transcript, any one of those software bugs could have caused memory corruption that killed a certain task (called task X because it's redacted) to die and cause the throttle angle to get stuck. In particular he describes a condition that occured when purposely killing task X while the cruise control is accelerating to the "set point":What happens is that the task death caused in this particular test. Because that task was not there when the vehicle actually reached the set point of 68 miles an hour, it should have closed the throttle more and slowed the vehicle -- or not slowed the vehicle, but kept the vehicle going at 68 miles an hour. Instead, the throttle remained open and the vehicle continued to accelerate.And you can see that this total length time with the throttle open, letting in air, and the car accelerating to past two and past the cruise set point, is approximately 30 seconds. So from time, about 100, until a time, about 130.
Now, Mr. Louden, as I understand it, at this point got nervous at 90 miles an hour because the vehicle was on the dynamometer. And so at that time he pressed on the brake solidly and continuously this whole time.
I always get the base model ,no power options and manual transmission.
K.I.S.S. —less crap to break & easier to fix.
The electronically controlled transmission won't let you in some cars. Aren't computers great?
You would be surprised but most systems in cars and planes are “fly by wire”.
Assuming no sensor failure, it is more reliable than mechanical systems.
This is one of the reasons car engines now last much longer than they did back in the ‘70s.
Fuel injection reduces rich running conditions, oil last longer, less carbon buildup.
Modern fuel injection is really fascinating on how many sensors are used to keep it running correctly.
I am with you.
I want a car that doesnt have power windows.
Here in Maryland it gets very hot in summer for long periods and its 20 degrees hotter inside the car well over 100F , a bad mix for electronics.
All my autos have always allowed drive to neutral and neutral to drive without brake involvement. The only time I needed to be on the brake was park to reverse, reverse to park, and neutral to reverse. I don't think I have to hit it from reverse into neutral, either.
I know in certain conditions a Prius can be killed with simple EM interference
To summarize the article. They had 18 people review the software to see if there was a software failure that could cause acceleration.
Having found one, they then tested it on a dynamometer, by actually hooking up a computer to flip a bit in the code to force a task to die.
Specifically, they killed the task that would stop acceleration when a speed was reached.
So, they set the cruise control for 68mph. They then slowed below 68, killed the task, and hit the “resume” button. The CC accelerated, but the task never reported that it had reached 68, so it continued to accelerate.
They eventually hit the brakes and it stopped accelerating. They don’t say if simply turning off the cruise control would have stopped it.
Also, this particular software failure disabled the accelerator peddle, so if it wasn’t pushed down when the failure occured, no acceleration would happen. But if you were accelerating, it would continue to accelerate if you took your foot of the accelerator.
This is where the article drops the ball. I presume from reading some other stuff that if you hit the brakes in that second scenerio, it would not stop the “accelerator” input, because the software that would do that is in the task that is dead (as opposed to the cruise control, which is wired to turn off when you touch the brake).
But of course, the brakes can overcome the accelerator, so if you floor the brakes you will slow down and stop even if the car pretends you have also floored the accelerator. Unless your brakes are really worn out.
I would note that cruise control is always somewhat dangerous; you hit resume, you will accelerate back up to whatever speed had been set. If you are closing in on a slower car, your driving tendency is to remove your foot from the accelerator, and you’d expect your car to stop accelerating. You have to remember that in this case the cruise control is accelerating you, and you need to brake to stop it.
A specific example of this is if you are cruising and the car in front of you is going about the same speed. Then you hit an uphill. THe car in front slows down, because the driver isn’t paying close attention and doesn’t push on the accelerator. Well, your car also slows down, at first, so you don’t think about it. But then your CC kicks in and really accelerates your car pretty quickly. If you were already too close to the car in front of you, you can actually close the gap before your brain realizes what is happening.
One other thing they noted. If you had your foot on the brake when you killed the task, in order to “remind” the car that the foot was on the brake (to kill CC), you have to let UP on the brake and then hit it again. Because while the “on/off” sensor for the brake that controls cruise is a switch on the pedal, the brake pressure sensor is part of the dead task, which otherwise would periodically send a message to the CC saying “hey, the brake is still on”.
A fun thing to try. Start CC. Then push the brake lightly until CC turns off, and continue holding brake. Then hit the CC resume. See if CC resumes at all, and if so, how long it is before it turns off again. Some cars it won’t resume, others (like maybe these toyotas) would resume and then turn off again when the software re-reported brake pressure. Don’t know why the on/off switch isn’t always part of the equation, but the article suggests it is not.
I had two manual transmissions go bad. '85 Toyota Corolla; '01 Toyota Rav4. 5th gear synchro on both of them. Found out after the Rav4 went that lots of people have had problems with that.
The testimony goes on to describe a failure mode where the driver would have to release the brake pedal and re-apply it if coincidentally they had their foot on the brake pedal when the software task failed. But their first example failure path required a resume of the cruise control from below the cruise control set point to start the acceleration process. Normally you can't resume a cruise control with your foot on the brake, so it is hard to see how the scenarios could actually occur together.
I think more information than what is present in the cited testimony is required to determine if the engine control system really is likely to fail due to some internal design flaw, or if the failure in this particular case was an unlikely event. Based on the reports, the code review seems to have uncovered some issues which could lead to a failure, but there are probably other factors involved that were not presented in the article, whose headline seems a bit exaggerated.
The jurors in the case probably heard much more testimony, and saw more evidence than was presented in the article, and their conclusions are more likely to be based on the particular circumstances of the case in front of them, and not some generalized theory of how the ECU could fail.
I dont keep cars after about 100K miles (lots of lights and traffic here) because I find more and more things start breaking after that. The exception is keeping it as a spare car not driven much.
I got 90+K on my Toyoda and it works fine. My last car was a toyoda and I dumped it about 110K and had to replace the clutch once, at about 95K
So they found nothing wrong with the cars then?
And there’s no indication that anything they came up with had anything to do with any accidents?
Thanks for details about the testimony. I never studied the issue in any detail, and enjoy learning the facts.
So they hacked it, inserted a command to "flip" something and it malfunctioned. But, they did not cause it to malfunction. It would have malfunctioned eventually. They just could not wait around for it to "flip" on its own, but trust them when they say it would happen eventually.
My main point was that the section of testimony cited in the EETimes article was probably just a small part of the overall evidence, and that by itself it didn't seem sufficient to support the EETimes headline.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.