When Appliances Revolt

conaone writes "From the "disconcerting" file, Baseline has a weird story about how the increase in use of embedded operating systems is causing strange things to happen to consumer products. Their example is the use of Windows CE in the BMW 745i, which apparently occasionally goes nuts. The best is the list of video clips showing off the possessed car."

Re:Well, I'm Speechless

[psychogentoo]

I'm gonna wait to buy until BMW 745i SP 1 comes out.

Does 745i come with "windows update"? :)

Appliances

[Bob+McCown]

Anybody want some toast? No? So, you're a muffin man then?

Support

[DoomHaven]

From the article:

Auto manufacturers are legally bound to provide parts and service support for 10 years after each car is first sold. As GM CTO Tony Scott asked last year of attendees at Internet World in New York, "Is anyone here still running software from 10 years ago and could they find support for it?"

Boy, if that isn't a case for Open Source, I really do not know what it.

Re:CE

[Smidge204]

In an attempt to sidestep the "Windows + (vehicle) = crash LOLOL!!!!111!!one" line of comments, which I'm sure there will be many of, I'd like to ask why you need an "embedded operating system" to begin with.

What is so preferable to this approach than more traditional imbedded computer systems? Does the functionality of the system really outweigh the overhead of an entire OS/computer system? Are they really doing anything a halfway decent microcontroller unit can't handle?

Maybe the developers are just too lazy to build their systems "from scratch" like they used to. I personally can't see the benefit of using an embedded OS. What am I missing?
=Smidge=

sequel

[rnd()]

One day we'll see people like Steve Irwin making careers out of dealing with rogue appliances.

Re:sequel

[JesseL]

Crikey! That's a 2006 Frigidaire Side-by-side, we don't wanna spook im. He'll hit you in the eye with ice cube like *that*. Let me see if I can show you his crisper...Ah 'ees a beauty!

Re:BSOD

[1010011010]

Imagine it shifting from 5th to reverse on the autobahn. "Invalid page fault" followed by "fatal exception" followed by "Missing or Damaged Passengers."

Re:Luckily on a lab computer

[darkov]

You've got it all wrong. These are features:

Crazy Trunk: The guy's Windows CE embedded device causes the brake lights (right side) on the trunk to flash at odd intervals. The device is in the rear passenger's right side.

This is Microsoft(tm) Active Saftey(tm) function, which alerts other drivers to the fact that you may be interfering with a Microsoft product and therefore putting your life at risk.

Spitn' Key: The guy inserts his key into the car, lets go, and it falls out for no reason about three seconds later.

This is Microsoft(tm) Trusted Commuting(tm) Initiative functionality. The car detects unauthorised use of the car maker's intellectual property and prevents the driver from taking any unauthorised action. A licence to use the car can be downloaded from the internet.

Phone Dead: The driver's car phone suddenly stops working about 5 seconds after the Windows CE device is powered on.

This is Microsoft(tm) Dial Save(tm) which saves you money on mobile and long distance calls.

Transmission: This is scary. His car goes from 4th down to 1st gear (auto transmission car) and he nearly gets rear-ended by the SUV behind him

This is Microsoft(tm) Active Compression Braking(tm) which automatically detects the drivers desire to brake suddenly and shifts down several gears to make the whole process effortless.

Microsoft - We'll Decide Where You Go Today(tm)

Re:Hmm...

[Quasar1999]

Ok, having the worked with many Real time OS's and embedded OS's... what I want to know is why the hell do they need Windows? It's bloated, the interface is not suitable for a driver (as in car driver)...

Develop your own RTOS... hell, grab any simple Real Time OS, be it VxWorks for example, add a display driver and an input driver (which can be developed at a very reasonable cost (Take a look at what the military uses..) Then from there add routines to communicate with your 70 or so embedded processors and voila, a stable, easy to maintain, not full of useless crap, system. Don't want to invest in an RTOS? (They can be pricey... :P ) Stick to a modified version of Linux. I don't recall the exact build name, but there is a mod (or more than one) out there that make Linux practically realtime... and that's all you need for these gizmos... operating a phone, changing seat positions, etc... There you go... cheap, damned reliable (be it stripped down linux, or some other RTOS), no crap to mess up the functionality, since the only thing in the code is the bare minimum OS and drivers to control the devices you need to control (nothing more, nothing less), and a simple UI.

Ok... Someone care to tell me how much Microsoft paid to get BMW to use their WinCE for something that it clearly is not good for? Dealing with lots of unique and independent devices is not Microsoft's strong suit. To get WinCE to be reliable (as the previous poster put it), you would need to strip it to nothing more than a damned memory manager and a Task scheduler, and write custom drivers for EVERYTHING. Why bother? It's easier to start with just a bare bones OS. There are SOOOOO many other, BETTER, choices out there... There had to be one hell of a good bribe on Microsoft's part... Either that, or some dumbass making decisions at BMW don't know dick all about embedded device programming...

That's my $0.02... And no, I'm not a microsoft hater... I just don't agree with what WinCE is meant to be used for...

Electrical Engineering vs. Computer Science

[Linknoid]

This joke has been floating around the net for many years, seemed appropriate for this discussion:

Once upon a time, in a kingdom not far from here, a king summoned two of his advisors for a test. He showed them both a shiny metal box with two slots in the top, a control knob, and a lever. "What do you think this is?"

One advisor, an engineer, answered first. "It is a toaster," he said. The king asked, "How would you design an embedded computer for it?" The engineer replied, "Using a four-bit microcontroller, I would write a simple program that reads the darkness knob and quantizes its position to one of 16 shades of darkness, from snow white to coal black. The program would use that darkness level as the index to a 16-element table of initial timer values. Then it would turn on the heating elements and start the timer with the initial value selected from the table. At the end of the time delay, it would turn off the heat and pop up the toast. Come back next week, and I'll show you a working prototype."

The second advisor, a computer scientist, immediately recognized the danger of such short-sighted thinking. He said, "Toasters don't just turn bread into toast, they are also used to warm frozen waffles. What you see before you is really a breakfast food cooker. As the subjects of your kingdom become more sophisticated, they will demand more capabilities. They will need a breakfast food cooker that can also cook sausage, fry bacon, and make scrambled eggs. A toaster that only makes toast will soon be obsolete. If we don't look to the future, we will have to completely redesign the toaster in just a few years."

"With this in mind, we can formulate a more intelligent solution to the problem. First, create a class of breakfast foods. Specialize this class into subclasses: grains, pork, and poultry. The specialization process should be repeated with grains divided into toast, muffins, pancakes, and waffles; pork divided into sausage, links, and bacon; and poultry divided into scrambled eggs, hard- boiled eggs, poached eggs, fried eggs, and various omelet classes."

"The ham and cheese omelet class is worth special attention because it must inherit characteristics from the pork, dairy, and poultry classes. Thus, we see that the problem cannot be properly solved without multiple inheritance. At run time, the program must create the proper object and send a message to the object that says, 'Cook yourself.' The semantics of this message depend, of course, on the kind of object, so they have a different meaning to a piece of toast than to scrambled eggs."

"Reviewing the process so far, we see that the analysis phase has revealed that the primary requirement is to cook any kind of breakfast food. In the design phase, we have discovered some derived requirements. Specifically, we need an object-oriented language with multiple inheritance. Of course, users don't want the eggs to get cold while the bacon is frying, so concurrent processing is required, too."

"We must not forget the user interface. The lever that lowers the food lacks versatility, and the darkness knob is confusing. Users won't buy the product unless it has a user-friendly, graphical interface. When the breakfast cooker is plugged in, users should see a cowboy boot on the screen. Users click on it, and the message 'Booting UNIX v.8.3' appears on the screen. (UNIX 8.3 should be out by the time the product gets to the market.) Users can pull down a menu and click on the foods they want to cook."

"Having made the wise decision of specifying the software first in the design phase, all that remains is to pick an adequate hardware platform for the implementation phase. An Intel 80386 with 8MB of memory, a 30MB hard disk, and a VGA monitor should be sufficient. If you select a multitasking, object oriented language that supports multiple inheritance and has a built-in GUI, writing the program will be a snap. (Imagine the difficulty we would have had if we had foolishly allowed a hardware-first design strategy to lock us into a four-bit microcontroller!)."

The king wisely had the computer scientist beheaded, and they all lived happily ever after.

Re:Electrical Engineering vs. Computer Science

Here's how the actual implementation of such a project would go:

Day 1: My boss, an engineer from the pre-CAD days, has successfully brought a generation of products from Acme Toaster Corp's engineering labs to market. Bob is a wonder of mechanical ingenuity. All of us in the design department have the utmost respect for him, so I was honored when he appointed me the lead designer on the new Acme 2000 Toaster.

Day 6: We met with the president, head of sales, and the marketing vice president today to hammer out the project's requirements and specifications. Here at Acme, our market share is
eroding to low-cost imports. We agreed to meet a cost of goods of $9.50 (100,000). I've identified the critical issue in the new design: a replacement for the timing spring we've used since the original 1922 model. Research with the focus groups shows that consumers set high
expectations for their breakfast foods. Cafe latte from Starbuck's goes best with a precise level of toastal browning. The Acme 2000 will give our customers the breakfast experience they desire. I estimated a design budget of $21,590 for this project and final delivery in seven
weeks. I'll need one assistant designer to help with the drawing packages. This is my first chance to supervise!

Day 23: We've found the ideal spring material. Best of all, it's a well-proven technology. Our projected cost of goods is almost $1.50 lower than our goal. Our rough prototype, which was completed just 12 days after we started, has been servicing the employee cafeteria for a week without a single hiccup. Toastal quality exceeds projections.

Day 24: A major aerospace company that had run out of defense contractors to acquire has just snapped up that block of Acme stock sold to the Mac-kenzie family in the '50s. At a company wide meeting, corporate assured us that this sale was only an investment and that nothing will change.

Day 30: I showed the Acme 2000's exquisitely crafted toastal-timing mechanism to Ms Primrose, the new engineering auditor. The single spring and four interlocking lever arms are things of
beauty to me.

Day 36: The design is complete. We're starting a prototype run of 500 toasters tomorrow. I'm starting to wrap up the engineering effort.
My new assistant did a wonderful job.

Day 38: Suddenly, a major snag happened. Bob called me into his office. He seemed very uneasy as he informed me that those on high feel that the Acme 2000 is obsolete--something about using springs in the silicon age. I reminded Bob that the consultants had looked at using a microprocessor but figured that an electronic design would exceed our cost target by almost 50% with no real benefit in terms of toastal quality. "With a computer, our customers can load the bread the night before, program a finish time, and get a perfect slice of toast when they awaken," Bob intoned, as if reading from a script.

Day 48: Chuck Compguy, the new microprocessor whiz, scrapped my idea of using a dedicated 4-bit CPU. "We need some horsepower if we're gonna program this puppy in C," he said, while I stared fascinated at the old crumbs stuck in his wild beard. "Time-to-market, you know. Delivery is due in three months. We'll just pop this cool new 8-bitter I found into it, whip up some code, and ship to the end user."

Day 120: The good news is that I'm getting to stretch my mechanical-design abilities. Chuck convinced management that the old spring-loaded, press-down lever control is obsolete. I've designed a "motorized insertion port," stealing ideas from a CD-ROM drive. Three cross-coupled, safety-interlock micro switches ensure that the heaters won't come on unless users properly insert the toast. We're seeing some reliability problems due to the temperature extremes, but I'm sure we can work those out.

Day 132: New schedule: We now expect delivery in three months. We've replaced the 8-bitter with a Harvard- architecture, 16-bit, 3-MIPS CPU.

Day 172: New schedule: We now expect delivery in three months.

Day 194: The auditors convinced management we really need a graphical user interface with a full-screen LCD. "You're gonna need some horsepower to drive that," Chuck warned us. "I recommend a 386 with a half-meg of RAM." He went back to design Revision J of the pc board.

Day 268: New schedule: We now expect delivery in three months. We've cured most of the electronics' temperature problems with a pair of fans, though management is complaining about the noise. Bob sits in his office all day, door locked, drinking Jack Daniels. Like clockwork, his wife calls every night around midnight, sobbing. I'm worried about him and mentioned my concern to Chuck. "Wife?" he asked. "Wife? Yeah, I think I've got one of those and two or three kids, too. Now, let's just stick another meg of RAM in here, OK?"

Day 290: We gave up on the custom GUI and are now installing Windows CE. The auditors applauded Chuck's plan to upgrade to a Pentium with 32 Mbytes of RAM. There's still no functioning code, but the toaster is genuinely impressive. Four circuit boards, bundles of cables, and a gigabit of hard-disk space. "This sucker has more computer power than the entire world did 20 years ago," Chuck boasted proudly.

Day 384: Toastal quality is sub-par. The addition of two more cooling fans keeps the electronics to a reasonable temperature but removes too much heat from the toast. I'm struggling with baffles to vector the air, but the thrust of all these fans spins the toaster around.

Day 410: New schedule: We now expect delivery in three months. We switched From C++ to Java. "That'll get them pesky memory-allocation bugs, for sure," Chuck told his team of 15 programmers. This approach seems like a good idea to me, because Java is platform-independent, and there are rumors circulating that we're porting to a SPARC station.

Day 530: New schedule: We now expect delivery in three months. I mastered the temperature problems by removing all of the fans and the heating elements. The Pentium is now thermally bonded to the toast. We found a thermal grease that isn't too poisonous. Our marketing people feel that the slight degradation in taste from the grease will be more than compensated for by the "toasting experience that can only come from a RISC-based, 32-bit multi-tasking machine running the latest multi platform software."

Day 610: The product shipped. It weighs 72 lb and costs $325. Chuck was promoted to CEO.

Re:CE

[cscx]

Yeah, I guess the obvious Slashdot solution would be "use Linux on the car!" Then we'd have to install a little keyboard to do stuff like this:

dd if=/dev/gastank of=/dev/engine bs=1024k count=100 /sbin/unlock /dev/trunk


Anyway... ever think that this could be the result of shitty programmers and not the OS's fault? I.E., the functionality to do various things in an automobile are NOT built into Windows last time I checked...

Re:CE

[letxa2000]

If you've never built a cost sensitive or limited power/ram/disk/clock application then you just don't think about these things.

I've developed under Windows CE, Windows, Palm, Unix, and 8052 microcontrollers. For reliability I would choose those "platforms" in reverse order. And, yes, development tools, memory optimization, and watchdogs are available for all of them.

OS's are generally for when a single piece of hardware is going to have to do many different tasks. Maybe one user will use it to listen to music, another to burn CDs, another to develop software, another to surf the Internet, etc. Parts inside washing machines and cars, however, are not going to see such variable usage. A washing machine is always going to wash utensils. A car is always going to drive down the road. These are not applications that really require an OS. Some good firmware is all you need.

Using microcontrollers in cars is not new. They've been doing it for over a decade. Only now, when you start contaminating things with OS's such as CE, do you really see a problem.

Re:The Trade Off

[letxa2000]

I'm told my car has 6 computers driving various functions and that to replace them would total $10,000.

That's what it would cost you, after dealer mark-up. A "computer" in a car is normally a "microcontroller," a single chip. So what they're really telling you is that it would cost $10k for 6 chips. And I can assure you that the unit cost of those 6 chips is under a dollar a piece.

If you can cut down the number of computers needed, you can lower the price of your car or increase the profit margin. Or both.

Increase profit margin, if that's possible. Are you really serious when you say they'd charge you $10k to replace the "6 computers" in your car???

The down side to that is that if the single computer fails, all those functions go away.

The problem is when you use OS's like CE it is entirely possible that the single computer will fail. When you develop it all on a microcontroller and get rid of all the fancy BS, you can get everything into a single chip and be stable.

You know, I really think it comes down to keeping Microsoft as far away from anything of any importance. And I say that in all honesty, not just to score points with the anti-MS crowd here.

Re:CE

[wfmcwalter]

Maybe the developers are just too lazy to build their systems "from scratch" like they used to. I personally can't see the benefit of using an embedded OS. What am I missing?

It's a good question, and one automotive developers haven't really had to worry about until recently. When all they had to code was realtime control code for those 70-odd microcontrollers, they certainly didn't need an OS.

But the developers (or rather their marketing departments) have bigger ideas. A car is no longer but a conveyance - it's an environment, an entertainment centre, a home. So they mandate navigation, remote and stored diagnostics, centralised control of various settings (A/C, seat position, etc.), radio stations, RDS, CD control, media (MP3 etc.), radio, video (disney for the kids), and all of this controlled by voice input and giving voice output. Those are requirements a workstation or PC could scarely manage five years ago. Add to that the significant issue that most of those applications will be coming from third party vendors. Anyone implementing such a system has little choice but to put in a decent 32 bit microprocessor, a fair chunk of RAM (several meg, going on 16), and a half-decent OS.

WinCE (for automotive, whatever...) is certainly the worst choice. QNX, VxWorksAE, or Embedded(orRT)Linux would certainly be better - but the fundamental problem remains - this is HARD to get right.

Don't be fooled into thinking this is just an amusing diversion, where the worst that can happen is that your radio doesn't work for a while. This is a major safety issue - simply because the "infotainment system" doesn't have a wire to the steering or the accelerator doesn't mean it can't kill you. Imagine you're driving through a busy freeway intersection, at high speed in pretty heavy traffic. Suddenly the radio turns on, to a bad (noisy) channel, at FULL VOLUME. IT HURTS. YOU'RE SURPRISED. YOU LOSE CONCENTRATION FOR A SECOND OR TWO. YOU DIE. So do your kids, and those of the guy in the subaru in front. The lady in the dodge behind you loses a leg.

Also, don't think this is confined to high-end cars like BMW and Cadillac - auto manufacturers try out new stuff in the high-end lines before they push it further down the product line. Soon you won't be able to buy a vehicle without this stuff. And __nobody__ is doing a good job of making it.

Re:BMW 7 Series customer age a major issue.

[p23cfos]

The problem is worse than that. You can't just "blame the users" for this one -- iDrive is terrible. It forces your eyes off the road. It makes simple operations complex, and complex operations impossible (the anti-perl?)

Pinning the problems on the user is really wrong in this case. This system was destined to fail. The only one that i've tried that was worse was in the Buick Reatta. (Anyone remember that?)

Re:CE

[Samari711]

A washing machine is always going to wash utensils.

funny, i always thought that washing machines were for clothes; maybe i have to update the firmware on mine...

A few embedded system facts

[ltkije]

It's awfully fun reading desktop programmers commenting on an article in a project management magazine.

Here's a few facts about your new-model car. The BMW is extreme with 70 electronic modules but the typical 2003 vehicle has 20 or 30 microprocessor-controlled modules, and the number is rising every year. These range from a door-switch module with 8K of code, through an engine controller with 256K/32K of ROM/RAM, to a navigation system at 8M/8M. Very few of these modules have a manufacturing cost above $100.

The OS in automotive controllers varies from a simple event loop at the low end through OSEK-compliant kernels in the midrange to QNX and its friends in the most complicated systems. If there's Linux in a controller, it will be as well-hidden as the Linux in Tivo. Engine and transmission controllers are designed for hard real-time operation and emphatically do not use anything remotely resembling a desktop or palmtop OS.

Software development starts with the premise that once it's built, you can't change the it, ever. This has enormous consequences for the way automotive code gets made. Most companies spec the hell out of these products, use a strict waterfall development process, are afraid to venture beyond the C language, and test endlessly. They are scared of agile methodologies and even of RUP. Productivity is pretty low, but on the other hand, the products are reliable.

Now, both the article and /. responses are full of misconceptions. There's not really much question about whether an OS vendor shares its source code. The real concern is reliability. There's not much question about who develops embedded software. Detroit is lousy with contractors. One billboard I see on my commute shows a toy car with the caption "about the only vehicle that doesn't run on our software. -- EDS" The GM guy's comment about 10 year old software has the obvious answer: his teenager's 1993 Chevy.

Win CE gets no respect from embedded software developers for several reasons. Chief among them are poor responsiveness, poor stability and code bloat. Typical comment, from an SAE conference presenter: "If you put an embedded system into a car, you still have a car. If you put a PC into a car, you have a PC with wheels."

Rather than rant any further, let me suggest reading any of the books on Jean Labrosse's site, EE Times and Embedded Systems Programming. And have fun! Embedded is where you can see software affect the real world.