Slashdot Mirror
Toyota Pedal Issue Highlights Move To Electronics
cyclocommuter writes with an excerpt from a brief WSJ story on increasing electronic control of car components: "The gas pedal system used Toyota Motor Co.'s recall crisis was born from a movement in the auto industry to rely more on electronics to carry out a vehicle's most critical functions. The intricacy of such systems, which replace hoses and hydraulic fluid with computer chips and electrical sensors, has been a focus as Toyota struggled to find the cause for sudden acceleration of vehicles that led the company to halt sales of eight models this week."
At least in one case, the brakes failed, the accelerator stuck, and the person didn't know how to turn the car off because it was a rental and used a push-button ignition. Also, they couldn't put it into neutral because it had a push-button shifter as well. People really should learn about the car before they drive it, but this is a monumental fuck-up on the part of Toyota. I think that we can do the push-button stuff CORRECTLY, but this isn't the way to do it.
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
I design computer hardware and software and I always tell people:
But No On Believes Me...
--jeffk++
ipv6 is my vpn
Summary is stupid because there's no hoses and hydraulics in any car throttle system I've seen; if it's not electronic, it's a very simple and reliable steel cable.
Story is stupid because as it admits, the electronics had nothing to do with the problem; the failure was mechanical. The exact same thing could have happened to a cable-operated system.
By all accounts I can find, the issue with the Toyota's sticky gas pedal is a MECHANICAL one - not some electrical bug.
-Bill
According to AutoBlog, the problem with these Toyotas is a mechanical part in the drive by wire pedal assembly (and so it's not really an issue with the car being drive by wire). The pivot point that the pedal rotates on has a bushing that is apparently wearing out and causing the pedal stick. I'm a little skeptical as it seems much more plausible that it would be an electrical (or software) gremlin, but that's apparently what they're blaming it on.
There is still no excuse for Toyota not coding the ECU to cut throttle when it senses that the driver has BOTH the throttle and the brakes on simultaneously. All drive by wire VW/Audis are setup this way.
Kiteboarding Gear Mention slashdot and get 10% off!
1) If we switched to mechanical acceleration control, braking etc...that would be fine, but we would still use machines to make the parts.
2) mechanical parts fail if not as often, more often than computer based systems
3) a computer/firmware based error is usually fixable with ease, or relative ease - sometimes the same for both
4) mechanical failures can cause an entire system to go down and need to be replaced - same goes for electronic.
one way or another, shit happens.
GM uses electronic gas pedals for quite some time at least in its Delphi platform. For instance, Opel Vectra C and derivatives, Astra G/H and derivatives, ... Never any problems with them so far for several years. Automatic transmission from Aisin-Warner, a Toyota daughter company, on the other hand is causing many problems, at least in Germany. Whatever is going on in Toyota, it is not about quality.
Title: "Electronics parts = Toyota woes"
Article: "condensation from heaters caused increased friction in the gas pedal, making it stick in some cases, making the problem a mechanical one and not an issue of electronics."
So electronics had nothing to do with it at all. And their suggestion that the complexity of electronics made this issue harder to diagnose isn't backed up at all.
It doesn't matter to me if the issue is electronic or mechanical, I want a mechanical peddle pair and a mechanical key switch. I want to be able to kill the machine if I have to, and not rely on the electronics to behave appropriately when malfunctioning. How many press down to turn off power systems have you encountered that failed to turn off after a crash? I've certainly encountered my share of them.
I mean a software crash... not a vehicular one. ;)
First of all, the article says:
Toyota has said its latest problem happened because condensation from heaters caused increased friction in the gas pedal, making it stick in some cases, making the problem a mechanical one and not an issue of electronics
So, this is in all likelihood, a fluff piece about a mechanical issue that tries to scapegoat the lack of an electronic safety on the pedal. Which defeats the implied issues with malfunctioning electronics - it's the lack of more electronics that may be the problem.
Second, the old saying is that you can't make an omelette without breaking some eggs. Truly, you can't improve technology unless you are willing to make mistakes. As long as companies aren't being reckless with the risks they are taking, and as long as we are trying to move forward instead of being terrified of the future, these mistakes are signs of progress, not failure.
This is really a case of technology moving too fast for its own good.
The fundamental concept behind Japan's quality is kaizen. This is the constant improvement on existing techniques and technology. By starting with what works, it is simpler to build in very small steps without losing any quality along the way.
However, due to perceived pressures from non-Japanese automakers, companies like Toyota have begun bold initiatives to modernize their cars. The typical automotive embedded system is fairly simple (relatively speaking, of course). There are only a few inputs and only a few outputs and the systems are usually isolated from each other. However, as more features become desired, more interaction between isolated systems becomes a reality. The gas pedal used to only manage the amount of fuel fed to the injection valves. Nowadays it works in tandem with the brake system and suspension to manage tire slippage and traction control.
In this case, Toyota implemented a very complex system without a series of solid intermediate steps. The result is catastrophic failure when unforeseen interactions suddenly arise. If they were slowly adding features, they could immediately pinpoint the problematic interaction. However because they did it all at once they don't have any idea where the problem lies.
It makes me want to buy an American car.
Timing is everything - according to the NHTSA, Toyota sold 120,507 cars in the Cash for Clunkers program, which ended in August. By comparison, Chrysler sold 9,033 cars.
This kind of stuff is par for the course if you own a Chrysler. Last year my PT Cruiser decided to get stuck with the throttle about 1/3rd down. It was really fun to park that way (a terrifying sort of fun). Chryslers are famous for bursting into flames, having brakes fail for no reason (which is what the emergency brake is for), and numerous other problems that normal people would consider to be a safety hazard.
When my car got stuck, sure it was a little surprising at first, hard to slow down for the turn I already committed myself to (stood with my full weight on the brake) but after that I put it in neutral (it is an automatic, they have an N position) and when the motor started revving like crazy I just turned off my engine (careful to only click once so the steering wheel lock isn't activated), flipped on my hazard lights and coasted to a place where I could pull over conveniently.
What I don't understand is how I can figure this out, but a CHP officer kills his family in a 100mph crash from the same sort of problem? Yes, he got going that fast, without ever thinking about just turning the damn thing off. California's finest indeed, it's sad because the CHP are held up as experts in driving and safety.
If people aren't able to deduce what they are supposed to do in an emergency on their own in a timely matter, then we must make safety training mandatory for all drivers. It should go into what to do if your brakes don't work, accellerator gets stuck, car catches on fire, car rolls over and you're trapped, and the thousand other things that can happen to you in a car. And there should be a test, it should be a hard test, and you should get an insurance discount if you score over 90%. And you get the opportunity to retake it once a year, but your best score is good forever.
“Common sense is not so common.” — Voltaire
Back in my day, cars had a 3rd pedal on the floor called the clutch. If your throttle got stuck you could hit the clutch pedal and cut the power to the transmission.
I had to think long and hard before buying the Camry Hybrid because of all the drive-by-wire. Finally I decided to give it a go and I am glad I did. I get plenty of room in the cabin (not so much in the trunk though), and consistently get 30+ mpg around town and up to 40+ on highway trips (averaging 36-38 across West Texas at 80 mpg).
Some observations of mine:
- I have a "gear lever" to shift, but I'm pretty sure it's just there for "feel" and it's all electronic; if an electrical problem prevented the car from going into neutral then it wouldn't matter if it were "push button" or the gear lever like I have, it's still electronic.
- the emergency brake is mechanical - and that's your best bet if all else fails (assuming you aren't already going so fast as to make the car uncontrollable by locking the rear wheels
- It is not unusual for me to pull into a parking place, put the car into park, be totally stopped, release the brake, and (while totally still) push the button to turn off the car and have the car jump forward slightly; i suspect it has to do with getting a mechanical "break" in the transmission to engage and by slightly moving the car something akin to a tooth is able to engage the appropriate gear. I'm not able to reproduce on demand so I've not taken the car in for this.
- I have floor mats that are supposed to be held in place by hooks but the hooks keep coming out and floor mat moves all around. This is the factor carpeted floor, not the all season one, and i've never had it cause problems with the accelerator.
- i've not been able to reproduce the launching triggered by the cruise control as reported by SteveWoz, but that may be prius specific and/or speed related (i haven't been anywhere to try at 85 mph yet, speed limits around here stop at 75).
. 62,400 repetitions make one truth -- Brave New World, Aldous Huxley
Never mind the 35,000 Dodge and Jeep vehicles sold.
(Of course, we then have to throw in the 10,000 Lexus and Scion vehicles on the other side)
Nerd rage is the funniest rage.
I agree with others who have said that electronic controls have good potential. However, as the old saying goes, nothing good comes easy. This Toyota scandal (sadly) reminds me of the much more horrible Air France crash of a fly-by-wire Air Bus jet into the Atlantic Ocean enroute from Brazil to France. Be careful out there!
I agree on the idea that it doesn't matter if the system is electronic or mechanical. Each type has positives and negatives. What matters the most is whether the system is properly designed with a safety system. Lots of automobiles have problems that occur on a regular basis. It is the ones that make people kill each other that make the headline news.
Bloomberg: "We got the first reports about difficulties in August" from the U.S., Etienne Plas, a Brussels-based spokesman for the Japanese company [Toyota], said today by telephone. "The quality standard wasn't exactly met, but we didn't find that there was a safety risk, so we didn't start a recall."
The latest defect in Toyota cars is quickly developing into the scandal of the 21st century. The problem started when customers of Toyota vehicles began experiencing sudden unexplained acceleration; these incidents began appearing in 2002. Over time, Toyota management claimed that the problem is the floor mat. So, the management issued a recall to replace all the floor mats.
Then, after further studying the problem, the management claimed that the throttle's pedal sometimes becomes stuck due to weather conditions. This new claim lead to the massive global recall of many vehicles sold over the past 3 years.
However, none of these explanations for the sudden acceleration has been satisfactory. Independent investigations leading to an explosion of lawsuits have determined that the problem is the electronic throttle control (ETC) — the so-called drive-by-wire mechanism that links the pedal via some cables to the fuel controller. According to a report by "Businessweek" and another report by the "Wall Street Journal", Toyota is now the defendant in 3 separate class-action lawsuits. The plaintiffs claim that the ETC is defective.
According to a report by the "New York Times" (NYT), "a few years ago, the company sent out a technical bulletin saying some cars accelerate on their own between 38 and 42 mph, and it reprogrammed the electronics with new software codes".
The NYT notes, "John Heywood, director of the Sloan Automotive Lab at MIT, said because Toyota is the only automaker having this problem, it could be something specific to its design, such as the location and integration of the electronics relay sensor."
Further, the Toyota ETC lacks an important safety mechanism: if the customer presses both the throttle pedal and the brake pedal, then the ETC should give priority to the brake. The Toyota ETC gives priority to the throttle. How can Toyota engineers commit such a gross design mistake? Common sense tells us that the brake should receive priority.
According to a report just issued by the "Wall Street Journal", the engineers at Toyota have developed an improved pedal that supposedly fixes the problem causing Toyota cars to accelerate out of control. American regulators have approved the fix, and Toyota will send it to dealers by February 8. This fix allows the dealers to resume selling the 8 models of vehicles affected by the recall.
However, a new angle to the problem recently surfaced, according to a report just issued by the "New York Times" on its blog. CTS, which manufactures the throttle pedal for Toyota, claims that "the slow-return pedal phenomenon, which may occur in extreme environmental conditions, should absolutely not be linked with any sudden, unintended acceleration incidents". In other words, though the pedal is defective, the defect did not cause the unintended acceleration. CTS claims that it did not manufacture the pedals in older Toyota vehicles that exhibited the same acceleration problem.
If CTS is telling the truth, then the actual problem may be the electronic throttle control, the so-called drive-by-wire system.
I've been around the long-haul trucking business for decades, and I hate to break it to you, but for well over 10 years now, big rigs have had electronic throttle position sensors, with a little bitty, not even particularly well-protected wire running from the pedal to the engine ECM. This is ever since Detroit Diesel came out with their electronically controlled engine in the '90s which was an amazing breakthrough in mileage and reliability. So basically every truck that we've bought or ran for over ten years has had an electronic throttle pedal, and there have been zero problems, except occasionally the TPS itself needs replaced (like every million miles or so). In this case it looks like Toyota fucked up, but that doesn't mean using electronic controls is a bad way to go, because clearly lots of things seem to be able to implement them properly, including airplanes.
Reading this article makes me wonder if at least the hand brake is still a mechanical component? I would hate for the electronics to fail and suddenly find myself with no way to stop the car. I wonder how much consideration has been given to fail-safes in this move to more electronics for essential control of the vehicle, especially in cases of poor maintenance?
Jumpstart the tartan drive.
Thank you for the fantastic information.
I used to have a 2005 Toyota Matrix and did experience unintended acceleration ONCE. At the time just thought it was the mat sticking.
I could not imagine that the system would give priority to the gas pedal over the brake!!!! OMG
--jeffk++
ipv6 is my vpn
'kill -9 car' works just fine!
Everything else is for n00bs.
The way this ought to work is that there should be two different sensors in the pedal, and they should be of different types, like one resistive pot and one Hall-effect transducer.
Then, the vehicle electronics should have both a software implementation that checks the two for consistency and monitors engine RPM, and a hardware backup which inhibits fuel flow and spark if either sensor indicates a released gas pedal and engine RPM is above idle and not dropping. (Engine RPM comes from the crankshaft position sensor, and if that fails, spark timing will fail and the engine won't run. So crankshaft position sensor failure isn't an engine runaway risk.) There's some cost to the hardware backup, but it's fewer parts than one window actuator.
Then the software should have a backup function such that if either the brake pedal or the handbrake is active, and speed is above 5MPH, the throttle is treated as being at the released position. That's a no-cost feature.
I knew the people who designed the Ford EEC IV in the 1980s, and they thought like that. They were terrified of a software problem that affected safety. In the EEC IV, the program was masked directly into the CPU chip's ROM, and cannot be changed. (There's a bolted-on ROM unit that has the data tables for each engine model, and you can replace that, but there's no code in it.) It never needed to be; cars with the EEC IV are still running, and there was never a recall for a "firmware update".
"Toyota struggled to find the cause for sudden acceleration" - not surprised, I've never manage to find it in a Toyota either!
Does this mean we'll have service packs for future autos?
Imagine the horror if Microsoft ports Windows to ECMs - Care to hack a car?
Only the dead have seen the end of War. - Plato
Keep it simple, stupid.
This is a good rule to follow when it comes to designing machines that can kill.
I want my car's safety-related electronics to be so simple anyone with the relevant expertise can understand a given subsystem, and anyone with the relevant expertise can understand how they interact with each other. In other words, I want predictable behavior: Given scenario A, the car will behave in manner A', given scenario B, it will behave in manner B', with any outcomes that aren't expected by most drivers, such as an engine shutdown if the temperature sensor reaches X degrees for Y seconds, well-documented and the driver educated how to react in such a circumstance.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Are we going to blame Microsoft for causing cars to crash (finally) because of their crappy software?
6.8SPC TR of 550, l xwind at 6, drift rt at 26" drops 77". AT has 503 ft-lbs at 1403 fps. FT 0.86
There won't really be any way stop the move to electronic controls once pure EV dominate the market. There are ways to do braking without using brake pads, different torques without using a transmission and things like a neutral gear don't even have to physically exist. Once cars get to this point I don't see any way around it. I, for one, will certainly miss having a manual transmission.
“Common sense is not so common.” — Voltaire
Software is bad because, unlike hardware, deterministic timing is not an inherent part of it. Computer programs are based on the Turing Computing Model. The TCM has nothing to say about timing other than the inherent sequentiality of operations. Read Why Software Is Bad and What We Can Do to Fix it and How to Solve the Parallel Programming Crisis if you're interested in solving this crisis once and for all.
Our basic algorithmic computing model has not changed since Charles Babbage. It's time for the industry and academia to wake up. What is needed is a non-algorithmic, synchronous and reactive model. I hope the auto industry (and everybody else who writes software and build computers) takes this to heart because these problems are going to happen again and again. And the cost is going to skyrocket.
Rebel Science News
I wonder if the emp guns the police are trying to have constructed will make it worse when used?
My ism, it's full of beliefs.
They company claimed user error and installed all the assinine interlocks which are only enablers for muggers and rapists and not a safety feature. During this 'upgrade' there is a software modification but it's undocumented. They got away with it even though several people were killed.
We still need a death penalty for corporations that kill and there is any reason to suspect malice or coverup.
I'd go on a Vegan diet but the delivery time from Vega is too long. --brownkitty
Why use chips and all that, when simple electric or even mechanic systems do the job? Doesn’t that also cost more?
I don’t get it...
PHB effect?
Any sufficiently advanced intelligence is indistinguishable from stupidity.
the antitechnological fervor with which this piece was written is evident in its title "electronics parts=toyota woes." 3/4 into the article a root cause is given
for the issue:
"Toyota has said its latest problem happened because condensation from heaters caused increased friction in the gas pedal, making it stick in some cases, making the problem a mechanical one and not an issue of electronics."
it seems as though the author Sharon is manufacturing controversy.
Good people go to bed earlier.
The gas pedal program should be intelligent enough to notice a malfunction like a sticky pedal and react accordingly. Mechanical failure is a given because of wear and tear and other factors. Software should never fail.
Rebel Science News
Then you should never step foot on a commercial air liner again. The article is over generalizing
and essentially amounts to fear mongering. I've personally experienced having a throttle cable
snap, thank God it failed closed, I've heard stories that went the other way... Control system failures
happen, the least we can expect from the manufacturers is that they fail safe. "drive by wire" is in essence
a good thing. So say the next time the pedal fails, the system could determine a fault occurred
and cut the throttle; it might even turn your hazards on in the future to alert the drivers around you.
www.alphalinux.org
My 02 VW is drive by wire, and has never killed me. How can Toyota of all companies, flub this so badly?
I want to delete my account but Slashdot doesn't allow it.
I find it disturbing that the U.S. government is forcing Toyota to cease production, when they are also the owner of GM, Toyota's competitor. Yes the design has killed people, but a great many engineering mistakes kill people. Maybe the response is justified, but the national ownership raises interesting questions.
refactor the law, its bloated, confusing and unmaintainable.
Un-necessarily complex, I spent 5 to 10 minutes reading the manual and could NOT figure out how to make it move.
I'm not joking, this was a fleet car for work and I simply couldn't make it move, at all. I'm a geek but it just didn't make any sense to me, engine was going but it wouldn't move.
Turns out they use a 'pedal based' handbrake (Americans might call it park brake?) I've never encountered this in 30 years previously, long story short I ended up speaking to the fleet management people and ended up with a Ford stationwagon ( "It just works" ) for the morning, didn't find out about the pedal and how it works until I got back from the trip. (FWIW I really did want to try the Prius too)
If you think it's a problem with these Toyotas, a couple of years ago I saw it happen to a supercharged F-150 Lightning. This is one of their high performance model trucks, which was apparently producing over 600BHP. And it had gone through a safety inspection earlier that day.
Throttle return springs are, I gather, a not entirely uncommon failure point. It's a specific line item check on Club Time Trials; I know this because the inspector and I had to try to figure out how to inspect the throttle return spring on my Audi, which also has a "fly by wire" throttle. It never came up specifically on Autocross, probably because they've seen it before (CTT had around 8 cars at it, AutoX has 200).
A lot of people have been pretty hard on the "computer control" aspect of this, which I believe is missing the point. There were some computer related issues that made this worse, like it being push-button start and just confusing people as to how to turn the damn thing off. But the reports are that this was a mechanical failure that is almost exactly like the common failure mode of a traditional, mechanical, throttle.
Unlike a mechanical throttle, the computer controlled throttle at least has the opportunity to say "Hey, I know the throttle is telling me to go, but I see that the parking brake has been pulled and/or the brake pedal, so I'm going to cut the throttle.
I've given this some thought and considering it all, I'd rather have the smarter computer-controlled throttle.
Sean
I have some computer experience as well as a bit of design and electrinics in the mix and one thing comes to mind as the real cause.
Drive by Wire.
Seriously, floor mats and other issues like that are just Toyota looking for an excuse when they know full well that the issue is something that can't be fixed without a major redesign next year. Ie - "It might be that if you place the mats just this way"(bunched up like only a moron would let happen) or "This servo might stick under the right conditions and enough wear"(despite the part being nowhere near its normal end of life)
The issue is drive by wire. Something's gone pear-shaped with their electronics and/or software that controls it and they're trying to find any excuse that might be the cause other than their design is unsafe. Blaming a servo or floor mats is just total BS and anyone with an ounce of technical skill would realize that servos and relays last for the better part of a decade.
The big give-away is the reports of the automatic cruise control malfunctioning. That's 100% software, folks. Something does wrong with the sensors and the software doesn't have a proper fail-safe mode programmed.
***this is from Wikipedia on Electronic Throttle Control***
There are two primary types of throttle position sensors: a potentiometer or a Hall Effect sensor (magnetic device). The potentiometer is a satisfactory way for non-critical applications such as volume control on a radio, but as it has a wiper contact rubbing against a resistance element, dirt and wear between the wiper and the resistor can cause erratic readings. The more reliable solution is the magnetic coupling that makes no physical contact, so will never be subject to failing by wear.
This is an insidious failure as it may not provide any symptoms until there is total failure. (edit by me - they're talking about the second type of sensor here- usually the potentiometer desgins give plenty of warning)
*****
Guess what type of sensors the Toyotas use? Guess what happens when they get confused and start to fail? The U.S. made parts may be defective or fail in 2-3 years instead of 8-10 like the Japanese parts, but the problem still remains. When(not if) the part breaks and needs replacement, expect it to cause the throttle to jam wide open.
There also is a note at the bottom of the article stating that ETC is currently suspected in the recent Toyota recalls but that Toyota is fiercely denying it. of course they are. This affects almost every Toyota and Lexus that they currently sell(and for the last couple of years as well). And it's not something that can be fixed without a major physical redesign.
Watch the next year or two's models switch back to a throttle cable. Then try to sell your drive-by-wire ones used. To anyone.
This is a worthless story trying to bash electronics for a mechanical failure, and even the story admits that the electronics are not the problem in this specific case. What a load of hogwash. The article doesn't even mention or link to the real source of the problem and it fails to provide additional sources of information for people who might be affected. Someone's got to kick timothy in the ass for getting this dribble posted on the front page. At least post a story about a real electronics's failure causing serious problems such as the O2 sensor issue that the poster above mentioned, now that's a scary situation.
Our New Car
I just bought a 2010 Toyota Camry LE 2.5L I4 6-speed Automatic with EX (Upgraded Radio) and QA (Aluminum Wheels) as a first car for my wife and I as we have just moved across the country to a new city. This was the choice after a lot of researching and test driving of other vehicles and then eliminating them based on real cost of ownership, fuel efficiency, components used, safety ratings, the quality of built, the comfort of the ride, and the headaches or having to deal with the specific sales people (Honda, I'm looking at you!).
Just to make it clear that I'm not a Toyota fan boy and I am not a car person at all since don't find cars "sexy" and I was perfectly happy with my old 1994 Chrysler. This new car is not the perfect vehicle for us, it was just the best in the class for the price. There are some deficiencies in the car, such as the trip computer not showing you fuel efficiency ratings, the quality of the construction in the plastic covering under the engine, cheap plywood backing covering the spare tire in the trunk, and louder than normal wind noise coming from the front roof support posts and root during 80 mpg highway driving speeds, a cup holder divider that comes out anytime you take a cup out of it, and probably a bunch of other issues that we'll find out after more than 4-weeks of owning it.
This recall does not really trouble us since it is mentioned that the issue is rare, it only happens in cars sued for a while already, there is a environmental and humidity aspect to the problem with regards to condensation, and the cause is a gradual wearing down of a bushing that causes additional friction preventing the accelerator pedal from returning back to the home position that happens overtime and is noticeable with a pedal that starts becoming slow to return.
Our car was just manufactured in 2009-11 in Kentucky and I'll be checking the information below today on the weekend to see if our pedal is in the recall or not, most likely it it because it most likely has the CTS manufactured part. I'll call the dealer and arrange for a replacement in a few weeks while after they get a handle on all the people that are coming to them now. No rush on this. I've also instructed my wife on how to resolve this problem if it does occur to her when she's driving by hitting the breaks and shifting into neutral gear, then turning the ignition off when she's safely off the road.
Below is some real information about this recall.
Toyota.com - Latest News About Toyota's Safety Recall Campaign
I hope that there will be a standard for shutting down any make or model push button start car. And then putting that info on or near button. Like Airbag warnings on visors, but more visible.
A sign like: I=push O=push and hold x seconds
Drop 10% of your diesel MPG: Diesel is denser and has a greater ydrocarbon content per gallon. Your 55-60 is a slightly less impressive 50-55mpg for a petrol. Add to that the parent post probably has a 2-ton car and yours is going to be a smaller saloon, maybe even a supermini.
Since the available information is extremely sketchy. In particular, the narrative of the San Diego accident appears so nonsensical that there must be a lot of missing information. So almost every comment seems to be based on pure speculation (although that is par for the course on Slashdot).
... for well over 10 years now, big rigs have had electronic throttle position sensors, ...
This is a sensor. It allows the computer to sense the position of the throttle, not control it.
So basically every truck that we've bought or ran for over ten years has had an electronic throttle pedal, ...
No, it hasn't. The throttle is controlled by the pedal connected to the throttle plates by a cable. The trucks have had throttle position sensors which assist the computer in determining the optimal amount of fuel to inject, among other things. I had a car in 1984 that had this, which constantly broke, which screwed up the engine performance. In spite of this, my car never ran away or even over-accelerated; quite the opposite happened.
While airplane control-by-wire sw has had a few failures (http://en.wikipedia.org/wiki/V-22_Osprey and perhaps that Airbus that crashed near Brazil http://www.nytimes.com/2009/06/05/world/europe/05plane.html), they have been much rarer than car sw failures. Maybe that's because control-by-wire sw destined for an airplane undergoes rigorous design and testing (http://en.wikipedia.org/wiki/DO-178B) that control-by-wire sw destined for an automobile does not receive.
I think it is time to impose the same legal mandates of safety and reliability on control-by-wire sw destined for an auto that we already impose on control-by-wire sw destined for an airplane.
Are you crazy!?!?
I tried that once and the skin on my arse has never been the same.
'kill -9 engine'
I don't therefore I'm not.
Anyone can design a bad system, regardless of the underlying technology. There's no reason electronic systems can't be as or (one would hope) vastly more reliable than their mechanical predecessors. Because Toyota fucked up with this one says no more about electronic controls than the bugginess of Windows says about C/C++/C# or a shoddily constructed house says about the reliability of hammers and nails. It's what you do with the tools that counts.
Odds are the underlying problem here is the same as with a lot of commercial software: some bean counter wants it out the door before its ready in a corporate culture where product quality is secondary to the current quarter's profits. Under those conditions, the system could have been built with [insert your favorite technology here] and still come out poorly.
Proud member of the Weirdo-American community.
'kill -9 engine' is not enough.
you forgot about kinetic energy (0.5 * m*v^2).
One might try 'kill -9 -1' but I wonder what will happen with the Universe.
Man pages are somewhat ambiguous about its effect.
Jack: "I'm a recall coordinator. My job was to apply the formula. It's simple arithmetic. It's a story problem. A new car built by my company leaves Boston traveling at 60 mph. The rear differential locks up. The car crashes and burns with everyone trapped inside. Now: Do we initiate a recall? You take the number of vehicles in the field (A) and multiply it by the probable rate of failure (B), multiply the result by the average out-of-court settlement (C). A times B times C equals X. If X is less than the cost of a recall, we don't do one."
This article (happened in Australia - linked related articles contain more information): http://www.abc.net.au/news/stories/2009/12/16/2773868.htm
describes a problem with a Ford Territory getting stuck with the cruise control actively trying to keep the vehicle at 100km/hr.
A couple of things to answer the 'this guy was idiot, I'm so clever it wouldn't have happened to me' crowd:
1. He couldn't turn off the ignition as the car won't let you do that if the car is moving.
2. He couldn't shift to neutral because the car wouldn't let him push the shift release button. (It was an automatic, so no clutch pedal.)
3. Pushing the brake wasn't helping enough to stop the car. (In the end it worked, but he had to jump on it with both feet all his adrenaline fuelled strength while pulling as hard as he could on the handbrake.)
4. The accelerator pedal only worked to speed him up, It wasn't a pedal 'sticking to the mat' issue, as the car was holding itself exactly to the speed of the cruise control.
5. The car was going too fast to just ram into a barrier or tree, etc.
6. The guy called Ford Australia (on his mobile phone), who couldn't help him and put him on hold. So then he called the police who, to their credit, cleared the road ahead and kept him calm enough to eventually get the car to stop. The total ordeal lasted 50 minutes.
7. The recording of the police call was released and played on the news and it was pretty obvious that both the guy and the police were doing everything to get the car to stop. This was not a situation where a quick two second phone call to a know-it-all Slashdotter would have solved the problem.
Anyway, I can't believe this news didn't make Slashdot when it happened a couple of months ago, as it contains considerably more information than the usual fare on this topic.
What is with all these crazy people suggesting that you should shift into neutral? With a floored accelerator, that's a great way to completely destroy the engine. How about you do what you always do when you want to slow down? Push the fucking brake!
Expensive, dangerous, bullshit!
My 1965 Ford Econoline pickup, has turned over 100,000 miles at least seven times in the past 45 years and has never had anything more dangerous happen than rolling backward on a steep San Francisco hill!
Keep it Simple
I killed da wabbit -Elmer Fudd
Talking out of my ass here but I gather that the 3 second delay is to prevent accidental shut-off of the engine due to bumping into the button etc. The solution is to do away with the 3 second delay and have a hinged transparent plastic cover over the ignition button, ala those found on fighter jet joysticks. To press the button, you have to manually lift the plastic cover, preventing accidental presses. Simple solution for an unnecessary problem.
crashbywire is more accurate
This may well be speculative crap, but at least based on the anecdotal incidents I keep hearing about, this sounds like an ECM problem.
First Toyota blamed floor mats. That immediately causes consumers to think that the problem was the fault of idiot drivers, not Toyota itself. The typical person's reaction would rightfully be something along the lines of "duh, if you stack floormats under the accelerator, it's going to stick...this is not Toyota's fault".
Now Toyota blames the pedal. And the pedal manufacturer. Again a simple system that people understand...that can be labeled as obviously defective and replaced with something theoretically not defective, bringing about peace of mind.
Finally Toyota is going to "go the extra mile" and update the ECMs to cause pressing the brake to cut the throttle. I imagine this is an algorithmic (code) change to the ECM, not just new calibrations. Apparently Toyota uses a proprietary ECM that is not very "hackable". That is, it's very closed in comparison to items like those in GMs and VW/Audis where there are cottage industries of tinkerers who have decompiled the code, modified calibrations for performance and economy, and even modified the algorithms themselves. (You don't see things like VAGCOM or EFILive for Toyotas.)
Point being, if they update the ECM and it is all proprietary stuff and there's no easy way to diff it (or an adequate number of eyes to catch the difference) they can fix the problem and scapegoat the pedal manufacturer. And potentially leave a lot of dangerous vehicles on the road to save face.
The biggest hole I can find in this idea is where I'm getting my data. Random reports from people, a lot of whom seem to claim their vehicles accelerated from a stop. And of course it's all stuff reported by the popular news media. And of course a lot of folks who rear-ended someone in their Toyota are going to suggest anything other than their own actions being the cause.
But being a software developer, the more I hear about this, the more it stinks of software. An ECM has too many variables to simulate all possible conditions, so you must rely on the algorithms to work correctly. My gut says there's a tiny hole in there somewhere, where most users will never encounter it.
What has *science* done?!? -- Dr. Weird (ATHF)
Here's another link. This one contains some of the actual conversation between the police and the driver (sorry about the Flash and advertisement before the actual story):
http://www.smh.com.au/national/cruise-control-terror-for-freeway-driver-20091215-ktxn.html
The suggestion it is a software problem comes from those people who don't trust Toyota's explanation for the events. First Toyota said all these sudden accelerations must be the floormats, but then there were too many that floormat issues couldn't explain. The next best chance was to blame it in a stuck accelerator assembly itself, but even that dosen't really explain the symptoms. Why would accelerators suddenly start pushing themselves all the way to the floor without even having a history of mild friction and stickyness?
It has all the hallmarks of a developer hunting around desperately to find why a bug is occurring, and just blaming it on something partly related, hoping the problem will go away. In the meantime, the new models will come out with a watchdog type override that reboots the microcontroller when brake and accelerator are pressed at once.
The Los Angeles Times has taken the lead on breaking this story. They published another article yesterday: Doubt cast on Toyota's decision to blame sudden acceleration on gas pedal defect
Here's a quote: "The way the sudden-acceleration problems are occurring in reported incidents doesn't comport with how this sticky pedal is described," said Sean Kane, president of Safety Research & Strategies, a Rehoboth, Mass., auto safety consulting firm. "We know this recall is a red herring."
The number of reports of unintended acceleration increased by as much as a factor of 5 for some models after Toyota introduced electronic throttle control systems. While floor mats and defective accelerator pedals may have caused some of the problems, they don't explain many of the reported cases of uncommanded acceleration.
Keep it simple, stupid.
This is a good rule to follow when it comes to designing
Fixed that for you.
There are times when more features in exchange for more complexity is a good thing.
When it comes to systems like automobile driving-related systems, however, there better be a very big win in exchange for significantly increased complexity. The addition of antilock brakes, for example, increases complexity but dramatically improved safety and are IMHO worth it. Ditto the addition of air bags.
In systems where there isn't a safety issue, like the old-school entertainment systems that didn't interface with "the car" except for power, you could accept less in the way of improvements for a given increase in complexity. Going from a 5-button all-mechanical-control radio to an almost-all-electronic radio/cd/plus entertainment center with its own anti-theft system was a good thing. Until those started interfacing with the rest of the car, there was no additional risk of harm beyond it suddenly turning itself on full blast and distracting the driver.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Toyota have announced that new models will have a feature that idles back the engine when brake and accelerator are pressed at once. That will probably be implemented at a low level so that it still works in most firmware crash situations.
However, they could have a lower level still that cuts power completely. However, it's too easy for someone to press brake and accelerator at once in normal use, So instead they could make a magic combination of press Brake, Accelerator and the Horn button all at once to cut the engine and reboot the controller.
Instant apocalypse. Has to be run by root, of course.
In case of emergency:
(1) flip open cover on top of shift knob.
(2) depress exposed button.
(3) eject.
For what its worth, it does not seem to be a problem with electronics.
It is a mechanical component that failed.
Here is a description of the accelerator pedal problem that Toyota is having.
http://www.autoblog.com/2010/01/29/video-in-depth-look-at-toyotas-sticky-accelerator/
The bushing is possibly a lie. Vehicles have reportedly demonstrated spurious acceleration both at a stop and at cruising speed, with nobody even touching the accelerator pedal. I don't think Toyota knows what the fuck they are doing, and that includes in their PCM; they apparently aren't flash upgradeable. What year is it, anyway?
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
[cain@glory]$ kill -9 car
bash: kill: car: arguments must be process or job IDs
I think you meant
pkill -9 car
or
for p in $(pgrep car); do kill -9 ${p}; done;
or
for p in $(ps aux | grep " car" | awk ' { print $2 } '); do kill -9 ${p}; done;
if you're not into that whole brevity thing and you want to kill *all* the cars. (And hey - who doesn't?)
should have 3x or 4x redundancy (with a voting system) on critical systems like on mil-spec components. a stuck throttle cable can have the same effect on non-fbw cars. electronic can be MORE reliable if done PROPERLY.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
Further, the Toyota ETC lacks an important safety mechanism: if the customer presses both the throttle pedal and the brake pedal, then the ETC should give priority to the brake. The Toyota ETC gives priority to the throttle. How can Toyota engineers commit such a gross design mistake? Common sense tells us that the brake should receive priority.
When tuning my own ECU, this is the first thing I disabled. It makes left foot braking impossible. Bottom line, we need better drivers, not cars for idiots.
completely ignorant and the designers should be shot.
With power assisted traditional brakes you still have enough braking power to stand on the pedal and accomplish something.
If these cars do not have a direct mechanical linkage to the brakes from drivers foot to calipers or pads they should be destroyed. Theres no reason to unlink the mechanical component on passenger cars, none.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
This reminds me of the situation with the first fly-by-wire airliners. There was a lot of concern by pilots and others over the reliability of the hardware and the software. And a lot more thought goes in to designing airliners than cars.
The E46 3 series used a drive-by-wire system, no throttle cable. BMW never blamed floor mats or pedals, hell as far as I know nothing went wrong. The worst part is that they're limiting the recall to Toyota only. I have a friend who told me months ago that her throttle stuck on the highway in her '06 Lexus IS250. Toyota claims it's only the American pedal assembly but Lexus doesn't use the American pedal, it uses a Japanese-made assembly from a different manufacturer and yet it still sticks.
It seems to me that Toyota didn't do enough testing and refuses to accept responsibility to the full extent of their screwup.
Too late for the key switch, which has controlled relays downstream for many years.
At least it can cut the power to some systems, but (see the infamous Ford cruise control switch) lots'o'hots remain even with the key removed.
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
They should rename it th iBrake - it does less and costs more than a regular brake. But thanks to the SJ-RDF (Steve Jobs Reality Distortion Field) you'll never know that you're careening to your death at 140mph.
it only highlights the life-or-death importance of good interface design
Yes, I've lost track of the number of colleagues who've committed suicide after having to use Vista.
These posts express my own personal views, not those of my employer
Ha! I drive an '07 Volvo S80, from the people who supposedly make the safest cars on earth, and I think its missing at least two of those safety features.
The parking (not emergency) brake is electrically operated, not that I think it or any other car's parking brake would actually stop a car (many activate only one wheel, which would badly spin the car).
It has a "shiftmatic" transmission without any manual gear positions. It can be semi-manually shifted (electrically operated manual gear positions with an automatic clutch), but has an anti-redline feature that either forces a shift or cuts the throttle if the engine is kept in too low of a gear (I forget which, I seldom use it; my model has the V8 motor and very rarely do I feel the need to manually bump the engine up 1-2k RPM).
I'll bet it kills the motor in the event of a crash, though.
Regardless of which is given priority... I'll bet those cars are real fun to drive on glare ice, where you may need to be constantly nursing both the brake AND the throttle, to maintain traction and control direction.
~REZ~ #43301. Who'd fake being me anyway?
Starting from stop with a full brake on is somewhat different from stopping from a high speed at full throttle. Yes, the brakes may be able to overwhelm the transmission (I'm not about to try because I don't feel like burning out either my brakes nor my transmission), however it's not necessarily going to happen all that quickly, and depending on how the car is braking it's probably going to be a hell of a dangerous and bumpy ride as you're pretty much fighting the car and/or potentially locking the wheels.
Another factor in the front brakes would be ABS, which wouldn't actually allow you to do a full pads-to-the-rotors braking action (not necessarily a bad thing) . As for the e-brake, overwhelming that one is EASY, especially as it gets older. I know plenty of people who've managed to drive down the road with the parking break on before realizing why their car was acting rather gutless.
Maybe the problem is that the headlights automatically turn off with the ignition? Mine current vehicle - and most I've had - don't do that, but rather beep annoyingly at your if you leave the lights on after the ignition is turned off.
The best solution to prevent leaving the lights on is that rather than tying them to the ignition, my old 88 Camry would shut them off once the ignition was off and the drivers-side door was opened (you could turn them back on if needed by flicking them off and on again).
Actually that would be: killall engine or kill -9 'pidoff engine'.
Kids...
They did a test on 3 separate cars, Toyota Camry, Infiniti G37, and Roush Stage 3 Mustang to see the effective stopping power brakes at 70 mph and 100 mph, and each with no throttle and each with full throttle.
Only the Roush Mustang 3 had any real issue of slowing down with full throttle - but only at 100mph. It did stop eventually, but took 903 feet (vs about 320 feet with no throttle).
In the 100mph full throttle tests, the Camry stopped within 88 feet (vs no throttle), the Infinti within 6 feet (The Infiniti has a system that as soon as brakes get tapped the throttle closes, hence such close numbers)
So yes, for 99% of the cars on road, your brakes will overcome your engine easily.
I think you meant:
DON'T TRUST PROGRAMMERS
Computers are nearly infallible.
Programmers, not so much.
paintball
The kill command takes process id as a parameter. Use killall instead. :)
Thank God I only buy Chryslers!! :)
Comment of the year
2. He couldn't shift to neutral because the car wouldn't let him push the shift release button. (It was an automatic, so no clutch pedal.)
I've driven quite a few automatics (domestic and import) and I've never been in one that required you to press a button to move between drive and neutral.
I'm with you, I've never seen that either.
What would be the thinking behind that? As should be obvious after reading this thread, it seems like a huge safety problem.
Were there people somehow causing accidents by accidentally dropping their car into neutral while at speed? Or something?
Comment of the year
My parents own an 04 or 05 Highlander, and I've got to say it's really been a dog. I've always thought very highly of Toyota, but the Highlander has been enough to make me think twice about buying one anytime in the near future.
1st it's got a check engine light issue. The charged my parents a few hundred dollars to reflash the ecu to take care of the issue. Except it was back in less than a week. Now they say it needs new catalytic converter(s) and will cost $1100+ to fix. The car runs just fine however and doesn't leave an unburned gas smell like a non-functional catalytic converter would have so I'm not really sure if it's just them wanting to throw parts at the problem. Further, the problem sometimes goes away after getting gas, leading me to believe that it might be related to the gas cap which is incredibly funking on the car.
2nd it's got an air pressure monitoring system that sometimes just trips and you can't untrip without going to the dealership. That means anytime the air in the tire gets low, or the system thinks it is even if it isn't, you have to take a trip to the dealership because the method for reseting it doesn't actually work. They supposedly fixed that last time it was in the shop, but I rather doubt it.
3rd the heater doesn't work. More specifically, the heater doesn't work in the winter. You absolutely cannot get the heater to come on in the winter. However, if it's warm outside and you hit a bump it will come on regardless of where the dial is. Supposedly they fixed that this summer at the shop, except I've driven it twice this winter and been unable to get the heater to come on.
4th when you step on the gas, it doesn't really do anything. It's my understanding that this was one of Toyota's first cars that had the electric gas pedal. And while I'm certainly glad it doesn't just start accelerating like some of them have done, it presents it's own form of danger. You can floor the gas pedal, and it takes almost a full second for it to notice you've hit the gas. It seems slightly less noticeable when you're making a less drastic change in position of the accelerator, but that may be because you're not really expecting it to change drastically then. This is dangerous. If I need to get the hell out of the way of something coming at me, I don't want to wait a full second for the car to figure out that I've pushed the gas pedal. It does the same thing if I'm already driving and have to suddenly press the accelerator down to speed up. You can literally mash the pedal to the floor and then lift your foot back up with absolutely no change in engine speed on the car!
While the first issue may not be an electronics issue, as we're not really sure, the second, third, and fourth issues certainly are. In the hurry to make everything electronic, I think they've introduced some serious reliability issues into their vehicles, which is a shame because growing up I always thought of Toyotas as being of high quality and reliability. I still wouldn't hesitate to buy an older Toyota, in fact I've been looking at getting a late 80's 4runner, but I don't think I'd buy a new Toyota right now even if I could afford to.
FYI, these cars have these things called wheels ;). Wheels have to overcome the same static friction (rolling resistance, deformation only) per revolution regardless if it is accelerating for the first revolution or if it is going 100mph and repeating a revolution. See regardless if your going 0 MPH, or 100 mph the relative speed of the tire at the contact patch of the tire and road remains 0 (unless your tire start slipping/spinning, then it is overcoming static friction.)
All this means, is it will take a much greater force to overcome your brakes at 0 speed, since then you have to overcome their sliding friction, but it takes very little HP, since HP is work over time, which is force over a distance. 0 distance means 0 Work, regardless force, and thus 0 HP. But since the engine has gears between it and the wheels, and the brakes don't. The engine thus has it's greatest advantage at low gearing, though the brakes are guaranteed to win at higher speeds (if working) but the brakes also have to overcome momentum, so will take time, and could overheat before stopping completely.
Just remember that cars haven't been controlled by your own grit for a while now. I'm talking primarily about power steering and brakes.
Let me explain. I'm an EMT, and I drive a 14,000 pound ambulance. It's a box mounted to a F-350 (diesel) chassis made by Ford. It's really quite comfortable.
Last summer, I had the fan (serpentine) belt break on me. This powers the cooling pump and fan, the primary alternator (secondary is on a separate belt), power brakes and steering, and the AC. It turns out it was a frozen AC compressor that burned through the belt.
In any case, the vehicle was not controllable at even a few miles an hour. Thankfully, the belt broke in the hospital parking lot, but even going 10 miles an hour to leave was enough to make the vehicle not stop, even using all my weight and strength. We were rolling up an incline, so it was fine, but we were not decelerating the vehicle in a meaningful way.
Second, the power steering is a necessity for a vehicle of that size. You can wrestle the wheel without it, but it takes a lot of work and therefore a lot more time to turn the wheel. Couple that with the almost-complete loss of brakes, and you've got problems.
We were fine, got into a safe spot, and got a tow. But had we been going down the curvy highway from a few minutes before, I am convinced we would have been killed. I could not have kept the turns on that road, nor avoided the cars without brakes.
My point is, we already rely so much on mechanical systems. That's what the problem was in this case. It's easy to cry "no fly by wire" because it's harder to understand than a linkage, but it may not be less safe. The ability of electronical systems to self-monitor is something that your standard throttle can't do.
In the end, perhaps we should combine the two, something like a dead-man's switch? The ECU sends a pulse to a relay every half-second as part of it's main loop - if that relay doesn't like what it hears, it releases a spring that closes the throttle. If the ECU crashes, it doesn't send the pulse and the car slows.
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
This new car is not the perfect vehicle for us, it was just the best in the class for the price. There are some deficiencies in the car, such as the trip computer not showing you fuel efficiency ratings, the quality of the construction in the plastic covering under the engine, cheap plywood backing covering the spare tire in the trunk, and louder than normal wind noise coming from the front roof support posts and root during 80 mpg highway driving speeds, a cup holder divider that comes out anytime you take a cup out of it, and probably a bunch of other issues that we'll find out after more than 4-weeks of owning it.
Sounds really negative.
But seriously, these things are not issues when I'm interested in a car that drives to 300k, not one that struggles to reach 175k.
I have unilaterally found the Camrys to be more comfortable to ride in when compared with a similar-budget American car or truck. I get into friends' cars and think "wow, how do you put up with this?"
Or the midnight cron
'mv /car/* /pumpkin/*'
It's obvious you guys are new school... kill -HUP engine would have sufficed. Anything else is over dramatic.
I bet you reboot the car when your Xdashboard crashes too ;)
"The problem with any tech is that it's nearly impossible to make it perfect. In some situations like airbags, you can make the system very simple and independent, so it's not prone to failure. But when there are scenarios that result in death, you need to be able to *shut it down* very quickly. In a car, that means literally turning the engine off. "
One could always have an emergency drag chute. Deploy that and the resulting removal of the engine causes the vehicle to slow down.
Not to be pedantic but I think you meant 'killall -9 car'.
$ kill -9 car
-bash: kill: car: arguments must be process or job IDs
Cool! Amazing Toys.
diebywire.
/. Dissent will not be tolerated. Think like us or perish.
Shifting should be manual but steering shouldn't? I'd drive a car with computer-controlled shifting without a second thought. I'd even drive a car with E-throttle without any serious worries (of course I'd know how to kill it), brakes I'd consider, I mean they're already hooked up to a complicated hydraulic system just waiting to fail, but steering? No chance in hell. I want a mechanical linkage between my hands and the wheels that turn the car, always.
"When information is power, privacy is freedom" - Jah-Wren Ryel
Uh, that was a Ford Explorer, NOT a Territory! A USA designed car, not the Australian designed car.
From the article you linked to: "It took just over half an hour before the Explorer came to a stop near Frankston, just short of oncoming traffic." See? Explorer, not Territory...
Also, subsequent inspections found NOTHING wrong with the car, nothing in the ECU's memory to suggest a fault, and the car eventually stopped when the young driver stood on the brake (not break...) pedal.
"Fifty minutes after the emergency began, he pulled on the handbrake and stood on the brakes and the car eventually came to a stop just before hitting cars ahead of him."
I do wonder why he didn't do that 50 minutes earlier... Maybe he was out thrill seeking and wanted his 5 minutes of (rather dangerous) fame? Or maybe the car did have a problem and it mysteriously fixed itself during that 50 minutes... leaving no trace of any problem...
I don't know, no-one else seems to know either. So, the supposition is operator error by an inexperienced driver.
Also, why didn't the cops drive in front of him, and slow down, letting the Explorer hit the back of the cop car, which then slows down (the cop cars brakes will stop both cars, it's just like a heavy trailer)?
I think skynet is finally starting to launch its attack ;)
Fly by wire is nice, but unless it is 100% reliable, you need to can it.
Remember what happened to the first Airbus with fly by wire? They did a low approach over
the runway, the airplane thought it was suppose to land, and the fly by wire didn't allow it to
climb out, and it crashed into a forest.
The story says there are increased safety issues with electronic parts in cars. The Toyota accelerator pedal issue was mechanical. An electrical part is not inherently more error prone. The author of the story is just being sensationalistic and playing on peoples' fear of technology. DID YOU KNOW THEY USE ELECTRONIC CONTROLS IN PLANES!!! TONIGHT AT 10!
The auto industry is starting to catch up to the IT industry. Now I have to treat my automotive purchases the same way I treat my technology purchases: By avoiding new products until they are proven reliable.
[insert Gates vs. GM reference here] (On a side note, I have to ask why Gates said cars should cost $25, while his fancily-packages CDs cost over $100)
It may be simply due to what my day job is, but what about putting a strain gage on the gas pedal beam? That way you have a redundant indication that pressure is actually being applied to the pedal. If there's no pressure to the pedal for x time, and at the end of that period the indicated pedal position is not "coast/idle", then the system should immediately revert to an alternate control law that uses pedal pressure instead of pedal position for control input. There should also be a voice announcement to execute safe stopping ASAP. When done properly, this can be quite cheap. A strain gage/connecting cable assembly is all done on a single piece of substrate, and in automotive quantities can cost $0.50 apiece. The connector and amp/digitizer can be had in the accelerator pedal sensor assembly for another $1.00 or so. Not very hard to do.
Did the police try a spike strip?
Just for my curiosity, how many times have you changed the fuel pump on your car?
In automatics you can shift it into neutral regardless of the shift release button.
I'm also a software developer, and an owner of a Camry 2009. I suspect a software or computer glitch is the root cause. I've experienced unintended acceleration in my Camry twice while I was cruising on a flat straight road going about 38MPH. Both my feet were completely motionless both times it happened. While my right foot was steady on the accelerator, the car just sped up (by about 1 to 2MPH/second) for about 2.5 seconds. I was like WTF was that!?!?! So far, I've only had it happen a few times, but I know it wasn't caused by the fricking floor mat. Last year when I heard Toyota blame it on the floor mat I got so upset because, based on my experience, I knew it wasn't caused by the floor mat. I don't know why Toyota is so reluctant to audit their computer hardware/software. Toyota should be forced to release all the code that is in any way/shape/form connected to the throttle and accelerator pedal for public scrutiny. It will cost them essentially nothing to post the code on their website, so there is no reason not to do this. Since buggy code could jeopardize the safety of the public, the code should be publicly available. Read my post from last year about this here: http://slashdot.org/comments.pl?sid=1430048&cid=29976746&art_pos=18 My guess is that is probably some stupid divide by zero or integer overflow glitch.
Everybody who has ever owned a hifi set knows this problem. Eventually dust will get the better of the volume knob and it will start to behave erraticaly or will give out noise while using it. That's a ground rule of every potentiometer. And now they want to use these things with cars. After the impossible-to-exchange lightbulbs, the next big cock-up is the electronics. Well, just look at Renault and you'll know where this will end up.
I've tried pressing the brakepedal while keeping the accelerator to the floor in my car. Now, at 100 bhp my car may not be the most powerful, so I don't know what this does in other cars, but I was able to stop my car without any problem in a very reasonable distance.
But I do wonder: why does it take him 50 minutes to pull the handbrake and step on the brakes? Why couldn't he have done this immediately?
This is a dream Slashdot thread - your car analogies won't have to be analogies at all! They can be completely literal!
My grandmother used anecdotal evidence all the time, and she lived to be 120 years old.
What about implementing an emergency fuel stop ?
Something that stops gaz or oxygen to enter the engine.
Something that is very simple, limited to one function and hopefully as fail safe as possible.
Sneak teach kids Algebra using a game
This would be where you get the reality.sys message.
Reality.sys is corrupt; reboot universe now? Y/n:
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
I guess I'm repeating myself, but everyone here seems to forget that pedal position is *derived* from the actuating force using a damn spring and friction of the pivot bushing. If you do the measurements you'll find that both are significant, and the bushing's friction creates a hysteresis loop in position-force relationship. You can use the width of the hysteresis loop to diagnose impending bushing failure. So, if you measure the force directly with a strain gage on the pedal beam (the part between the pedal and the pivot), you can use position as a redundant modality.
Having two position sensors doesn't solve the real issue here, but having a position sensor + spring *and* a strain gage does solve the problem, and also provides bushing diagnostics. Win-win.
I'm a former turner of wrenches gone geek, its much cleaner.
Power output on a gasoline engine is controlled by varying the density of the intake charge, gasoline engines have a movable throttle plate on the intake manifold. The intake charge needs to be say ~14:1 by weight air to fuel. Partly because the fuel is lit by an electric spark, also because of the air/fuel chemistry.
This is the way a gasoline engine works, 75 years ago or now. Only the control systems have changed. Early last century someone actually tried ignition via open flame heating a metal rod red hot that went through the head into the combustion chamber.
As an aside diesel does not have a throttle plate, power output is controlled by the amount fuel injected into directly into combustion chamber. The fuel is lit by the temperature of the compressed intake charge.
Back to gasoline, you can dump the fuel in at the throttle plate, via carburetor or throttle body fuel injection. Or directly into the intake port more or less over the intake valve. This works best, direct port fuel injection. Gasoline mechanical fuel injection is alright but EFI just seems more copacetic
Traditionally the throttle plate has a coil spring on one side of the shaft that wants to slam, blood blister inducing slam, the throttle plate shut. There is also a link that goes ultimately to the gas pedal. It used to be rods, but bushings get wonky and rods are harder to get around corners. I recall old worn rods that go sideways as much as move clutches, throttles, shifters etc. Cables are great at going around corners. The nice, sanitary way to do a clutch is hydraulics, like brakes.
I admit that the fly by wire thing does in fact work if done right.
The EFI needs to know, amongst other things the throttle position. Once again traditionally a throttle position sensor is placed on the throttle shaft.
I think there are two issues, firstly I think Toyota engineers reinvented the wheel when they didn't have to. Secondly, if you are going to reinvent the kind of wheel that can get people hurt or killed you really need to do it right.
A short rant, automotive engineers I talking to you, to be fair I realize that the design process starts by people deciding what the car is going to look like first, then you get to make it work without costing much.
I recall the clutch petal assemblies on certain unnamed American light trucks back in the early 80's when CAD started apparently becoming more common.
Intricate, thin section, bead blasted, lots of nice angles and radii, no metal where it apparently didn't need to be, cast aluminum "cages" rather than the traditional stamped steel "boxy thing." The metal was too thin and the casting flash was not ground off. Result millions of little jaggedy edges for cracks to start. It was near impossible to find one that wasn't cracked or starting to. These were replace by very obviously much thicker cast aluminum "cages." They were not as "trick" looking, they wouldn't crack but the bushings would go all wonky.
Then relays started propagating... power a relay to turn everything and anything on.This makes for cheaper/smaller switches that can do more things, no problem. But... let us bury said relay, plugs and harness mind you, some place deep under the dash where you can see it but not reach it. Half an hour or more to get to it, a minute or two to change it, then you get to put it back together, desperately trying to do it "right" so you don't get complaints about rattles and squeeks etc...
And who decided to run the rollers as in roller bearing directly on axel shafts in certain light trucks?
And what was wrong with brass pilot bearings? Let's put a permanently sealed bearing instead, it won't stay sealed (they never do), dries out and comes apart when you change it, leaving the outer race in the end of the crankshaft.
Teflon piston seals in automatic transmissions, said seals you replace with steel rings when you rebuild it.
God invented purgatory just for the pe
Yeah, whatever, Explorer, Territory, brake, break.
If you listen to the transcript, you can hear that he tried to push the brake many times, but just didn't do it hard enough. In the end he literally put both feet on the brake pedal and stood up in his seat. He did that while pulling as hard as he could on the hand brake. He said he tried earlier, but the car only slowed down a bit and then sped back up (I assume after the brake pads had heated up).
I'm sure the driver is well aware _now_ that he needed a huge amount of force to stop the car like that. But, he obviously had no idea at the time.
The cops don't try those 'box you in' kind of slow down manoeuvres if the risk of crashing multiple vehicles is high. They just cleared the road as best they could and hoped he would stop before he ended up driving into trees in the forest.
The supposition of operator error would be fair enough if both Ford Australia and the cops weren't also trying to get him to do everything possible. Obviously if he'd just jumped on the brakes like a madman at the beginning it would have worked.
But, none of that explains why the car was 'stuck on cruise control' in the first place. It shouldn't have happened.
Thank you! I snarfed my beer on that one.
Oh, Christ yes. I'm not a mechanic, I'm a computer geek. So when the power to my radio went out I decided "OK, I'll just trace the wiring and see where it went wrong."
Like HELL I will. Whoever designed the wiring harness obviously never intended anyone to ever repair it. And I thought the old MicroVAX I was hard to work on, those guys at DEC were pikers compared to the guys at Mazda. Diabolical design.
Even stuff that should be easy like opening up the door panel so I could fix the latch is like that. Yeh, OK, I get you... exposed screws aren't sexy, but at least give me SOME indication where they are...
this is a common problem with people making quick judgments
like "she deserved to be raped, because she was wearing skimpy clothing"
if you are transgressed against, it doesn't matter how foolish you behave before or after the transgression. let me repeat that, since so many obviously don't understand the point: it doesn't matter AT ALL how lame the victim is of any crime, before or after the crime took place. there is still a crime that took place, and it was perpetrated by someone else. and if the criminal wasn't there, the victim would not have been violated. the ONLY blame for ANY crime is the criminal, not the victim, no matter how unsympathetic the victim. please, people understand this and develop some vague moral compass to your life: the ONLY blame for ANY crime is the criminal, not the victim, no matter how unsympathetic the victim. let it sink in, understand this really is the only logically coherent understanding of crime and punishment
so no woman, even if she walks nude into a biker bar, deserves to be raped, and if she is, it is the rapist's fault and the rapist's fault alone. this is the only morally coherent judgment possible
and no driver, no matter how lame and idiotic, deserves to be in a car with faulty features. and if the car accelerates due to toyota's error, toyota, and toyota alone is to blame, no matter how badly the driver tries to mitigate the situation, or whatever they did preceding the situation
if the driver was drunk, on meth, watching a dvd, and texting, and being blown by a hooker, and their car accelerated due to toyota manufacturing, and the driver's response was simply to cry and wet their pants, despite even the most obvious of dozens of possible responses, the simple and only moral truth possible for you to consider is that toyota, and toyota alone, is to blame. examine the logic. understand why. stop being so quick to judge and understand why the criminal NEVER shares blame with his victim
so in all these slashdotter's arch and ever-so-wise judgments, when you see "blame the victim" as an underlying assumption in the comment, you see no real wisdom, you see only smug condescension and simple logical and moral incoherence and failure in the commenter's thinking
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
It must be great to be such an optimist and think this will be the biggest scandal this century, even though we still have 90 years to go.
Don't fight for your country, if your country does not fight for you.
So is it better to wait to the end of the recall period to get more mature software that better debugged? Or would it be the same version as was rushed out at the beginning?
Is it a rule, that there's an exception to every rule?
It's not necessary to lock out the throttle whenever any brake input is detected. Many people use that feature (though probably not on Camrys) and it would be a sad continuation of the desoulification of cars. The solution to this problem is very simple: go back to keyed ignition! It works, it's worked for almost a century, it's intuitive and it precludes the runaway car scenario completely, if the driver isn't a complete vegetable.
Better yet would be to get you Americans to drive manuals. But that's probably not going to happen.
Which is a blatant lie. Read this article for some background on this issue going back to 2007. I'm sure that Toyote "got reports" before August 2009.
The recall goes back to 2007 models right? So take a 2007 model with the problem and compare it to a 2006 model without the problem, then compare the two chip by chip and bolt by bolt until you find out what is so different that it causes the problem.
Call me simplistic if you like, but surely just scaling back the construction type of this one part to a time before the problem existed is a simple enough change to implement to at least keep sales going and the stock price up.
Brake fade is what happens when the brakes get overheated, they become less effective.
However, what happens when the engine is at wide open throttle is the same thing that happens when the engine is off: you lose vacuum assist. You'll have enough for maybe 2 pumps of the pedal and that's it. Once your vacuum assist is gone, you're relying 100% on the pressure of your foot on the brake via the hydraulic system to stop the car. If you've ever tried to use the brake pedal when coasting with the engine off, you know how hard that is.
So if you are ever in a "unintended acceleration" situation, push the brake down as hard as you can and do NOT let it back up. You will probably destroy your brakes in the process but that's better than the alternative.
The whole move to electronics is somewhat disconcerting. Computer software will always have bugs, and modern cars have computer software that controls the throttle, and the transmission shifter. Always make sure you know how to shift into neutral in a panic. On my car, it's easy: just push down the clutch pedal.
-CausticPuppy "Of all the people I know, you're certainly one of them." -Somebody I don't know
One possible way of solving and failproof a potentiometer controlled gas pedal is to have a microswitch with its own circuit breaking fuel injection whenever the pedal is released, regardless of where the primary system thinks the throttle is. Helps against both logical errors in software and mechanical errors.
That way even if the potentiometer/whatever fails the car stops accelerating as soon as you take your foot off the pedal which is the normal reaction to a sudden acceleration.
HTTP/1.1 400
With the Infinity the real question is: what is that system broke. Not a very good test.
'kill -9 car' works just fine!
Everything else is for n00bs.
-bash: kill: car: arguments must be process or job IDs **crash**
I believe you mean:
killall -9 car
brakes, steering & throttle control. These are the 3 active collision systems.
Ooops, someone was off by one. On the plus side :-)
It is never necessary to have your foot on both. One applies positive acceleration, the other negative acceleration. The difference is the number of wheels / balance of force. On ice, trust me, you want the balance of brakes when braking and FWD or AWD when accelerating.
Boeing designed and built a heavy commercial aircraft, the 777, around the concept of "fly-by-wire," yet Toyota can't build a gas pedal.
Is it the fault of the electronics, or it the fault of some little bean-counter who insisted the pedal be designed to be as cheap as possible?
Gee; hard question.
Regards;
I used to own an Audi 5000 Turbo, and while driving on the highway, it suddenly went to full throttle. The cruse control was the problem - when I turned off the dashboard switch, I was able to regain control. And the brakes would not work because the vacuum assist check valve was worn, thus the turbo boost worked against the brakes. With both feet, I could not get the pedal to move at all. But once the manifold pressure dropped, I was able to use the brakes.
THe NHTSA conclusion is wrong, in my opinion, based on my experience.
Place nail here >+
I had an Audi 5000 Turbo, and the cruse control went to full throttle. I was on an interstate highway, so I had some time to work out what the issue was. Never could reproduce the error, so I suspect an RF issues. Perhaps truckers with hopped-up CB radios, which may be a US-only issue.
Place nail here >+
The Car and Driver test was only meant to address the issue if brakes can overcome the engine in case of a stuck accelerator.
They where not testing for the cause of the accident.
I was under the impression all he had to do was hold the ignition button down for 3-5 seconds and it would turn off, like a desktop computer. (Keep in mind, I do NOT expect him to know this)
Two big caveats with that test --- first is that the brakes were in good condition to start with, second is that the driver immediately applied full panic braking effort. What about a car with 30K miles on the brakes. What about the situation where you're driving down a busy freeway at 80mph, is your first reaction going to be to apply panic braking? No, you'll be afraid of being rear-ended...
Shifting to neutral might not make the engine particularly happy with the throttle fully opened.
I would suggest that the correct back-up remedy is to assume accelerator position is 0 when the brake is applied. And, if not close to zero, flash the MIL.
I don't understand why this isn't already the case in their ECU. To me, it seems obvious, and goes hand-in-hand with single-foot brake/accelerator control. I can't think of any functionality that would be impacted by adding this safety feature on a vehicle with an automatic transmission. In fact, you could probably even augment it by refusing to accept accelerator input until there is a small downward delta in pedal position after the brake is released.
Do daemons dream of electric sleep()?
I learned to drive in Montana... during a stretch of some of the worst winters of the 20th century. There are a lot of Peculiar Tricks that are hard to describe but become natural to do after a few seasons of snow and ice.
And personally I'll take RWD over FWD any day, especially since I'm usually hauling a load. Worst thing in the world is FWD with a load in the back, swaying its way down the icy road.
~REZ~ #43301. Who'd fake being me anyway?
And this is exactly why I bought a cheapo Dodge Caliber base model with as few electronics as possible in it. After buying a used BMW and having all kinds of crazy problems with the electronics. Problems included:
After that experience, I basically said "screw it" and bought a car with a pull bar for adjusting the seat, manual locks and crank windows, and a manual transmission. And I've never had any breakdowns at all in the 35,000 miles I've put on it. I love computers and technology, but as a software developer I know how hard it is to write bug free code (almost impossible in all but the simplest programs). A bug is no big deal if you are sitting at your desk using facebook, but I'd rather have a simpler system in place when driving down the highway at 75 mph every day.
Beware of bugs in the above code; I have only proved it correct, not tried it.
I love people throwing absolutes. Just because you haven't thought of a need doesn't mean that's the end of it.
Most cars still use open differentials. Those send power to the wheel that's slipping so if you get one wheel on ice you're going to stay there. In those instances, light braking can cause some power to be sent to the wheel with traction, but only if you're able to also apply some acceleration at the same time.
Same principle those electronic traction assist devices, except those brake individual wheels.
I think you are spot on with this. The CTS pedal thing is so they can blame someone else. There are a couple facts that seem to not get mentioned. There have been ES350's (nice camray really) that have had the problem. Toyota has not recalled these. First they blamed the floormats, then blamed CTS pedals, and who knows what will be next. I think they have a basic design flaw in the sw for almost everything they make and are ashamed to admit it. I mean it would not exactly be rocket science to put the following test in the throttle sw. if(brake depressed fully && WOT ) throttle = idle;
I do have one funny idea. Take the Lexus IS commercial where the cars are doing donuts with the drivers all happy and turn it into camry's where the drivers are scared sh1tless. Be a great u-tube parody.
Worst thing in the world is FWD with a load in the back, swaying its way down the icy road.
I'd take bucking over fish tailing down a road any day of the week. Plus if it is really that bad then you brakes aren't going to work at all and you probably should be going pretty slow.
Even RWD enthusiast car magazines admit that they prefer AWD or even the pedestrian FWD in the snow.
I guess it depends on what you think might break. If you think the accelerator sensor might break then this is a good test. If you think the computer itself might break then it is a worthless test.
I was wondering why some of the victims didn't try parking brake after finding regular brake not allowed while gas pushed by design flaw, but Lexus has wonderful electronic parking brake! So to summarize the Toyota comprehensive YOU'RE FUCKED methodology:
1. throttle not brake given priority by ECM unlike normally designed car
2. engine shutoff not allowed while in drive
3. neutral shift not allowed while gas depressed, not allowed unless brake pressed, but see #1
4. parking brake is electronic, see #1
Yup, they pretty much thought of everything short of finding a nice soft massive object to plow into
That might slow the car down a bit, but more than that it destroys the tires and consequently the handling, since it wouldn't cause the car to cut the power to the engine it'd just make the situation more dangerous.
A case of sudden acceleration is not far less dangerous than a blown tire at highway speeds. About a month ago in Toronto, a driver was killed when he was stopped at an intersection, and his TOYOTA leaped forward. He was T-boned, died in the hospital.
This is a good example of what sudden acceleration can mean. And it can affect anyone, unpredictably, not just highway travelers (in the case of blown tires).
This is not just about "difficult diagnosis". It most certainly is, since Toyota still cannot find the problem. However, this is also the case of Toyota attempting to downplay the significance of the problem. Who in their right mind blames floor mats? How many other vehicles had fatal floormat accidents? Moreover, there were PLENTY of reports of unintended acceleration where the floormat was either absent, or properly set, even fastened with zip-tie (another of Toyota's moronic fixes).
Contrary to what you post, it is not a "little" problem. You're either a Toyota shill or a dufus.
And as numerous sources have shown over and over, PRESSING ON THE BRAKES worked. Well, pressing really hard, sure, but still, it's really rocket science?
Reminds me of a comment I once heard (About Aircraft Flight Controls)
"I like fly by wire and I like my wire to be at least 1/4 inch thick!"