Slashdot Mirror
Toyota's Engineering Process and the General Public
Doofus writes "The Washington Post has published in today's paper an article titled 'Why it's so hard for Toyota to find out what's wrong' by Frank Ahrens on the Toyota situation and the difficulties of adequately conveying to Senators and Representatives — most of whom are non-technical — the debugging process. Ahrens interviews Giorgio Rizzoni, an 'expert in failure analysis' at Ohio State, who describes the iterations of testing that NHTSA will likely inflict on the Toyota sample cars they have purchased, and then moves into the realm of software and systems verification: 'He explained that each vehicle contains "layers of computer code that may be added from one model year to next" that control nearly every system, from acceleration to braking to stability. Rizzoni said this software is rigorously tested, but he added: "It is well-known in our community that there is no scientific, firm way of actually completely verifying and validating software."' Ahrens ends the piece with a quote from a 2009 LA Times interview with former UCLA psychology professor Richard Schmidt about how user reports are often unreliable: 'When the driver says they have their foot on the brake, they are just plain wrong. The human motor system is not perfect, and it doesn't always do what it is told.'"
Toyota is currently planning an event to challenge evidence presented by professor David W. Gilbert that called into question Toyota's electronic throttle system.
> Toyota is currently planning an event to challenge evidence ...
Macroscopic events generally don't challenge evidence. They challenge the politics of evidence.
One challenges evidence with small, discrete, verifiable events.
-- IANAL, this isn't legal advice, and definitely isn't legal advice for you. Also, Squee!
"It is well-known in our community that there is no scientific, firm way of actually completely verifying and validating software."
How wrong can you be? Yes there is. Software is fundamentally the composition of many mathematical functions. Its results can be formally proven if the hardware it is running on is assumed (or preferably also proven) to be error free. Don't get me wrong, it would be incredibly cost, labor and time expensive, and require real computer scientists, but it is certainly possible.
From Wikipedia:
Verification and Validation (V&V) is the process of checking that a software system meets specifications and that it fulfils its intended purpose.
Since they already said the software is "rigorously tested" does this mean Toyota doesn't have specifications, or that their software doesn't fulfill its intended purpose?
Their software sounds like its written as a monolithic device driver (NVidia unified device model) comes to mind. Perhaps they should be looking for best practices in TDD, as well as dropping support for older models as time passes on.
Dismissing user reports is what got Toyota in trouble in the first place. Keep doing that. See how far it gets you.
Why exactly is there a congressional case going on about this? It becomes even more worrying when you realize that the US government has a controlling interest in most of Toyota's competitors in the USA. In short, why, in a country where states are going bankrupt, privacy is an illusion, healthcare reform has boiled down to if you are pro or anti Obama, rampant spending and tax increases. In short, why do I care about this? File a class action lawsuit and let the courts settle it. Nothing is worse then a bunch of politicians knowing nothing about engineering, with stock in competitor's companies and large problems they haven't solved wasting their time with this crap.
Taxation is legalized theft, no more, no less.
When the driver says they have their foot on the brake, they are just plain wrong. The human motor system is not perfect, and it doesn't always do what it is told.'
This was true with Audi in the 80's, when 60 Minutes did a report where, among other things, they faked a car accelerating out of control (the car was modified extensively.) And yes, a large number of drivers, particularly the elderly, hit the wrong pedal all the time.
However, there are cases where driver reports are plenty accurate. A great example of this would be the problems Volvo V70R and S60R owners have with brake failure while going up hills.
I've experienced it three times in the 6 months or so that I've owned my car. Each time, I was headed up a hill towards a stop sign, put my foot on the brake, and there was nothing there- I had to push so hard I was pulling against the steering wheel for leverage. This is a car with big, high-performance brakes that can stop on a dime.
Volvo claims there's no problem, despite numerous reports on the V70R.com and Swedespeed forums. No other models demonstrate the behavior.
Please help metamoderate.
come on, it's just a big conspiracy.
it's not like 100, 200, one thousand toyotas are
skidding of the highway and into a tree everyday.
there are like a handful of incidents.
-
naw, this is just a big PR campaign of american motor
industry to smear superior japanese tech.
the prius is like a 5 year old car model and in all this
time american "muscle" motor never came up with an answer.
-
big oil and big car a big happy american family.
-
the engine (sic) that drives the (u.s.) capitalistic machine needs
consumption and waste, not innovation and thriftiness.
I find it odd that the systems in vehicles do not have a default "debugging" which should basically trigger the vehicle to stop.
Why does the vehicle ABS (from what I know from the news) get tripped up on instant breaking? Really? ABS... the thing that is supposed to pump the break to allow for cleaner stops triggers breaking problems and increased acceleration?
I just think bad coding in general here. Regardless of "testing"
Of course Toyota is right. The most likely cause of these "sudden acceleration" problems is humans with their foot on the gas pedal. I've owned plenty of Toyotas, and I wish that my current Toyota was in need of replacing right now, because now is a great time to buy one. Unfortunately, my current Toyota only has 150K miles, meaning that I have a good 5-10 years of life in my vehicle. After that... I'll buy another Toyota.
I don't respond to AC's.
My 2005 G6 used to shake a lot at high speeds. Took it to the dealer 4 times, they would always "do something" but the problem never went away, after the 4th i came to the obvious conclusion they had no bloody idea what they were doing, either sucking my money or just plain clueless. So I took it to a tireshop, one test drive and they informed me one of the back tires was worn and imbalanced. In just 2 hours they fixed what took the dealer a month to figure out.
The auto industry needs to emerge from the smoke & mirrors age and start taking shit like this seriously. It's just mind boggling how a problem like unintended acceleration and exist for so long with no root cause found.
did you forget to take your meds?
... being in control of braking and acceleration.
If you disagree with me on social issues, then it's pretty clear that you are a narrow-minded bigot.
So they have created a system by which cars with problems that threaten the lives of those within the vehicle and those in the vicinity of the vehicle but cannot be tested or verified adequately?
That rather sounds like cause to deny further sales of these cars until such time that they can be tested and verified as safe. After all, do we expect less from other safety committees and boards? The FDA? The FAA?
"It is well-known in our community that there is no scientific, firm way of actually completely verifying and validating software."
Um ... did this guy ever heard of formal verification? Or is math proof not good enough for him?
Did you mean to apply brake instead of accelerate,
Here are the results for brake 1. alive
Here are the results for accelerate 1. dead. 2. I'm feeling lucky.
Select your option. And yes I know I typed anser instead of answer. It is because I am not pefect.
It is well-known in our community that there is no scientific, firm way of actually completely verifying and validating software.
Looks like Toyota's suffering from a halting problem. ;)
Interestingly, the heat death of the universe provides an alternative solution to the Toyota braking problem: It will probably stop the cars. (I say "probably" because I don't have time to do a formal verification.)
Less than 100 cars out of 8,000,000 have had this problem. That is a 0.001% failure rate.
Of those 0.001% of cars that had the problem, how many times did someone drive them before they failed?
I don't want to say this is user error, but I have seen some users do stupid stuff and not even know they did it.
Im a gamer, not a grammer major. This post is full of spelling and grammer mistakes.
General Motors has been making cars with poor reliability literally since I was a child. Read your library's old copies of Consumer Reports for verification.
Insufficient attention was given to the poor reliability of G.M. cars, in my opinion.
As long as G.M. cars could continue to be sold, making unreliable cars was more profitable. That's similar to making a sloppy computer operating system that is vulnerable to attacks. The sloppiness helps sell new versions.
If neutral won't work- you can also turn off the ignition, but don't turn the key completely off, or you'll engage the steering lock(ie, go to the 'accessory' position.) You will not "lose steering"; at any speed over about 2-3MPH, steering assist becomes less and less necessary, particularly if you don't have very wide tires.)
If you "ride" the brakes, the pad and rotor will heat up and "cook"; consumer, mass-market pads are designed to have good "cold" (ie instant) grab, be easily modulated, quiet, not cause excessive wear on the rotor, and not generate brake dust that is impossible to remove from the wheels. Racing pads are designed for higher temperatures (where among other things, you get much more heat transfer from the rotor to the air blowing past/through it), but they have very lousy "cold" bite. Also, heat up the calipers enough, and you will cause the moisture in the brake fluid to boil (your brake fluid should be changed at a MINIMUM every 2 years, because it is hygroscopic), and that boiling will result in "vapor lock"- no brakes. The brakes MUST be bled after such an incident.
Audi successfully defended itself from several lawsuits and even won a countersuit in a case where a mother crushed her boy against their garage wall (after going through the garage door!). Interviewed by an officer afterwards, she repeatedly said she'd hit the wrong pedal. They sued a few months later claiming the car had "gone out of control". As someone who knows Audis well, particularly the mid-80's 5000 turbo series- the idle stabilization valve (the only way the car computer can increase engine speed) simply cannot allow enough air to bypass the throttle enough to cause the car to lay down burnt rubber, crash through a garage door, and embed itself in a house wall.
The problems with the Volvo "R" models have been reported in a number of other european cars; you'll also see the words "ice mode" thrown around occasionally. Many ABS controllers since 1990 or so have an accelerometer to detect when all the wheels stop simultaneously but there is no corresponding negative acceleration. "Ice mode" is supposedly some sort of variant of this, and there has been great debate as to whether this "mode" is internet folklore, but you'll find many, many posts on all sorts of varying car enthusiast forums.
Please help metamoderate.
The most relevant thing I've read about the problems with Toyota vehicles is this quote from the bottom of page 3 of that PDF linked above:
"... it was determined that [Toyota] Electronic Control Module (ECM) malfunction detection strategies were not sufficient to identify all types of fundamental APP sensor and/or circuit malfunctions. Some types of Electronic Throttle Control (ECT) circuit malfunctions were detectable by the ECM, and some were not. Most importantly, the Toyota detection strategies were unable to identify malfunctions of the APP sensor signal inputs to the ECM. APP sensor signal circuits must be undeniably correct to electrically convey the appropriate driver commands to the ECM."
Next paragraph:
"With the two APP sensor signals shorted together through a varying range of resistances, all four Toyota vehicles tested thus far reacted similarly and were unable to detect the purposely induced abnormality. The types of signal faults introduced into the APP circuit should have triggered the vehicles' ECM to illuminate a warning lamp within seconds."
Bottom of page 4:
"In addition, the shorted APP signal circuits were connected momentarily to the sensor's five-volt supply circuit with the vehicle in drive. In all test vehicles, the ECM did not set a DTC and the engine speed increased rapidly to full throttle. This result shows that unusual or sudden unintended acceleration of the vehicle was possible in the ETC test vehicles."
The real problem is people who think that not having any sort of actual linkage is a good idea. Vehicles have only become more and more problematic since the late 70s due to increased reliance on electronics in place of actual mechanical parts.
"He who can destroy a thing, controls a thing." --Paul Atreides, Dune
How bloody difficult is it to shift to neutral in an automatic or put the clutch in on a manual? I can do either of these tasks in a fraction of a second when I find there's a problem.
Isn't this taught in Driver's Ed? I know I was taught to do this if my car ever goes nuts or the gas pedal gets stuck down. Sure it's bad for the engine to be running it that high, but it's a lot better for it than being crunched into a wall or car is.
The competent programmer is fully aware of the limited size of his own skull. He therefore approaches his task with full humility, and avoids clever tricks like the plague.
Edsger...
Got to love the guy
Uhmm and remove the ECu and fuel injector too I guess.
Dude, it is not the 1970s anymore...
Excuse me, but please get off my Pennisetum Clandestinum, eh!
The simple fact is that overall a Prius with its minor brake transfer problem is far safer than any pre-ABS/traction control car. The fault is far less serious than, say, brake fade in drum brakes. And I don't even own a Toyota. You don't need any kind of tinfoil hat to think this is about bashing the part of the motor industry that is not US-owned.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
Warning, made up numbers follow, but they illustrate the real situation:
G.M. may produce cars with 1/2 the quality of Toyota, but 20 defects per 1000 (or whatever) is merely inconvenient compared to 10 defects per 1000, not catastrophic.
Nerd rage is the funniest rage.
But people have 'known' that most cars made by the big 3 sucked for decades. All of the various imports have been trumpeting their safety and reliability as a major selling point. (And importantly people accepted it as true). When a car manufacturer in that position starts have issues people are more likely to notice.
Opinions on verifying code as a means to tell whether a Toyota will have 'sudden acceleration' above are UTTERLY, well, let us say, ill thought out in my opinion, in most cases. Code is only ONE part of an almost hopelessly complex system when ALL THE POSSIBLE VARIABLES are analyzed.
Failure analysis may start with code, but these systems then can encounter intermittent connections, power surges, static generated by multiple known and unknown items (including the rare intermittent connections), induced currents in parallel wires, temperature induced changes, faulty seals & water/condensation intrusion, etc. By the time an accident investigator looks at a vehicle that had a problem, the transients are long gone.
Intermittent Mechanical (& thus often electrical) changes & failures are an absolute bane of complex systems.
In my opinion, the only way you can find these rare transient problems is to find vehicles who have been reported to have these problems (& didn't crash) and then you load them up with data loggers and drive the hell out of them in all sorts of environments.
Personally, I really like a 1972 Blazer...with a manual transmission. Minimal plastic, no electronics beyond the turn signal module, fix it myself and I can start it with a bit of a downhill run. Yup, I drive my Highlander, but I'm thinking of putting a 72 Blazer back in as new shape.
Here is an example of a person that brought a car to the dealer while it was pegged - mechanic played with pedal and studied the situation:
http://www.leftlanenews.com/feds-investigate-toyota-electronics-for-unintended-acceleration.html
Your suggestion that politicians are inappropriate while courts are appropriate doesn't make much sense. They're both of the same class, namely, both preoccupied with law and both clueless about technology. Even worse, the court system is adversarial and leads towards dollar damage limitation, not technological analysis.
This is an engineering problem, and the right institutions to handle it are the professional engineering bodies, particularly in Electrical Engineering and Electronics and in Mechanical Engineering, who for the most part are not corrupt, and they most definitely are not clueless about the technology.
Furthermore, they have a professional interest in staying outside of the financial and legal skirmishes, because their reputations depend on it. In a world that's truly messed up politically, economically and legally, Chartered Engineer is one of the few labels that still means something solid, at least to those who actually produce real things.
And in this particular subject, we really do need objective and trustworthy analysis of a very complex problem.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
Here's one brought to the dealer with engine pegged:
http://www.leftlanenews.com/toyota-avalon-displays-unintended-acceleration-without-floor-mat.html
The last American car my parents owned was a GM. They spend a lot of time getting warranty work done on that thing and driving it while parts were non-functional. People pay good money for their cars to use them , not to be inconvenienced.
The thing you're missing, is the level of those defects. The problems that GM had with quality were almost never safety related (And when they were, they weren't major and were fixed rapidly). Say what you want that their cars sucked, but in the 100 years they have been selling cars in the USA, they have never had as major of an issue such as this. Ford has (Remember the exploding gas tanks?). Chrysler has (They had an issue with cruise control that caused some accidents). I'm not saying that GM is good (I got rid of my last GM car 2 years ago, and I don't know if I will buy another one). What I am saying is that comparing quality by shear number of defects (As consumer reports does) is ignoring the much more important bigger picture...
If a man isn't willing to take some risk for his opinions, either his opinions are no good or he's no good
While I can sympathize with the general comment that witnesses are inaccurate, if Toyota acceleration problems are reported 10 times as often as those from other manufacturers, there is something worth investigating. Be it software, floor mats, bad springs, poor pedal placement or whatever, there is enough evidence that some kind of problem exists. I am disappointed it has taken Toyota so long to address these issues.
Toyota should be more forthcoming with the black box info on these cars to validate exactly what the driver was doing at the time of the accident. But they won't because lawyers would be all over that data to file lawsuits. still, knowing the truth is best for all involved. Far less finger pointing; far better remediation of the problem.
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
it assumes that because a situation can be induced in which no error code is set, that that exact same situation...
I am deeply ashamed by the above pathetic excuse for a sentence, and apologize.
Car&Driver did some tests and found that even with the throttle wide open the brakes can still stop a car, even a 500hp muscle car. With a normal car the distance wasn't even significantly greater than with closed throttle.
No sig today...
I suspect the author was misquoted. There is no *inexpensive* way of formal verification of the software, but it is possible. Just ask Knuth; maybe even NASA.
Right now, we don't know the process Toyota uses for producing their engine control code. Was it outsourced? Did it go through formal review? Was it tested with a test suite designed to simulate all *possible* driving conditions? Did they test error recovery and adaptation scenarios? (physical sensors can be fickle things, you know).
I am a software engineer, and have seen some real abominations pass a code review. One piece of code used an uninitialized pointer, and not only did it pass the review, there were explanatory comments indicating this wasn't a problem in practice! Another piece of code, also reviewed, had a rather obvious race condition.
Granted, the task of producing bug free code is difficult, but surely Toyota knows this; I have a hard time believing Toyota produced a car in which a failure of the software module would produce fatal results. Surely they did not design the car so that an ECU failure would prevent the driver from shifting into neutral and applying the brakes!? Or is the Congressional testimony wrong?
The society for a thought-free internet welcomes you.
How wrong can you be? Yes there is. Software is fundamentally the composition of many mathematical functions. Its results can be formally proven if the hardware it is running on is assumed (or preferably also proven) to be error free. Don't get me wrong, it would be incredibly cost, labor and time expensive, and require real computer scientists, but it is certainly possible.
The 1930s just called, and they want their Halting Problem back...
I see you posted that earlier. I didn't read it then. What is a Toyota Camry VSRM? What is VSRM? Is that taken from a manual on a Voltage-Sensitive Release Mechanism?
To me, that seems in the direction that inquiry should go.
I've done design like that myself, although less complicated. It's not the design itself that I suspect. It is a reasonable guess, among other guesses, that the problem is something that has been overlooked, but associated with the components discussed above.
One thing that this article ignores is that software can be proven correct. The problem is that its expensive, time consuming and most programmers don't understand the techniques. In wikipedia look up Formal verification, if they can develop a provably correct OS then a provable correct braking system is achievable. The fact that programming has evolved into a trade rather than a profession has not improved matters. One thing of note is that Microsoft has employed the developer behind the coyotos operating system and has been throwing money at languages like haskell. How does a stratveegy of forcing carmakers to use a certified developer toolset made by microsoft sound from a business perspective.
The real problem is people who think that not having any sort of actual linkage is a good idea.
A mechanical linkage is not necessarily more reliable or safer. The fact that you can put your hands on it doesn't by itself make it better or worse. You are making an assumption based on your intuition that you cannot back up with data.
Vehicles have only become more and more problematic since the late 70s due to increased reliance on electronics in place of actual mechanical parts.
Nice sound bite but problematic in what way? Cars today are in general demonstrably more reliable, last longer, rust less, are (generally) safer in crashes, more powerful, and emit less pollution. At one point I made my living selling classic cars from the 70s and earlier. I'm very familiar with them first hand. You might like the styling better but performance-wise they are inferior to modern cars in almost every way I can think of.
One of the design "features" of the Toyota product involved in the 2009 fatal accident in San Diego was that the driver needed to press the engine start button for three seconds to kill the engine. Can you imagine any machine tool company making a product that required the emergency stop switch to be depressed for three seconds to turn off the machine?
Another issue with that car was that getting the tranny into neutral was not trivial (sport shifting option).
Toyota screwed up big-time here.
A Shadeless room is a brighter room.
100 incidents out of millions of cars, each driven for years and thousands of miles... There is a good chance Toyota may NEVER discover the actual cause.
"It is well-known in our community that there is no scientific, firm way of actually completely verifying and validating software."
It’s called Haskell with QuickCheck, idiots! Look it up!
And yes! It gives you guarantees on the level of mathematical proof, that it’s doing what it’s supposed to do!
How can someone work in an area where it’s about life and death of real people, and not know that??
Imagine someone saying that who works in the business of heart-lung-machine development. It’s hair-raising!
Any sufficiently advanced intelligence is indistinguishable from stupidity.
While the tone could have been nicer, the AC was correct at least here:
if you have enough time to call 911 you have enough time to stop the car
Yes you probably might forget "the trick" they taught you in driver's ed when you're panicking. I probably would.
Yes people are being tremendously callous when they scoff that "Duh, why didn't you just put it in neutral lolz"
Still, if you really can't come up with SOMETHING to avert plowing into an intersection at 135 mph in the 60+ seconds they had, and you seriously expect someone miles away to get to you in two seconds, well, you were probably living on borrowed time anyway.
Information theory is life. The rest is just the KL divergence.
Take off in a Toyota!
Does Not Safe at Any Speed ring a bell?
I would hazzard a guess that frayed sticky cables are much more common than the sticky electronic type. I had one jam on my motorbike in the late seventies, not a big deal since it had a clutch.
As for your assertion that cars were less problematic in the 70's that is simply nonesense. The only way in which a 1970's car was superiour is that it was easier to do your own servicing and repairs.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
Error 26: Syntax error at line No. 2
Yes ... PRONT won't work, I think PRINT would be much better. I just found a bug on your 2 line program (3 if you count Line 10, which is just a comment)
WTF am I doing replying to an AC at 5 A.M on a Friday night?
How is BMW not #1? The gas and brake peddle are so close together on my 5 series they are practically the same pedal. Everyone in my family has had at least one accidental acceleration (but never an accident). I don't know why they have to put the pedals so close to each other.
He wasn't discussing cars as a whole, just the aspects relevant to the Toyota fiasco[1].
No he wasn't. He said "The real problem is people who think that not having any sort of actual linkage is a good idea." That has nothing whatsoever to do with Toyota specifically.
On old cars there's nothing second guessing you.
That doesn't automatically translate to better or safer. It's simpler but that is all you can say for certain unless you want to compare specific cases. Just as newer is not always better, older is not always safer.
Yes, obviously some things are better on modern cars, but that's not the point here
No that's exactly the point. The grandparent post was implying that a mechanical linkage is intrinsically safer while providing no evidence to back up that assertion. If you are going to declare drive-by-wire to be more dangerous than the alternatives, you had better back up that declaration with data.
I've seen this "mechanical linkages are safer" argument before and I've never seen anyone making it actually back it up with facts. They just pre-suppose that the simpler, older technology is safer. It may be or it may not be but I've yet to see anyone prove it.
The only way in which a 1970's car was superiour is that it was easier to do your own servicing and repairs.
Exactly. Less problems due to over complicated designs. Having a computer decided what the computer should do is nonsense when you could simply have the pedal directly linked to the carburetor.
"He who can destroy a thing, controls a thing." --Paul Atreides, Dune
there is one way that Toyota can fix this problem FULLY REFUND THEIR CUSTOMERS and start over from scratch.
As long as G.M. cars could continue to be sold, making unreliable cars was more profitable. That's similar to making a sloppy computer operating system that is vulnerable to attacks. The sloppiness helps sell new versions.
I agree. All three of the Big 3 car companies first introduced built-in obsolescence back in the 70's.
By the 80's Chevy's 350 cid engines were complete junk. The cam lobes would wear out in 50,000 miles and cylinder walls in many of them were already so badly worn the blocks couldn't be saved during an attempted rebuild. Ford and Chrysler were not much, if any, better than GM, quality wise.
The Japanese got a stranglehold on the car business by building reliable, fuel-efficient vehicles. Their cars were running 250-300,000 miles without major repairs compared to less than 100,000 for the Big 3's cars, and cost a lot less to drive, even without looking at the reliability factor. Figure that in and there was no economic reason to "buy American".
The Big 3 screwed themselves by screwing over their own countrymen and then started advertising that you weren't "patriotic" if you didn't buy their unreliable, expensive-to-drive, expensive-to-maintain pieces of junk. The hypocrisy of it all really stunk to high heaven.
"while democracy seeks equality in liberty, socialism seeks equality in restraint and servitude." de Tocqueville
Alan Turing is rolling in his grave and Donald Knuth is waiting for your phone call to explain how you have solved the Halting Problem.
The scrapped electric vehicles story is well-known and well-documented. That's what happens when fossil-fuel companies own shares in vehicle manufacturing companies.
And, the "100 million lines of code" quote never came from Toyota - it came from Any Chou at Coverity (an software and security analysis company) who got it from Robert N. Charette at IEEE Spectrum.
Unsafe at Any Speed: The Designed-In Dangers of the American Automobile
I've owned 5 Japanese vehicles now. A Mazda, a Subaru, a Toyota pickup, and 2 Hondas. None of them ever had any issues with rust, and the Mazda and Toyota spent almost 4 years in the ocean spray on the Oregon coast. On 4 out the 5 vehicles the odometers went/have_gone past 220,000 miles and two are still being used as daily drivers.
The Mazda was retired when a water hose broke and my wife ran the engine out of water completely frying the engine. At the time it was 15 years old, had over 220,000 miles on the odometer, and had no reliability issues. The only reason it was retired was there were no used engines to be found for it on the West Coast according to all the junk yards I talked to.
The Subaru was a gem of a car for the approximately 60,000 miles I drove it. I ended up needing a full-sized pickup though and so traded it in on a Ford F100.
My "newest" Honda is 11 years old and has 250,000+ miles on it. It burns no oil--the dipstick still says full at every 3000 mile oil change, gets 33 mpg on the highway, and the body panels, paint, and interior are still in good shape. No cracks in the dash, no tears in the rugs on the floors, and the seats are in good, if not great, condition. Even the trunk liner and trunk floor are still in good shape. It's a very reliable, very well-built car. All I do for it is fill it with gas, change the oil, and change the timing belt at recommended intervals, and buy tires. I haven't even had to do the brakes yet, although I've only had the car for the last 80,000 miles.
"while democracy seeks equality in liberty, socialism seeks equality in restraint and servitude." de Tocqueville
I'm with Toyota on this. How do they know if someone hit the wrong pedal or there was a software glitch. How many people are killed/injured a year because of people having senior moments? The DMV test in CA is a joke, they don't test you on the freeway/highway or check to see if you can navigate a country road at the speed limit without blowing the double yellow.
Do you seriously believe a carburetor is more reliable? Maybe the first 10 years of EFI was a pain, but it was competing against something with a 100 year old history of development but still requires constant fiddling and tuning that only a few people could do reasonably well, even after 120 years of carburetor development. Not to mention they were incapable of meeting emissions, mpg, compensate for altitude, or run at extreme angles, etc. About the only issue with current EFI, is the high pressures now required to meet emissions is difficult to produce reliable fuel pumps that don't cost big $$$ (and the cooling for this wasted energy.)
Wrong. Cars have become MUCH more reliable over the years. Lots can go wrong with mechanical systems. A spring breaks, a rod binds, whatever. A friend had a car break the throttle return spring on a old muscle car and it took off like a rocket, hit a k-rail, ripped off both front wheels, went airborne and landed on a nice Cadillac.
Know what a tune-up is? You used to have to do one at least once a year to keep your car going. Not really done anymore.
I could go on like this for quite a while. I like working on old cars because they are simple. But the new cars are more reliable.
Anarchists never rule
Know what a tune-up is? You used to have to do one at least once a year to keep your car going. Not really done anymore.
You don't check and change the oil in your car? You don't swap out the spark plugs and check the plug wires? You just wait until your breaks begin to squeak and the dummy lights on the dashboard pop on before taking your car to an overpriced dealer for anything, right? Man, I'd really hate to be your car.
"He who can destroy a thing, controls a thing." --Paul Atreides, Dune
The last American car my parents owned was a GM.
Toyotas are American cars too, in everything but name. They are assembled in America, and have no more foreign parts than do GM or Ford.
By the way, I loved this quote from TFS:
"The human motor system is not perfect, and it doesn't always do what it is told."
Right, because Toyotas' motor systems _are_ perfect, and always do as they are told! (full throttle! faster! faster!)
It is dangerous to be right when the government is wrong.
The assertion made by the Toyota representative was that it was impossible for software to ever be proven scientifically. This is unquestionably false.
What Turing [& Church] proved is that algorithms CANNOT be examined "scientifically" - that there can exist no [interesting, non-trivial] algorithm for examining algorithms - that there can be no "meta-theory" of algorithms.
In the end, there can only be eyeballs [accompanied by trial and error].
Yes, if your time scale is "minutes to hours", then you can write a nice linear program that doesn't use any interrupts, etc. Now, get that down to milli- or microseconds, and things get interesting.
And you don't just need to prove the software itself error-free. You'll also need the compiler to be error-free (or write everything in assembly), and of course the hardware needs to be error-free (or all known and unknown hardware errors need to be taken into consideration in the program).
In my opinion the drive by wire systems in modern cars are not trustworthy enough to own. It amazes me that people who are advocates of Open Source systems to read their email trust their families lives to a proprietary computer every time they drive that shiny new prius.
Meanwhile, David Gilbert's testimony is quite interesting. What it appears to say is that Toyota is failing to detect a boundary condition -- two circuits that are supposed to have a differential output that instead are grounded to each other, but the computer instead accepting them and failing to signal any error -- and that this might be an indication that Toyota has a problem inside their software with detecting error conditions in the throttle circuit. Gilbert did not say that what he discovered is *the* problem causing runaway accelerations, just that it indicated *a* problem. Toyota can try to spin this all they want, but as someone who has an EE+software engineering background, I agree with Gilbert that this seems to indicate that Toyota's throttle control software is not as robust as they claimed and thus cannot be eliminated as a possible cause of the problem. All Toyota is accomplishing with their dog and pony show is making them look like the cigarette companies -- i.e., a bunch of lying b*****ds more concerned about the bottom line than about the health and safety of their customers.
Send mail here if you want to reach me.
My 1993 Ford Thunderbird has *only* 160,000 miles on it, but I've only had to replace the headlight switch, starter and alternator - no other problems. Anecdotes are AWESOME!
...the future crusty old bastards are already drinking the Kool-Aid.
I tested that capability of my car during the test drive. Since most cars now offer at least ABS (and some will give traction control), understanding what happens is very helpful. Level, straight, deserted stretch of road. Sped up to ~60 MPH. Stood on the brakes. Did that in several different vehicles I tried. More recently I had the opportunity to drive from San Francisco to Chicago for Christmas. Again, a deserted, level stretch of road, this time: how does the car handle braking at low speeds (10-20 MPH) in a panic stop on snow and ice? Familiarize yourself with such behavior, in a safe setting. Understand how your car handles differently on different surfaces: dry asphalt, wet roads, sand/gravel, snow/ice. For my own perspective, sand/gravel are the worst -- they appear without warning, vary greatly in quality, and have a bad habit of jumping up and leaving an impression on your windscreen. Oh well. In practice, the main problem with panic stops is the idiot following too closely behind you. I defend that space vigorously. NB: most insurance companies will pay completely fix the windshield if damaged as it's a safety hazard.
What part of "gestalt" don't you understand?
Awesome post. I couldn't think of two better examples of companies that let the bottom line dictate everything (GM and Microsoft).
Your anecdote is indeed awesome, but your car sucked even when it was brand new. My 1999 Ford Contour SVT has been nicknamed "Old Reliable" in our family. Yeah, the fit and finish has sucked from day one, and it's all creaky and old, but it has had exactly notdivisiblebyzero percent fewer problems than my 2 year old Mazdaspeed3 (also heavily Ford influenced).
No, not less problems. MORE problems but they were problems you could fix at home with a set of spanners.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
An oil change is not a tune up. A traditional tuneup was changing the plugs, adjusting the points, checking/adjusting the timing, and making sure the carb wasn't too bad out of adjustment.
Cars don't have points now, there is no carb to adjust, and the plugs can go for 100k before needing changed.
Oil changes are very important to do regularly, and you should get the brakes inspected regularly. There is other routine maintenance you should do, but it still isn't a "tune up" in the traditional sense of the phrase.
Anarchists never rule
Have you heard of mechanical computation? Analog computers? Water computers? We could do all this fancy eco crap with more mechanical parts in the linkage but software is cheaper.
Consider yourself blessed if you are sneezed on by a dragon and only get wet, it could have been a fireball.