Slashdot Mirror
NASA Summoned To Fix Prius Problems
coondoggie writes "If you want to solve a major engineering mystery, why not bring in some of the world's best engineers? The US Department of Transportation's National Highway Traffic Safety Administration today said it was doing just that by bringing in NASA engineers with expertise in areas such as computer controlled electronic systems, electromagnetic interference, and software integrity to help tackle the issue of unintended vehicle acceleration in Toyotas. The NHTSA review of the electronic throttle control systems in Toyotas is to be completed by late summer." We're really in trouble when NASA has no choice but to call Bruce Willis.
How many engineers does it take to fix a Toyota?
I guess today's NASA is a good call...
"Waste not one watt!" - CZ
So, this is an admission that sticking pedals and faulty floormats had nothing to do with the problem, and that the recalls to fix pedal and floormat "problems" were simply a smokescreen to hide the actual cause of the problem (albeit, unknown cause)?
Driving a car is rocket science.
Working as a developer at a tiny shop just out of college. Any time the CEO had troubles figuring out how to access a website I would be summoned to "just fix it" for him.
I'm a good cook. I'm a fantastic eater. - Steven Brust
Don't forget to tell them the Japanese use the metric system please.
Wait, so when a private corporation fubars something, you gotta roll in the government funded engineers to fix it? Interesting, interesting...
Ubi solitudinem faciunt, pacem appellant.
Bruce Willis? They'd better call Chuck Norris to fix the pedals with a roundhouse kick or I'm selling my Toyota!
If the problems with the shuttles were related to floor mats then perhaps NASA could help. Otherwise, it's just another set of computer scientists looking over a few million lines of code they didn't write, trying to find a defect that has supposedly manifest itself less than a few hundred times out of million of cars and probably billions of miles driven.
When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
The budget cuts at NASA apparently keep them earthbound and working on earth crawlers
and when it is all said & done, they will conclude people are hitting the GAS instead of the BRAKE.
I think this is a stunt on 2 levels:
1. Public relations need to be fixed somehow, so calling in NASA shows that the company is 'dead serious' about fixing this problem and they are going for the best people to do it, right?
2. A small token of appreciation to the government of USA by hiring NASA people, creating some employment, probably this is done with an involvement of a senator or two, some governor maybe, whatever, some politicians will get involved and this is probably important for Toyota now.
3. Something else, again not really related to the actual car problem, but trying to save the company's ass.
You can't handle the truth.
You do realize the government could flush every penny invested in GM and Chrysler down the toilet and not miss it, right? Dragging down Toyota to prop up GM and Chrysler might make sense if the federal government was dependent on their success, but it isn't. And even if they took down Toyota, that wouldn't prevent the dozen or so other non-gov't owned brands from rushing to fill the gap (and likely succeeding given the shitty reputation of GM and Chrysler over the past couple decades). Without a motive, inventing conspiracy theories in advance seems rather pointless.
$_ = "wftedskaebjgdpjgidbsmnjgcdwatb"; tr/a-z/oh, turtleneck Phrase Jar!/; print
What is truly ironic here is that NASA regularly summons external panels to fix their problems.
Slashdot's first reaction to VMware
This is Slashdot and we suggest the most insane stuff be Open Source (e.g. "Why isn't my Microwave under GPL?"). But yet when we have an absolutely perfect opportunity to suggest that cars should be REQUIRED to be Open Source for public safety we drop the ball. Come on guys, we can use the power of Open Source and "many eyes" to literally save lives. You could be the geek that finds that piece of code!
Moreover, their vehicles operate in adverse conditions (radiation, temperature extremes, chance of collisions with fast moving things). They might actually be fairly adept at looking at systems which are supposed to be robust and failsafe, and identifying ways in which they are NOT failsafe.
Motive: Millions of union members of GM and their suppliers depend on the success and will continue to vote for the current government to insure others' lack of success--especially the company that put GM to #2.
Toyota testified in front of congress, "We're automotive engineers not rocket scientists."
Congress said, "I know a guy, that knows a guy. Let me make a phone call."
now this.
Paying taxes to buy civilization is like paying a hooker to buy love.
"The total cost of the two studies is expected to come to approximately $3 million, including the cost of purchasing cars that have allegedly experienced unintended acceleration to be studied." I guess they don't have to bother looking at the Car Fax. What does "unintended acceleration" do to the KBB value?
"I'm not a quack, I'm a mad scientist! There's a difference." - Dr. Cockroach
wow, i can't even think in that kind of direction. Thank you for sharing but that does sound very unlikely. There was a part in the article talking about other private industry problems that NASA has helped with, but they don't mention Chrysler.. someone will have to research that.
"In 2003, NASA and the NHTSA wanted to research new methods for testing vehicle rollover resistance after a widely reported factory recall of Firestone tires. NASA's High Capacity Centrifuge (HCC) was the answer. Vehicles were spun, using the HCC at NASA's Goddard Space Flight Center on a test platform, until inertia and centrifugal force caused them to tip. Results of that test have set standards for rollover technology development."
http://soylentnews.org/~tibman
Toyota's engineers needed a challenger.
There's no -1 for "I don't get it."
I think this more appropriate for Keanu Reeves... Speed 3: Hybrid Control
CAN Protocol(the de-facto automotive protocol) contains error checking. So if a node in the system sends out 00000001 but the "sun spot" turns it to 01000001, it finds that error. So unless it changes that to a 01000001, while also changing the parity bit(or whatever they use for error checking) to 0 as well(as compared to 1), WHILE ALSO somehow disabling the entire safety section of code that reduces the throttle input when brakes are applied... then I seriously doubt it.
Everyone involved in this knows the above facts, what they have to do is prove the above facts. The reason they called in NASA is because they lack the right type of experts, NASA does not. Case closed.
So basically, -1 troll/offtopic is really slashdots way of saying "I hate that you thought of something before me."
I'd really like to see how the computer in the car manages to consistently only enter this mysterious state when the driver is 60 or older (or maybe in the late 50s). Because normally, if you have a ton of examples of something failing, all of which involve people of an age famed for acquired inattentiveness or confusion, and which look just like many other reported and documented cases of elderly folks getting confused and hitting the gas pedal thinking it's the brakes, you'd not assume it was the computer.
My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
...Richard Feynman. Oh wait.
Toyota will learn what went wrong with its software, and NASA will find out how to get a vehicle into space.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
CAN protocol may be used between modules, but how about within the modules themselves, either to create the CAN messages, or after decoding the messages to act upon them?
Yes, I think people are idiots. lots of accidents are cause by poorly maintained floormats, doing your lipstick, texting, etc. This isn't the problem here. There are way too many incidents of various natures to be accounted for by this.
Yes, I think electromagnetic radiation exists. Yes, it can produce measurable effects. This, is also, not the problem here. EMF does not cause motors to turn with any appreciable torque. Modern electronics are sufficiently robust to this type of sporadic interference to account for this.
The problem here is in the code. I have written embedded software. It is WAAAY too easy to make a subtle mistake in an embedded environment that has limited processing power, highly asynchronous processing and a multitude of cooperating software and hardware modules. Further more, it can be a total bitch to debug these environments and the faults that they can exhibit can be nearly impossible to reproduce. And in EVERY case where I've seen "Hey, it shouldn't do that. The code doesn't have it doing that!" it turns that yes, it was doing exactly what the code had it do under those circumstances.
So, Want to save time and money? Ignore looking at anything other than code. Analyze the hell out of the software and you will find the culprit lurking there. You can put me on record for predicting this. (if they even 'fess up to the cause once found.)
I will never live for sake of another man, nor ask another man to live for mine.
Honestly, given the miles that Toyota has on land vs. the miles NASA has in space... Toyota might have the most 'accident free' record of the two. (Not including drivers who are just ignorant)
Hence the name "National Aeronautics and Space Administration", eh? ;)
Seriously, yes, you are correct. The FAA regulates, but NASA is responsible for a lot of the research.
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
Depends on what the bit error rate is. And the bit rate per second.
One error in 10^-15 bits could mean "a few months after the sun died" or "next friday somewhere on a rural road in western virginia" depending on that.
First, having worked in safety critical software systems (aviation) for a number of years, and Level A at that (the highest level the FAA requires), the thing that many of these posts fail to recognize that automotive software systems ARE getting incredibly complex. When these problems first arose, my gut reaction was that if we keep seeing issues like this, the NTSB was going to investigate imposing FAA like standards. In my opinion, that isn't a bad thing. But I don't think it will happen any time soon, as the cost per car will increase to account for all the extra software testing that must be done.
Second, just because a piece of software has complete code coverage does not mean that if an error is there, it is because of some "cosmic" effect. You also have to define what level of code coverage you are talking about. Statement coverage, decision coverage, modified condition/decision coverage, condition coverage? Even in the eyes of the FAA, this is a tricky area. You may have 100% MC/DC (the requirement for Level A software), but you can and will still have bugs. Anyone hear of bad requirements? That is one reason you have reviews for all areas, not just code (requirements, design, code, test, coverage, test results, etc).
Third, of course you should have an independent team look into the bug. Why so many people think that having a set of eyes look at code when they have never seen it before have never had to have independent verification. When you are dealing with structured software development for the FAA, the testers are never the ones who wrote the code. They (should) only know requirements and functionality. Design and code mean nothing at that stage. The tests are then written to robustly test those requirements, and then only done once you feel you have 100% requirement based testing complete, you look and see what your coverage is. If you have reached 100% coverage, then you can probably feel confident that your requirements were good and your tests were good. But even then, you still need to have reviews done (ideally by an independent team).
Lastly, just because this is "special" code, does not mean that there will be very few conditional branches in the code. Only with special code compilation tools can you create code that is linear. And as with avionics, automobiles are complex machines. They have many inputs to determine what should be done in a circumstance (right tire slipping, brakes applied, what should the engine do?). Therefore, not only will you have many conditional branches, but you will have complex conditional branches, which makes the software that much more difficult to test and debug.
In the end, just as with avionics, safety should be the number one concern. If it requires us as a society to say that software in cars that keep you safe (brakes, acceleration, engine control, etc) needs to be regulated, and that the NTSB will create FAA like standards (just like nuclear and railroads have done), so be it. If we didn't have FAA standards, the planes would be cheaper, tickets would probably be cheaper, etc...but do any of us really want that?
All the bolts I have dealt with on my Toyota are in metric...this can only end badly.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
I think they are clearly software-related. But the question is what the root cause is.
You don't always know what the error condition is. It could be: "Well if the solder is cracked on this connection and this other sensor fails in this way, the following feedback loop is created and the software responds to the erroneous input by accelerating the car."
This is almost certainly some sort of cascade from the root problem. The cascade is software related. The root problem may well be hardware related. However I don't think you can just blame cosmic rays, etc. since the behavior described is too narrow. Why not uncommanded braking or power steering errors?
LedgerSMB: Open source Accounting/ERP
Why are we wasting American tax dollars to solve a foreign auto company's technical error!? To further drive American auto industries out of business? We should just ban Japan's defective lead-foot autos like we ban China's lead-filled products.
I wouldn't be surprised if this wasn't coming from NASA's already diminished budget.
Correct for CAN. Though as for any protocol - garbage in; garbage out. The value(s) transported in CAN's payload may have been corrupted in memory or even in the CAN driver hardware* Actually, the "cosmic magic" is more likely to corrupt bits in static locations than represented as a voltage potential traveling along a differential bus with an active low being the dominant state. Of course, I have nothing to base this on, but I am posting here - *shrug*. * I designed both hardware and software for redundant CAN implementations.