Slashdot Mirror
Jaguar Recalls 18,000 Cars Over Major Software Fault
DMandPenfold writes with this excerpt from ComputerWorld UK "Jaguar has recalled nearly 18,000 X-type cars after it discovered a major software fault, which meant drivers might not be able to turn off cruise control. The problem lies with engine management control software developed in-house by Jaguar. The problematic software is only installed on diesel engine X-Types, which were all produced between 2006 and 2010. Some 17,678 vehicles have been recalled, as a result of the potentially dangerous problem. If the fault occurs, cruise control can only be disabled by turning of the ignition while driving — which would mean a loss of some control and in many cars also disables power steering. Braking or pressing the cancel button will not work. 'Jaguar has identified that should an error with certain interfacing systems be detected the cruise control system will be disabled and an error message displayed to the driver on the instrument cluster,' the company said in a statement."
... to disconnect the engine from the drive wheels.
It's called a clutch. You should have one on your car.
In addition to the safety issue, a clutch is cheaper, lighter, more reliable, has better performance & fuel economy and gives you more control over your vehicle.
Next time you buy a car, ask for one with a clutch.
Wait, it's not Patch Tuesday. That was two weeks ago.
This has to wait until next month, I just don't have time to constantly push these updates out all the time....
No man is an island, But if you take a bunch of dead guys and tie them together, they make a pretty good raft.
At least the software follows the model of the rest of the car. Its a jag, everything breaks down.
Not that I'd trade what we have now for points and condensers/vacuum driven everything/carburetors. Unless you're spending like NASA does on software, the likelihood of an edge case like this is always there. It is good to see that "No customer has been affected and there had been no accidents or injuries,", per a Jag spokesperson.
It's a CAR. It doesn't need a computer in every function, ESPECIALLY not with the attitude of the software retards these days.
Wait so you can't push in the clutch or even shift to neutral?
Sorry, test first design apparently isn't part of the Jaguar model. They do, however offer "Safety and Security" through a comprehensive range of sophisticated safety systems", which apparently don't include cruise control. It seems unconscionable to think that there would not be a safety mechanism that could override the rest - brakes has always been the default for this type of issue.
Bumper sticker: All parts falling off this vehicle are of the finest British workmanship.
Have gnu, will travel.
Jaguar said drivers who returned their cars would need a software upgrade to their vehicle. No hardware needed to be replaced, it said.
What is worse: having to recall 18,000 cars or having the ability to get an automatic update (wi-fi...) + the risk of the car being remotely hacked?
Slashdot, fix the reply notifications... You won't get away with it...
They had forgotten to add the leak_oil() function...
http://rareformnewmedia.com/
Couldn't you coast to the side of the road without turning off ignition and keep power steering/brake?
Why are software solutions even being used at all? Shouldn't these things be controlled by specialized discrete circuits? Software solutions seen more expensive and more fault-prone, the worst of both worlds.
The Jaguar X-Type's software was custom built in-house, which could mean it's not even that mature or robust. Jaguar are not known for their software, why should we assume that their practices and methodology are sound enough when it comes to developing critical software systems? Do transportation safety board regulators even cover vehicle software? Are there any standards for this at all?
Twinstiq, game news
Sounds like a driver issue.
"I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
...ignitions to shut off.
Press the clutch. Problem solved.
The move away from manual transmissions in automobiles is tragic. Not only does it dumb down both driving and drivers, it gives less control over the car, and while automatics are starting to get competitive for highway mileage, in the city a human brain can still anticipate better than any automatic. There's even some research suggesting that people driving manual transmissions are statistically safer drivers, having fewer accidents, perhaps because they are more engaged in the process and don't have their brains switched off quite as much while driving. Plus, it's just more FUN to drive a manual.
Let's stop dumbing down the world already. It's freakin' pervasive: computing, driving, hell, gaming, you name it, we seem intent on dumbing it down.
I wonder how many car accidents this failure has caused.
This is why I don't trust drive by wire systems
the same thing can happen in mechanical transmissions, except haha just kidding. software sucks, the best you can do is reset it to a known state on error :)
A new car built by my company leaves somewhere traveling at 60 mph. The rear differential locks up. The car crashes and burns with everyone trapped inside. Now, should we initiate a recall? Take the number of vehicles in the field, A, multiply by the probable rate of failure, B, multiply by the average out-of-court settlement, C. A times B times C equals X. If X is less than the cost of a recall, we don't do one.
If the fault occurs, cruise control can only be disabled by turning of the ignition while driving
The advice is really "try turning it off and on again"?
(How about adding a soft-reset button on the steering wheel for all these drive-by-wire features?)
Science is all about firing a drunk pig out of a cannon just to see what happens.
If the fault occurs, cruise control can only be disabled by turning of the ignition while driving â" which would mean a loss of some control and in many cars also disables power steering.
Public Service Announcement time from a decade-long car geek.
SHUTTING OFF YOUR ENGINE WILL NOT CAUSE YOU TO LOSE CONTROL OF YOUR CAR. You'll somewhat slowly come to a stop. You won't "endo". You won't flip over and crash in a ball of fire. Your wheels won't even lock up. Furthermore, once your car is moving at a walking pace, you no longer need power steering. Try it some time in a parking lot. And no, you won't lose your brakes, unless your braking system has been poorly maintained. Test this by shutting off your engine in your driveway and seeing how many times you can press the pedal before it suddenly goes hard. That's where you have lost braking assist. Even further: loss of braking assist does not mean you can't stop the car - you just have to press much, much harder.
What is dangerous: if the ignition lock on the steering column activates and you need to steer. This is why you should turn the key to the accessory-only position.
Braking or pressing the cancel button will not work
Second PSA:
BRAKING ALWAYS WORKS. With the exception of some ultrapowerful cars like the Veyron, there is an order of magnitude difference between the maximum torque your brakes can generate, and the maximum torque your engine can.
The key is that you have to stop safely but quickly, firmly, and completely, and STAY STOPPED until you've shut off the engine. If you ride the brakes, you'll keep heating up the rotors, pads, and brake fluid. If the brake fluid boils (or more accurately, the water in the brake fluid, since it's hygroscopic and people aren't good about changing their brake fluid as often as they should) or you exceed the maximum operating temperature of the brake pads (passenger vehicle pads are designed for "cold" bite, ie to be useable for panic stops), then yes, you will not have effective brakes.
Please help metamoderate.
So were any of the components in the cruse control system made by Lucas Industries?
If you have never worked on a British car then the humor may be lost on you but there is an entire sub culture around Lucas the prince of darkness.
Time to offend someone
This design flaw was baked in before they wrote the first line of code. Before throttle-by-wire, the brake pedal had two independent kill mechanisms: an electrical switch to open the solenoid circuit, and a vacuum valve to dump the vacuum to the throttle servo. Either was sufficient to defeat the cruise control. Now it's all single thread. I don't want to go back to coil and points, but some control systems should have multiple override.
(i)If the fault occurs, cruise control can only be disabled by turning of the ignition while driving — which would mean a loss of some control and in many cars also disables power steering.(/i)
Diesels are compression-ignition engines. They do not have ignition systems, since it is the temperature of compressed air which begins combustion.
Any cruise control would have to regulate fuel flow, which is electronic through fuel injectors.
Jaguar doesn't sell Diesels here. Like many other manufacturers, they assume that Americans are either too stupid to handle a Diesel, or they assume that Americans still think that all Diesels are the same as the terrible examples our big three produced in the 70s and 80s in response to the oil crisis.
So yeah, it sucks that Jag has a software glitch. But nobody here has to worry about it since there are exactly zero Diesel X-types in the US.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
If the fault occurs, cruise control can only be disabled by turning of the ignition while driving — which would mean a loss of some control and in many cars also disables power steering.
Obviously stub writer knows approximately jack about how cars function... shutting off the ignition will "disable," i.e. shutdown, the power steering in all cars, as the power steering pump is driven by the belt assembly. However, that's hardly a safety concern at speed; many modern autos automatically shut down the power steering system when traveling at highway speeds, as it is only a useful system at low speeds.
The real problem with turning the ignition (key) to the OFF position is that the steering lock will engage, making it impossible to change trajectory until you turn the ignition back on.
FYI, the best thing to do in an "out of control cruise" situation would be to put the transmission in neutral, get to the shoulder, and stop, THEN shut the ignition off; doing so may grenade the engine, but it will also save your life.
An enigma, wrapped in a riddle, shrouded in bacon and cheese
That's why you never trust a computer when manual controls will do. Seriously.... Not worth it. Maybe that's why I drive a 70s era car. Not great gas mileage, but everyone sure seems to get out of my way (as opposed to the usual honking and "get out of my way" attitude) when driving at my own calm at the speed limit pace. So I"m not exactly speeding along - but I do get there. An I can enable and disable cruise control at will.
You can't beat manual. It will either work or it won't. It it doesn't, it won't effect the rest of the car's functions. Other than optimal efficiency I don't see why so many people risk such dangers (relying on error prone automatic / computer controlled devices). Mistakes happen. Why not try to avoid as many as possible? The simpler, the better - the less there is to break down or malfunction.
But some of us are not and we might have to loose speed FAST. NOW, not AFTER our brains have processed not just that we need to stop in a hurry BUT that now something is wrong and we have to do something we never really thought about doing while whatever has made it necessary to stop is approaching at 130km/h.
Or translated, I am driving on cruise control, which means I am NOT fully in control of the car because I am not expecting anything, when suddenly there is an accident in front me. I slam on the brakes and rather then them working fully against ONLY the weight of the car, they now got to work against the engine to. A Jaguar engine, not a tiny city mobile. Now I got to get my hands of the steering wheel while I am trying to avoid a high speed collision and fiddle with the keys...
Your use case only applies if a decide to disengage cruise control early on while driving comfortable with plenty of time to asses the situation and come up with a solution.
I hope if this ever happens to anyone, they will have that time and empty road ahead of them and quickness of mind to come up with your solution because I just know your average motorists is perfectly capable of doing this... why yes, I do not drive, I go by train. Why do you ask?
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Right joking aside people unless it is something you use do not have any mods done yet a lot cars that have had the mod attempted are now waiting for an extensive repair job as it kills the car DEAD personal experience of 5 people with said cars that are now at the dealers awaiting a major repair this is not a joke folks ..
Doesn't this problem seem similar to the Toyota acceleration problem (and even standing on the brakes doesn't work?).
I always wondered in Toyota's case if it wasn't the cruise control losing its mind and hammering the accelerator (which it certainly could do). They blame it on a sticky accelerator but from some cases a read the car accelerates on its own much like a cruise control would do.
In fact, discreet circuits are theoretically harder to test than software that does the same thing and certainly harder to debug.
People like you scare me.
I'm not sure it's even possible to create software that does *the same thing* as a discreet circuit. If it is possible, it's never done in practice. Software invariably does more. (Trivial example: Memory management.) And that is where the problem lies.
Discrete controls will be assigned to one task and one task only (because making them do more makes the problem more complex, and thus involves more work). In practice, this makes them easier to test and debug.
Software will be assigned multiple tasks, for reasons unknown, but probably related to misguided thinking similar to the parent poster's. This still makes the problem more complex, but for some reason complexity in software is regarded as "feature rich".
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
I'll keep driving my old carbureted vehicles. They just plain work every time. I only owned one fuel injected vehicle and it was the worst vehicle I ever owned. Carbureted vehicles with no computers just plain work every time, so that's what I'll stick with. Technology is great and I enjoy working with it in my career, but I flat out do not need a computer or any fancy electronics in my vehicles.
This would be funny if Ford hadn't owned Jag at the time these were built.
Try Birmingham or Coventry in the UK. :)
Soon add Wolverhampton to the list.
which would mean a loss of some control and in many cars also disables power steering.
SHUTTING OFF YOUR ENGINE WILL NOT CAUSE YOU TO LOSE CONTROL OF YOUR CAR.
TFA was referring to a loss of some control, which is exactly what happens when you lose power steering/brake assist. It was not referring to a total loss of control or "endo"...
Test this by shutting off your engine in your driveway and...
Don't. With modern vehicles, letting the engine rotate while powered off may damage the catalytic converter when it is reached by non-burned/liquid fuel. You should only do that for a 10-20 meters in case of an emergency start (e.g., depleted battery due to age/cold temperatures).
Braking or pressing the cancel button will not work
BRAKING ALWAYS WORKS
TFA, again, is correct since it is explaining that braking will not work for the purpose of disabling cruise control.
Unless they're Toyota brakes, where the electronics apparently can't always tell that you're standing on the brake pedal.
What, they didn't buy the software from Japan?
I miss the days when it had to be perfect the first time, think about it, in the days of old, it seems like now people have no issue releasing half done games (I'm looking at you EA!) because "we can just patch it later". Gone are the days when that would have cost so much it had to be right the first time. I kinda miss those days.
brickspeed.net for your old Volvo performance addiction
Why are they not recommending shifting into neutral? It is by far the safest thing to do, rather than turning off the ignition at speed and possibly locking the steering if you turn the key too far. Of course, the engine would be bouncing off the rev limiter the whole time, but that's a secondary concern to stopping the car safely. Did Jaguar make it so their automatic transmission cannot be shifted into neutral? I didn't think that was a legal design, I assumed (possibly incorrectly) that transmissions must be able to be shifted into neutral as a safety feature in case of a stuck throttle.
If they can be shifted into neutral, then it sounds like Jaguar is trying to save money by risking lives instead of risking replacing a few engines. Assuming that's Jaguar's actual advice, and not just computerworld's take on it.
Furthermore, once your car is moving at a walking pace, you no longer need power steering. Try it some time in a parking lot.
Eh, actually, it's the other way around - power steering is required to provide more assistance at lower speeds. Do try it - have some friends push you in a parking lot with the car in neutral. Steering effort will be much higher than you're used to. It's more difficult to test this on the highway (because you'd have to turn your car off), but if you've ever driven an older car that doesn't have power steering, you'll know that when compared to a vehicle with power steering, there is virtually no difference in steering effort on the highway, but at parking lot speeds there is noticeably more effort (although not as much effort as there would be if your car has power steering, but it isn't functioning).
This is totally incompetent real-time programming and hardware design. There should be a stall timer in the hardware, and it should only be reset after all the safety-related conditions have been checked on each cycle. Safety-related functions and non-safety-related functions must be strongly isolated, preferably in different CPUs. This is all well understood. Some people need to be fired.
I worked with some of the people who designed the Ford EEC IV, which controlled most Ford cars in the 1980s. Backup systems included 1) a hardware stall timer, 2) a hard-wired dumb control unit for "limp home" mode if the software failed, and 3) limited throttle authority for the computer-controlled actuator. The program was etched onto the CPU chip (not Flash, not EPROM, not PROM, permanently masked onto the custom Intel 8061 CPU chip during manufacture) and was unchangeable. A bolt-on ROM module held the constants for the vehicle model. The design life for the hardware was 30 years. Massive amounts of effort went into verifying the correctness of the software. Everything from proof of correctness to checking behavior during an EMP spike from a lightning strike was used. I've been in the Faraday cage used for that. No recall was ever necessary, and tens of thousands of Ford vehicles from the 80s are still running that software.
That's what you want down at the safety related levels. The "infotainment" software can be as sloppy as most web programming, but the low level stuff has to just work, no matter what.
Wouldn't shifting the car into neutral essentially negate the engine in this case and be easier than playing with the ignition key?
Just throw in the clutch. Problems averted.
Wait, what? You don't have a clutch you say?
Problem located, step 2 is getting it fixed.
So, in the grand scheme of things, our cars are getting more buggy due to poor coders. Does anyone know if this work has been outsourced and, if so, to whom?
Most automatics can be shifted into neutral just by pushing the lever, to handle emergency situations like this. Shift into neutral, and brake and steer to a safe stop.
Problem... Solved.
Dear Lord, I **AM** getting old. Ah, well, maybe that model actually can run on Guinness.
Jaguars have two gas tanks. Just keep the second one empty, and switch to it if your cruise control won't disengage.
I thought driver issues were actually PEBSWAS : Problem Exists Between Steering Wheel And Seat.
If I mod you up, it doesn't necessarily mean I agree with what you've said, sorry.
I agree 100% with the conclusions you make, but could offer a couple of technical thoughts:
Even on most automatics, with the ignition shut off, the transmission is still driving the engine. Even though the engine isn't 'running' it's still pulling a vacuum, and driving accessories. So long as you do not put the car in neutral, your vacuum assist power brakes will still function normally. Same is true of the power steering.
Neither power steering nor power brakes should be necessary on most modern cars. As you mentioned, power steering has zero impact once the car is moving, and in fact, steering feel can be improved by disabling it (done on many race cars.) Power brakes are more useful, but it's possible to stop the car by pressing on the brake pedal with both feet, and doing so is much more effective than trying to over-power the engine, especially if you have a rear wheel drive car.
In the case of a rear wheel drive car, your strong brakes are up front, and the engine can easily overpower the weaker rear brakes. This is especially true since most modern RWD cars are either sports cars, or larger trucks. If you attempt to overpower the engine using the brakes, you can induce rear-wheel spin, especially at low speed, which will result in over-steer, and probable loss of control.
Why so rude? Are all Europeans 'Eurotrash morons' to you or was there a particular subset of Europeans to whom you referred? Only a few days ago you were complaining about "absurdly ad hominem attacks" on conservatives (http://slashdot.org/comments.pl?sid=2468844&cid=37665704) but I guess it's okay when you're complaining about people in other countries.
I'm not sure it's even possible to create software that does *the same thing* as a discreet circuit
That would be quite easy. It's the opposite way that's often impossible. Problems that can be easily solved in software are often too complex to solve in hardware.
Software which *includes* (proper superset) the features of a discrete control solution is easy, sure. But software that does *the same thing* as a discrete control (mutually inclusive)? Not so much. Certainly if you're programming anything fancier than a fairly simple microcontroller, you're going to start doing a lot more things that weren't happening before.
Complexity breeds failure. Complex software doing complex things is going to be less reliable than simple solutions doing simple things. If you want a robust system, design many small parts doing simple things, and strive for high cohesion and low coupling. That way, when the system running the catalytic converter tuning fails, the cruise control is completely unaffected.
That does mean you don't get to have a single computer controlling every aspect of the car, though. Higher costs and less sexy.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
"TFA was referring to a loss of some control, which is exactly what happens when you lose power steering/brake assis"
Again: Wrong. Brake assist continues as normal until you've used up the vacuum reservoir, which requires pumping the brakes repeatedly; you could stop your car SEVERAL times from highway speeds based off the vacuum reservoir alone (which, incidentally, is 'charged' from engine vacuum. Guess what happens when you turn off the ignition? You've got a closed throttle and a moving engine, which equals...ENGINE VACUUM.) If you have hydraulic assist (some older Audis and VWs), you have about THIRTY pushes of the brake pedal before you lose brake assist.
Power steering does virtually nothing at highway speeds.
Please help metamoderate.
Also, I lose power steering, which could make keeping control of the car much more difficult.
No, it won't. I meant it when I said that at highway speeds, your power steering is doing virtually nothing. Plus: you don't need to do much steering to stop your car.
You actually get MORE feel and control, because the power steering won't be hiding the steering feel. Most modern cars these days can be driven practically with your pinky finger.
Please help metamoderate.
Ford tried this kind of calculation with the Pinto, and look what it got them, legal/financial trouble even if one doesn't care about the ethics.
I listen to both RIAA and non-RIAA stuff if I like the music, tangential business/politics nonwithstanding.
Well da....
Software can be expected to need
an update. This needs to be fixed
but to call it a recall tells me that
the communication with the computers
in the cars and communications with
owners is just not part of the product design.
Security is a massive issue but knowing
what updates are available in this modern
world of cell phones, bluetooth and more
makes it just silly.
It`s happen ... mercedes call the same , but many more cars , we are human we can`t make perfect things !! http://www.mvt.ro/auto/Jaguar