Slashdot Mirror
65,000+ Land Rovers Recalled Due To Software Bug
An anonymous reader writes with word that owners of Range Rover and Range Rover Sport SUVs (model year 2013 and newer) will need to get their cars' software updated, which means a visit to a dealer. The update will fix a bug in the cars' locking system, which occasionally resulted in car doors randomly unlocking and opening themselves (in one instance, when the car was moving). This is not the first time that a car manufacturer asked customers to contact dealers for a security update. In July, Ford has recalled over 430,000 cars in North America because of a bug that prevented the engine from shutting down even after the ignition key was put into the "off" position and removed.
Only makes sense that car called the Range Rover would have either an off-by-one or Out of Array Bounds error.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
The other one was ok though.
Is this the new incarnation of Lucas electrical systems?
http://www3.telus.net/bc_trium...
Don't blame me, I voted for Kodos
Does the software in cars fall under any particular standard for quality? Like actual engineering standards?
No.
Or do we really have auto makers doing little better than people making apps for phones?
Well, it's quite a bit better than that, which is still terrible.
It just seems like if it controls any part of a car it should really be required to be subjected to much more rigorous verification.
They're nowhere near that. The complexity has gone way up, but the quality hasn't...
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Doors unlocking, that's one thing. Doors opening and engine not halting when ignition switched off, that's horrible design. Always, always keep physical means that override any other possible means to do things like opening doors and disabling engine. Person approving those designs should be shot and then sent to the Russian front. Stuff can go wrong mechanically, but why would you ever add yet another possible point of failure?
I am not sure how many software engineers are employed by Range Rover, but I expect that the subsystem providing the central locking features will have been outsourced just like all the major components to companies like Bosch, Visteon, Wipro, Yazaki etc.
In order to reduce costs the software engineers will have been outsourced to Eastern Europe and India, and although just like everywhere else the software teams will be a mixture of the competent/incompetent, it will likely be the management who will have screwed up trying to do things cheaply and quickly*
* Jaguar/Land Rover, made in Britain owned by Tata (Indian company)
because of a bug that prevented the engine from shutting down even after the ignition key was put into the "off" position and removed.
I guess it's too difficult to leave the physical connections in place. They had to be replaced by shiny, just because.
There's a reason light switches work every single time. Physical connections are superior to digital connections.
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
The Ford bulletin listed in TFS says: "This is a compliance issue with FMVSS 114 regarding theft protection and rollaway prevention." One would think the issue would simply be shutting off the engine when turned off so, you know, it doesn't keep running. I understand that software controls allow for more features and save the vendor money on hardware, but I don't think they actually makes things simpler, better, safer or more reliable. I know that, historically, whenever I have turned the engine off in my cars, the engine has always turned the fuck off.
It must have been something you assimilated. . . .
As an automotive SCADA programmer, its the hillarity of a marketing driven product that causes outright lethal problems like this. We finish coding important things like o2 and knock profiles, 3d cylinder maps and such into the engine and give the vehicle the ability to start or stop with ease in damned near any environment. we also write in cockpit code that handles fun stuff like TCS and ABS for the driver. Then, suddenly, our competitor one-ups us in either horsepower, torque, or some other mundane argumentative ego stroke brought up at the dinner table of automotive shows and product spotlights. And just like that, some marketing drone instantly tasks us with a new, untested, and wholly remarkable feature we are to provide.
so another project is created in git, branches are furiously spawned, we're given a deadline to make this new system work with everything (including the legacy stuff thats 10 years old) and things like lighting controllers as well. We're told we will deliver this feature on time or all hell will rain down from above, and so we do. Its another set of servos, and because we dont have a 2 year test cycle we have to use the same ones you have to close the trunk, but this time we bolted it to keiths new handler code based on a fork of the trunk code that he spent 90 hours hacking. Sure, the newest vehicle comes out and all is well, but we just do not have enough time to make sure everything works before some talking head gets up on a stage and rails about our latest "innovation." And chances are the average driver with more brass than sense is too old to understand the technology, how it works, or when to use it so it gets disabled at the dealership for them along with a half dozen other bells and whistles that confuse and bewilder the OAP.
Good people go to bed earlier.
So I have to drive my Cayenne or X5 for a while. BFD.
Uhm... I think modern cars actually have much more computers than Apollo 11!
Just don't look too closely at the compliance audits and root cause analysis of previous faults while you're googling that one, or you may have a disappointed scowl all week. The trouble with standards like this is that unless there is some compulsion to actually follow them effectively, they are just squiggles on a piece of paper or someone's computer screen.
This is the industry where those stories about comparing the cost of the lawsuit when people die against the cost of the recall originated, remember. If things are going to change, either the damage to the business from any serious accident has to be dramatic, such that selling vehicles where engineering failures causing damage/injury/death are more than isolated freak incidents is literally an existential threat to the business, or the senior executives who set these policies need to be personally on the hook for the results without hiding behind the corporate veil, such that if there are serious failures that are a result of either negligence or active decision-making other than in the interests of safety then people go to jail, or both.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Pure genius! Turns out that 65,000 Land Rovers make an excellent continuous integration server. BTW the build is broken.
So you program the software to not pull the update if the car is roaming (or use data at all, for that matter).
Of all the reasons OTA may be a bad idea, I think this is one of the least concerning ones (as in, not at all).
It just seems like if it controls any part of a car it should really be required to be subjected to much more rigorous verification.
They're nowhere near that. The complexity has gone way up, but the quality hasn't...
QC didn't go up or down. It stayed the same but the complexity of the controllers has gone up.
Is there an echo in here?
Contrary to circuit boards, software is far more flexible and allows for higher levels of complexity which results in higher probability of failure.
Both have become massively more complex. My 1989 240SX had a 3MHz, 16-bit ECU. Modern PCMs are typically 32-bit and measured at minimum in double-digit MHz... for really boring, small engines. My 240SX's Hitachi ECU had probably half as much I/O as my Audi's PCM, which has probably half as much I/O as a really modern car. Maybe two-thirds.
It scares me to think that auto makers are moving ABS, Cruise Control and other critical features to 100% software driven systems.
Cruise control is not a critical feature. You hit the brakes and it shuts off. ABS is a critical feature. If the ABS goes full idiot, then you can't stop the car with your foot. I would also like to point out that electric parking brakes are a horrible idea in every way, while we're here. That's full retard.
With the coming of self driving cars there's no doubt QC will improve but until then we will see stuff like this.
And probably for some time the self-driving cars will just be new modules driving the old equipment, and even if the QC is good in the self-driving part the PCM or TCM will be garbage.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"