Slashdot Mirror

← Back to Stories (view on slashdot.org)

Toyota Raises Concerns About California Self-Driving Oversight, Calls It 'Preposterous' (reuters.com)

Posted by msmash on from the not-on-the-same-road dept.

A Toyota official on Tuesday raised concerns about California's plans to require compliance with a planned U.S. autonomous vehicle safety check list, calling it "preposterous." Reuters reports:Hilary Cain, director of technology and innovation policy at Toyota Motor North America, criticized California's proposal to require automakers to submit the U.S. National Highway Traffic Safety Administration's (NHTSA) 15-point safety check list before testing vehicles. "If we don't do what's being asked of us voluntarily by NHTSA, we cannot test an automated system in the state of California. That is preposterous and that means testing that is happening today could be halted and that means testing that is about to be started could be delayed," she said at a Capitol Hill forum. On September 30, California unveiled revised rules that carmakers will have to certify that they complied with the 15-point NHTSA assessment instead of self-driving cars being required to be tested by a third-party, as in the original proposal.

19 of 230 comments (clear)

  1. Why is it preposterous? by Anonymous Coward · · Score: 5, Insightful

    "If we don't do what's being asked of us voluntarily by NHTSA, we cannot test an automated system in the state of California. That is preposterous and that means testing that is happening today could be halted and that means testing that is about to be started could be delayed"

    Well sorry to shit on your parade, lady, but maybe it's not such a bad idea to slow all of this down and get it right. NHTSA isn't the devil. If you want to get angry at someone, go after IIHS. NHTSA is trying to actually keep the rest of us, who may someday interact with your automated system, safe from it.

    1. Re:Why is it preposterous? by GrumpySteen · · Score: 2

      Nothing in the 15 point checklist requires perfect safety. In fact, most of the items are just "it should include something that tries to do X" where X is "obey local traffic laws", "refuse to go into automatic mode if sensors are damaged", "save data if there's a crash" and "switch safely from autopilot to manual control."

      The actual document can be found here and simple summary that leaves out a lot can be found here.

  2. Laws! by fluffernutter · · Score: 2

    "Laws are making us less profitable, that can't be right! Laws are only supposed to help us profit!"

    --
    Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
    1. Re:Laws! by Ol+Olsoc · · Score: 2

      This isn't a law. It's sour grapes on California's part for losing Toyota.

      You against the rights of teh individual state to pass laws that are not provided to the federal Government by the constitution?

      States rights baby, it isn't just to make mandatory carry and flying of the confederate flag the law.

      And Toyota is completely free to ignore it and not sell their vehicles in California.. The marketplace. If you don't like onerous regulations, refuse to sell Toyotas to California citizens. And not a regulation at all to hinder you.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  3. Re:As it should be by spire3661 · · Score: 2

    No, its way late. Its time to radically rethink our vehicle infrastructure NOW. Self-driving should be flat out outlawed within 20 years. 30,000 souls a year screaming for us to change is a powerful motivator. Keep up or get out of the way.

    --
    Good-bye
  4. Re: As it should be by spire3661 · · Score: 2, Insightful

    Truly a well-reasoned and impassioned response to the 30,000 people killed every year, the vast majority of which were caused by direct human inattention to detail. People are the worst drivers imaginable, robots cannot possibly EVER be worse.

    --
    Good-bye
  5. Re:Now I know what self driving car not to buy by zlives · · Score: 3, Funny

    their attempt at self accelerating cars was the first warning ;)

  6. Re:Now I know what self driving car not to buy by Anonymous Coward · · Score: 5, Informative

    After the unintended acceleration fiasco (for which some engineers and management really should have been put to death instead of settling out of court), no one at all should be driving a Toyota, self-driving or otherwise.
    Source:
    http://www.safetyresearch.net/Library/Bookout_v_Toyota_Barr_REDACTED.pdf

    tl;dr:
    Here is a list of ways Toyota fucked up:
    -Not following appropriate coding style (ie: 'spaghetti'/unmaintainable code, acknowledged by Toyota engineers in internal emails)
    -Not following appropriate coding standards (ie: MISRA-C)
    -No memory error detection and correction (which they told NASA they had, but "Toyota redacted or suggested redactions that were made in the NASA report almost everywhere the word EDAC appears it's redacted. So someone at Toyota knew that NASA thought that enough to redact from the public that false information.")
    -Not mirroring all critical variables (which they initially claimed they did), in particular the critical kernel data structures had no protection, as well as the global throttle variables
    -Task X responsible for a retarded amount of work: pedal angle reading, cruise control, throttle position, writing diagnostic troublecodes, failsafes
    -Buffer overflows (at least one confirmed)
    -Invalid pointers (pointers not checked for validity before being used)
    -Existance of race conditions
    -Using nested/recursive locks
    -Unsafe type casting
    -Insufficient parameter checking
    -Stack overflows
    -Excessive code complexity - 67 functions have cyclomatic complexity (MCC) over 50 (aka -'Untestable') (30 is a typical max), 12 functions have MCC over 100 (aka 'Unmaintainable')
    -The function that calculates throttle position is MCC 146 and is 1,300 lines of code (executed by Task X)
    -Uses recursive functions, which must not be used in critical applications according to MISRA-C
    -Incorrect worst case stack size analysis - Toyota claims worst case usage was 41%, expert found worst case stack usage was 94% *NOT INCLUDING RECURSIVE FUNCTIONS!!!*
    -Critical, unprotected kernel structures located directly after stack. IE: if stack overflows, critical kernel data is guaranteed to be lost.
    -No runtime stack monitoring to ensure it doesn't overflow
    -RTOS (named RX OSEK 850, after the OSEK API/Standards used by many automotive RTOSes) was not actually certified as compliant with the OSEK standard, but used by Toyota anyways
    -MISRA-C rule violations (over 100 rules in total). NASA looked at 35 rules and found over 7,000 violations. Expert looked at all rules and found over 80,000 violations.
    -Toyota claims their internal coding standards overlap ~50% with MISRA-C, but in reality, only 11 rules overlap. 5 of those rules were violated. In total at least a 3rd of their own internal standards were violated.
    -Toyota cannot produce any records of bugs or bug fixing from testing, no bug tracking system was used
    -Inadequate/rare/no peer code review
    -Over 11,000 global variables
    -Totally incorrect ("abysmal") watchdog usage: Run by hardware timer so operates if other parts of CPU are failing, doesn't check that critical tasks are running, throws away error codes sent to it by the OS from other tasks, allows for CPU to overload for 1.5 seconds before reset (a football field @ 60mph).
    -Toyota didn't look at or review the monitor CPU code, though they claimed that there could be no software cause for UA
    -Monitor CPU had all the requirements (electrical signals coming in and going out, adequate memory, CPU) to monitor brake pedal, throttle and to do something useful if there was a malfunction, but it just wasn't implemented due to lazyness or incompetence
    -Many single points of failure
    -Their failure mode analysis missed obvious things because they didn't follow any formal safety processes like MISRA
    -Mix of Toyota code and Denso code
    -"It cost them less to water down the watchdog then to upgrade the CPU to a fast enough CPU"
    -If a fault occurs when there is pressure on the brake pedal, then applying further press

  7. Re: As it should be by ewibble · · Score: 3, Insightful

    Robot may or may not be better, but to say humans are the worst drivers imaginable is a hyperbole. I suppose you let your dog drive because it is safer.

    the population of the US is 318 million (I assume that 30,000 is in the US), that is 0.009% of people die, sure it could better. 13,322 people die from falls, given that walking is so much slower are we even worse at walking.

    To me it is not apparent that less people will die, if robots drive, you need actual evidence and testing, not wild statements about how bad people are.driving you need use actual facts.

    If I died every time my computer had a blue screen I would be dead a long time ago.

  8. Re:As it should be by FatdogHaiku · · Score: 3, Funny

    I'm waiting for Samsung to put out a self driving electric car, it'll be hot...
    Bonus, no need to paint flames on the sides!

    --
    You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
  9. Re:RULE #1 by uncqual · · Score: 2

    I think shirts with the standard red octagonal STOP symbol may become very popular with pedestrians -- although, maybe that would just cause the cars to begin to ignore STOP signs that looked like shirts - perhaps because they were slightly bent. That may not end well.

    --
    Why is there an "insightful" mod and why isn't it "-1"? If I wanted insight, I wouldn't be reading /.
  10. Re: As it should be by arth1 · · Score: 2, Insightful

    It's a damn good card. Reducing the fatalities ASAP is the main point and should be our goal.

    Why? We trade safety for freedom with a higher risk of fatality in pretty much all aspects of life. It's called living.

    The lifetime risk of dying in a car accident is around 0.17%, which I think are very acceptable odds. Certainly much better odds than for the risk of dying from a fall, which is around 0.5%. We could reduce that quite substantially if we lived in padded rooms and moved around with walkers, wearing helmets.
    But I prefer the freedom that accepting risks give.
    If I die, I will have lived.

  11. Re:As it should be by Dutch+Gun · · Score: 3, Insightful

    "Per billion mile" is a stupid way to measure safety in practical terms. We don't measure our lives in miles or kilometers. We measure them using time.

    Let's look at those transportation methods in fatalities per billion hours traveled:

    Bus - 11
    Rail - 30
    Air - 30
    Water - 50
    Van - 60
    Car - 130
    Foot - 220
    Bicycle - 550
    Motorcycle - 4,840
    Space Shuttle - 438,019

    Now, let's consider how many hours we spend each day in each of these activities. I'd guess I'm in the car an average of perhaps 1 1/2 hours per day. Since nothing else comes close (assuming treadmills don't count as "walking"), I'm at FAR more risk than dying in a car crash than any other transportation method by a very large margin.

    Lies, damn lies, and statistics. According to your statistics, the space shuttle is only slightly more dangerous than driving in a car and less dangerous than a ferry, which is obvious nonsense.

    --
    Irony: Agile development has too much intertia to be abandoned now.
  12. Re:As it should be by Gavagai80 · · Score: 2

    Those bicyclists and motorcyclist and walking deaths you're citing as being so much bigger than car deaths are mostly killed by cars.

    --
    This space intentionally left blank
  13. Re:Not one business to remain! by Gavagai80 · · Score: 2

    You just posted that to a business running on a web server in California. Yeah, with a GDP of $2.5 trillion we sure are running short of businesses. Let's scrap all safety rules in a desperate attempt to increase their profits.

    --
    This space intentionally left blank
  14. Re:Don't forget to look at all sides by Tablizer · · Score: 2

    hackable...an extremist government deciding to limit how far you may drive in a given year. Or limiting where you may drive.

    "Kim Jong won't let me shop for jeans, OMG, the Horror!"

    --
    Table-ized A.I.
  15. Re: As it should be by goose-incarnated · · Score: 2

    The evidence and testing is being done, and accident rates are lower for autonomous cars already.

    No, it isn't. Stop comparing "self-driving cars that are corrected by a human" with "human-driven cars".

    --
    I'm a minority race. Save your vitriol for white people.
  16. Re: As it should be by Joce640k · · Score: 2

    If I die, I will have lived.

    Yep. Your daily commute is really "living". I admire you for being so alive.

    --
    No sig today...
  17. Re: As it should be by umghhh · · Score: 2

    I always had problems with people that tried to help me especially if this meant me paying anything to them and the respective fees being made mandatory by industry or even state. In other words - if you want to help me ask first if I need help.