embedded software boot camp

Embedded Software is the Future of Product Quality and Safety

Monday, February 8th, 2010 by Michael Barr

Last year a friend had a St. Jude pacemaker attached to his heart. When he reported an unexpected low battery reading (displayed on an associated digital watch) to his doctor a month later, he learned this was the result of a firmware bug known to the manufacturer. The battery was fine and would last on the order of a decade more. His new-model pacemaker’s firmware didn’t include a bug fix that was provided the year before to wearers of old-model.

Another friend owns a Land Rover LR2 SUV with back-up sensors. When the car is in reverse and nearing an obstacle or another car, the driver is alerted via a beeping sound. Except that the back-up sensors don’t always work. Some “reboots” of the SUV don’t seem to have this feature enabled. He suspects there is a “race condition” during the software startup sequence.

Yet another friend has driven a Toyota Prius hybrid over 100,000 miles. He reports that the brakes very occasionally have an odd/different feel. But his older model Prius is not expected to be subject to the 2010 model year recall.

These are just a few of the personal anecdotes behind the headlines. Embedded software is everywhere now, with over 4 billion new devices manufactured each year. Increasingly the quality and safety of products is a side-effect of the quality and safety of the software embedded inside.

One important question is, can we trust future software updates any more than we can trust the existing firmware? How do we know that the Toyota Prius hybrids with upgraded braking firmware will be safer than those with the factory firmware?

Tags: , , , ,

4 Responses to “Embedded Software is the Future of Product Quality and Safety”

  1. Anonymous says:

    From http://wdmt.blogspot.com/2010/02/toyota-gas-pedals-and-radiation-death.html

    As we make machines more and more complex, we tend to rely on software more, without realizing that while software simplifies the need for specialized mechanisms, it does not of itself simplify the control problems it intends to solve. With poorly architected, designed, and implemented software accepted as the norm in our homes and offices, it is no wonder that failures happen in critical equipment. If we look at the Toyota problem, it is actually blown way out of proportion. I don’t mean that the people who died or were injured are not important, I mean that we are focusing a lot of attention on this issue, while overlooking similar types of problems that cause even more deaths and injuries. I hope that when the Toyota problem is fixed we won’t forget that other people are dying from shoddy software.

  2. Bruce Ball says:

    About 8 or 10 years ago I wrote a short piece on Software Product Liability and distributed it to several of my lawyer friends at the time. NONE of them even commented on it. I don’t claim to be clairvoiant, but i think Toyota’s and to a lesser extent Ford’s current problems with embedded “fly by wire” auto controls are just the beginning of the greatest shift in legl activity in a long long time.

    Generally I don’t think much of trial lawyers, but they certainly have a place in our litigious society. I see a new area of product liability opening up in the near future. I see an ocean of litigation with a Tsunami coming. It will probably touch me directly to some extent and could have a huge indirect effect.The name of the tidal wave is Software Product Liability. At present, it almost doesn’t exist.

    The 900 lb gorilla of the software world, Microsoft, now gets away with the disclaimer found in the Windows 98 licensing agreement, which reads: “In no event shall Manufacturer or its suppliers be liable for any damages whatsoever arising out of the use of or inability to use this product, even if Manufacturer has been advised of the possibility of such damages.” Wouldn’t Firestone and Ford like to be able to hide behind such a clause as they fight their SUV roll-over and tire de-lamination battles? In fact, I think the path to the coming sea-change in Software Product Liability will probably be via the automobile.

    Manufacturer liability for automobile defects is well established, and the invasion of programmable electronics into the auto is well on its way. Even Microsoft is pushing their Windows CE product for embedded real time control, the type of software needed to control the electro mechanical devices proliferating in modern automobiles.

    The present situation is almost guaranteed to produce unreliable software. According to Bruce Schneier of Counterpane Internet Security, Inc., “Smart software companies know reliable software is not cost effective. Studies indicate 90 to 95% of all software bugs are harmless … so its much cheaper to release buggy software and fix the 10 or 15% of (bothersome) bugs after people complain.”Software companies don’t have to produce a quality product, because they face no consequence if they don’t. The only product liability that exists is limited to the replacement of a physically defective diskette or CD-ROM.

    In addition to product liability involving software control of mechanical equipment, where the hardware manufacturer might reasonably be held accountable, huge holes in liability law exist regarding both stand alone software reliability and Internet security. With the rapid expansion of e-commerce, the business of business via software is just beginning. “Let the customer Beware,” is reasonable where the has a means of protecting himself through prudent investigation, but consumers have little opportunity to make such investigations in the often anonymous world of the World Wide Web.

  3. Ram C. says:

    One reason software companies take liberties with the reliability of their software is due to lack of awareness in their customers. Does an average user/customer of Microsoft Windows Vista care enough to pay extra money for 'reliability/safety' as long as the OS does its minimum functionality well? Increased consumer education and activism would also be required to push companies towards software reliability and quality.

  4. Michael Barr says:

    Ram,

    I am hopeful that the widespread awareness of embedded software in automobiles brought about by the zillions of articles on Toyota’s mostly mechanical problems will provide a platform for the kind of demand for change and activism that you mention. Unfortunately, it too often takes the media fury surrounding tragic death to bring about real change. Though I certainly don’t wish for it, I suspect that a high-profile tragic death blamed on firmware is an inevitability. Let’s all try to make sure it’s not the result of a product we worked on.

    Cheers,
    Mike

Leave a Reply