It remains unclear whether Toyota’s higher-than-industry-average number of complaints regarding sudden unintended acceleration (SUA) is caused (in whole or in part) by an embedded software problem. But whether it is or it isn’t actually firmware, the company has clearly denied it and yet still developed an embedded software “image problem”. They’ve brought some of this on themselves.
Side Note: I think it is a net positive that journalists, the mass media, and a broader swath of the general public are increasingly aware that there is software embedded inside cars, airplanes, medical devices, and just about everything else with a power supply or batteries. Firmware has been inside these products for many years, of course. But as I wrote in a recent article in Electronic Design, my experience working with companies across many industries lead me to believe there is a looming firmware quality crisis. Greater public awareness is sure to bring litigation. This will force engineering management to care more about firmware quality than they currently do.
Toyota’s Firmware Image Problem
Long before the “floor-mat recall” NHTSA had logged a higher number of unintended acceleration complaints (4.51 complaints per 100,000 cars sold for the 2005 to 2010 model years) for Toyota than any other company. (A recent Washington Post graphic has more data.) Apparently, NHTSA and Toyota were investigating the reports–but hadn’t yet taken any action.
It seems that what set that first Toyota recall in motion was a high-profile fatal August 2009 crash involving an off-duty California Highway Patrol office, his family, a runaway Lexus, and a disturbing 911 call, Given the context of that specific crash, I’m not convinced the floor mat recall made much sense. In particular, I find it hard to believe that a police officer with adrenaline pumping through his veins and his family’s life on the line, wouldn’t just rip a stuck floor mat out of the way like the Incredible Hulk. (Or that he would choose running off the road at 125 mph vs. shutting the vehicle off entirely.) But I don’t have all the facts about either that specific accident or the reasoning behind the floor mat recall.
The broader recalls that have happened since have focused on also adding mechanical strength to the accelerator pedals in a number of different makes and models. To this day, Toyota categorically denies any sort of electrical problem. Yet some cars that have been modified in this way have since been reported to experience unintended acceleration! Besides which, mechanical parts generally fail visibly or entirely once they first fail–rather than intermittently. Intermittent failures are far more common with electronics (think EMI) and firmware.
Toyota’s firmware image problem stems from two things: First, they have separately recalled the Prius for a braking-related firmware upgrade. Other possible Prius software issues have been identified by Steve Wozniak and Jim Sikes, but these have not yet been confirmed. Additionally, the continued reliance (by Toyota and NHTSA) on theories such as “we can’t reproduce the problem and we haven’t been able to see it during testing” as proof that there’s not a software bug is simply unbelievable.
Anyone who works with software knows from experience that lots of bugs can’t be easily reproduced. The fact that these incidents can’t be reproduced is not a proof of anything.
Software in Cars: The Future
Don’t get me wrong. I want more software in my car not less. I very much look forward to the day that an in-car computer takes over the driving for me. After all, some cars already have more sensor data to make decisions on than the driver does. Imagine what a car with an integrated GPS navigation system, auto-follow cruise control, and collision avoidance systems could do. While I guess that I should move left one lane to avoid a crash, the computer is capable of seeing in all directions at once, calculating all of the trajectories of near-by cars, including instantaneous changes in their acceleration or deceleration.
Additionally, I suspect that even with bugs in a car’s drive-by-wire software the car may be much safer overall for its electronic traction control and anti-lock braking systems.
I just wish that Toyota would own up to the fact that the inability to reproduce a problem doesn’t rule out a software (or EMI) flaw.