Automotive failures

Go To Last Post
90 posts / 0 new
Author
Message
#1
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

It will be interesting to find out what is at the bottom of the recent spate of automotive failures. I would not be surprised that "lead free solder" and "surface mounted components" might be a serious limiting factor in automotive electronics safety.
Lead free solder, wave soldering, surface mounted components, high currents, high temperatures,
vibration and shock ...... a recipe for short MTBF's!

Charles Darwin, Lord Kelvin & Murphy are always lurking about!
Lee -.-
Riddle me this...How did the serpent move around before the fall?

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Ordinary mechanical design mistakes and software appear to be responsible for Toyota's problems, they don't seem to have anything to do with electronic reliability. Car electronic systems don't seem to be any less reliable than they used to be.

Leon Heller G1HSM

Last Edited: Thu. Feb 25, 2010 - 03:55 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Solder joints that break seem to be the most frequent failure mode.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Yesterday I heard that driving near power lines has caused some electronics to freak out. I had read a few weeks ago that the plastic used in the pedal was nylon and then PPS in europe in an attempt to keep moisture from making it stick. This was over years of time period so the sticking pedal problem has been around. The latest fix.. the shim is to move the two plastic parts gear teeth apart to keep them from sticking. The law suits are going to be hugh. With Obama being in the auto business it seems congress has a conflict of interest in their investigations. Toyota is shutting down the San Antonio factory for two months.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

On Topgear they once subjected a VW Golf to lightning :)

You can see it here on YouTube.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

My previous car was a VW Touareg, and its primary control computer failed and needed replacing three times in a 16 month period. US$1800 each time. Ouch.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

JayJay that was a cool video. The Golf seems like a durable car when it comes to lightning.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I have fixed a couple of Saab dashboards, always a cracked solder on R13, just heat it up and let it cool and it is fixed. Yes its a SMD.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Same problem on a 95-98 Ford Scorpio, one resistor in the dash that causes problems. Or its Teves Mark xyz ABS ECU, same problem.

Saab SID units... the connection to the LCD fails. Same problem on the climate control. Same Saab, problems with the PRNGL switch and the ABS unit failed, only a simple transistor or so that failed.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Seems like an easy fix.

If(brake_lights==ON)
engine(idle);

But do it in hardware.

Greg

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

AWESOME...
Will you do the test?? Got bol.. to do it?? :lol:

Quote:
Yesterday I heard that driving near power lines has caused some electronics to freak out.

I don´t think soo, under the hood is so hardzard enviroment so the electronics had good protection, and even the car´s iron will protect the electronics from power lines.

Regards,

Bruno Muswieck

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Interesting comments. Pre-electronic cars were mechanically quite reliable and of course improved tremendously by fuel injection etc. etc. using electronics etc. My point is that lead free solder
is a step backwards in reliability ans so is SMD
especially in rugged/hostile environments.
Whilst the electrical bonding with SMD & lead free solder might be OK, the mechanical bonding leaves a lot to be desired!
I dropped a remote control on the floor the other day & would not work until I resolder two SMD diodes that had fallen off. Similarly I find I do a lot of repairs with high current components which fail due to thermal cycling.

Every soldered joint is effectivily a component with a MTBF and a resistor effectivily becomes a device with three components associated where the soldered connections would have a shorter MTBF then the resistor. Whilst this may be OK in entertainment equipment, it is not in life support equipment,planes, trains & automobiles.
A chain is only as strong as its weakest link!
As already suggested we can check our hardware with software, but if during the driving on a vehicle on a Autobahn, any part of it stops to function because the software has detected a hardware fault, I would prefer not to be in it!

Charles Darwin, Lord Kelvin & Murphy are always lurking about!
Lee -.-
Riddle me this...How did the serpent move around before the fall?

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

brunomusw wrote:
AWESOME...
Will you do the test?? Got bol.. to do it?? :lol:

Quote:
Yesterday I heard that driving near power lines has caused some electronics to freak out.

I don´t think soo, under the hood is so hardzard enviroment so the electronics had good protection, and even the car´s iron will protect the electronics from power lines.

Here is what the transportation secretary said:
The wider problems appear to be conventional mechanical issues, but Transportation Secretary Ray LaHood said his department would undertake a broad review of whether automobile engines could be disrupted by electromagnetic interference caused by power lines or other sources.

Also it was mentioned that a number of Prius had brake lights turning on for no reason, etc. Clearly there are problems to be debugged and fixed before more people are hurt.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Mercedes has had a lot of (software) problems in the past. Things like CANbus makes things quite complicated compared to simple wires and Mercs are stuffed with many dozens of modules. Must be firmware hell.

My fathers Saab also uses CANbus for things that in the past were simple wires and relays; like the indicators: the audible click is generated by the SID, a display module on which you can see the time, mileage, distance to empty, radio station etc; it also houses the central speaker and once in a while you can clearly hear it miss it a click, only to make an extra click a few 100ms later. Apparently it acts upon lamp-on/off commands on the CANbus and sometimes that goes wrong :)

Mercedes has this so called BAS system, a system that maximizes braking effort if it detects an emergency stop (decision factors are how quickly you release the throttle and the time between releasing the throttle and hitting the brake pedal). There were reports that this system commenced an emergency brake completely out of the blue without any driver input :)

The latter is one of the more dangerous possible failures, the first is just a very slight nuisance.

Or take the early 80s Volvo 480, arguably the first car to have almost everything controlled by a 8051. In the first years the car would do things on its own while parked, like lowering windows, turning on headlights and things like that. In later versions one of the counter measures was that they reduced the number of connectors used.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Let' see. 40,000 dead on US highways every year. Perhaps 5% are directly due to hardware defects.
Thus 2000 die every year to auto failure. That means that all the huffing & puffing is over 1% of the mechanical failures and 0.05% of the deaths.

This sounds like the usual media event. Safety can be improved only thru objective statistical criteria. Innumerate hysteria adds no value.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I would not be surprised if some of the software or harware design were farmed out to "cheaper countries"...you know with the type of "engineers" that ask questions here for the most simple task or want us to develeop a complex task for them.

...that acid reflux is killing me... :?

John Samperi

Ampertronics Pty. Ltd.

www.ampertronics.com.au

* Electronic Design * Custom Products * Contract Assembly

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Our local train companies had forbidden the use of LeadFree solders due the reliability problems, but cars are allowed to do what car manufacturers want.

AFAIK, EMC tests are done at >400V/m while standard EMI for EN61000 is typically in the 10-20V/m, so I seriously doubt that power lines would disrupt anything inside a car. Maybe speedometers used by policemen are more 'dangerous' in this field, but for sure politicians wouldn't allow any discussion about that issue (in order to keep the income).

Firmware development >>IS<< a nightmare.

Remember that after all, business can allow for some legal actions if they save some pennies. That is the reason why CEM1 boards, single sided loade without any THT components are used: the cheapest possible. One € less each, for few million cars, is worth many lawsuits.

Guillem.
"Common sense is the least common of the senses" Anonymous.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I guess the quality of the PCB/module depends on how critical the module in question is.

The engine ECU in my 20 year old car is a nice four layer board, conformally coated and housed in a heavy sturdy diecast aluminium casing with the connector forming almost an integral part of the casing; the multiplug is held on with a bold and with proper strain relief of the many wires. Same for the ABS module.

This same car was also available with an auxiliary warning systems that monitors lamp bulbs and shows which doors are open on a little display. The two modules for these were made to quite lower standards, a simple thin walled noncast aluminium box with a big multiplug connector soldered onto a cheap paper PCB with little strain relief. As a consequence most of these boxes fail because the heavy wiring stresses the connector and its solder joints too much which then break. Usually resoldering fixes them.

I've seen the insides of two modules of my father's Saab, the SID and the ultrasonic alarm module that's hidden in the roof mounted interior light, and these were normally quality PCBs, mostly SMT.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

With more and more lectronics going into cars, its no surprise we're finding defects. Whilst I have little doubt the code is tested,tested and tested some more, that's no replacement for writing code correct in the first place. I know with my late model car, weird things happen - like the dash beeps, a messge briefly flashes up then disappears or the radio decides to change station - stuff like that. Not critical of course,but not confidence inspiring. The stability control works a treat - especially in the wet you can get the car to slide sideways and the stability controls applies brake to only one front wheel so you slide turn gracefully - you just have to disable the safety circuits in your brain!

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Quote:
I would not be surprised if some of the software or harware design were farmed out to "cheaper countries"...you know with the type of "engineers" that ask questions here for the most simple task or want us to develeop a complex task for them.

...that acid reflux is killing me...


John the ones that ask "simple task or want us to develeop a complex task for them" aren't only for cheap countries some newbies for rich countries too, I think that this are more connected to the experience time, like your and Jim's white hair doesn't come for free...
The way you said seens that develop country can't develop good... I already see some prove of it that we can and did it even better...

Regards,

Bruno Muswieck

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I think that the Toyota company wants to improve the profit and reduce product on costs. At last, the company ignores the quality of the cars.

Nobody can go back and start a new beginning, but anyone can start today and make a new ending.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Wonder if the senators could cajole Mr Toyota into divulging the source to the throttle management part of the engine controller. 10,000 eyeballs scouring a program ought to confirm or deny its robustness? Anyone know what micro is in a Toyota? Hitachi H8? I have a 'hunch' about a reset from a brownout where a variable is/isnt preserved/initialized correctly... what if the throttle position goes 0xff to 0x00 instead of 0x00 to 0xff because some doofus put a gear on the throttle position sensor and reversed the direction of rotation, and the manager told the programmers to fix it in the sw (programmers are always at the bottom of the pecking order), and the 1 million watt airport search radar resets the engine controller and 20ms later it wakes up with the throttle at 0x00 instaed of 0x7f or whereever it was, and we're off to the races!

Imagecraft compiler user

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I thought that this was an interesting read, not to say if its right or wrong, definitely thought provoking.

http://www.nutwooduk.co.uk/downloads/Toyota.doc

I would not be supprised to see a few other auto makers clean out their closets with all the hysteria going on.

oddbudman

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I saw a news item a week ago where an entire neighborhood's electronic garage door openers would not work ever since the military installed some towers. The military is said to have promised that if it could be shown they were causing the problem they would reduce power or something.

Also I have seen the recent Mercedes commercial where they say it puts the brakes on full if you get too close to another vehicle. How many of us have accelerated up just before pulling out to pass? I can see the car slamming on the brakes just when you see you can pass after following a slow truck for 10 miles!

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Here is a link to the San Antonio TV stations report on the garage door issue..

http://www.kens5.com/news/consumer/Uncle-Sam-jamming-SA-garage-door-openers-83088492.html

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Quote:
The way you said seens that develop country can't develop good...
I hope I did not offend anyone. Most of the electronics stuff around me is made in "developing countries". I have a PIC development system made in Brazil. :)

I'm more referring to the mentality of management of most companies which are profit driven regardless of quality.

If we built in this country we must stick to some rules, if we built it in some other contries we can get away with murder, literally!!

When things go wrong the "managers" simply pocket million of $ in whatever form from the company and move to another company to make a mess of it and get richer in the process.

John Samperi

Ampertronics Pty. Ltd.

www.ampertronics.com.au

* Electronic Design * Custom Products * Contract Assembly

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Quote:
.you know with the type of "engineers" that ask questions here for the most simple task or want us to develop a complex task for them.

A year or so ago, I had to help and/s graduated Instrument Engineer to use an oscilloscope as he had never actually used one. I quizzed his undergraduate studies and he said they had studied CRO's, but the only practical experience was a lab demonstration in a group of 70 other students.
When guys like that are allowed to to get loose on design & manufacture of automotive instrumentation...it's bad news! Just imagine what will be in the $2500 car coming in from overseas!

Charles Darwin, Lord Kelvin & Murphy are always lurking about!
Lee -.-
Riddle me this...How did the serpent move around before the fall?

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I think they need to rig the steering column solenoid lock so it doesnt lock when the key goes off until wheelstop. That way, you can just put it in neutral when it goes nuts, switch off the key, pull over to the side of the road. Better than trying to run out of gas at 100mph for an hour. That might work in Nevada. I wanted to market a 'Toyota Emergency Throttle Unsticker' which consisted of a piece of twine from the pedal to the mirror, with a yello/black placard that reads 'In event of sticking throttle, pull cord'. $9.95 sound about right?

Imagecraft compiler user

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Can't you just turn off the ignition? On my car the steering lock won't engage until the key is taken out of the lock. Any other way is just stupid design.

What is fun is an diesel engine that cannot be shut down by turning off the ignition and is fuelled by its own oil vapours coming from a leakly turboshaft seal, racing at maximum revs ;) That happened to me once, the only way to shut it down was to keep the brakes firmly down, then dump the clutch.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I can't see why people can't put the car in neutral ( assuming an automatic) as the engine management will rev limit the engine so you can apply the brakes and halt in a controlled manner.

Maybe years of racing two stroke motorbikes has trained me as frozen throttle slides and seized engines gets you working the clutch real quick.

jj - interesting to see what the future holds for the current proliferation of diesels we're seeing at the moment.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Quote:
I think they need to rig the steering column solenoid lock so it doesnt lock when the key goes off until wheelstop.

That´s safety, I don´t know any car that work´s like this.

Quote:
Can't you just turn off the ignition? On my car the steering lock won't engage until the key is taken out of the lock. Any other way is just stupid design.

Totaly agree, on this design there isn´t a safety way to just shut down the car when something goes wrong.
The Toyota´s cars that are in trouble are like this? Because if you can turn off the engine you have the hand brake to help you to stop de car and even that depends on the drivers hability to control the car.

Quote:
I can't see why people can't put the car in neutral ( assuming an automatic) as the engine management will rev limit the engine so you can apply the brakes and halt in a controlled manner.

Depends on the driver hability, I know a lot of drivers that could lost the control on a situation like this. Some people stoped on panic situations.

Regards,

Bruno Muswieck

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Once, I had an strange (analog) electrical problem with my two stroke 75cc. Vespa. It was weird enough to shut off the engine randomly, and few meters away turn it on again.

After some electrical research on the AC system (it works only with AC!!, fully 'analog'), and some DMM readings, I found that simply disconectin the main wires that go out of the magnet allowed to use the bike without any key!!! Even with the steering column blocked!!.

Finally this was a broken wire that depending on the suspension (is this the word?) it opens or closes. Is this an example of 'spaghetty monster'? ;)

BTW, I'm currently working as Automated Test Bench Design Engineer for a company that produces electronic modules for european cars. Maybe it is time to start using the bicycle all over Europe. :twisted:

Guillem.
"Common sense is the least common of the senses" Anonymous.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Quote:
BTW, I'm currently working as Automated Test Bench Design Engineer for a company that produces electronic modules for european cars. Maybe it is time to start using the bicycle all over Europe.

hehehehe... Cars still are my choice, I´m far away...
Just kiding Guillem....

Good luck for you on this new area...

Regards,

Bruno Muswieck

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Steering and braking are probably the two most critical areas of a vehicle design. AFAIK steering is reliant on the mechanical design only; even if the power steering fails, the steering wheel is still linked to the wheel's lateral orientation.

While a simple traditional approach to braking would involve a hard link from pedal to caliper, anti-lock braking technology breaks that link to some extent. I don't know how it is implemented, but anti-lock brakes are designed to "unbrake" in hopes that tire rotation will slow the vehicle more effectively than non-rotation.

In commercial aviation systems we go to great lengths to reduce failures, both in design and in validation (i.e. testing). TMK there is no "ah let's leave it to the lawyers to sort out" attitude; litigation is a nebulous potentially infinite black hole for capital (i.e. bankruptcy).

As for Toyota: they deny firmware culpability, and I would guess some grad students have decoded any instruction arrays involved, and identified problem areas, to keep Toyota honest. Perhaps it's all proprietary and private. We'll see.

C: i = "told you so";

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

There are several issues here:
1. Cars are, in general, more reliable than they ever have been. It is not uncommon these days to get 200, 000+ miles of useful life. When I was a lad in the 50's 100k was pretty magical.
2. At the same time, the systems have gotten incredibly more complex to meet emissions and mileage demands. Not to mention the creature comforts and safety features that have now become standard. (satellite radio/dvd anyone? -- or abs and stability control?)
3. With all of this has come a rise in strange problems often solved by reflashing something like the 'body control computer'.
4. This complexity has lead to service techs struggling to repair problems caused by electronics/software.
5. The automotive control systems are more sensitive to interference. Probably not power lines, but possibly high power radio/radar transmitters(this is documented. And should there be a nuclear arrack -- the old ignition point systems might survive the EMP, but the electronic ones would not.

So all in all, they're doing reasonably well (IMHO), but there are glitches. A CAN bus vehicle (possibly a Mercedes) was brought to its knees when a radio failure eventually clogged the bus with its constant error reports -- it was on the 'low priority' bus, but that was not sufficient protection.

What does seem troublesome is that there are major initiatives to make vehicles ever more complex in the name of safety. These rely on highly complex electronics with demanding requirements for precision. Couple that with the fact that it is difficult to know if these systems are working correcty, and this could become dangerous.

Sorry if I'm a little 'preachy' here. You'd never guess that cars are my other passion, would you :D

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Everyone in my street was kept awake two nights ago by a Lexus (made by Toyota, I believe) parked opposite my house - the alarm kept going off every few minutes. It was raining heavily and that must have triggered it. I seriously considered going out and letting all the tyres down, it wouldn't have stopped the noise but I'd have felt better. I've seen it parked there before; I don't think that the owner lives here, he just seems to leave the car here for some reason when he goes away. We might be able to get the council to prosecute the owner under the noise prevention legislation, I'll look into it.

Leon Heller G1HSM

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Ford2go - I wonder how much of the failure modes of modern vehicles is down not to the electronics but the interconnections between them?

As recently as ten years ago, before (in Europe) the now-ubiquitous OBDII systems, it was common to find several systems managed by electronic controllers, but *they were independent*. Thus, the engine control unit controlled nothing but the engine; the airbag system controlled only the airbag; the ABS system looked only at the brakes. The radio did nothing but talk to the front panel...

Now there's a call - whether from the designers or the buyers - to integrate everything. The cruise control talks to the ECU but maybe also the brakes as well; the radio has to decide whether it should override from a phone or a satnav system. You get the idea.

*Logically* it makes sense to put all these things on one bus; it's less wiring, keeps it all in one place... but also provides a single point of failure. Something going awry in one component now has the potential to take out the entire system. This is probably Not Good[tm].

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Aircraft have redundant systems which make failure very unlikely, it's probably too expensive for cars.

Leon Heller G1HSM

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Quote:
While a simple traditional approach to braking would involve a hard link from pedal to caliper, anti-lock braking technology breaks that link to some extent. I don't know how it is implemented, but anti-lock brakes are designed to "unbrake" in hopes that tire rotation will slow the vehicle more effectively than non-rotation.

The hard link is a fluid; ABS systems add valves between the lines, one valve to reduce pressure, one to increase it (three of four pairs). So, that little ECU that controls all this, has indeed the power to render your brakes completely inoperational. All it takes is to energize all release valves. That's why two microcontrollers are used that check each other all the time, with a separate watchdog and lots of electrical tests that are performed continuously. Some system even measure the regularity of the pulse train of the wheel sensors to check for mechanical eccentricity.

The firmware uses a lot of plausibility checks, keeps redundant copies of important data, checks program flow with token passing etc as described in this Wikipedia article.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Thanks for the details. This is the kind of redundancy and self test we deal with in aviation electronics. Testing all the possible failure permutations can be a difficult task to get right.

Very recently I read about the Hmong immigrant sentenced to eight years in prison for exiting a freeway and plowing into another vehicle at 70mph, killing three. He swears up and down he was all over the brakes, but they did nothing. This was a 96 Camry.

C: i = "told you so";

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I wonder if there are any studies of how many people anti-lock brakes have killed versus saved? Over the years I've seen many media hysteria campaigns over product faults that when looked at calmly, it turns out the benefit far out weighs the cost. You see this a lot in medicine where product X kills 10 people and their relatives are interviewed boo-hooing by some cynical talking head looking for ratings and then a few months later the agencies release data that X saves 10000 people per year.

It kind of reminds me of my cousin who wouldn't wear safety belts because she was afraid that she'd be in a wreck and the car would catch fire and she wouldn't be able to get her belt open and would burn to death. Her fantasy was so frightening to her that she refused to accept the proven statistics that she was vastly more likely to be saved from death or injury by seat belts than to burn to death because of them.

In fact most folks are more afraid on airplanes than they are driving to the airport where they are substantially more likely to by hurt than on the aircraft (it's a control issue and I too suffer from it).

So has anyone seen any estimates on how many people would die per year if we stopped using anti-lock brakes versus how many get killed by them? Probably not since the media can't get pictures of people crying over the 10000 that didn't get killed.

Smiley

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Some people drive more carelessly 'because they've got ABS brakes now' negating the advantages of ABS.

Others never bother to try the system out a few times and when they need it the most they get scared by the pulsating pedal and the grinding noises and let go of the pedal and crash, possibly needlessly, anyway.

Then ABS needs a bit of repair once a while when a car gets older, and an the fifth owner might not want to/cannot spend the money, almost invariable, on the costly bill.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

smileymicros wrote:
it turns out the benefit far out weighs the cost
Firearms are another example.

Once or twice I've seen the Mythbuster guys lose control of an RC equipped automobile. How embarassing. The emergency stop is the thing you get working first, and verify over and over again, so no doubt exists as to its performance.

Man-rated system failures go well beyond Murphy's Law. In real life sometimes things that can't go wrong, do go wrong. Redundancy is a mitigating factor, but obviously there are development and unit cost increases which could easily be deemed wasteful.

C: i = "told you so";

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Next bit of fun in automotive is electric power steering. We've had a very reliable run with hydraulics over the years with the usual failure mode being leaking oil or simply no assistance. I can forsee electric controls not being as forgiving.

I can only hope with the later model motorbikes with fly by wire throttles that they don't go AWOL and that the kill switch does actually kill the engine rather than tell the ECU to stop.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Some systems can overheat when used enthusiastically like when drifting. It simply shuts down leaving you with no assist at all, suddenly.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

The more posts I read in this thread the happier I get to be stuck with my Volvo -79.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

My previous car (late 80's BMW) had a "fly-by-wire" throttle and I've never heard rumor of a failure. These things can and have been engineered successfully but they require different approaches than alarm clocks and televisions.

Imagine testing your code so vigorously that you'd bet your life on it, because that's what happens when it goes out the door. (The same applies to the electronic and mechanical bits.)

Interestingly reliability is IME a higher concern in commercial rather than government applications (e.g. military and research). Apparently the profit motive is a stronger force than the others.

C: i = "told you so";

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

cpluscon wrote:
Apparently the profit motive is a stronger force than the others.
Or a healthy aversion to lawsuits.

Smiley

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

smileymicros wrote:
Or a healthy aversion to lawsuits.
Such aversion certainly favors the bottom line. Clearly lawsuits provide an important force driving quality in industry. But IMO there is a huge difference between litigating failed brakes and litigating hot coffee in the crotch.

C: i = "told you so";

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

smileymicros wrote:
Over the years I've seen many media hysteria campaigns over product faults that when looked at calmly, it turns out the benefit far out weighs the cost. You see this a lot in medicine where product X kills 10 people and their relatives are interviewed boo-hooing by some cynical talking head looking for ratings and then a few months later the agencies release data that X saves 10000 people per year.

Smiley

Very good point. Aspirin kills 500 people per year in the US. Remember we are 300 MILLION people.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

News says Toyota owners with gas pedal mod installed are still getting runaway. Anybody know what cpu is in a toyota engine comtroller? If some guy with a little time on his hands could go to the junkyard and get a toyota computer and post the hex dump, a bunch of us geeks could start disassembling subroutines and submitting them to a cvs, and when we get it to compile and be about the same, by then we'll know about what every subroutine does, and someone will see a problem. Edmunds has offered $1 million bux for whoever solves the problem.

Imagecraft compiler user

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Might be a FPGA of which I'm not knowledgable. Can one reconstruct VHDL (or whatever) from a chip?

C: i = "told you so";

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

FPGA configuration is usually done from a flash memory chip. although there are some FPGAs that have on-chip flash. It's virtually impossible to reverse-compile FPGA configuration files.

Leon Heller G1HSM

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Here is a report by Prof. Gilbert describing some of his experiments regarding fault detection by the ECM which unfortunately didn't appear to be identified:

http://www.safetyresearch.net/Li...

C: i = "told you so";

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

bobgardner wrote:
News says Toyota owners with gas pedal mod installed are still getting runaway. Anybody know what cpu is in a toyota engine comtroller? If some guy with a little time on his hands could go to the junkyard and get a toyota computer and post the hex dump, a bunch of us geeks could start disassembling subroutines and submitting them to a cvs, and when we get it to compile and be about the same, by then we'll know about what every subroutine does, and someone will see a problem. Edmunds has offered $1 million bux for whoever solves the problem.

My idea would be to lay it out on a bench and play voltage waveforms into the pot inputs and observe the throttle position motor voltages and plot those so you can see the anomalies. Mu guess it you can get evidence of a software failure under the right conditions. Great Fun! Of course it could also have something to do with mass air flow sensors, etc.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

My idea was to get it in the shop idling, and strike an arc with welding rods in various locations near the engine computer, simulating strong rf noise interference. If the engine sputtered, one might guess it was being reset and recovering in 50-100ms with nothing more that a stutter. Of course if it came back at full throttle, you would be a millionaire.

Imagecraft compiler user

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

That's not a really scientific way to find errors, you still don't know what the design flaw is.

In the Toyota system the throttle pedal sensor consists of two linear hall sensors, and the secondary sensor output X volts more then the primary sensor. The firmware does not have robust enough plausibility checks on these two voltages. Other makes use a sensor that has a different slope on the secondary output; on some the secondary sensor outputs the inverse of the primary one. I think they should have choosen for a frequency output, like Ford MAP sensors do, not analogue voltages.

And another major strategy flaw is not to return the engine to idle when the brake pedal is pressed. I guess Toyota wanted to serve the people who like to do burnouts :)

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

jayjay1974 wrote:
And another major strategy flaw is not to return the engine to idle when the brake pedal is pressed. I guess Toyota wanted to serve the people who like to do burnouts :)

I'm not sure that is a flaw; it's a design decision that maintains the original operating paradigm. The accelerator pedal controls the speed of the engine. The brake controls the speed of the car.

Also, I can see situations where you might, for example, catch the edge of the brake pedal if a bit clumsy when shifting back to the accelerator; it'd be embarrassing if the engine cut back as you did it.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I meant that applied brakes with fully applied throttle is not a normal situation; except for very experienced rally and race drivers that master heel and toe.

The protection does not have to kick in immediately, but only after when it persists longer than a second or so.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

That scenario could be monitored by a completely autonomous system consisting of a separate brake pedal switch and a separate engine speed sensor, and a kill relay or something more sophisticated.

Imagecraft compiler user

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

On the anti-lock breaks: Swedish road authority investigates every accident where life is lost (and a lot of other accidents). I have no har evidense/link right now, so going from memory on this. The road authority can see changes in type, frequency etc of car accidents correlate (or not) with different safety measures implemented in cars. They expected to see "curves being bent" with the introduction of anti-lock breaks, but the effects where small (none?). For anti-skid (correct term?) however, the effects where readily detectable.

I have had my theory on why it came out this way:

Anti-lock breaks has a demand on the driver. He has to interact correctly with the system. Before anti-lock the emergency "break and avoid" manouvre was break hard (but try to avoid lock-up), release break, steer, break again... - repeat. With anti-lock breaks you need to learn a completely different technique. Breaks as hard as you can. Never mind the noise - it is an indicator of the system working. At the same time steer clear of the hazard.

Anti-skid makes no demand on the driver. It will engage autonomously when a skid condition is detected.

We should have more of those systems made mandatory. Systems that help maintain distance to the vehicle in front. Systems that help make lane-changes safe. Systems that help detect wild game ahead. Systems that help detect driver fatigue. Etc etc.

And yes, I suffer from the same thing that Smiley does. My semi-serious fear of flying makes it a force-of-will thing to get on the plane, but I happily drive to the airport. Totally irrational.

As of January 15, 2018, Site fix-up work has begun! Now do your part and report any bugs or deficiencies here

No guarantees, but if we don't report problems they won't get much of  a chance to be fixed! Details/discussions at link given just above.

 

"Some questions have no answers."[C Baird] "There comes a point where the spoon-feeding has to stop and the independent thinking has to start." [C Lawson] "There are always ways to disagree, without being disagreeable."[E Weddington] "Words represent concepts. Use the wrong words, communicate the wrong concept." [J Morin] "Persistence only goes so far if you set yourself up for failure." [Kartman]

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

jayjay1974 wrote:
...In the Toyota system the throttle pedal sensor consists of two linear hall sensors, ...

Since its a system that relies on magnetic fields i wonder if the incidents have a connection to teh drivers footwear, ie. steel toes or girls boots with all sorts of large metal buckles.

Again, just an idea. If it is a magnetic interference problem with steel toe footwear, a welders steel toes could become magnetized if their feet are always kicking around their cables while welding.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

It seems to be the Toyota problem is only in certain markets. They might use different engine controls in certain markets due to import restrictions etc. If that is the case, then that may point the finger.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

IIRC A lot of Toyota's got recalled in NL too. And in NL stick shift is still dominant. Manual transmissions have one big advantage over autoboxes... you can kill the mechanical link at any time by just pressing the left pedal :)

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Do all the cars that exhibit rogue acceleration have cruise control? Was it 'on' but disengaged when incident occurred? Did the loose nut behind the wheel hit the 'resume' button when fumbling for his cell phone?

Imagecraft compiler user

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Finally found a bit of info on the ECM:

Quote:
The two engine control modules use a common Toyota-branded NEC µPD70F3155 32-bit microprocessor as the primary source of computing power. Neither the ECM nor the HVECU contain discrete memory components; the NEC processor die contains both the volatile working memory and the nonvolatile ROM used to store control code.

From: http://www.techonline.com/produc...

C: i = "told you so";

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Yesterday in California a Prius went out of control full throttle and the driver got the highway patrol to help him get it stopped after reaching speeds over 90 mph.
They had to do it on an uphill grade, full parking and foot brakes and turn off engine+ patrol cruisser in front of the Toyota to get it stopped. Driver said he had tried to get dealer to do the recall as he had a card in the mail.. dealer said nope, your not on our list to do anything.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

In a car with an automatic trans, you just shift into neutral. In a prius, is there a shift lever with fwd neutral and reverse? How do you tell it to back up? (Concentrate real hard and it reads your brain waves...)

Imagecraft compiler user

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I dont know but the drive said the brakes smelled like they were cooking when he was on the cell phone with the cops.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Then they overheated and then they stop working (fading). I always assumed the brakes are easily able to overpower the engine. I almost want to try it out myself right now.

Why did the driver not simply turn off the ignition? Likely he or she must have assumed that the brakes will stop working then; potentially fatal ignorance.

Or simply shift into neutral. Better to wreck the racing engine then to wreck yourself and your family and others.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

"After the car decelerated to about 50 mph, Sikes turned off the engine and coasted to a halt."

More:

"He feared turning the car off in the middle of traffic, expecting the steering wheel to lock. If he shifted into neutral, he worried that it would slip into reverse."

Sounds fishy to me.

C: i = "told you so";

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I have never driven a Prius but I think they have regenerative braking to convert eneregy back into the battery. Perhaps that does not work well with the key off? Does it have direct hydraulic brake action such as master cylinder to the wheel cylinder or is it all run by electronics? What ever it is the rotors probably are not up to heavy braking with wide open throttle.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I saw that interview. I agree sounds fishy. Shifting to neutral with an auto or manual is the intelligent thing to do. The rev limiter will save the engine.

Local news suggested selecting park or neutral. Selecting park might fail the transmission.

I think many drivers have lost touch about what makes car go. That is a more serious condition than Toyota problems.

It all starts with a mental vision.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Cant someone go look at their neighbor's prius and see if it has a shift lever with a neutral position?

Imagecraft compiler user

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Clearly the Prius does have a neutral position. See the quote above. The guy chose not to use it. You and I would probably have done that in about 5 seconds, right?

C: i = "told you so";

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Herewith the end result of years of teaching that technology - of any sort - is suitably for end users who *do not understand the concepts*.

Anyone who had thought about the possibility beforehand, or even looked at the key when he turned it to turn the car on, would have observed that there are almost invariably a number of positions of the key, of which the first is 'steering unlock' and the last 'start the engine' with usually two or three others between the two.

Turning the engine off does not lock the steering. Turning the engine off and leaving the clutch engaged does not kill either the power steering or the brakes - at least, in a manual car. I'm not sure what a slush-box does - but even so, both brakes and steering are mechanically connected and required to work in the absence of engine assistance, though the effort required may increase.

Really, this is a no-brainer: if the engine's running away with you, turn the bloody thing off.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

KitCarlson wrote:
I think many drivers have lost touch about what makes car go. That is a more serious condition than Toyota problems.

+a million

...and car manufacturers must know this, and are already doing things to tailor (promote vehicle ignorance) to it. For example some new cars don't even have temperature gauges but just a light that comes on when things are over heating.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

In the interview Sikes said he tried to shut it off, could not, then tried again. Very fishy. He also got back in the car to drive it on the flat bed.

By selecting neutral, and not shutting it off perhaps the fault could be proven and diagnosed.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Brake fix and acceleration from Wiki

In February 2009, media reports revealed that over one hundred complaints had been made to the United States' National Highway Traffic Safety Administration's Office of Defects Investigation indicating that the MY 2010 Prius's brakes do not always function correctly. Two of the complaints were injury crashes,[65] and NHTSA launched an official investigation into the MY 2010 Prius brake system.[66] An internal NHTSA agency memo stated “It appears that when you hit a bump, the regenerative braking (front wheels only) cuts out, and there is a short delay until the friction braking kicks in. This results in loss of braking, which is experienced as acceleration (due to sudden end of deceleration from braking). Net impact is still a loss of braking/increase in stopping distance. This could be fatal for pedestrians — it happens when approaching stop lights if you hit a pothole.”.[67] Japan's Ministry of Transportation also ordered Toyota to investigate Prius braking problems after it had confirmed 14 complaints,[68] and Toyota said that it was aware of 77 Prius brake complaints in Japan.[69] At least one accident suspected of being linked to faulty braking on the Prius was reported in Japan in July 2009, when a Prius crashed head on into another car injuring two people.[70] The third generation Prius was recalled by Toyota because of problems in its brakes.[71]

In February 2010, Toyota said that it had fixed the braking problem on Prius models built since late January 2010 via a software change, and a forthcoming recall was reported for previously sold faulty Prius brake systems.[72][73] A major Toyota dealership in Tokyo said that Toyota had informed dealers that Prius brakes can sometimes fail to work for less than a second, but it had not told owners.[74][75] On February 9, 2010 Toyota announced a voluntary global recall of MY 2010 Prius models manufactured from the current model's introduction through late

January.[76] The recall entails a software fix for the ABS system, to improve brake response.[76] A total of 133,000 Prius vehicles in the U.S. and 52,000 in Europe are to receive the software update.[76] Guardian.co.uk reports that this affects the third-generation Prius built before 27 January 2010.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

My 1994 car's emissions computer had those fun loving Rubycon capacitors in it. Those fun loving caps end up with a hangover and puking their guts out all over the circuit.
About a $1 worth of new caps and a half hour of time can save a $600 ECU.

TheZuke!
dona nobis pacem

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Here we go:

Quote:
Sikes filed for bankruptcy in San Diego in 2008. According to documents, he was more than $700,000 in debt and roughly five months behind in payments on his Prius;
http://www.foxnews.com/story/0,2...

C: i = "told you so";

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Quote:
But the investigation of the vehicle, carried out jointly by safety officials from the National Highway Traffic Safety Administration and Toyota engineers, didn't find signs the brakes had been applied at full force at high speeds over a sustained period of time, the three people familiar with the investigation said.

The brakes were discolored and showed wear, but the pattern of friction suggested the driver had intermittently applied moderate pressure on the brakes, these people said, adding the investigation didn't find indicators of the heavy pressure described by Sikes.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

The ECUs are too complex. Too much firmware. Complex real time (managing too many things at once, including the fuel injection timing at sub-mSec levels), so there is bound to be race conditions and subtle bugs. I/O conditions that the firmware designer assumed couldn't happen. Not to mention CPU screw-ups due to simple memory read errors (the error rates ARE finite).

I watched Toyota's hour long video (on-line) about all their attempts to preclude EMI vulnerability, watchdog CPU, and so on. Nary a mention of how the assure the main ECU processor cannot have a firmware bug, and how the watchdog cannot fail to override the will of the main.

Gee, to turn off the ignition in these Hybrids and others, there's no power switch on the dash. Press and Hold the car's on/off button for 3 seconds and hope the firmware isn't stuck in a loop and ignoring you. Gee, in MACs and Windows, the soft-power-off fails once a week, eh?

I politely wrote about this to Toyota's feedback to the on-line seminar, addressing it to the VP who was in the seminar and gave out her email address. Response? Yes, you guessed right: none.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

NEWS FLASH: investigators overlaid the power grid maps with the run away Toyota problems... 39 accidents align with the grid passing over the roads and the one in California where 4 people died was a Lexus with an off duty highway patrol officer doing the driving. They were on the cell phone and the problem started after driving under a high line crossing the freeway.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Mentioned by Moi, Feb 26... page 2 of this thread, 2nd message on the page.... last line mention EMI from search radar as possible source of interference. EMI from power lines might be similar Volts/meter at the engine controller?

Imagecraft compiler user

Last Edited: Thu. Apr 1, 2010 - 03:22 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

bobgardner wrote:
Mentioned by Moi, Feb 26... page 2 of this thread, 2nd message on the page.

Sorry Bob but I do not see what you are talking about. Your page two post does not mention the 39 failures that seem power grid related not did I see anything in it about the highway patrol driver. The story on the news this morning showed the national power grid and dots indicating how the accidents lined up. Further they said there was a passenger in the back seat of the Lexus who was talking to 91l while the highway patrol driver was trying to keep it under control at 110 MPH. The caller explained that their was some relation to their passing the high lines and the beginning of the run away throttle.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Today's news says NASA is going to investigate the Toyota problems. These are the guys who had the Space Shuttle Challenger O ring problem, followed by tiles falling of another leading to a second failure.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

KnockKnock "Hi! We're from the Government and we're here to help!"

Imagecraft compiler user

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Also the guys who got us to the moon and back, as well as landing roving vehicles on Mars.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

X just traded her Kia for a Prius.

The largest known prime number: 282589933-1

It's easy to stop breaking the 10th commandment! Break the 8th instead.