Skip to main content
main-content
Top

Hint

Swipe to navigate through the chapters of this book

Published in:
Cover of the book

2018 | OriginalPaper | Chapter

Practical Experience Report: Automotive Safety Practices vs. Accepted Principles

share
SHARE

Abstract

This paper documents the state of automotive computer-based system safety practices based on experiences with unintended acceleration litigation spanning multiple vehicle makers. There is a wide gulf between some observed automotive practices and established principles for safety critical system engineering. While some companies strive to do better, at least some car makers in the 2002–2010 era took a test-centric approach to safety that discounted non-reproducible and “unrealistic” faults, instead blaming driver error for mishaps. Regulators still follow policies from the pre-software safety assurance era. Eight general areas of contrast between accepted safety principles and observed automotive safety practices are identified. While the advent of ISO 26262 promises some progress, deployment of highly autonomous vehicles in a non-regulatory environment threatens to undermine safety engineering rigor.
Literature
1.
go back to reference MISRA: Development Guidelines for Vehicle Based Software, November 1994 MISRA: Development Guidelines for Vehicle Based Software, November 1994
3.
go back to reference Charles Johnson et al. v. Ford Motor Company, US Dist. S. WV, Huntington, 3:13-CV-06529, 1 Feb 2018 PM. (Lawyer summaries of expert testimony and evidence) Charles Johnson et al. v. Ford Motor Company, US Dist. S. WV, Huntington, 3:13-CV-06529, 1 Feb 2018 PM. (Lawyer summaries of expert testimony and evidence)
4.
go back to reference Koopman, P.: A case study of toyota unintended acceleration and software safety. Carnegie Mellon University, 18 September 2014. Presentation slides Koopman, P.: A case study of toyota unintended acceleration and software safety. Carnegie Mellon University, 18 September 2014. Presentation slides
7.
go back to reference Toyota, 2005 Prius Repair Manual (RM1130U), pp. 05–951 Toyota, 2005 Prius Repair Manual (RM1130U), pp. 05–951
9.
go back to reference ISO: Road vehicles-Functional Safety-Management of functional safety, ISO 26262 (2011) ISO: Road vehicles-Functional Safety-Management of functional safety, ISO 26262 (2011)
10.
go back to reference GSN Community Standard Version 1, November 2011 GSN Community Standard Version 1, November 2011
12.
go back to reference EGAS Working Group, Standardized E-Gas Monitoring Concept for Gasoline and Diesel Engine Control Units, Version 5.5 (2013) EGAS Working Group, Standardized E-Gas Monitoring Concept for Gasoline and Diesel Engine Control Units, Version 5.5 (2013)
13.
go back to reference SAE: Potential Failure Mode and Effects Analysis in Design (Design FMEA), J1739_200901, 15 January 2009 SAE: Potential Failure Mode and Effects Analysis in Design (Design FMEA), J1739_200901, 15 January 2009
14.
go back to reference GPO: Section 571.138, Standard No. 138; Tire pressure monitoring systems. 49 CFR Ch. V (10-1-11 Edition) GPO: Section 571.138, Standard No. 138; Tire pressure monitoring systems. 49 CFR Ch. V (10-1-11 Edition)
15.
go back to reference NHTSA: Denial of a petition for a defect investigation. Federal register vol. 80, no. 93, pp. 27835–27844, 14 May 2015 NHTSA: Denial of a petition for a defect investigation. Federal register vol. 80, no. 93, pp. 27835–27844, 14 May 2015
16.
go back to reference Lala, J., Harper, R.: Architectural principles for safety-critical real-time applications. Proc. IEEE 82(1), 25–40 (1994) CrossRef Lala, J., Harper, R.: Architectural principles for safety-critical real-time applications. Proc. IEEE 82(1), 25–40 (1994) CrossRef
19.
go back to reference Hammett, R.: Design by extrapolation: an evaluation of fault-tolerant avionics. In: 20th Conference on Digital Avionics Systems. IEEE (2001) Hammett, R.: Design by extrapolation: an evaluation of fault-tolerant avionics. In: 20th Conference on Digital Avionics Systems. IEEE (2001)
20.
go back to reference Thomas, D., et al.: The ‘trouble not identified’ phenomenon in automotive electronics. Microelectron. Reliab. 42, 641–651 (2002) CrossRef Thomas, D., et al.: The ‘trouble not identified’ phenomenon in automotive electronics. Microelectron. Reliab. 42, 641–651 (2002) CrossRef
21.
go back to reference Gladwell, M.: The engineer’s lament: two ways of thinking about automotive safety. The New Yorker, 4 May 2015 Gladwell, M.: The engineer’s lament: two ways of thinking about automotive safety. The New Yorker, 4 May 2015
22.
go back to reference Lococo, K., et al.: Pedal Application Errors, DOT HS 811 597, March 2012 Lococo, K., et al.: Pedal Application Errors, DOT HS 811 597, March 2012
23.
go back to reference Wierwille, W., et al.: Identification and evaluation of driver errors: overview and recommendations. Federal Highway Administration; McLean, VA, FHWARD-02-003 (2002) Wierwille, W., et al.: Identification and evaluation of driver errors: overview and recommendations. Federal Highway Administration; McLean, VA, FHWARD-02-003 (2002)
24.
go back to reference Walter, R., et al.: Study of mechanical and driver-related systems of the Audi 5000 capable of producing uncontrolled sudden acceleration incidents, DOT-TSC-NHTSA-88-4, December 1988 Walter, R., et al.: Study of mechanical and driver-related systems of the Audi 5000 capable of producing uncontrolled sudden acceleration incidents, DOT-TSC-NHTSA-88-4, December 1988
25.
go back to reference US DoT: Federal Automated Vehicles Policy: Accelerating the next revolution in roadway safety, September 2016 US DoT: Federal Automated Vehicles Policy: Accelerating the next revolution in roadway safety, September 2016
26.
go back to reference US DoT: Automated Driving Systems 2.0: a vision for safety, September 2017 US DoT: Automated Driving Systems 2.0: a vision for safety, September 2017
27.
go back to reference Koopman, P., Wagner, M.: Autonomous vehicle safety: an interdisciplinary challenge. IEEE Intell. Transp. Syst. Mag. 9, 90–96 (2017) CrossRef Koopman, P., Wagner, M.: Autonomous vehicle safety: an interdisciplinary challenge. IEEE Intell. Transp. Syst. Mag. 9, 90–96 (2017) CrossRef
30.
go back to reference Johnson, C., et al. v. Ford Motor Company, US Dist. S. WV, Huntington, 3:13-CV-06529, order granting sanctions, 27 December 2017 Johnson, C., et al. v. Ford Motor Company, US Dist. S. WV, Huntington, 3:13-CV-06529, order granting sanctions, 27 December 2017
31.
Metadata
Title
Practical Experience Report: Automotive Safety Practices vs. Accepted Principles
Author
Philip Koopman
Copyright Year
2018
DOI
https://doi.org/10.1007/978-3-319-99130-6_1

Premium Partner