TRB Special Report 308: The Safety Challenge and Promise of Automotive Electronics Insights from Unintended Acceleration (2012) / Chapter Skim
Currently Skimming:
Summary
Summary
Pages 1-22
The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.
From page 1... ...
study of how the agency's regulatory, research, and defect investigation programs can be strengthened to meet the safety assurance and oversight challenges arising from the expanding functionality and use of automotive electronics. To conduct the study, NRC appointed a 16-member committee of experts tasked with considering NHTSA's recent experience in responding to concerns over the potential for faulty electronics to cause the unintentional vehicle acceleration as reported by some drivers.
|
From page 2... ...
Safety Assurance Processes for Automotive Electronics Finding 3.1: Automotive manufacturers visited during this study -- and probably all the others -- implement many processes during product design, engineering, and manufacturing intended (a) to ensure that electronics systems perform as expected up to defined failure probabilities and (b)
|
From page 3... ...
NHTSA Vehicle Safety Programs Finding 4.1: A challenge before NHTSA is to further the use and effectiveness of vehicle technologies that can aid safe driving and mitigate hazardous driving behaviors and to develop the capabilities to ensure that these technologies perform their functions as intended and do not prompt other unsafe driver actions and behaviors. Finding 4.2: NHTSA's Federal Motor Vehicle Safety Standards are results-oriented and thus written in terms of minimum system performance requirements rather than prescribing the means by which automotive manufacturers design, test, engineer, and manufacture their safety-related electronics systems.
|
From page 4... ...
FDA has estab lished a voluntary network of clinicians and hospitals known as MedSun to provide a two-way channel of communication to sup port surveillance and more in-depth investigations of the safety performance of medical devices. NHTSA Initiatives on Unintended Acceleration Finding 5.1: NHTSA has investigated driver complaints of vehicles exhibiting various forms of unintended acceleration for decades, the most serious involving high engine power indicative of a large throttle opening.
|
From page 5... ...
Finding 5.3: NHTSA's rationale for attributing certain unintended acceleration events to pedal misapplication is valid, but such determinations should not preclude further consideration of possible vehicle-related factors contributing to the pedal misapplication. Finding 5.4: Not all complaints of unintended acceleration have the signature characteristics of pedal misapplication; in particular, when severe brake damage is confirmed or the loss of braking effectiveness occurs more gradually after a prolonged effort by the driver to control the vehicle's speed, pedal misapplication is improbable, and NHTSA reported that it treats these cases differently.
|
From page 6... ...
UNINTENdEd AccElErATIoN ANd ElEcTroNIc THroTTlE coNTrol NHTSA has investigated complaints of vehicles exhibiting unintended acceleration for decades. These complaints have encompassed a wide range of reported vehicle behaviors, the most serious involving high engine power indicative of a large throttle opening (see Finding 5.1)
|
From page 7... ...
When severe brake damage is confirmed or the loss of braking effectiveness occurs more gradually through overheating and vacuum loss following a prolonged effort by the driver to control the vehicle's speed, pedal misapplication is improbable, and as a result NHTSA reports that it treats these cases differently (see Finding 5.4)
|
From page 8... ...
The testing did not produce acceleration indicative of a large throttle opening. The team also examined records from consumer complaints involving unusual accelerator pedal responses.
|
From page 9... ...
The team posited that for every instance in which two undetected faults had produced unintended acceleration, numerous pedal repairs associated with detected sensor faults could be expected because single faults that leave error codes are likely to occur much more often than two faults escaping detection. In reviewing warranty repair data, the NASA team found no evidence to this effect and thus concluded that this postulated failure pathway represented an implausible explanation for the highpower unintended acceleration reported in consumer complaints.
|
From page 10... ...
Coordination demands more software functionality and more interactions among features in one or more electronic control units. Growing design complexity could increase the chances of design flaws escaping manufacturer safety assurance.
|
From page 11... ...
visited and whether all execute them with comparable diligence and consistency. However, the committee found that despite proprietary and competitive constraints, many automotive manufacturers are working with standards organizations to further their safety assurance practices out of recognition that electronics systems are creating new challenges for safe and secure product design, development, and performance (see Finding 3.4)
|
From page 12... ...
As these manufacturers reassess and adjust their safety assurance processes in response to the standard's guidance, some may need more information and analyses -- including knowledge in areas such as cybersecurity, human factors, the electromagnetic environment, and multifault detection and diagnosis. In collaboration with industry, NHTSA may be able to help meet these research and analysis needs and in so doing enable agency technical personnel to become even more familiar with industry safety assurance methods, issues, and challenges.
|
From page 13... ...
As a starting point for obtaining access to this expertise, the committee recommends that NHTSA convene a standing technical advisory panel comprising individuals with backgrounds in the disciplines central to the design, development, and safety assurance of automotive electronics systems, including software and systems engineering, human factors, and electronics hardware. The panel should be consulted on relevant technical matters that arise with respect to all of the agency's vehicle safety programs, including regulatory reviews, defect investigation processes, and research needs assessments (Recommendation 2)
|
From page 14... ...
• Examine the implications of electronics systems for the means by which automotive manufacturers are complying with the intent of the Federal Motor Vehicle Safety Standards, how changes in technology could both aid and complicate compliance with the regulations, and how the regulations themselves are likely to affect technological innovation. • Assess driver response to nontraditional controls enabled by electronic interfaces, such as push-button ignition design sys tems, and the degree to which differences among vehicles may confuse and delay responses in time-pressured and emergency situations.
|
From page 15... ...
• Examine a cross section of safety-related recalls whose cause was attributed to deficiencies in electronics or software and identify how the defects escaped verification and safety assur ance processes. • Investigate ways to obtain more timely and detailed Early Warning Reporting–type data for defect surveillance and investigation -- for example, by examining opportunities for voluntary data collection relationships and networks with automotive dealers.
|
From page 16... ...
The committee believes that it will. One reason for this belief is that failures associated with electronics systems -- including those related to software programming, dual and intermittent electronics hardware faults, and electromagnetic disturbances -- may not leave physical evidence to aid investigations into observed or reported unsafe vehicle behaviors.
|
From page 17... ...
First, failures in electronics systems, including those related to software programming, intermittent electrical faults, and electromagnetic disturbances, may not leave physical traces to aid investigations into the causes. Second, mistakes by drivers also may not leave a physical trace, even if these errors result in part from vehicle-related factors such as startling vehicle noises or unexpected or unfamiliar vehicle behaviors.
|
From page 18... ...
Such systems will enable even greater vehicle autonomy and necessitate advancements in vehicle electronics and their capabilities that will go well beyond any systems now being deployed. In the same vein, changes in the division of responsibility between the driver and the vehicle will present new demands for and interpretations of NHTSA's Federal Motor Vehicle Safety Standards, heighten the need for safety assurance processes that instill high levels of public confidence in these systems, and place many new demands on ODI's surveillance and investigative activities.
|
From page 19... ...
The committee notes that NHTSA states its intention to develop such a strategic document for the period 2014–2020 in the introduction to its Priority Plan. Presumably, this strategic plan could provide a road map for NHTSA's decisions with regard to the safety assurance challenges arising from the electronics-intensive vehicle.
|
From page 20... ...
The panel should be consulted on relevant technical matters that arise with respect to all of the agency's vehi cle safety programs, including regulatory reviews, defect investiga tion processes, and research needs assessments. Recommendation 3: The committee recommends that NHTSA undertake a comprehensive review of the capabilities that ODI will need in monitoring for and investigating safety deficiencies in electronics-intensive vehicles.
|
From page 21... ...
Recommendation 6: The committee recommends that NHTSA initiate a strategic planning effort that gives explicit consideration to the safety challenges resulting from vehicle electronics and that gives rise to an agenda for meeting them. The agenda should spell out the near- and longer-term changes that will be needed in the scope, direction, and capabilities of the agency's regulatory, research, and defect investigation programs.
|
Key Terms
This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More
information on Chapter Skim is available.