Many have suggested Toyota's problem of sudden acceleration and more recently, stalling engines of Corollas and Matrixs are coming from the vehicle electronics, a charge which Toyota have strongly denied and even hired an independent consultant to verify their claims (which has so far proved that the company is right). And to make matters worse, some of accelerator pedal recall fix did not solve the problem. Toyota's explanation was that these fixes were not done properly. The latest explanation now comes not from Toyota, but from anonymous tips sent to NHTSA suggesting that the source of the problem is cosmic radiation - and mind you these are not your average blogger and forum user spewing rubbish, but physicists and mission critical system engineers as well as academicians.
The reason Toyota's commissioned independent testing came out negative - they say is because they are not looking at the right places. Present automotive and even consumer electronics only conduct EMI (electromagnetic interference) testing as per required by US FCC and their equivalent bodies in Europe and Japan. This usually involve the usual high energy signals from radio / cellular / power transmission as well as coupling (inductive and capacitive) from nearby circuits / motors. The aerospace and orbital satellite industry, by nature of their operating environments have long included test against cosmic radiation to protect against solar flares and seasonal spikes in cosmic rays. An extremely costly test but this is what many of these experts are proposing to clear any doubts of "ghost in the machine." The test involves putting the vehicle in front of a particle accelerator, and mind you these machines are not found in your everyday Radioshack or hobbyist store but only in premier universities and very high end government funded labs.
Like all electronic components, the level of integration these days is staggering. Decades ago we used to have separate micro-controller units (MCU) for separate functions; transmission, engine, body and chassis, infotainment, climate control etc etc. But these created a secondary problem - hundreds and hundreds of metres of wire looms. These soon added a lot of weight to the cars and made trouble shooting almost a nightmare for technicians. I know of a Mercedes-Benz technician who cringes at the sight of a W140 S-class that comes in. Later model vehicles benefited from multiplexed cables that greatly simplified things. Separate units of MCUs were integrated into a few common ECU. Some models feature even higher levels of integration and used SoC (system-on-a-chip) and SiP (system-in-a-package) design, but the most common these days are application specific field programmable grid arrays (FPGA) due to their obvious cost benefit. Controller Area Network (CAN) are now chapters of technical service manuals for many models.
But with greater levels of integration, with more transistors and circuitry packed nanometres apart, there is an increasing challenge to prevent rogue transient noise signals. As the device clock speed increases, sensitivity to cosmic radiation induced single event upsets (SEUs) in memory chips increases dramatically.
A more detailed technical explanation can be found here and here.
But there one bit that I can't find any explanation to - so why is it that only Toyota vehicles are affected? Most of the electronic components at Toyota are supplied by the usual Japanese suppliers of Denso, Fujitsu and Sharp, and like all major suppliers they don't just supply to one company. So is it a packaging issue?
But in any case, many major automotive electronic suppliers are looking closely at the development of Toyota's congressional hearing. Because it could spark a knee-jerk reaction of governments enforcing more stringent regulations on automotive electronics - just as when the US government made tire pressure mandatory as a result of the Ford Explorer-Firestone tires fiasco, though it was very clear that a large majority of the fault lies in American drivers not taking responsibility in checking their tire pressure and tire thread depth.
But it needs to be said these are not insurmountable technical challenges. Fighter jets, commercial airlines and even space shuttles have been employing mission critical electronic control systems with no issue. The problem, a more practical problem, at least in this author's opinion is that the automotive electronics industry have not learned to implement proper and rigid project documentations standards. This is especially true when components are shared with multiple models and carried over into the next model change with minor modifications. If the guy who wrote the first code is no longer around, all the best to the next guy in figuring out what do each line of codes do. Very often, the only guide they have are the comments left by the original coder. The aviation industry would have none of these rubbish, especially when you are dealing with things missile launch control and targeting system.
3 comments:
Wow, all the electronics terms reminds me of uni days.
Personally, I think driver error is more likely than cosmic radiation.
Yups. P-N junction and depletion regions eh. At the moment there is too many loose ends to this theory, that in only affects Toyota cars in particular.
But read somewhere that Continental is currently "evaluating" its validation and testing methods. It's a possibility but only at a very extreme end of things. After all they do have to ensure the circuits still work after a blast across Dubai desert highways as well as in the Artic.
periodic signal checks (in kHz) should eliminate issues with cosmic radiation, at least good enough for braking issues.
agree on the process control in this particular industry, i should know :)
Post a Comment