Toyota by Mike Mozart
News & community

What’s up with the big car makers?

Bruce Boyes1 Jul 2016
1,207 3 minutes read

In 2013, a jury found that Toyota had exhibited “reckless disregard” in its response to faulty electronic throttle systems that were causing unintended acceleration. Then, in 2015, Volkswagen admitted its diesel vehicle emissions achievements were a ruse, and earlier this year Mitsubishi revealed that it had manipulated fuel economy tests to exaggerate the fuel efficiency of minicars. Just last month, Suzuki became the latest car maker to admit that it had not been providing accurate information, saying that it had found discrepancies in fuel emissions testing.

Why are so many of the world’s big car makers embroiled in these scandals? And can such scandals be prevented in the future?

In 2009, Toyota began to be targeted with complaints in regard to unintended acceleration in some vehicles. However, the company dismissed these complaints, saying that the problem was the result of floor mats being pushed into positions where they caused accelerator pedals to stick. It wasn’t until fatalities were reported that Toyota was forced to act, finally admitting in 2014 that it had been lying, and that a problem with the electronic throttles was causing the unintended acceleration.

In an article on his Critical Uncertainties blog, Matthew Squair argues that development of the Toyota Engine Control Module (ECM) did not meet two common security/safety principles. The first principle is that the design should be kept as simple and small as possible, and the second principle is that there should be fail safe defaults, where unanticipated design errors or omissions tend to fail in a safe fashion.

In regard to the first principle, rather than being simple and small, Toyota’s throttle code:

…scored over 100 using the McCabe complexity scale indicating it was effectively unmaintainable spaghetti, with the data structures being just as bad. Toyota also failed to separate the system fail safes away from non-safety functions, such as throttle control, which hugely increased the amount of analytical/inspection grunt required to verify system safety properties. Probably making it effectively impossible to verify their performance in practice.

In regard to the second principle:

…Toyota’s design looks good on paper with data mirroring (redundancy), fail safe modes, watchdog supervisor and finally a separate the U6 chip based monitor CPU. But, in reality all these layers were subverted because they failed to ensure:

  • that system failures were visible and recorded;
  • all critical data was mirrored, thereby assuring the presence of single points of failure due to bit corruptions, most significantly in the OSEK operating systems critical arrays;
  • separation (partitioning) of the fail safe (safety mechanisms) from the control functions;
  • that the watchdog actually had teeth; and
  • that the monitor function didn’t rely on unrealistic driver inputs before it would act, nor result in an unsafe failure mode (engine stall).

Squair accuses Toyota of engaging in an exercise of safety theatre, where the appearance of safety is created through theatrical devices that don’t deliver real safety.

Why would Toyota engage in such theatre, and why did it extend this theatre by initially seeking to deny that there was a problem with the electronic throttles? It would be easy to dismiss these failures as overconfidence by a car maker that had long been lauded for quality and innovation.

However, in an article in Quartz discussing the blunders of Toyota, Volkswagen, and GM, Steven LeVine and Jason Karaian argue that to reach the top, car makers need to cut corners. Economic margins are so tight that success doesn’t come without engaging in inappropriate behaviour.

This reality does not appear to have been considered in the way in which government agencies manage the automotive industry. An industry where safety is paramount but this is put at risk by inappropriate corporate behaviour suggests the need for strict regulation and close independent supervision. However, responsible authorities in Europe, which is home to Volkswagen, did very little for nearly a decade in regard to checking for devices that defeat emissions standards.

Toyota’s flawed electronic throttles led to fatalities, and Volkswagen’s diesel cars and other vehicles that breach emissions standards can cause environmental and social harm. Isn’t it high time that stronger regulation and supervision of car makers was introduced?

Image source: Toyota by Mike Mozart is licensed by CC BY 2.0.

5/5 - (1 vote)

Also published on Medium.

Tags
Bruce Boyes1 Jul 2016
1,207 3 minutes read
avatar

Bruce Boyes

Bruce Boyes is a knowledge management (KM), environmental management, and education thought leader with more than 40 years of experience. As editor and lead writer of the award-winning RealKM Magazine, he has personally written more than 500 articles and published more than 2,000 articles overall, resulting in more than 2 million reader views. With a demonstrated ability to identify and implement innovative solutions to social and ecological complexity, Bruce has successfully completed more than 40 programs, projects, and initiatives including leading complex major programs. His many other career highlights include: leading the KM community KM and Sustainable Development Goals (SDGs) initiative, using agile approaches to oversee the on time and under budget implementation of an award-winning $77.4 million recovery program for one of Australia's most iconic river systems, leading a knowledge strategy process for Australia’s 56 natural resource management (NRM) regional organisations, pioneering collaborative learning and governance approaches to empower communities to sustainably manage landscapes and catchments in the face of complexity, being one of the first to join a new landmark aviation complexity initiative, initiating and teaching two new knowledge management subjects at Shanxi University in China, and writing numerous notable environmental strategies, reports, and other works. Bruce is currently a PhD candidate in the Knowledge, Technology and Innovation Group at Wageningen University and Research, and holds a Master of Environmental Management with Distinction and a Certificate of Technology (Electronics). As well as his work for RealKM Magazine, Bruce currently also teaches in the Beijing Foreign Studies University (BFSU) Certified High-school Pathway (CHP) program in Baotou, Inner Mongolia, China.
Back to top button