We read every day of the software issues that appear to have been responsible for failures of the braking systems of Toyota regular-engined and hybrid vehicles and Ford hybrid cars (and who knows what additional defects will be uncovered in the days and weeks to come?). Now Congress is investigating the defects and suggested fixes in Toyota’s vehicles, as described in Neil King Jr.’s article in the February 9, 2010 issue of The Wall Street Journal. King’s article describes how the House Oversight and Government Reform Committee issued a memorandum for lawmakers which points out that resolving issues with floor mats and sticking gas pedals “have failed to solve the problem,” and that “[a]ttention is now being focussed on the electronic throttle control system (ETC) to determine whether sudden acceleration may be attributable to a software design problem or perhaps to electromagnetic interference.”
In reading the various news items relating to on-board vehicle software, I am reminded of a cartoon in which a car is up on a lift in a repair shop. A mechanic is telling the owner that they will need to call in a systems analyst to diagnose the problem. But isn’t that what it has really become? You now need a computer to diagnose problems with an automobile’s many electronic sensors and systems. With all that computing power in the typical modern vehicle and the commensurate software/firmware, it stands to reason that there will be software defects in either the design or execution of the design. Is that indicative of an inadequate software assurance program? Well, yes it is, in my opinion. But it also confirms the real-world difficulty of testing software under all possible conditions because of the sheer size and complexity of the negative testing task and the inability of testers to anticipate every possible circumstance under which the software will operate.
There have always been issues with assuring both security and safety. When it comes to human life potentially being at risk, there is generally zero tolerance for error. Nonetheless, most software, by its very nature, will contain some errors. Often the expectation is that human intervention will compensate for any deficiencies that occur during use. However, it is one thing to have someone correct a charge on a credit-card statement over the phone, and quite another to be told to shift into neutral (or not), turn off the engine (or not), apply the brakes (or not) and try to steer to the shoulder (if there is one), all as you are accelerating uncontrollably in heavy traffic.
Popularity: 3%
