March 02, 2010, 6:10 PM — Could software, or faulty logic design, be at the root of runaway acceleration problems plaguing Toyota automobiles?
Toyota steadfastly denies this is the case, but others are not sure.
In recent testimony to the U.S. House of Representatives, Toyota CEO President Akio Toyoda insisted that neither electronics nor software could be blamed for the rash of runaway Toyotas reported in the U.S.
Nonetheless, the U.S. National Highway Traffic Safety Administration (NHTSA) heard enough concern over electronics that it is opening an investigation of possible electronic and software defects. And Toyota itself is installing, at least on some models, a brake override system to bypass electronic control, one that shuts the engine off when both the accelerator and the brake pedal are held down at the same time.
That Congress, not to mention the American public, is reluctant to accept Toyota's assurances typifies the mistrust felt toward microprocessor-based systems in automobiles, even as people rely on them daily.
Could the growing complexity of software in our automobiles be leading to more software bugs in our automobiles, some leading to deadly behaviors? Or, are such suspicions based, perhaps unfairly, on experiences with the buggy software on home computers, software that is probably designed with far less rigor than automotive software?
In short, can the electronics in automobiles be trusted without a second thought? Depends on whom you ask.
The unintended acceleration problem has been seemingly plaguing Toyota for several years, though it was the news about the tragic deaths of a San Diego family last August that brought national attention to the matter.
A borrowed Toyota Lexus, driven by off-duty police officer Mark Saylor, started accelerating uncontrollably, reaching a speed above 100 miles per hour and plowing through an intersection before careening off into a river basin, killing all four passengers.
Toyota itself places the blame on accidents like these on sticky accelerators and improperly positioned floor mats. "Toyota is confident that no defect exists in the [electronic control unit]," an F.A.Q. on the Toyota site explains.
This response doesn't satisfy at least some members of Congress.
"You can't rule [electronics] out because you don't know. You can't conclude [the cause] one way or the other," said U.S. Senator Olympia Snowe, a Maine Republican, during a Senate Committee on Commerce, Science, and Transportation hearing held Wednesday to investigate the NHTSA's handling of the complaints about unintended acceleration.
Snowe noted that NHTSA couldn't rule the possibility out because it had no software engineers on staff to investigate the claim.
The component under scrutiny has been the electronic throttle control system (ETC), which Toyota started installing in some of its cars beginning in 2002.
Before electronics were introduced in autos, the accelerator pedal was directly connected by a cable to the throttle, which regulates the amount of air, and hence gas, entering the engine.
Now, an electronic control module [ECM], consisting of two processors and nonvolatile memory that holds the logic of the unit, sits between the pedal and the throttle. The ETC monitors the location of the pedal through two position sensors connected to the accelerator.
Two additional sensors are also connected to the throttle. The throttle itself is controlled by a motor, which in turn is controlled by the ECM.
Toyota claims its unit operates under fail-safe conditions, using self-diagnostic logic. If output values from two pedal accelerators do not match, or if the two values from the throttle do not match, or either is showing values that are out of their normal ranges, then the ETC will revert to a fail-safe mode, which means an alert light will come on in a dashboard and the car will run at reduced speed.
