After Recent Toyota Software-Related Recalls, Should We Fear Computer-Controlled Automobiles?

We have all recently seen extensive news coverage of recalls and problems with various automobile models attributed to either "electronics" or "computer software." These days, when an "electronic" system is referenced on a car it usually refers to a computerized system and thus very likely both of these are actually software issues. The most widely noted recent such recall is of course the Toyota Prius due to a software issue that causes momentary reduced braking power. Many Toyota models are suspected of having unexplained sudden acceleration due to the electronic throttle control, which is computer-controlled. And despite all the coverage the Toyota problems have received, it is not limited to them-Ford is having braking software issues of its own, for example.

I suspect that a lot of car owners didn't even know that their vehicle speed and brakes were controlled by a computer, and many may be frightened by that knowledge. After all, our experience with computer software reliability on our laptops and desktops is not all that great-consider the frequency of complaints about computers 'crashing,' 'hanging' and 'freezing.' These expressions, and the famous references to Microsoft Windows 'Blue Screen of Death' take on a whole new meaning when pondering it happening to a computer controlling your car!

The fact is, cars these days have many computers on them-some as many as 50! They are more correctly referred to as "microprocessors" but that is pretty much the same type of hardware found at the heart of all personal computers. The scary thing that they have in common is that they are controlled by a set of instructions know as a 'program' or collectively as 'software.' These programs are of course written by humans and can contain errors that may cause undesirable results.

So, just how likely is it that our automotive software has bugs in it - and how serious might the flaws be to our safety? Well, it is a function of how complex the software is and the environment in which it operates. Both of these complexities are on the rise as automobiles are designed with more and more requirements on their software. And while we can be pretty sure that the engineers programming key safety-related systems like throttle control and braking are more careful about designing and testing their code than someone writing, for example, a word processing program-- the fact is that greater complexity increases the odds of error. When complexity exceeds a certain level it becomes impossible to test the software for all scenarios which it might encounter in actual operation. Complex programs are filled with numerous 'IF-THEN-ELSE' logical forms that create too many possible paths through the code to be able test them all.

Software control of other critical systems has been used for some time before it became commonplace in automobiles: nuclear power plants, for example. Another good example is "fly-by-wire" flight control systems on aircraft. One of the first such systems was used on the NASA Space Shuttle. It is interesting to consider how the Shuttle was designed to minimize the likelihood of computer errors. Its flight control system actually has five identical computers all running software written to do the same job. Four of these computers run the exact same software, and the fifth runs a different version of the software written independently to the same requirements. Thus it has both software and hardware redundancy. If all four of the identical systems do not agree on a control output then they "vote" and shut one down if it disagrees. Interestingly, if the vote is tied at two to two then one pair is randomly selected. (Imagine your life depending on a coin toss!) These billion-dollar vehicles thus have very elaborate backup and redundancy built in to minimize the risk. Unfortunately, you can be sure that your $20,000 Prius does not have anywhere near that level of redundancy or safety built into it!

Nonetheless, as an engineer who has written a few computer programs myself (though not for automotive applications), I have a reasonable amount of faith in the steps taken to minimize the risk in today's automotive control systems. And serious failures are not limited to software controlled systems-the old ways certainly had their share of hazards. Consider for example, the case of an engine suddenly racing as is being blamed on software in some Toyotas today. In the "old days" before electronic throttle control the same thing was easily caused by a sticking throttle plate in the carburetor! I believe today's auto control systems, in spite of their complex software, are much safer than the old ones.

Sources:

Howstuffworks.com, "How Car Computers Work," accessed Feb. 10, 2010.

Wikipedia, the free encyclopedia, "Space Shuttle," accessed Feb. 10, 2010.

Wall Street Journal, "Cars Are Getting Scary Again." Feb. 9, 2010.

Marketwatch.com, "Like it or not, tech is taking over your car," Feb. 10, 2010.

Marketwatch.com, "Ford faces some brake problems of its own," Feb. 4, 2010.