OPEN LETTER TO TOYOTA Post Throttle Control SW on the Internet forWorld Wide Review

Reply
 
LinkBack Thread Tools Display Modes
Old 02 Feb 2010, 11:28 am   #1 (permalink)
Mark
Guest
  • Posts: n/a
  • User Status:


Default OPEN LETTER TO TOYOTA Post Throttle Control SW on the Internet forWorld Wide Review

OPEN LETTER TO TOYOTA
POST THROTTLE CONTROL SOFTWARE ON THE INTERNET FOR WORLD WIDE REVIEW

Toyota has announced a fix for the accelerator problem. The fix
consists of a shim. This is purely a mechanical change implying the
problem is purely mechanical. A large part of the system consist of
electronics hardware and software.

Many doubts remain that the problem is purely mechanical. It is very
easy for a subtle flaw to exist in software and electronics systems
that can take many years to uncover. I site the classic case of the
Therac 25 that is often used as an example of the difficulty in
proving software reliability.

See: http://en.wikipedia.org/wiki/Therac-25


I have proposal to Toyota to remove these doubts.

Post the software source code and circuit schematic diagrams for the
throttle control electronics publically on the Internet.

The design will then be reviewed by the collective abilities of
1000's of software and hardware engineers. Provide an e-mail address
for those with comments to send back to Toyota privately if they so
choose.

After a few weeks, if no one in the world uncovers any design flaw,
then one can be very confident that no flaw exists. This may be the
only way for the public to re-gain confidence in a complex system.

Mark
  Reply With Quote
Old 02 Feb 2010, 12:21 pm   #2 (permalink)
J.A. Legris
Guest
  • Posts: n/a
  • User Status:


Default Re: OPEN LETTER TO TOYOTA Post Throttle Control SW on the Internetfor World Wide Review

On Feb 2, 12:28*pm, Mark <makol...@yahoo.com> wrote:
> OPEN LETTER TO TOYOTA
> POST THROTTLE CONTROL SOFTWARE ON THE INTERNET FOR WORLD WIDE REVIEW
>
> Toyota has announced a fix for the accelerator problem. *The fix
> consists of a shim. *This is purely a mechanical change implying the
> problem is purely mechanical. *A large part of the system consist of
> electronics hardware and software.
>
> Many doubts remain that the problem is purely mechanical. * It is very
> easy for a subtle flaw to exist in software and electronics systems
> that can take many years *to uncover. *I site the classic case of the
> Therac 25 that is often used as an example of the difficulty in
> proving software reliability.
>
> See: *http://en.wikipedia.org/wiki/Therac-25
>
> I have proposal to Toyota to remove these doubts.
>
> Post the software source code and circuit schematic diagrams for the
> throttle control electronics publically on the Internet.
>
> The design will then be reviewed by the *collective abilities of
> 1000's of software and hardware engineers. *Provide an e-mail address
> for those with comments to send back to Toyota privately if they so
> choose.
>
> After a few weeks, *if no one in the world uncovers any design flaw,
> then one can be very confident that no flaw exists. * This may be the
> only way for the public to re-gain confidence in a complex system.
>
> Mark


Too complicated. Better to do this with just Toyota engineers, giving
a big prize to whoever finds any bugs.

What we really need is just a hardwired engine-kill switch. After the
car stops take a picture of the gas pedal.

--
Joe
  Reply With Quote
Old 02 Feb 2010, 12:25 pm   #3 (permalink)
Tegger
Guest
  • Posts: n/a
  • User Status:


Default Re: OPEN LETTER TO TOYOTA Post Throttle Control SW on the Internet for World Wide Review

Mark <makolber@yahoo.com> wrote in news:7e7aec70-aaca-452d-af0d-
7ae36cf2a4de@o16g2000vbf.googlegroups.com:

> OPEN LETTER TO TOYOTA
> POST THROTTLE CONTROL SOFTWARE ON THE INTERNET FOR WORLD WIDE REVIEW
>
> Toyota has announced a fix for the accelerator problem. The fix
> consists of a shim. This is purely a mechanical change implying the
> problem is purely mechanical. A large part of the system consist of
> electronics hardware and software.
>
> Many doubts remain that the problem is purely mechanical. It is very
> easy for a subtle flaw to exist in software and electronics systems
> that can take many years to uncover.





The fix is not only mechanical. Toyota is also revising its PCMs so that
simultaneous brake/gas application results in the engine's power being cut
back, the opposite of what happens now.

So far there is no evidence that any of the unintended acceleration
incidents are due to anything more than mechanically-stuck pedals, or to
pedal misapplication.

If you're that concerned about unintended acceleration, you may want to go
after Ford as well. They account for 28% of all unintended acceleration
incidents.


--
Tegger

  Reply With Quote
Old 02 Feb 2010, 01:22 pm   #4 (permalink)
Paul Hovnanian P.E.
Guest
  • Posts: n/a
  • User Status:


Default Re: OPEN LETTER TO TOYOTA Post Throttle Control SW on the Internet for World Wide Review

Tegger wrote:

> Mark <makolber@yahoo.com> wrote in news:7e7aec70-aaca-452d-af0d-
> 7ae36cf2a4de@o16g2000vbf.googlegroups.com:
>
>> OPEN LETTER TO TOYOTA
>> POST THROTTLE CONTROL SOFTWARE ON THE INTERNET FOR WORLD WIDE REVIEW
>>
>> Toyota has announced a fix for the accelerator problem. The fix
>> consists of a shim. This is purely a mechanical change implying the
>> problem is purely mechanical. A large part of the system consist of
>> electronics hardware and software.
>>
>> Many doubts remain that the problem is purely mechanical. It is very
>> easy for a subtle flaw to exist in software and electronics systems
>> that can take many years to uncover.

>
>
>
>
> The fix is not only mechanical. Toyota is also revising its PCMs so that
> simultaneous brake/gas application results in the engine's power being cut
> back, the opposite of what happens now.


And all the left foot brakers are going to sh*t bricks!

> So far there is no evidence that any of the unintended acceleration
> incidents are due to anything more than mechanically-stuck pedals, or to
> pedal misapplication.


Better solution (for future reference): Build an accelerator pedal with a
microswitch attached to the pedal surface. If the driver lifts their foot,
the microswitch circuit (independent of the pedal position sensor) disables
the throttle plate drive system (torque motor, solenoid, or whatever they
use) so that the return spring closes the throttle. You'd have to lock this
out with a cruise control engage signal, but other than that, it would be
redundant to the electronic controls.

--
Paul Hovnanian paul@hovnanian.com
----------------------------------------------------------------------
Have gnu, will travel.
  Reply With Quote
Old 02 Feb 2010, 02:59 pm   #5 (permalink)
Martin Brown
Guest
  • Posts: n/a
  • User Status:


Default Re: OPEN LETTER TO TOYOTA Post Throttle Control SW on the Internetfor World Wide Review

J.A. Legris wrote:
> On Feb 2, 12:28 pm, Mark <makol...@yahoo.com> wrote:
>> OPEN LETTER TO TOYOTA
>> POST THROTTLE CONTROL SOFTWARE ON THE INTERNET FOR WORLD WIDE REVIEW
>>
>> Toyota has announced a fix for the accelerator problem. The fix
>> consists of a shim. This is purely a mechanical change implying the
>> problem is purely mechanical. A large part of the system consist of
>> electronics hardware and software.


Lets start at the beginning.

Until you have seen the specification for what the thing is supposed to
do there is no way to tell if the hardware and code actually implement
it correctly. There is every chance that at least for automatic cars in
the USA the design specifications are inconsistent with sensible fail
safe design. On a manual transmission you can always dip the clutch.

A reasonable introduction to how hard the problem of making reliable
software and comparisons with hardware is online at CMU.

http://www.ece.cmu.edu/~koopman/des_s99/sw_reliability/
>>
>> Many doubts remain that the problem is purely mechanical. It is very
>> easy for a subtle flaw to exist in software and electronics systems
>> that can take many years to uncover. I site the classic case of the
>> Therac 25 that is often used as an example of the difficulty in
>> proving software reliability.
>>
>> See: http://en.wikipedia.org/wiki/Therac-25
>>
>> I have proposal to Toyota to remove these doubts.


Your proposal will not work. You cannot inspect quality into software.
You must first specify exactly what it is supposed to do. Most software
failures are traced to incorrect, inconsistent or ambiguous requirements
specification. The failure may only happen when a particular very rare
set of circumstances occur - the Intel divide bug for example. Only
formal mathematical proof can ensure absolute reliablity and even that
is subject to interpretation - who checks the theorem provers work?

The original Intel 8087 had about a dozen bugs but until Cyrix did the
formal specification to make a functional equivalent nobody had found
any of them (ISTR mostly lsb errors in sin/cos).

Unlike mechanical objects and electronics which wear out with use
software actually becomes more reliable with increasing age as the
residual faults are uncovered. It would be interesting from an academic
point of view to know whether or not Toyota use formal methods for the
specification of accelerator, brake and engine management subsystems.

My instinct is that they probably do not - I had a Nissan once that
decided to spontaneously immobilise itself on a busy junction at rush
hour. After an engineer had reset it at the roadside it was no fault
found on diagnostic test (at least that is what they told me).
>>
>> Post the software source code and circuit schematic diagrams for the
>> throttle control electronics publically on the Internet.


You also need to know exactly what it is supposed to do in all
circumstances including sensor failures and idiot user error. And there
are plenty of idiot users of motor cars.
>>
>> The design will then be reviewed by the collective abilities of
>> 1000's of software and hardware engineers. Provide an e-mail address
>> for those with comments to send back to Toyota privately if they so
>> choose.
>>
>> After a few weeks, if no one in the world uncovers any design flaw,
>> then one can be very confident that no flaw exists. This may be the
>> only way for the public to re-gain confidence in a complex system.
>>
>> Mark


The public might regain confidence but the chances of other engineers
looking over the code understanding it correctly are negligible. Even
when you do understand the details of safety critical code you have to
work out very carefully whether a change intended to fix one problem
could possibly cause another more serious failure by slowing the
response time to some other stimulus. Even the Shuttle which is truly
six-sigma grade software has a known potential synchronisation fault
that is not worth trying to fix and has caused launch aborts.
>
> Too complicated. Better to do this with just Toyota engineers, giving
> a big prize to whoever finds any bugs.


I presume that is how they got to the conclusion that a piece of worn
hygroscopic plastic swelling is responsible for the sticky gas pedal.

http://news.bbc.co.uk/1/hi/business/8493414.stm

I have to say reading some of the end user reports I am still more
inclined to blame the nut behind the wheel rather than the engineering.
OTOH I doubt they would launch such a global scale recall if there
wasn't at least some truth in it.
>
> What we really need is just a hardwired engine-kill switch. After the
> car stops take a picture of the gas pedal.


Ignition off. You lose power steering and if you turn too far you get
steering lock on which could be very embarrassing. Unclear how you do it
on keyless vehicles.

Regards,
Martin Brown
  Reply With Quote
Old 02 Feb 2010, 05:26 pm   #6 (permalink)
Mike Hunter
Guest
  • Posts: n/a
  • User Status:


Default Re: OPEN LETTER TO TOYOTA Post Throttle Control SW on the Internet for World Wide Review

Are you kidding? They will not post bills publically on the Internet
before the are voted on, the REAL number of jobs lost, the total amount of
US Bonds the FED is buying, REAL facts about so called global warming as
well as a half dozen other "secrets," to public scrutiny or review. Why
would they make Toyota do what they will not do? LOL


"Mark" <makolber@yahoo.com> wrote in message
news:7e7aec70-aaca-452d-af0d-7ae36cf2a4de@o16g2000vbf.googlegroups.com...
> OPEN LETTER TO TOYOTA
> POST THROTTLE CONTROL SOFTWARE ON THE INTERNET FOR WORLD WIDE REVIEW
>
> Toyota has announced a fix for the accelerator problem. The fix
> consists of a shim. This is purely a mechanical change implying the
> problem is purely mechanical. A large part of the system consist of
> electronics hardware and software.
>
> Many doubts remain that the problem is purely mechanical. It is very
> easy for a subtle flaw to exist in software and electronics systems
> that can take many years to uncover. I site the classic case of the
> Therac 25 that is often used as an example of the difficulty in
> proving software reliability.
>
> See: http://en.wikipedia.org/wiki/Therac-25
>
>
> I have proposal to Toyota to remove these doubts.
>
> Post the software source code and circuit schematic diagrams for the
> throttle control electronics publically on the Internet.
>
> The design will then be reviewed by the collective abilities of
> 1000's of software and hardware engineers. Provide an e-mail address
> for those with comments to send back to Toyota privately if they so
> choose.
>
> After a few weeks, if no one in the world uncovers any design flaw,
> then one can be very confident that no flaw exists. This may be the
> only way for the public to re-gain confidence in a complex system.
>
> Mark



  Reply With Quote
Old 02 Feb 2010, 05:52 pm   #7 (permalink)
Jim Thompson
Guest
  • Posts: n/a
  • User Status:


Default Re: OPEN LETTER TO TOYOTA Post Throttle Control SW on the Internet for World Wide Review

On Tue, 2 Feb 2010 09:28:37 -0800 (PST), Mark <makolber@yahoo.com>
wrote:

>OPEN LETTER TO TOYOTA
>POST THROTTLE CONTROL SOFTWARE ON THE INTERNET FOR WORLD WIDE REVIEW
>
>Toyota has announced a fix for the accelerator problem. The fix
>consists of a shim. This is purely a mechanical change implying the
>problem is purely mechanical. A large part of the system consist of
>electronics hardware and software.
>
>Many doubts remain that the problem is purely mechanical. It is very
>easy for a subtle flaw to exist in software and electronics systems
>that can take many years to uncover. I site the classic case of the
>Therac 25 that is often used as an example of the difficulty in
>proving software reliability.
>
>See: http://en.wikipedia.org/wiki/Therac-25
>
>
>I have proposal to Toyota to remove these doubts.
>
>Post the software source code and circuit schematic diagrams for the
>throttle control electronics publically on the Internet.
>
>The design will then be reviewed by the collective abilities of
>1000's of software and hardware engineers. Provide an e-mail address
>for those with comments to send back to Toyota privately if they so
>choose.
>
>After a few weeks, if no one in the world uncovers any design flaw,
>then one can be very confident that no flaw exists. This may be the
>only way for the public to re-gain confidence in a complex system.
>
>Mark


Bwahahahahaha! Approval of Toyota's product by "committee/consensus"
;-)

...Jim Thompson
--
| James E.Thompson, CTO | mens |
| Analog Innovations, Inc. | et |
| Analog/Mixed-Signal ASIC's and Discrete Systems | manus |
| Phoenix, Arizona 85048 Skype: Contacts Only | |
| Voice480)460-2350 Fax: Available upon request | Brass Rat |
| E-mail Icon at http://www.analog-innovations.com | 1962 |

I love to cook with wine. Sometimes I even put it in the food.
  Reply With Quote
Old 02 Feb 2010, 07:37 pm   #8 (permalink)
Joel Koltner
Guest
  • Posts: n/a
  • User Status:


Default Re: OPEN LETTER TO TOYOTA Post Throttle Control SW on the Internet for World Wide Review

"Jim Thompson" <To-Email-Use-The-Envelope-Icon@My-Web-Site.com> wrote in
message news:hiehm51k6tr4dut8v59evav5nfcmavs7fa@4ax.com...
> Bwahahahahaha! Approval of Toyota's product by "committee/consensus"


Worked for AGW? :-)

  Reply With Quote
Old 02 Feb 2010, 09:41 pm   #9 (permalink)
Martin Riddle
Guest
  • Posts: n/a
  • User Status:


Default Re: OPEN LETTER TO TOYOTA Post Throttle Control SW on the Internet for World Wide Review



"Joel Koltner" <zapwireDASHgroups@yahoo.com> wrote in message
news:tr4an.215170$5n7.12973@en-nntp-09.dc1.easynews.com...
> "Jim Thompson" <To-Email-Use-The-Envelope-Icon@My-Web-Site.com> wrote
> in message news:hiehm51k6tr4dut8v59evav5nfcmavs7fa@4ax.com...
>> Bwahahahahaha! Approval of Toyota's product by "committee/consensus"

>
> Worked for AGW? :-)
>


But that was just a EU committee, the IPCC.
The problem with Toyota is no one wants to fail. If they admit it,
they'll be jumping from windows.

Cheers



  Reply With Quote
Old 03 Feb 2010, 03:29 am   #10 (permalink)
Robert Baer
Guest
  • Posts: n/a
  • User Status:


Default Re: OPEN LETTER TO TOYOTA Post Throttle Control SW on the Internetfor World Wide Review

Mark wrote:
> OPEN LETTER TO TOYOTA
> POST THROTTLE CONTROL SOFTWARE ON THE INTERNET FOR WORLD WIDE REVIEW
>
> Toyota has announced a fix for the accelerator problem. The fix
> consists of a shim. This is purely a mechanical change implying the
> problem is purely mechanical. A large part of the system consist of
> electronics hardware and software.
>
> Many doubts remain that the problem is purely mechanical. It is very
> easy for a subtle flaw to exist in software and electronics systems
> that can take many years to uncover. I site the classic case of the
> Therac 25 that is often used as an example of the difficulty in
> proving software reliability.
>
> See: http://en.wikipedia.org/wiki/Therac-25
>
>
> I have proposal to Toyota to remove these doubts.
>
> Post the software source code and circuit schematic diagrams for the
> throttle control electronics publically on the Internet.
>
> The design will then be reviewed by the collective abilities of
> 1000's of software and hardware engineers. Provide an e-mail address
> for those with comments to send back to Toyota privately if they so
> choose.
>
> After a few weeks, if no one in the world uncovers any design flaw,
> then one can be very confident that no flaw exists. This may be the
> only way for the public to re-gain confidence in a complex system.
>
> Mark

It will NEVER happen.
  Reply With Quote

Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -5. The time now is 05:55 pm.

Attribution:
Autoblog
Powered by Yahoo Answers



ToyotaLexusForum.com is an unofficial community for car enthusiasts. ToyotaLexusForum.com is not affiliated with Toyota Motor Corporation in any way.
Toyota Motor Corporation does not sponsor, support, or endorse ToyotaLexusForum.com in any way.
Copyright/trademark/sales mark infringements are not intended or implied.