So I have serious thoughts about driving “software defined vehicles” in the future. I mean, and the article has confirmed this sufficiently, the core competence of the established car manufacturers is not software. I don't trust the newcomers like Tesla or the Chinese manufacturers for the time being. In my opinion, the same standards should apply to software in motor vehicles as in the aviation industry. And there can't be things like permanent internet connectivity, on-the-fly updates or anything else that is suitable for consumer entertainment devices. So I'm seriously considering whether my next car should be an “analog” one - but it's going to be difficult, a Lada [1] (not so exotic in Germany, where I live) is only available second-hand because of the Russia sanctions. I'm happy to accept alternative suggestions!
My car randomly braked today because it thought a car on a side road was pulling out. Not just sound the alarm but actually apply the brakes. Fortunately I didn't have a tailgater behind me.
I disable the "land assist" every time (which often tries to steer me into wildlife or other cars and was clearly not built for use on a single track country roads with hedges and random verges), but this was the first time in 3 years that the "front assist" caused problems.
If that's "high quality", I dread to think what low quality would be.
This happened to be on a highway when driving my friends car with all these assisted driving "features" while in cruise control. I was going up a small hill and for whatever reason there was a car stopped right at the top that I couldn't see. So the car slammed the breaks while I was in the middle of swerving out of the way. Which caused me to swerve more than I had intended. After I regained control it removed the breaks and attempted to return to the 80mph I was at previously which caused more problems because I wasn't ready for that.
I am now of the opinion that a car should never under any circumstance drive for you. If a car has cruise control it should cruise control you into a wall. That I can at least anticipate.
This happened to me a couple of years ago where the car I was driving decided that one of those water-filled tanks ahead of a barrier on a road under construction was in front of the car just because the road was curving hard to the right. It was very scary. It almost caused an accident by itself. I don't remember how the brake assist cleared, but the fact that there's nothing one can do to make the computer not break is very scary.
That happens decently often. This is the reality for all systems aside from braking system in trucks perhaps, which are more sophisticated.
The decision to do an emergency break is the same problem fully self-driving cars need. You need to interpret sensory input and have a model of the environment.
Ironically some genius made these systems mandatory despite them being a safety concern. Granted, they tend to work if someone really falls asleep behind the wheel.
This subthread is about ISO standards. The implementation quality of the new safety systems varies wildly.
On one of our cars, it is fine. On the other, it’s so bad they should have to buyback the last N years of vehicles. I hear the same high-variance story from friends.
The standards for this stuff are completely inadequate.
It states that consumer reports, (a for profit company providing independent reviews, and not a regulatory body) said the Model 3 stopping distance was not good. Allegedly due to a “bad ABS calibration”. Tesla released an OTA SW update.
Why wasn’t the bad calibration and degraded performance caught by regulators testing automobile safety standards?
The article also posits that this ability to make OTA updates expands the (IMO very very bad) SWE perspective that “it’s OK to ship unfinished and buggy products” into safety critical systems.
The role of US regulators in the automotive industry is pretty different from what you seem to be expecting. They see their main goal is to set minimum, testable benchmarks for safety and give manufacturers freedom to achieve that in any reasonably justifiable way. The consequence of this is that almost nothing is required beyond meeting FMVSS and passing the tests it prescribes. ABS stopping distance is one of those tests, but a quick glance at the CR tests doesn't look like an FMVSS failure. The stopping distance simply wasn't up to industry norms.
Another consequence is that ISO-26262 and most other standards are completely, 100% norm-based in the US. They're used because the industry expects them, not because there's a legal requirement. You can deviate all you want and the only consequence is that regulators might take a closer look at your paperwork in the event of issues because they look unusual.
Ah interesting, I wonder if Tesla is an exception and if their systems do in fact follow ISO 26262. Standards are not necessarily legal requirements, and not necessarily checked by external people.
It sounds like their ABS system wasn't designed as carefully as conventional systems if there was such poor braking performance. Reading around, it might have been related to the emergency brake assist functionality not being calibrated properly.
I don't understand the reasoning you are making here. Cars have had advanced safety features like emergency breaking for a long time now (e.g. Toyota Crown Majesta 2003). Furthermore, there are many safety features that are controlled by software (e.g. airbags and seatbelts) that exist in all cars manufactured today.
Some of them were caused by nothing other than faulty software. Which is the point. The more links in the chain the higher the overall failure rate. Which has implications on MTBF but also on overall failed deployments.
> You literally trust your life with medical devices full of software
I do not. A more charitable way to phrase that is "We are all expected to." And yes, well spotted, this problem extends well beyond vehicles. Or are you suggesting that this is somehow indicative that there are no problems? How would we all know if there _was_ an error in a device?
> those that conform to “piece of paper” standards, such as ISO 15708
That standard deals with non destructive testing and has no material that is related to the practice of medicine or the use of medical imaging scanners. It's not even the right piece of paper.
I’m not sure I understand everything you said but I went with Dacia Duster, it’s the affordable brand, but I like that I can have a new car that has the controls and everything like a car from a decade ago… (lol) physical buttons, relatively good quality as they get to rely on Renault’s everything, I don’t need to go to settings to open the glove box, they don’t try to “out-innovate” everybody with ads, subscription heating, goofy scroll-knobs, or non rectangle screens. You can put CarPlay and Android Auto in it if you want.
Also, you can just buy older cars, that works too.
BTW, I thought about buying a Lada Niva, because I love the looks, but I heard it is not that reliable as you would assume, and they are pretty pricey for a car that is basically the same for forty years…
They also have a poor safety rating from NCAP (at least they did 2 years ago), because they don't fit their cares with electronic aids such as emergency automatic braking, which is just another reason to buy one.
Projecting that "software had to be fully validated and finalized before the product entered production" was the stale old days and "make the car better over time" (i.e. out being driven) is the bright future by the automotive industry is far beyond worry.
Basically sitting inside a Windows that can kill you.
They all lost their minds putting stakes on software makers. I intentionally avoid the word engineering, engineering is far far away what is built up by the software making industry that is now tasked with being the babckbone of vechicles you put your and your family's life into. The cultures are incompatible.
(disregard mission critical software, their engineers are not proud members of the 'do not finalize, fix it later' bunch, not at all, they are nowhere here)
I'd trust BYD more than Tesla but I don't want to have to trust anyone. I drove a 20 year old Honda still to this day, but literally every new car has software in it and it won't be an option in the future. It's just too profitable to gather the data that they generate. It's a privacy nightmare. I'm still appalled that Tesla got caught pulling footage of people having sex in their own vehicles, but the legal world has no intention of doing anything about it.
Also, as many of the well known manufacturers have been going for 40 to 60 years, and some of them for over 100 years (Rolls Royce, Ford, Mercedes, etc...) then 25 years is a newcomer :-)
That Niva is so nice! Just very very fuel inefficient, but man can it do off road in the hills of Albania. Take the one with the low gear and the diff-lock (and heated seats!). It's a joy to ride that thing (although not on the freeway). I also considered it, but even before sanctions is was very expensive due to taxes (here in western Europe). But it's so much fun.
Aviation standards are the way they are because if you have an engine problem you can’t pull over to the side of the road. But yes, something approximating these for road conditions is a good idea imo.
Part of me thinks the reason they are doing an integrated system is a combination of economics and convenience for 3 letter agencies to remotely assassinate ppl.
Having an engine problem on a back road is one thing, having a software-system-integration-what-the-hell problem on a Autobahn at 180 km/h +/- is a different story. And yes, I do not want my family in the car at that moment.
It was Boeing that intentionally hid the importance of a system much more relevant than flight characteristics of a plane. That is an intentional violation of the spirit of the safety checks.
But that's the point! A professional pilot misunderstood/was unaware of a new safety feature, despite their professional experience and continuous training.
So, is it really sane to put similar features in cars, where you get your driving licence at 16/18, and then that's it?
This also goes for the huge screens on the console. A pilot has been trained for each commercial aircraft model they fly to navigate their way around the numerous controls. But putting a tablet in front of an untrained driver? It sells well because it makes you feel as a pilot. But at the same time, it is a huge distraction and there is zero training to cope with it.
As I understand it, yes the system worked as designed, but the design still managed to kill several hundred people.
I'm not qualified to evaluate the design of the system itself. Was it inherently flawed or would everything have been fine if the optional backup sensor had been mandatory, making this another example of corporate greed causing tragedy?
Either way, I don't think blaming the pilots is fair.
> a flight control feature the pilots didn't know about
phrasing that made me take issue. To me, it implies that if just the pilots had known about MCAS in detail, the crashes wouldn't have happened, implicitly placing the blame on them. While the reason for both the faulty system and the lack of knowledge can be attributed to Boeing trying to save money, which I think is a more fair target for blame.
I visited Detroit last year and went to the GM headquarters. It’s open to the public with no appointment. You can wander around the Escherian maze with no guidance. A physical manifestation of every business decision GM has made in the last four decades.
I think they can be separated though there's certainly overlap. But standards are going to be coming largely from pilots. Regulations are coming entirely from bureaucrats.
BMW i3 is great for city/town if you’re OK with electric. Not 4x4, but minimal “assist”, just traction control. Internet remote stuff is optional but nice.
In the fully autonomous future the car I want to own and drive will still be my 6MT 911! :-)
Not to AUS or, as far as I’m aware, SFO. They also screwed the pooch in Austin by making Waymo available only through Uber, with no way to ensure you actually get a Waymo rather than a broken car driven by someone with a serious BO problem.
Just buy a car from the people, who dedicate their career/lives to making cars and have done so for decades. You aren't smarter then them. Your "serious thoughts" and "opinion" about what standards should apply are not yours to worry about.
Thank you, I'm fed enough with living in the world governed by the people who dedicate their carrer/lives to make it a peaceful, prosperous and free place (as in freedom) and have done so for centuries
[1] https://en.wikipedia.org/wiki/Lada_Niva