Edmunds dealer partner, Bayway Leasing, is now offering transparent lease deals via these forums. Click here to see the latest vehicles!
Popular New Cars
Popular Used Sedans
Popular Used SUVs
Popular Used Pickup Trucks
Popular Used Hatchbacks
Popular Used Minivans
Popular Used Coupes
Popular Used Wagons
Comments
I'd like to see your documentation for that opinion. Got a link?
2014 Malibu 2LT, 2015 Cruze 2LT,
So it is logical that the source of the difficulties is that people have somehow hacked Onstar and maliciously unbalanced certain variables with their hacking.
If there is a "real" problem here at all (that is, separate from the floor mat and sticky mechanism problems already fixed), I don't think it will be found unless we can analyze the software.
-Andrew L
-Andrew L
No, the media may have opened the door, and the US government may have held it open, but the way I see it it was PURELY Toyota/etc that made the decision to walk through that door totally ill-prepared.
Is there any correlation between using more solder and "whisker" shorts?
***
The electronics/software act as a final fail-safe should there be a mechanical or electrical problem. As was pointed out previously, unless you *properly* design the feedback system, and/or the software is badly written, you leave yourself open to these sorts of failures.
Toyota cut corners somewhere by the looks of it and the worst did happen.
Can this technology work? Probably, if properly implemented with proper fail-safe designs. Is it better than a simple throttle cable? I don't see how, quite honestly. Note - GM as an example again, spent a small fortune on potentiometer failures under warranty, so it's not a very good method either. (though decently safe if it fails) Most modern systems like this in other applications tend to use purely solid-state optical sensors for exactly this reason. They're a bit more expensive, but are amazingly robust and failures are easy to detect. No signal = shut off, signal doesn't vary for x amount of time = off, etc.
If you have, say, a variable between 0 and 1023(keep it simple of course), no human can possibly maintain a value of 565 for 30 seconds straight. It'll vary a tiny bit. If it doesn't, they're probably asleep or there's a problem with the optical sensor. This isn't much harder than the programming that controls and monitors the mouse on your PC.
Removing the mechanical part is an obvious step if they want this to work correctly. But I'd still rather have a throttle cable.
Better shield on the electric system will most likely clear up the problem.
That's not necessarily the case.
Have you ever seen an errata sheet for any of the more common microprocessor integrated circuits...?? Oftentimes these processors have been long in use and still customers find/discover anomalies in their operation in some form or another, out of sequence instruction execution being just one of the many.
I seem to remember that one of the early Intel 80486 microprocessors had 4 pages of errata descriptions within a year of it becoming available. The current multi-core, QUAD, Pentium has at least one instruction execution sequence "fault" that I am aware of.
But the more likely suspect IMMHO is that some outside influence is resulting in the engine control computer, microprocessor, executing an instruction, or group of instructions, out of sequence.
As I have said before, that could result from any one, or even a multiple of the various RFI/EMI sources within the vehicle itself, the A/C clutch being one of the primary suspects. Then there is the possibility of an "upset" due to short term sagging or surging voltages on the 12 volt system. Maybe even a ground bounce problem due to the use of the vehicle's metal chassis for a ground return path/circuit.
Now, it could have been pure mistake, but there's currently rumors of Toyota also recalling the Denso units as well. This might be due to legal and public perception issues, though, but I suspect it's also because the design isn't good enough for this application. It's probably less expensive at this point to design an optical design(this would be my choice) and retrofit every car than deal with the lost sales and legal battles.
note - even new security gates that you get for your driveway now use optical sensors because the mechanical sensors fail fairly often. My father was getting his repaired the other day and the guy told him that they were all optical now and far more reliable. And, to be honest, I've not had an optical mouse on a computer go bad on me in a very long time.
Modern cars use high-energy alternators and many of the voltage regulators in those alternators are switching types.
This leads to the possibility of a regulator filter failure that will allow high frequency voltage spikes onto the car's power lines. There is on-board regulation for the computers that is supposed to clean up power issues, but these regulators are generally small and of very limited capability.
Voltage spikes arriving on the computers' power lines, given the right conditions, can cause some of the gates inside the device to switch states, leaving the computer in an illegal state. It is entirely possible that such a problem would affect all the computers in the car, and the resulting symptoms would be intermittent, seldom repeatable, and very hard to diagnose.
Such a problem could not be solved with a software fix.
I personally have encountered this exact problem on a 91 Toyota Celica GT-S. The car has antilocks, cruise, and electronic transmission. It displayed intermittent and sometimes strong random acceleration (but only when the cruise was engaged - and the cruise always disengaged immediately when the brakes were applied), intermittent and random inappropriate activation of the antilock brakes when brakes were applied, and random inappropriate up and downshifts with the transmission. Resetting the entire system by cycling all power with the ignition key would stop all symptoms, sometimes only for seconds and sometimes for hours.
For awhile, I hunted for bad grounds. Finally I had an inspiration and hung an oscilloscope on the 12 volt bus, and spotted voltage spikes of several volts both positive and negative, with pulse widths typically in the tens of microseconds on the power line. Sorry, I can't be specific; I wasn't collecting data; I was fixing my car.
I replaced the alternator and all symptoms vanished. I do wish now that I had kept the alternator, but I did this last spring before all of this became an issue.
If there is a reasonably common failure mode for the alternator or the rectifier or the regulator that can allow these high frequency spikes onto the power bus, then everything is explained. Alternatively, if there is a situation involving some moderate to high power electronic transmission system (data links, radar, cell tower, radio station, mobile communications devices) that is not properly filtered by the power system in the car, then still everything is explained.
Such spikes will cause intermittent illegal states in the computers. Those intermittent illegal states may or may not be cleared by the computer. Those illegal states can cause acceleration, and can cause braking problems, and can cause transmission problems. They also are difficult to reproduce, and may vanish for significant periods of time either due to temperature, environment, or some other factor such as vibration.
For the unlucky few individuals, the combination of computer malfunctions will lead to a car that accelerates uncontrollably and can't be stopped.
I have done power system analysis for military fighter aircraft and helicopters. Those power systems are always dirty, and military avionics has to be able to tolerate it. This is not a trivial problem, but it is one that can be solved. If we are going to have "drive by wire" cars, then we have to solve it for cars.
The quickest "fix" for such a problem is to provide all new cars with a "reset" button which, when pressed, mechanically removes all power from all critical electronics in the car. Thus, when a malfunction occurs, you hit the reset button, and when you release it all computers reinitialize. This capability needs to be present anyway; there has to be a positive way to get control of the car back when everything else fails.
The proper fix is hardware in each computer that can tolerate ANY power system faults, that will automatically reset the computer when the computer malfunctions. This can be done, but it costs more.
The best fix is multiply redundant computers, multiply redundant data paths, and redundant power. However, that is not cheap.
By the way. I hold a Master of Science in Physics and have a lot of experience with these types of problems. And I consult.
One remedy for that kind of mechanical failure would be the inclusion of a pressure switch or optical sensor located under the pedal rubber, where no acceleration is possible when there's no foot on it. Since it is noted that Toyota pays about $15/ea for these pedal assemblies, it will near double the price to install the sensor and related wiring. If they really wanted to make these safe, they would also have double-parallel circuited full-throttle and no-throttle switches that work in conjunction with the location sensor, where all the switches are mutually exclusive and thereby protects even against mechanical failure. This sure seems like a lot of complexity to replace a cable doesn't it?
If it turns out that all or most failures are the result of bushings/springs failing to return then it should be obvious that mechanical redundancy is overdue. We use mechanical redundancy in brakes and throttle body valve control already, accelerator pedal? Gosh, who'd a thunk it?
A narrow bandwidth and those "spikes" could have been 30, 50, even 300 volt spikes in the nanosecond range and your scope wouldn't have displayed them.
Most of the electronics equipment aboard Boeing airplanes must continue to operate with 300 volt "noise" spikes on the 28 volt buss.
I had a Ford Taurus a few years ago that had a similar problem.
It involved a RESUME function that didn't know when to quit accelerating and the brake pedal cancel function sometimes didn't cancel.
But the real reason they are so keen on all of this is because they want control of our vehicles at some point in the future. Now, this isn't tinfoil hat-time. You can see that OnStar commercial yourself. They can remote start, stop, and eventually control your car.
Imagine the following scenario:
You get off of the highway and the computers in the car sync up with the local cellphone services or nav system. You aren't on the highway so the car limits itself to 40mph. If you enter a residential area, it drops to 30mph. If you speed or try to get around it somehow, it sends a signal and you get a ticket for speeding. If you are in an accident, it tells your insurance company how fast you were going and for how long(already does this on quite a few cars).
There's really no other practical reason for an expensive and impractical drive-by-wire system in a car other than the fact that someone wants to be able to gain control if they want to. That OnStar ad really is an eye-opener if you step back and look at what else it implies.
I do however, think a true double-parallel fail-safe with comparison circuit can and does protect against even computer failure. The way our system worked was that the comparison circuit would self-check 27 different sensor positions (a gas pedal would not be this complex obviously), both positives and negatives for each, every 5 milliseconds. If for any reason any one of those conditions, including the computer itself, was out of tolerance, no operation was possible. In other words, it's a circuit designed NOT to operate unless all 64 sensor conditions and the self-check were perfect (according to the engineered tolerances that is). A severe enough voltage spike could trip the system and that would only need to be programmed into this specific pedal problem as one of the factors. If Toyota has or designed a separated system just for the throttle, a reset to protect against spikes should be very simple, perhaps even automatic.
As a qualifier, note, I can see a future potential of "I-Robot" style automated all-electronic traffic systems that can be manually overridden in order to achieve speeds that human reactions are too variable for. I drove the autobahn for a couple of years and it has always been my presumption that most travel SHOULD be maximized for speed with safety as a precondition. It's fun and efficient to drive at 150mph when cars, roads and other drivers are properly equipped. I think what Toyota is doing is building in as much of the 'drive by wire' technology as possible before the whole industry turns into a Nissan Leaf type machine... highly simplified mechanics with superior response. A car like the Leaf in fact is likely to be my next cash car purchase (never ever taken a loan on a car) because the maintenance will drop to nearly zero and cost of operation as well when properly built. I can even see how cars will outlive people, perhaps by 2030.
That's all a lot of talk, isn't it? :confuse:
It occurred to me that the problem may be a bigger picture than just the vehicle itself. Possibly a shielding issue versus a defect?
The weak point in this kind of setup is, you're assuming that the problem exists somewhere between the pedal mechanism, and the code in the ECM that monitors the state of the pedal. However, the position of the throttle plate is not a direct function of the position of the pedal. There are other software pieces like cruise control, possibly stability control, that are in the mix when the computer determines throttle position. It's possible that the detection of the pedal position is working perfectly fine, but some other factor, such as a bug in the cruise control or stability control code, is causing the computer to command wide-open throttle. Adding more redundancy to the pedal sensors won't fix a problem like that.
-Andrew L
Buy it.
Drive around an empty field while changing all the possible stimulus that effect the throttle.
While the US, Canada and Japan blamed operator error for the Audi 500 SUA cases, I've read that the Swedish government placed the blame on the cruise control.
Jlaska, thanks for the tin whisker post.
I have a one-stop solution to SUA and distracted driving btw - remove the accelerator pedal and go to hand controls. Take both hands off the wheel and the car slows down.
steve_, "Toyota Halts Sales of Popular Models - Accelerator Stuck Problem Recall" #2046, 3 Mar 2010 7:44 pm
In fact it may be almost impossible to track down something that is this rare. Consider that the microcontroller cannot be totally crashing because if it did lock up, the ignition would cease.
Looking at the wiring diagram for a 4 cylinder 2008 Camry as an example, the same engine controller that controls the throttle body also runs the injectors and the coils. It also runs the transmission and it is possible whatever "brain blockage" that is opening the throttle when it is not supposed to could conceivable prevent a person from shifting into neutral.
What we need is is an external hardware override to be wired into the cars so that the engine will always return to neutral when the brake pedal is pressed. I could design one of these myself needing about $10 in parts and needing perhaps 6 connections in the car.
This reminds me when I designed a microcontroller controlled amplifier once and I had the temperature sensor being read by the microcontroller. And the microcontroller would shut down the amplifier if it got too hot.
This amplifier was rejected by CSA and UL. Because the safety override is not allowed to be controlled by a microcontroller. In case the software/firmware fails. I had to put an external hardwired loop into the design that did not depend on a software controlled device to operate.
I can see the reasoning for this and I added a 25 cent logic gate to the unit to provide a hardware fail safe.
I see no reason why retrofit kits cannot be made for all "drive by wire" cars to do this.
As well, if we want to get the combined engineering brain power of the engineering community to attack this problem and solve it, Toyota should post their full schematic diagrams of the engine controller on the internet as well as the full source code for the microcontroller inside.
Yes, they will be giving away some inside secrets but the rapid solution thousands of engineers would develop would more than make up for any "technology leakage"
And we need to open up some of these controllers to see if there is indeed a tin whiskering problem or not.
There must be a corresponding voltage surge slamming the sparkplugs.
Extra Voltage + Extra Fuel = Imitation Dieseling Condition.
Solution #1: Toyota and all automobile companies could place a voltage limiter cap on the plugs or they could be incorporated into new plug wires. No extra voltage = no extra dieseling no matter how much fuel is pouring into the cylinders.
Solution #2: Wouldn't hurt to slap a Jake Brake engine limiter on the engines.
And quite easily minor changes could tame the system.
Dear Sirs 2/24/2010
You’ve probably already checked this out, but is there any possibility that the “Uncontrolled Acceleration” problem may not be mechanical or electrical?
I could see that under certain conditions of temperature, humidity, atmospheric pressure, throttle plate position and engine demand, ice could form on the throttle plate, locking it in position. If locked in the optimum position to cause even more ice buildup, it would be nearly impossible to jar the throttle plate loose by tapping on the accelerator pedal.
After the event was over, all evidence of this “lockup” would remove itself (ice) causing diagnosis to be nearly impossible.
I’m not trying to presume to know more than your engineers, but sometimes people are too close to the problem to look at it objectively.
Regards and good luck in solving the problem.
Bear in mind I defined imitation dieseling condition, so you can claim anything about regular, normal dieseling all you want. Apples and oranges. A gasoline engine that "diesels" {runaway} is usually an overheated engine, so what I'm defining is a very fast temperature escalation inside the cylinder ~caused by excessive voltage~ ergo Imitation Dieseling. You'll see it when you think outside the box => a gasoline engine that diesels is usually incorrectly timed. The voltage jump would be causing such a condition...
bouncing the engine into instantaneous Super Throttle.
What about the car in California in the summer or others in the summer? Are you saying that the A/C unit is causing Ice on the throttle plate?
Not 1 car imported from Japan is affected by the recall. How does Toyota get their cars all the way from Japan to the USA?
So I reckon we'ill have to divide the $1,000,000.00 purse. Rats.
Toyota is getting multiple answers for their $1 million cost.