1. Attachments are working again! Check out this thread for more details and to report any other bugs.

Expert Says Electronic Design Flaw Linked to Runaway Toyotas

Discussion in 'Gen 2 Prius Main Forum' started by Rokeby, Feb 22, 2010.

  1. Rokeby

    Rokeby Member

    Joined:
    Jan 21, 2008
    3,033
    708
    75
    Location:
    Ballamer, Merlin
    Vehicle:
    2008 Prius
    Auto Professor Says Defect in Toyota's 'Fail Safe' System for
    Acceleration Creates Dangerous Condition
    By BRIAN ROSS and JOSEPH RHEE
    Feb. 22, 2010

    A flaw in the design of Toyota's electronic acceleration system
    prevents the car's onboard computer from detecting and stopping
    certain short circuits that can trigger sudden speed surges, according
    to a professor of automotive technology, Dave Gilbert of Southern
    Illinois University's auto technology department.

    As a result, Gilbert told ABC News, the Toyota computers will not
    record an error code, nor will they activate the "fail safe" system
    designed to shut down the power and put the car in the "limp home"
    mode.

    "This is a dangerous condition, it is not fail safe," said Gilbert in an
    interview to be broadcast Monday on ABC World News with Diane
    Sawyer.

    Full ABC story
     
  2. dogfriend

    dogfriend Human - Animal Hybrid

    Joined:
    Feb 26, 2007
    7,512
    1,185
    0
    Location:
    Carmichael, CA
    Vehicle:
    2007 Prius
    I feel compelled to point out that if a meteor hit your car and vaporized it, you would not be able to read any codes either. I will leave it as an exercise to the reader to calculate the odds of either occurrence within the normal lifetime of the vehicle.
     
  3. rfelley

    rfelley Junior Member

    Joined:
    Apr 3, 2009
    42
    5
    0
    Location:
    Oregon
    Vehicle:
    2007 Prius
    Model:
    II
    Just tuned in after being away for awhile. I hope the determination of a failsafe design flaw is in error. Furthermore, I would submit that anyone who discounts such a flaw either doesn't get it, or is a Toyota Company Prius Chat "plant". And here's why I feel that way. If the acceleration problem is in fact an electronic failsafe flaw, then this would equate to something like an elevator who's emergency backup brakes work most of the time, but fail once in a while. If such a flaw truly exists in Toyotas then it must be considered completely and entirely unacceptable and must be addressed. Even though our Secretary of Transportation retracted his "stop driving them" statement, he may have been right on the mark. Discussions of "probabilities" have no place in this arena.
     
  4. dogfriend

    dogfriend Human - Animal Hybrid

    Joined:
    Feb 26, 2007
    7,512
    1,185
    0
    Location:
    Carmichael, CA
    Vehicle:
    2007 Prius
    If I'm a plant, they really should be paying me more.


    My point is that this "flaw" needs to be taken in context of how likely it is that it could occur in the real world - no scenario was given in the video to explain how likely this is to happen in an actual car and any design features that would prevent its occurrence (e.g. are the circuits run together, or are they physically separated to prevent the possibility of shorts between the two redundant circuits).

    You could also install a device in the fuel tank to create a spark - and then demonstrate that a spark in the fuel tank would catch the vehicle on fire. Does that mean that the Toyota has a bad fuel tank design?
     
  5. Jimmie84

    Jimmie84 New Member

    Joined:
    Jan 18, 2008
    1,074
    77
    0
    Location:
    Minnesnowta
    Vehicle:
    Other Non-Hybrid
    I had my work truck in the shop today for some updates and etc. The Tech was told to check the readings on my accelerator pedal. Now, This is not some midsized truck. It's my Semi. Apparently, The company that supplied the parts for Toyota, Supplied the parts for PACCAR. (thats who makes Peterbilt trucks)

    There has been ZERO issues with this system on trucks. If something were to happen it would default to an "idle" status.

    I have a sneaky suspicion that Toyota has some sort of programming issue on signals the PCM to that pedal.
     
  6. fuzzy1

    fuzzy1 Senior Member

    Joined:
    Feb 26, 2009
    17,035
    10,010
    90
    Location:
    Western Washington
    Vehicle:
    Other Hybrid
    Model:
    N/A
    Certain areas of electronics must discuss probabilities. The only way to avoid this is to completely remove the electronics.

    Certain of these problems can theoretically be reduced to less than once fault among the entire production run over the age of the universe, but they are still probabilistic. And actually demonstrating that level of reliability through testing is, shall we say, not economically feasible.
     
    4 people like this.
  7. donee

    donee New Member

    Joined:
    Aug 15, 2005
    2,956
    197
    0
    Location:
    Chicagoland
    Vehicle:
    2010 Prius
    Model:
    III
    Hi All,

    It seems to me to be prudent automotive design to sense shorts/opens between any of the wires of the gas pedal, and have the computer not act on that input if a short is present. How one can actually do that is not apparent to me at this time, but that is not my area of expertiece either.

    Its not clear from the story where the short is induced, as well. The comment about there being a short in the pedal during the video, while the car is acting normaly implies that the second short that is made, that then results in the acceleration, is also in the pedal/wires to the pedal.

    I do not think its impossible to consider failures in the pedal/wiring by the computer.

    The TTAC illustration of the sleeve bearing CTS pedal assembly is interesting. I have had to hammer appart various coroded bronze sleeve bearings on steel pivots over the years on weather exposed machinery. But without access to the failure data - ie the distribution of what power level the system stuck at, its hard to conjecture about the failure mode being what one would expext from a sticky pivot. As the pivot makes contact round and round, one would expect to see an even distribution of stickings at all power levels. Of course, the reporting by the press tends to accentuate full power level stickings.

    Another issue I have not seen talked about is spring constant relaxation. Compression coil springs can over their lifetime reduce in the spring constant value ( force/displacement). This type of failure would tend to be low power level stickings, where the dispacement is small, spring force is small, but pivot stiction is at the same level. So, if the springs were the problem, as the shim is apparently intended to repair, then there should be a distribution of reports with allot of reports at low power level sticking. As experienced car people know, spring manufacture is dependant on proper spring metal selection, and preparation. Coil-springs in suspensions have sagged on some cars, due to improper spring manufacture.

    The short circuit scenario would imply a sticking distribution sharply at one power level.

    A mat/rachet action would also result in a distribution sharply at one power level, a high power level. So, based on what the media is reporting, high power sticking, the mat/ratched action seems to match.

    But, I would not trust the media to fairly report the complete distribution of sticking events either.
     
  8. qbee42

    qbee42 My other car is a boat

    Joined:
    Mar 2, 2006
    18,058
    3,073
    7
    Location:
    Northern Michigan
    Vehicle:
    2006 Prius
    It all comes down to the type of flaw. For example, if I take the throttle control wire, ignition system, and fuel pump and hard wire them to the battery, that will produce a runaway condition that is not stoppable by the failsafe system. Is this a safety flaw? No, because it is an artificial problem.

    Now, on the other hand, if a broken wire to the accelerator sensor can cause a runaway, *that* would be a problem.

    An expert can always find a way to defeat a system. It's good to explore all of these possibilities, but then you have to sort them out and focus on the real issues.

    Tom
     
    3 people like this.
  9. robbyr2

    robbyr2 New Member

    Joined:
    Jun 28, 2008
    1,198
    149
    0
    Location:
    Commerce City, CO
    Vehicle:
    2010 Prius
    Model:
    V
    I believe Toyota needs to check this out thoroughly and quickly. I do wonder what his findings were with regards to other kinds of cars, noting that he cleared only GM of this problem.

    At the same time, I found it interesting how the professor's story went from this might happen to it's going to happen. I recognize that when it comes to safety, there is no "acceptable" level of danger. But to expect that any machine is going to operate completely safely forever is a bit over the top. That's probably why I would object to them building a nuclear power plant in my backyard, or in downtown Manhattan.
     
  10. bwilson4web

    bwilson4web BMW i3 and Model 3

    Joined:
    Nov 25, 2005
    27,066
    15,372
    0
    Location:
    Huntsville AL
    Vehicle:
    2017 Prius Prime
    Model:
    Prime Plus
    <AHEM>

    Before setting your hair on fire, the first step is independent confirmation of the professor's claim. Hobbit had written a fairly long essay that reports neither shorting to ground or shorting to the +12 VDC rail will cause a runaway problem. From what I've seen with the NHW11, I suspect that is the case but have not done the experiment myself.

    My thinking is we take the professor's claim and subject it to our own, independent testing first. Remember, "cold fusion" was also reported as the energy of the future.

    Bob Wilson
     
    3 people like this.
  11. redrockprius

    redrockprius redrockprius

    Joined:
    Jan 31, 2007
    167
    30
    0
    Location:
    Murray, UT
    Vehicle:
    2007 Prius
    Model:
    N/A
    I defy this "professor" to design any complex electronic system that is truly "fail safe" under any and all conditions. This is an impossibility in the real world! Good design practice takes into account the probabilities of possible component and wiring failures and implements a design that protects against the most probable failure modes, giving greater emphasis to those failures that can produce the most serious results. While it might be argued that, as a new failure mode is detected, one could add circuitry that would protect against that failure mode, adding more components and connections reduces the overall reliability of the system.
     
  12. malorn

    malorn Senior Member

    Joined:
    Oct 28, 2005
    4,281
    59
    0
    Location:
    &quot;Somewhere in Flyover Country&quot;
    Vehicle:
    Other Non-Hybrid
    He said he has still not be able to 'crack' the Buick Lucerne electronics. so the answer is yes.
     
  13. qbee42

    qbee42 My other car is a boat

    Joined:
    Mar 2, 2006
    18,058
    3,073
    7
    Location:
    Northern Michigan
    Vehicle:
    2006 Prius
    Like any system, the Buick can be defeated with sufficient effort. It all depends on how broadly we define "defeat". Properly defined, it should be safe in all normal and realistically possible failure modes.

    If I take the ECU, put it on my milling machine, mill off the top, and jumper to the ICs on the board, I *can* force a runaway. Likewise we could strap JATO bottles onto the side of the car and claim that the brakes don't work. Are this silly failure modes? Certainly, but they are failure modes.

    Just like with statistics, one has to fully understand the details before jumping to conclusions. Unfortunately, with the current state of journalism, the American public first jumps to a conclusion, then selectively looks for data to confirm the conclusion.

    Tom
     
    1 person likes this.
  14. hybriddriveguy

    Joined:
    Apr 5, 2009
    98
    63
    0
    Location:
    Sanford NC
    Vehicle:
    2008 Prius
    Model:
    Three
    I would challenge the "Professor" to drive a Prius under full acceleration and press the brake with his left foot while accelerating. Guess what happens??? It shuts down the engine to idle. Also, try full accelleration and shift to neutral. Guess what happens???? The engine goes back to idle.
    I believe these are real world driving tips everyone with drive by wire should try with their vehicles and see how they respond. You should not wait until you have a problem to plan how you will react.
    I am not a Toyota "plant" either, but they do build a great product.
     
  15. Rokeby

    Rokeby Member

    Joined:
    Jan 21, 2008
    3,033
    708
    75
    Location:
    Ballamer, Merlin
    Vehicle:
    2008 Prius
    Thanks posters for your input.

    I made the original post without comment because I didn't know
    what to make of it. The answers given seemed too clean, too
    settled for what at this stage in the investigation of this particular
    condition should be considered preliminary findings. Your comments
    have helped me understand the limited nature and extent of the
    tests that were reported. (I use the word "reported" advisedly. Like
    others, I now am not certain that the reporter and his editor know
    enough about the matter being reported on to tell the whole story.)

    But, I take it that preliminary findings subject to independent
    verification is not what sells tonight's TV ads or tomorrow's
    newspapers.
     
    1 person likes this.
  16. rapidroy

    rapidroy New Member

    Joined:
    May 13, 2008
    30
    1
    3
    Location:
    Niceville Fl
    Vehicle:
    2008 Prius
    If this turns out to be a mechanical problem, I have a fix for it in an emergency. From what I have seen and read, I don't think anybody knows what the real problem is. One theory is that the accelerator pedal stuck to the rubber floor mat in the Lexus. Why didn't the motor go to idle when the brakes were pressed? Dose the accelerator haft to be up for this to happen? I don't know. If it turns out to be the pedal sticking down, which seems to be what Toyota seems to thinks by installing shims to strengthen the spring, I don't see this as a good fix as the spring can weaken some more and the problem will return. The mechanical sticking problem can easily be fixed by installing a toe return device at the top of the pedal which would allow you to push up on the pedal with the top of your foot. This device has been used in racing for years. I built the first one that I ever seen around 1963 and used it in my race car. They are now used by everybody in racing as insurance against a sticking throttle. I don't know if I was the first one to build one. I think this device should be in all cars. Racingroy
     
  17. ronhowell

    ronhowell Active Member

    Joined:
    Oct 4, 2007
    681
    32
    0
    Location:
    Cypress, CA.
    Vehicle:
    2008 Prius
    Well, San Onofre nuclear power station is some 50 miles from where I live.

    Is that far enough?
     
  18. ronhowell

    ronhowell Active Member

    Joined:
    Oct 4, 2007
    681
    32
    0
    Location:
    Cypress, CA.
    Vehicle:
    2008 Prius
    No, the answer is he's incompetent!
     
  19. redrockprius

    redrockprius redrockprius

    Joined:
    Jan 31, 2007
    167
    30
    0
    Location:
    Murray, UT
    Vehicle:
    2007 Prius
    Model:
    N/A
    Since you quoted my post in yours, I assume you were responding to me. But since I didn't pose a question in my post, what is the question for which you claim the answer is Yes?
     
  20. Bob Allen

    Bob Allen Captainbaba

    Joined:
    Jan 16, 2004
    1,273
    11
    0
    Location:
    Seattle, WA
    Vehicle:
    2004 Prius
    I've read several accounts of this problem and the driver(s) stated that they could not put the Prius into neutral, as is recommended by Tom and Ray Magliozzi for runaway acceleration (in other types of cars). My question: If this occurred on the open freeway, where traffic is moving faster and you would have a better chance of not hitting anyone, could you not engage the cruise control then use the reduce speed option by tapping the cruise control lever down and thus slowing the car? In other words, would the cruise control circuitry provide an alternate (and override) means of slowing and eventually stopping the car? I think the minimum cruise control speed is about 30 mph. If you managed to get the car down to that speed, you might be able to either stop it with the brakes or get it into neutral, or even shut it off.