Warren Savage On: Still Unsafe at Any Speed?
In 1965 consumer advocate Ralph Nader published Unsafe at Any Speed, an exposé of safety issues in automobiles. Highly critical of the industry’s focus on profits over safety, the book led to a series of congressional investigations that resulted in new American government standards for safety.
The subtitle of Nader’s book was particularly interesting – ‘The Designed-In Dangers of the American Automobile’. One of the targets of Nader’s message was the Chevrolet Corvair. The Corvair was originally touted as an engineering masterpiece with a new rear-engine design combined with a radical new suspension system that provided advantages in both handling and comfort. Here’s a link to the 1960 commercial touting the engineering excellence of the design.
Unfortunately the suspension system had a bad habit of collapsing under lateral stress which proved all too deadly for some owners when their car rolled over at high speeds.
What Nader meant by ‘Designed-In Dangers’ was really that the design of the car itself was dangerous, that the design was not robust enough to handle the ‘corner cases’ that can be seen in real world driving situations.
Failures in these scenarios could be life-threatening – and were. Chevrolet initially resisted calls to pull the product from the market, preferring to blame the driver, tires, road conditions, weather, or some combination. However, bad designs are not tempests that blow over and within 3 years after Unsafe at Any Speed and mounting casualties, the Corvair was pulled from the market.
Today Toyota is facing a similar PR meltdown regarding problems with its best-selling Prius hybrid cars where there have been a number of reports of out-of-control vehicles which have led to some deaths.
Toyota refers to this as ‘unintended acceleration’ which got a nice send up on John Stewart’s Daily Show (US only). And the news just got worse for them this month as Consumer Reports magazine put the Lexus GX460 on its ‘Don’t Buy’ list for rollover safety issues. Toyota responded within days and took the vehicle off the market pending an internal investigation.
I believe the problem is the same for Toyota and other manufacturers today as it was for Chevrolet in the 1960’s. The techniques that Chevrolet used for testing its Corvairs was based on the best practices associated with vehicles of a different technology platform (i.e. 1950’s vehicles). As the technology advances, so must the awareness of new failure modes that didn’t exist in the prior platform.
It’s the same problem that we have seen in the last decade of semiconductors - as a design’s complexity increases the ability to verify it goes non-linear. Engineers continue to innovate by increasing the complexity of their designs but struggle to come up with new techniques to ensure their designs can work under a broad set of operating conditions in the field.
And the problems continue to get more difficult because of the increasing level of embedded software content in semiconductors today. So not only do we have more complex hardware, we have more complex software to run on it now.
Let’s move back to automotive, which could be the leading edge of electronic design today. Vehicles are increasingly dominated by electronic control systems with even the ignition key being a relic of the past. A modern car can contain more than 100 microprocessors which are used to control or influence almost all aspects of the vehicle operation. That’s 100 instances of embedded software that are supposed to work together under a variety of real-world driving conditions. That’s 100 design teams working on a chip project not knowing what other chips their design will need to work with. It’s a daunting level of complexity and responsibility for everyone in the design chain, but most of all for the automobile manufacturer.
Dr. Albrecht Mayer, Sr. Principal in Emulation Systems and Tooling at Infineon Technologies, is an expert on the topic of debug in automotive systems.
Dr. Mayer cites the ‘Autobahn Argument’, which states that if a vehicle is designed to be safe at 150mph, then it will be very safe at 65mph.
To improve safety and reliability for its customers, Infineon offers some special technology in its products called ‘Multi-Core Debug System’ or MCDS, which allows real-time trace and debug capabilities in its microcontroller product lines.
Such capabilities provide vehicles with instrumentation that allows for engineers to collect vast quantities of electronic information about how the vehicle is behaving as it is goes through its real-world testing regimens. The drivers put the car through its paces on the test tracks at Nürburg-Ring, and then the engineers crawl through the data to ensure that the electronic systems are doing the right thing at the right time.
If not, the engineers make the tweaks to their code, the new code is downloaded into the vehicle and process is repeated.
Such advanced thinking about the verification of complex systems in real-world environments is going to be increasingly important as complexity continues to spiral upwards. One might argue that without some new innovations to the verification complexity problem of systems that there will be an upper limit to the complexity of designs that our engineers can realize.
The door is wide open for new companies and technologies to fill this gap and move the electronic industry into its next era of sophistication. Perhaps Chevrolet in 2018 can mark the 50th anniversary of the demise of th e Corvair with the introduction of the Corvair II, the world’s safest vehicle.
Warren Savage, President and CEO of IPextreme,is a well-knownand published authority in the field ofsemiconductor intellectualproperty.
He has a long history of pushing the envelope of designmethodologyfrom his work in fault tolerant computing at TandemComputers inthe 1980′s and driving reliable design methodologiesintocommercial practice at Synopsys for its DesignWare IP productinthe 1990s. Much of his thinking became embodied in the seminalbookon IP reuse, the Reuse Methodology Manual.
(Jan08) Warren Savage On: CollaborationNeededforSuccess
(Mar 08) Warren Savage On: TheNextBigThing
(Apr 08) Warren Savage On:GummingUpthe Works?
(May 08) Warren Savage On:WaitingforGodot
(Jun 08) Warren Savage On:OurVirtualFuture
(Jul 08) Warren Savage On:BeingPluggedIn
(Nov 08) Warren Savage On:DoomandBoom
(Dec 08) Warren Savage On: Backtothefuture
(Jan 09) Warren SavageOn:Moneyball2009
(Mar 09) Warren Savage On:ShakingtheTree
(Apr 09) Warren SavageOn:RoleModels
(Jul09) Warren Savage On: Rounding Down
(Jan 10) Warren Savage On: The Naught Decade
(Feb 10) Warren Savage On: The Naught Decade – Part 2
(Feb 10) Warren Savage On: The Naught Decade – Part 3Tags: complex hardware, complex software, complexity, designs, EDA, engineers, increasing, Infineon, innovate, IP, operating conditions, Ralph Nader, Struggle