Summary: The Safety Promise and Challenge of Automotive Electronics
TRB Special Report 308
Background
In response to the much-publicized unintended acceleration episodes of 2009 and 2010—largely
involving Toyota vehicles—NHTSA enlisted NASA to investigate the incidents and TRB to
research investigations of unintended acceleration events in general to help inform and improve
regulation of electronic systems in automobiles (with this report being a result).
NASA engineers and safety specialists examined Toyota’s Electronic Throttle Control (ETC)
using a plethora of analytic tools. The sensors which relay the position of the pedal to the auto’s
central computer were particularly scrutinized. Tests which were run on the logic of the
programming embedded with the software, hardware configurations, and possible
electromagnetic interference with the sensors came up negative. With no evidence suggesting
the unintended acceleration episodes were related to Toyota’s ETC, NHTSA turned its full focus
to pedal/floor mat design/driver confusion, which had been found to cause similar incidents for
decades prior.
NHTSA has regularly investigated incidences of uncontrolled acceleration, and nearly always
has (accurately) found pedal-related defects (brake-gas pedal confusion, sticky pedals, poorly
designed floor mats) to be the culprit. NHTSA’s investigation of Toyota’s ETC was justifiably
closed after NASA and thousands of consumer complaints revealed pedals sticking to floor mats
as the likely cause of the unwanted acceleration.
TRB 308 covers a laundry list of common electrical systems and components which are built
into modern motor vehicles, but generally does not evaluate the technical, societal, or economic
feasibility of future intelligent transportation systems.
Significant Findings

Automotive electronic systems are becoming more complex—increasingly interacting
with one another onboard and with external systems/networks. Future V-to-V, V-to-I,
steer-by-wire and brake-by-wire systems will be even more complex; dependability tests
will be needed to be developed for new software, hardware, and wireless components.
ETCs are considered simple and mature technologies compared to these and other
emerging automotive technologies.
As systems become more complex and human-machine interfaces (HMI) evolve, the
learning curve for drivers becomes steeper. Automotive manufacturers are also
increasing challenged to interface these new systems with users. They are also working
with the International Organization for Standardization to establish safety evaluation
standards for evolving automotive systems. ISO is (was) due to release the consensus
standard for the functional safety of automotive electronics systems in early 2012, ISO
26262.

Many OEMs are still searching for a standard onboard communications protocol.
Presently, vehicle systems communicate with each other via varied modes, including
single wires, twisted wires, fiber-optic cables, and vehicle power lines.

Electromagnetic emissions from electronics can adversely affect microprocessors inside
automotive systems. OEMs currently require all suppliers to comply with emissions tests.

The integrated nature of electronic automotive systems in today’s cars means that cyberattacks which seize control of critical vehicle functions from the driver are possible.
Research from UCSD and the University of Washington suggests that there are several
possible avenues in which would-be hackers could deploy malicious code in to the
vehicle’s central computer.

NHTSA faces significant challenges in promoting new electronic systems which make
driving safer and mitigate unsafe driving practices while ensuring reliability of these
systems. NHTSA Federal Motor Vehicle Safety Standards only require vehicles to meet
certain minimum safety requirements and do not regulate the production of individual
systems and parts. This is unlike the FAA, which exerts much more oversight of the
design and implementation phases of aircraft development, but similar to the FDA, which
focuses on post-market oversight.

New electronic systems now enable most new vehicles to be equipped with Event Data
Recorders (EDR), which store collision related data and monitor key safety systems.
ODI’s investigation of the Toyota unintended acceleration incidents demonstrate how
data taken from EDRs can effectively supplement other evidence in determining the
causes of similar occurrences.
TRB Recommendations to NHTSA

NHTSA should create a standing technical advisory panel that can be consulted when
information is needed concerning automotive software, hardware, systems integration,
and human interaction.

TRB recommends several candidate topics for further research in the area:
electromagnetic dynamics of auto-related systems and devices, electronic system error
diagnostics, enhanced EDRs, system security, regulation compliance, human interaction
in emergency situations, and advanced methods of investigation for ODI.

EDRs should be commonplace on all light vehicles.

Get a strategic plan! ASAP!