Thursday, January 28, 2010

Drive by wire

The car is a complex system now and becoming increasingly more so. Yet, we only teach people how to drive as if conditions are perfect. Then, problematic circumstances are only written about; actually, the whole notion is to allow errors (why else the huge amount of accidents?) and to use the adage of learning from the mistakes of others.

We need something better, folks.

Essentially, the Toyota problem that is behind the massive recall, and stoppage of sales, may boil down to 'drive by wire' (dbw) which is analogous to the 'fly by wire' (fbw) that we're seeing increasingly.

Now, there is nothing implicit in this post that is anti-progress, however certain burdens come with the forward steps. One of these is a mental adjustment. Nor is there any attempt at resolving the problem which Toyota is very capable of handling.

Aside: Some comments to the Business Week article mention problems and cover ups by other auto makers. Somehow, one does not expect that with Toyota.

So, we're talking a general notion here, folks.

You see, even with mechanical (and hydraulic) systems, there can be failures (that is why there is safety engineering and risk management). At the time of the failure, consequences can be terrible. But, we can easily study these and make adjustments. It's called learning. Too, the feedback to the driver, of the older systems, was more natural.

The fbw, and dbw, systems have contrived feedback. So, training, and the resulting mental re-adjustment, is in order.

In the case of fbw, the training is taken care of by reading, lecture, discussions, sophisticated simulators, and actual flying. But, even with all this, failures occur. And, we have not seen all of the consequences that can lurk with fbw.

In the case of dbw, there is no support for the driver. Of course, we have to ask, would drivers even pay attention to the message? You see, the idiocy of texting while driving is obvious, yet we have people doing that as if their weapon of destruction's potential to harm others, and themselves, is some type of right. Or worse, that it is indicative of being progressive, cool, intelligent, and some other delusions, when, in actuality, this mindset is of swampish creatures trying to fly.

So, what is the point? In the case of fbw, there is a lot put into studying, designing, and testing these systems. Fault handling is placed wherever it can be; yet, there are failure modes that cannot be handled and that are NOT known. Hopefully, the determination that these are only remotely possible will hold up.

But, the bdw systems are not so scrutinized. Is the public included in the design considerations? In fact, that the systems rely on a large set of sensors is problematic, as these need attention, too. In the case of fbw, there is regular inspection. In fact, some of these are under continual observation, or, at least, as close to continual as we can get. Remember, observers are systems, too, therefore subject to various failure modes.

In terms of the accelerator problem, it seemed a knee-jerk reaction, at the time, to name the floor mat as the chief culprit. Then, we heard that some type of material issue with the pedal itself was the likely cause.

Given that a full review is underway, we can hope that good lessons come from this. That is, Toyota has had a good name for years; in fact, western business has sort of genuflected to those wizards of the east (sometimes to nauseating extremes).

To be positive, rules ought to be described and defined. For example, if the engine thinks that it's going to runaway, the basic rule would be to shift to neutral and maneuver out of traffic. Except, if you're in the left lane and need to cross multiple lanes, other actions will be necessary.

Another? What if you're on ice and need engine power when you have this problem?

Now, it may also come from this that the auto industry will spend time making sure that their controls have overrides, redundancies, and what not to ensure against failure. Too, perhaps, they'll be a little more insightful about sensors and the consequences of their failure.

The model here is the afferent nervous system, and its sensors, which is quite complex. Yet, it has a number of failure modes. What we learn is to anticipate.

Now, why not teach driving in the same mode? Gosh, what did the DOT use yesterday? Responsible driving.

If we had taught the correct driving lessons, the mania of texting while driving would never have taken on the magnitude that we saw happen with the bad results which are upsetting.

Folks, dbw will be reality henceforth. Let's train for this.

Aside: As found throughout this blog, there is a reminder that we do not totally control nature through our models (abstract) and computation. And, one problem inherent with dbw is the computational requirement that is at the basis. And, listen folks, we're using systems, with their software in a black box, for the most part, everyday to put our lives at stake. Is that smart? Well, we ought to know more. So, again, no luddite argument need be casted. These questions are from one who has been in the industry for decades and who is definitely not cognitively limited with the biases that can be observed within the gaming generation (texting and driving, brilliant!).

Remarks:

01/22/2013 -- USA Today story on settlements. From three years ago, lest we forget.

02/08/2011 -- There was a report today concerning a study on the SUA problem that has been going on quietly. More news will be coming later when the report is technically analyzed.

09/28/2010 -- It nice to see the IEEE weigh in. Notice: sensors galore, drive in the loop, ...

04/19/2010 -- Genies, no not genius, indeed!

03/12/2010 -- Toyota's web site that is related to recalls.

03/09/2010 -- Can of worms is what we've gotten from letting the genie out of the bottle.

02/22/2010 -- Business Week uses 'drive-by-wire' in a recent article about computational driving.

02/09/2010 -- We need to retrain the driving brain. Where is there an auto user group?

02/08/2010 -- More expert opinion.

02/05/2010 -- Nader's opinion. Also, software and cars. And, what's the quality control? Note this from an expert's look,

02/01/2010 -- Experts on these types of things.

01/29/2010 -- Defense of Toyota.

01/29/2010 -- As said before, there is no reason to knock only Toyota in these regards (look at the long recall lists). The dbw discussion could just broaden to cover the fact that systems are more complicated and electrically boosted. Note today's Honda recall. There is no need to go through the long list of recalls except, perhaps, to categorize and count. The basis for continuing problem will be embedded logic as its prevalence can only increase due to technology. Who knows what we'll see with the hybrids and electric cares? That's the way it goes, folks, when we deal with our artificial servants.

And, using these little quirks of designed projects as an analogy for the large scope of economics is not far off base. All the gaming that we see financially has been computationally derived from mindsets that are both morally and ethically disadvantaged. Oh, these folks are brilliant and our best and brightest? Give us a break!

Modified: 01/22/2013

Friday, January 22, 2010

Traps and oops

A recent book review prompts the post.

We all marvel at the American ingenuity, and intelligence, that culminated in the moon landings and all of the side-effects that changed our lives, technically and socially.

We also know that 'perfect storms' happen (there are just too many to list). The moon program was so successful is almost the opposite of a perfect storm. Though there were mishaps (and lives lost), the program went well. The trouble with success like this is that it can breed hubris. How to control that human reaction is paramount to our future success.

So, somewhere between the gigantic success and the frustrating failure is the balance that we seek. This book covers that topic. Title: If We Can Put a Man on the Moon ... Getting Big Things done in Government.

Here are the pitfalls covered that are cleverly described as traps. We'll be discussing each of these in turn, in the contexts covered by this blog.
  • The Partial Map Trap: Importance of good project management
  • The Tolstoy Syndrome: Letting facts/data and models blind you
  • Design-Free Design: Getting the cart before the horse and believing in top-down hubris when grounded engineering needs to be in the balance
  • The Overconfidence Trap: Ah, forgetting that the past does not foretell the future
  • The Complacency Trap: Letting group-think, and fear of the truth, keep the right information suppressed
Ah, it'll be fun. Need to thank William Eggers and John O'Leary. Now, if business leaders think that these messages are only for government works, they're in a trap which we'll need to add to the list.

Let's see, Lordly Prince trap? There will be others added later.

Remarks:

01/19/2011 -- Changed the pointer (Deloitte moved the page) to support the 4th January post.

Modified: 01/19/2011