Page 104 - Toyota Under Fire
P. 104
THE RECALL CRISIS
information Web sites, that belief is simply wrong. “If a mechani-
cal part sticks or gets jammed, it’s entirely possible that the prob-
lem would fix itself and leave no trace. You’d never be able to tell.
Electronic systems, though, leave a trail of information, mak-
ing diagnosing problems much easier.”* It’s only if a mechani-
cal part fails completely—a hose in the brake system cracks, for
instance—that the physical evidence is easy to find and diagnose.
Electronic systems tend to leave evidence of intermittent prob-
lems. While the exact cause of an electronic problem can be hard
to pinpoint, the existence of the problem itself is fairly easy to
document. Still, people tend to have less trust in electronic sys-
tems. What if the electronic throttle control sends the wrong sig-
nal to the throttle, causing unintended acceleration?
That was a frightening thought for vehicle manufacturers
as well. Moving to electronic throttle control and ECMs, for all
their advantages, couldn’t happen unless the systems were more
reliable than the mechanical systems they replaced. So the manu-
facturers designed their computer systems accordingly.
Engineers designing vehicle electronic systems employ a meth-
odology called failure modes and effects analysis, which attempts
to identify all possible failure points and design in countermea-
sures. Given the risks, extensive work was done to design ETMs to
eliminate the possibility of catastrophic failures, eventually lead-
ing to rigorous standards maintained by the Society of Automo-
tive Engineers.
Toyota’s Vehicle Electronics, Fail-Safes, and Testing
To give you a sense of the way an ECM and ETC system is de-
signed, Toyota uses multiple redundant sensors and computer
* Interview with authors, October 26, 2010.
73
