New Cars Ain't What They Used to Be

A friend of ours whose age is somewhere north of seventy recently bought a new pickup truck.  Soon afterwards, in text messages she started calling herself "Keyfob."  When we asked why, she said, "Well, that's what my truck calls me.  When I get out of it it says, 'Keyfob has left the vehicle.'"

She has a new truck because she totaled her previous truck in a collision that she survived largely because of safety features that newer models have.  So no one should think I'm opposed to innovative technology in the automotive industry in general, especially when it contributes to safety.  But as Chicago Tribune reporter Robert Duffer recently pointed out, some of the innovations that carmakers have inflicted on new-car buyers recently can be annoying, confusing, or downright dangerous.

Duffer cites a J. D. Power survey of new-car-owner complaints that showed the category broadly described as "infotainment" was responsible for more complaints than anything else.  This includes things like touch screens, voice-activated commands, and touch-sensitive controls for radios and music players.  It turns out that by 2018, safety rules will mandate that every new car have a backup camera, and consequently a display screen will have to be somewhere in the driver's view.  Carmakers eager to get a competitive advantage are not going to leave such an opportunity alone, and you can expect they will pile more and more features into that screen in addition to simply displaying the backup camera output. 

Some of the problems with new cars stem from the fact that they are almost completely "fly-by-wire" in the sense that many driver outputs—accelerator, gearshift, and so on—don't do anything mechanical directly, but instead go to electronic sensors that run instructions through the car's CPU to execute commands, and similarly with the instrumentation that provides driver inputs.  Airline pilots, with their sophisticated and recurring training, managed the transition from mechanical airplane controls to fly-by-wire technology pretty well, but there were some glitches along the way even in that highly specialized realm.

Duffer provides evidence that when you take the average driver, whose total training to drive nowadays may consist in a few sketchy lessons under the reluctant tutelage of a parent decades ago, and plop him or her into a cockpit with literally dozens of new control surfaces, menus, options, and ways of doing things that used to be done basically the same way by automakers for decades but are now completely different, you're going to have problems.

Perhaps the most striking issue was the way some manufacturers misused the privilege of making the gearshift lever absolutely any way they want to now.  Back in the days of the column-mounted automatic gearshift lever, Duffer reminds us that the sequence "PRNDL" for "park-reverse-neutral-drive-low" was pretty standard.  Anybody back then could get into any car and at least know how to shift it.  But BMW and Fiat-Chrysler both went on the market in the last few years with gearshifts that defaulted to neutral, so the driver could turn off the engine and get out of the car with the vehicle still in neutral. 

For drivers who had developed the bad but understandable habit of relying on a car's transmission parking driveshaft-lock feature to keep the car from rolling, rather that setting the parking brake, this new feature was an accident waiting to happen.  And it did happen to a number of people, the most famous of whom was a Star Trek actor named Anton Yelchin who was pinned between his Jeep Cherokee and a brick column when his car rolled at him and crushed him to death.  Most of those cars have now been recalled to fix this issue, which never should have showed up in the first place.  

With freedom comes responsibility, and the new freedom that automakers enjoy to reinvent the driving experience comes with a responsibility to make sure that the average driver is not inconvenienced or worse by innovations that look attractive at first, but turn out to be annoying or dangerous. 

A lesson can be drawn from the early days of automobiles prior to 1925 or so, when there were literally dozens of carmakers vying for what promised to be a huge and growing market.  Henry Ford's Model T, produced in some form from 1908 all the way to 1927, is not a machine that your average driver today could get going without some lessons.  Even when an electric starter was added in 1919, the operator had to manipulate two steering-column-mounted levers (one was the throttle and the other was the spark-timing advance) and manage three foot pedals, two of which dealt with a mysterious planetary transmission that was part manual and part automatic.  By the mid-1920s, however, the accelerator had moved to the floor and the brake and clutch pedal position had stabilized in most newer makes, and there the matter stood until automatic transmissions came along. 

Then the question arose of where to put the automatic transmission controls.  It started out as a lever on the steering column, but even as early as the 1950s the designers started experimenting.  The ill-fated Edsel, for example, had a series of buttons on the dashboard to control the transmission, which probably led to problems like putting the car into reverse on the freeway when all you wanted to do was turn on the heater.  Eventually, with the advent of front bucket seats, the between-the-seats gearshift lever showed up, but even that standard has been tinkered with to the endangerment of the public, as the story of the Star Trek star showed.

Maybe it's too much to hope for, but a movement among automakers to standardize on a few basic features that all new cars will have in the same place that work in the same way would be welcome, at least by drivers who are no longer young enough to learn completely different operating systems each time they buy a new car.  At the very least, the car companies should view all software and hardware innovations with a mind to safety first, lest we have more potentially fatal problems such as the default-to-neutral gearshift. 

As for me, I'm going to hang on to my old vehicles till the wheels fall off, or maybe just before.

Sources:  Robert Duffer's article entitled "Five worst new car features reinvent the wheel for no reason" appeared on the Chicago Tribune website on Apr. 17, 2017 at http://www.chicagotribune.com/classified/automotive/sc-worst-new-car-features-autocover-0413-story.html.  I also referred to the Wikipedia article on the Model T.

Time To Make Airbags Optional?

For at least a couple of years, we have known that certain airbag inflators made by the Japanese firm Takata have been exploding like small bombs, sending shrapnel into drivers and passengers who otherwise would almost certainly have survived the collisions that set off the airbags.  A recent investigative article published in the New York Times says that at least fourteen people have died as a result of exploding airbags.  There's no good way to die, but getting killed by a defective safety device has to be one of the worst.  And especially if the company making the things was doing a coverup to keep selling them, as the Times reports.

The coverup was revealed in testimony taken as part of a lawsuit filed by Honda against Takata.  The active chemical in many Takata inflators is ammonium nitrate (AN), the same stuff that was responsible for the explosion in West, Texas in 2013.  One of the main attractions of AN is that it's cheap, which is one reason that Takata has historically been so successful in beating out competitive inflator companies.  But AN easily absorbs water and can undergo changes when subjected to heat or humidity that make it much more likely to detonate when ignited.  There's a difference between fast controlled burning, which is what an inflator is supposed to do, and detonation, which is a practically instantaneous explosion that will shatter almost any container.  And preventing AN from detonating involves keeping all moisture away from it for as long as it's in the car, which can be many years. 

Accordingly, automakers buying Takata inflators insisted that the company do very sensitive leak tests of its containers.  These tests involved injecting a certain amount of helium gas into a container before sealing it, and then putting the whole thing in a vacuum chamber attached to a helium mass spectrometer that can detect only a few molecules of helium, which ordinarily is not present in sea-level air.  It's a great system when it's not abused.  But the only problem was that the containers being tested at Takata's plant in LaGrange, Georgia, kept flunking. 

So the engineers decided to fudge the results.  They pumped down the vacuum chamber several times, "testing" the same container repeatedly until it ran out of helium.  Then they checked it off as passing, put new bar codes on it to conceal what they'd done, and reported that the container passed.  One engineer involved in this scheme complained to his manager about the deception, and was told "not to come back to any more meetings."  He subsequently quit the company.

Up till now, it looked like the worst that Takata was guilty of was gross incompetence, but now there is evidence of outright fraud. 

When I blogged about this matter in 2014, I fully disclosed that both of the cars my wife and I drive are affected by the airbag recall.  We are certainly not alone.  It now looks like over sixty million of the suspect inflators are out there somewhere, and at least nine separate carmakers are struggling to manage the most massive and nightmarish recall in automotive history.  Right now I am waiting to hear from our local Honda dealer about a recall notice we received for our Element last July, telling us that the passenger-side inflator was suspect and we should get it replaced.  Only, they didn't have replacement parts yet, so in the meantime, try not to let anybody sit there.  Now and then I still live dangerously and sit in the passenger seat anyway.  I can only imagine what this has done to the resale value of the vehicle.  So we'll hang onto it until Honda gets a replacement inflator for it.  But I'm not exactly happy to learn from the Times article that the replacement inflator may use ammonium nitrate too.

This whole sad situation brings up a question that was supposedly settled back in the 1990s, when airbags became mandatory on new cars in the U. S.  Can we afford the incremental added protection airbags provide in the light of the hassle, and now hazards, they involve? 

In a calculation performed back in 2005, a writer at the libertarian website Freakonomics claimed that he'd figured out how much it costs to save a life with a seatbelt versus an airbag.  I don't know the details of his calculations, but the results are astonishing.  Seatbelts are pretty cost-effective as safety devices go.  It's about $30,000 to save a life with a seatbelt.  Airbags?  Not so much.  They are vastly more complicated and are effective mainly in head-on collisions.  So the cost to save a life with an airbag is—fasten your seatbelt—$1.8 million.  Now this fellow said that $1.8 million still isn't bad by regulatory standards.  If it was my life saved by an airbag, I would be glad that somebody, somewhere spent that $1.8 million.  But that calculation was done before the massive airbag recall happened, and so you would have to add on to that figure however many millions of dollars have been spent by the automakers on the recall, not to mention the time, anxiety, and waste associated with such recalls.  And the isolated but not negligible accidents involving deaths or injuries directly attributable to airbags.  I've heard that some people have simply stopped driving cars with defective airbags.  This is a little extreme, but if you have another car you can use, I can understand.

It has always seemed a little dubious to me to install shock-triggered explosive charges in cars, even if they are proved to be a lifesaving measure.  And now we have even more reason to wonder whether it might not be a bad idea to make airbag use optional.  Because even properly working airbags can be hazardous to small children, I believe some cars were equipped to turn off airbags if the weight of a child was detected on the corresponding seat.  The way things are now, if I knew how to disable the airbags in my cars, I'd do it, but they're so complicated nowadays I'd have to go to half a year of technician school and even then I'd probably end up setting the thing off when I tried to disconnect it.  You shouldn't have to be qualified as a bomb disarmer to work on your own car, but that's the way it is these days.

In the meantime, let's hope that whoever is making the replacement airbag inflators does a really good job this time, and the millions of car owners around the world driving around with potential bombs can get rid of them.  But maybe it's time to reconsider the whole question of whether using airbags is something that a government should order you to do, or something that is best left to the decision of the consumer.

Sources:  The article "A Cheaper Airbag, and Takata's Road to a Deadly Crisis" by Hiroko Tabuchi appeared in the Aug. 26, 2016 online edition of the New York Times at http://www.nytimes.com/2016/08/27/business/takata-airbag-recall-crisis.html.  I also referred to a useful website where updates on the crisis over the last two years have been collected, at http://blog.caranddriver.com/massive-takata-airbag-recall-everything-you-need-to-know-including-full-list-of-affected-vehicles/.  The Freakonomics piece appeared at http://freakonomics.com/2005/07/18/which-would-you-rather-have-a-seat-belt-or-an-air-bag/, and my previous blog on this subject appeared on Oct. 27, 2014 at http://engineeringethicsblog.blogspot.com/2014/10/do-not-sit-here-exploding-airbag-recall.html.

Will Vehicle-to-Vehicle Communications Ever Get On the Road?

With all the recent attention on self-driving cars occasioned by the first fatality involving such vehicles, the advent of "talking cars"—cars that communicate wirelessly via vehicle-to-vehicle (V2V) communications—has taken a back seat, so to speak.  But V2V ultimately promises to be a vital link in the chain of technologies that will make driverless vehicles possible, as well as making ordinary human-driven cars safer. 

The basic idea is this.  Each V2V-equipped vehicle has a transmitter and receiver that operate in a 5.9-GHz (microwave) wireless band.  By one proposed standard, each car transmits its location, speed, direction, and other relevant data ten times a second to any other car in a thousand-yard (~910-meter) radius.  Other cars equipped with V2V can use this data to keep pace as a following vehicle, or to avoid a collision with a car that is still out of visual sight—around a corner, for instance—but on a collision course.  Some government experts estimate that if every vehicle on the road was equipped with V2V, the number of accidents not related to impaired drivers (alcohol, etc.) could be reduced by as much as 80%.  So what's the holdup? A couple of things.

First it turns out that, according to a recent Associated Press report, the main federal agency boosting V2V and prescribing an industry standard for it is the National Highway Traffic Safety Administration (NHTSA), which is now locked in a battle with another agency, the Federal Communications Commission (FCC).  The bone in this dogfight is the microwave band that V2V needs to use.  The FCC, leaned on by powerful wireless-comm companies, wants to reallocate that part of the spectrum for wireless internet users.  But a recent technical paper examined the tradeoffs involved in reducing the bandwidth used by V2V, and showed that even the currently contemplated 75 MHz of spectrum might not be wide enough to allow virtually error-free transmission, which is what is needed in this safety-critical application.

Aside from the radio-spectrum issue, there is a question of security.  The NHTSA has had enough imagination to build in a complex security protocol for V2V.  You can easily think of ways to use V2V nefariously.  For example, crooks in an escape car being chased by cops could use a false V2V signal to tell the cop car that it's about to have a head-on collision, and the cops would slam on the brakes—if they trusted what the car told them.  This assumes that the V2V information is used only as warnings to the driver, but sooner or later automakers are going to take the driver out of the loop and allow the V2V information to be used directly by the car's control mechanisms—brakes, steering, accelerator, etc. 

So in order to prevent such shenanigans, the NHTSA has devised a complicated security system that involves digital certificates, public-key infrastructure encryption, and a lot of other things that apparently have never been combined in such an elaborate way before.  It's nice that they have thought to make each car anonymous and to ensure that potential hackers will have lots of trouble hijacking the system, but even the NHTSA itself admits they haven't worked all the bugs out of this security process yet.

The closest analogy I can think of between the proposed V2V system and anything we have now is the air-traffic control system that uses active transponders on each aircraft.  The need for security in air-traffic control is a lot less, because there are a lot fewer planes than there are cars, the Federal Aviation Administration is looking over the airlines' shoulder all the time, and there was already an extensive radar-based air-traffic control system in place before the transponders were added.  With V2V, there is no centralized control, only a lot of cars talking with each other, so the technical challenge is harder.

Even if the automakers started selling V2V-equipped cars tomorrow, it would be twenty years, by some estimates, before nearly all cars on the road would be so equipped.  And until then you couldn't count on doing things with V2V such as traveling in closely-spaced packs or caravans on freeways, because even one non-V2V car in the pack would throw everything off. 

Still, if auto insurers find that V2V-equipped vehicles really do get involved in accidents at a significantly lower rate, they're likely to offer insurance discounts for such cars.  And while consumer behavior is not entirely predictable, buying a car that automatically lowers your insurance rate would be a strong incentive for car buyers to upgrade to V2V sooner rather than later.  However, the insurance companies aren't going to do that until they have a few years of data to base their price tables on.  And that won't happen till there's a significant deployment of V2V-equipped cars.  So we have a chicken-and-egg problem. 

Close to thirty years ago now, right after digital ICs capable of generating voice-quality audio came out, the car makers experimented with another kind of talking car.  If you sat down and didn't fasten your seat belt, this woman's voice came out of nowhere and nagged you to fasten it.  That kind of talking car quickly disappeared.  The V2V idea shows promise of making cars a lot safer without a lot of complexity added, except for the system issues involved with spectrum allocation and security.  I hope that the two fighting executive-branch agencies can work out a reasonable compromise so that people can both stream video as much as they want (or are willing to pay for), and drive in safer cars.  But so far, we're not there yet.

Sources:  The Associated Press article "Auto tech industries clash over future of talking cars" was carried in the print edition of the Austin American-Statesman of Aug. 27, 2016, and appeared in other venues such as the Aug. 25 online edition of the Los Angeles Times at http://www.latimes.com/business/autos/la-fi-hy-talking-cars-20160825-snap-story.html.  I also referred to a technical paper by Lei Shi and Ki Wong Sung, "Spectrum Requirement for Vehicle-to-Vehicle Communication for Traffic Safety," available at https://www.metis2020.com/wp-content/uploads/publications/VTCSpring_2014_Shi_etal_SpectrumRequirementForV2VCommunication.pdf, and articles on V2V security at https://www.contrastsecurity.com/security-influencers/v2v-communications

and http://www.symantec.com/connect/blogs/significant-security-challenge-new-vehicle-communication-standard.

The GM Ignition Switch Recall: Too Little Too Late?

How much stuff do you carry on your keyring?  Besides keys, I mean.  Some minimalists like my wife carry car keys separately from other keys, with nothing attached except maybe a small plastic tag to make it easier to find in her purse.  Other people, many of whom are younger, may carry a whole bundle of stuff on their keyrings:  those little barcode cards that give you discounts at retailers, miniature plastic poodles, handcrafted bits of knitted yarn, and I don't know what all.  But it probably never occurred to you to think that a heavy keyring could be hazardous to your health. 

Brooke Melton probably wasn't thinking of her keyring one rainy March night in 2010.  She was driving her 2005 GM Cobalt when the ignition switch suddenly moved from "run" to "accessory."  This had the unfortunate effects of killing the engine, disabling the power steering, and turning off the airbags.  The sudden loss of power caused Melton to cross into oncoming traffic.  The Cobalt crashed into another car at 58 mph and wound up in a creek, killing Melton and starting a chain of events that revealed the true cause of more than a dozen similar crashes going back more than half a decade.

As long ago as 2001, engineers at General Motors knew that a certain model of ignition switch assembly that was later used on a number of models had a problem.  The mechanical design of an ignition switch is a compromise, as are so many things in engineering.  Most mechanical ignition switches use a device called a detent, which divides the continuous rotation of the switch that would occur without the detent into a small number of discrete positions, typically four:  "off", "accessory", "run" and "start."  If the detent provides too much resistance, the switch will be hard to turn and might eventually wear so much that it would fail to work at all.  But if the torque (twisting motion) required to move the switch is too small, you take the risk that unbalanced forces resulting from heavy stuff on a keyring, for instance, may spontaneously make the switch turn from one position to the other.  This is apparently what happened to Brooke Melton and the 12 or more other drivers who died in ignition-failure accidents in GM cars having the suspect assembly.

At this remove, it is obvious what GM should have done.  The guilty part, No. 10392423, should have been redesigned with a more forceful switch detent plunger—a 57-cent piece that consists of a rounded plastic cylinder backed by a coil spring.  It is the force exerted by this plunger that sets the amount of torque needed to turn the ignition key from one position to the next.  Changing the spring fixes the problem by increasing the torque needed to turn the key from "run" to "accessory."  Then, the ignition assembly part number, or some documentation somewhere, should have been changed to reflect the fact that the new part was substantially different.  And GM should have recalled however many cars they had sold with the defective ignition switch and replaced them free of charge. 

If this had been done early, before too many cars had been sold with the defective ignition, it would have cost something, but the earlier such things are dealt with properly the less expensive they are.  But at the time, a few other things were happening at GM that provided distractions, namely, bankruptcy.  So matters drifted along, and at some point, Delphi (the company that makes the switch in Mexico for GM) changed the plunger to fix the problem.  There is contradictory information as to whether Ray DiGiorgio, a GM engineer, approved a design change in April of 2006 making this fix.  He has testified that he did not, but a Congressional committee claims it has documentation showing that he did.  Whatever was done in 2006, it had no effect on the thousands, if not millions, of cars already on the road at that time with defective switches.

After Brooke Melton's death, her parents decided to sue GM.  Their lawyer, Lance Cooper, hired a consulting materials engineer named Mark Hood to look into why the ignition turned off—an event that was documented by the car's black box.  After plowing through numerous Cobalts of various vintages in junkyards, he discovered that the critical plunger had been silently altered around 2006 or 2007.  Switches made before then took less torque to turn off than the newer switches.  Armed with these facts, Cooper took depositions from GE engineers and reached a settlement with the firm.  But the publicity surrounding the lawsuit attracted enough attention that others with similar crash incidents on their hands began looking into the matter.  And just last week, GM CEO Mary Barra testified before Congress about the whole thing.

To her credit, Barra took action to issue massive recalls, affecting some six million cars, on this and other problems within weeks after learning about them when she took the helm of GM in January of this year.  But these recalls are too late for Melton and at least a dozen others who died in ignition-related crashes of GM cars.  Although the investigations are continuing, it appears that at least one GM engineer may have lied under oath about the matter. 

This story has heroes and villains, although most engineering ethics cases are not black and white, including this one.  Consulting engineer Hood and GM CEO Barra appear to have done the right things with what they learned.  Investigations may prove that the GM engineers involved with the faulty ignition switch may have made the best decisions they could have, based on the information they had available.  No automaker can afford to do as much prototype testing as they would like.  It took making and selling thousands of cars to reveal that a few people with exceptionally heavy keyrings could end up getting killed by a switch that took just a little less torque than usual. 

But the truly blameworthy actions happened after GM began receiving reports of such ignition-caused crashes.  One fatal accident due to a defect that can occur under certain conditions should be looked into, and if necessary, a recall—not just a service advisory, which GM issued about the matter in 2005—should be issued. 

This situation shows that corporations, like people,  have good times and some not so good times.  GM's financial troubles possibly dissuaded decision-makers from issuing the massive recall that would have been needed to fix the ignition defect early, before more defective cars were sold.  But the result has been an even larger and more costly recall later.  Let's hope GM can fix all of the defective ignitions soon and move on, a sadder but wiser organization.

Sources:  I referred to the Wikipedia article "2014 General Motors recall," as well as the following online news articles.  CNN reported on the problem at http://money.cnn.com/2014/04/02/news/companies/gm-recall-part/.  Engineer Mark Hood's detective work is described at http://www.bendbulletin.com/home/1949311-151/a-florida-engineer-cracked-gms-ignition-flaw#.  Also, a Reuters article at http://www.reuters.com/article/2014/03/31/us-gm-recall-congress-idUSBREA2T0HO20140331 correctly describes the critical component as a "detent" plunger (it has been elsewhere described incorrectly as an "indent" plunger).  And National Public Radio published a helpful timeline of the issue at

http://www.npr.org/2014/03/31/297158876/timeline-a-history-of-gms-ignition-switch-defect.