[SystemSafety] More on Bookout-Schwarz/Toyota
Matthew Squair
mattsquair at gmail.com
Mon Nov 11 13:01:11 CET 2013
Andrew,
Having waded through the transcripts that were released on safety
research.net here's my response.
1) Do you mean more probable than a software cause? If so I'd suggest
that's something of a red herring. If there's a software cause there's a
software cause, one does not preclude the other. See 4) for the specifics
of this case.
2) Did you mean user error? No as a general statement but there's also
nothing that will record a failure of the engine throttle system software
which is a major flaw in the systems 'fail safe' design.
3) Can't comment as to NASA conclusions but, from the testimony given,
NASA's investigation was limited in time, as to what they were shown and
(as it turns out) Toyota misrepresented the system to them. Despite that
they found many of the problems that Koopman and Barr did.
4) Incorrect, the 'smoking gun' is in the physical evidence, e.g skid marks
that indicate braking under power, photographic evidence, mechanical
inspections, witness statements etc. So as someone once remarked, "when
you've eliminated all other possibilities, whatever remains, however
improbable..."
I'd recommend Barr's presentation it lays out the investigative analysis
very well.
Reading through the material I was struck by how similar this case seemed
to Therac 25.
Matthew Squair
MIEAust, CPEng
Mob: +61 488770656
Email; Mattsquair at gmail.com
Web: http://criticaluncertainties.com
On 11 Nov 2013, at 9:05 pm, Andrew Rae <andrew.rae at york.ac.uk> wrote:
Peter,
Thanks for finding and sharing these. Can I ask for an opinion from you and
others who have followed this, on the likely situation.
My understanding (as someone with no inside information, just following
press and academic opinion):
1) The reports of unintended acceleration follow the pattern of
socially-propogated concerns, making it possible, maybe probable, that
there were no underlying unintended acceleration events caused by
software faults
2) None of the car models concerned had an independent recording device
allowing _other_ causes of the unintended acceleration to to be confirmed.
3) The NASA report found problems with the software, but none that they
thought were likely to be a cause of unintended accleration under the
circumstances of
the set of accidents they looked at.
4) The Bookout trial evidence was heavily critical of the software, and
found plausible ways that unintended acceleration could be caused by the
software, but nothing directly linking these possibilities to the Bookout
events.
Is this a fair summary?
My system safety podcast: http://disastercast.co.uk
My phone number: +44 (0) 7783 446 814
University of York disclaimer:
http://www.york.ac.uk/docs/disclaimer/email.htm
On 9 November 2013 18:53, Peter Bernard Ladkin
<ladkin at rvs.uni-bielefeld.de>wrote:
> This analysis goes deeper than what I've seen to date. It links parts of
> Phil Koopman's testimony (Phil tells me he is not the source) and *Barr's
> slides*, which like his testimony, are an object lesson in presentation.
>
>
> http://www.safetyresearch.net/2013/11/07/toyota-unintended-acceleration-and-the-big-bowl-of-spaghetti-code/
>
> PBL
>
> Prof. Peter Bernard Ladkin, University of Bielefeld and Causalis Limited
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
>
>
_______________________________________________
The System Safety Mailing List
systemsafety at TechFak.Uni-Bielefeld.DE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20131111/44d6c259/attachment.html>
More information about the systemsafety
mailing list