They should have seperate the liability software features like braking, accelerating, airbags etc on a seperate controller with a seperate team and seperate quality focused goals. The savings in production, they came and went. Protection goals and protection effort..
Also
-use model based design? Dead link? It's strange reading old articles with the problem solving buzzards of yesteryears strewn in as recommendation.. Oo will save the day.
Wikipedia Artikel critcism:
"
While Model-based design has the ability to simulate test scenarios and interpret simulations well, in real world production environments, it is often not suitable. Over reliance on a given toolchain can lead to significant rework and possibly compromise entire engineering approaches. While it's suitable for bench work, the choice to use this for a production system should be made very carefully. "
Car manufacturers try almost everything to avoid the need to write code because they are terrible at it and don't (want to) respect the craft. Hence, tooling that promises no actual programming required.
It's getting better, but the things in the article happened over 10 years ago.
Classic VW bugs famously have an issue with their clutch cable- it will eventually break, causing the clutch to unexpectently engage. If you happened to be waiting at a red light the car could lurch into the intersection if you didn't have your foot strongly on the brake. (this happened to my dad, no injury, just scary).
So the controls have to be reliable and robust. It will be easier to demonstrate this if the system is simple. So I think we would prefer software to not be involved in safety systems, but if it must be done you need to go to extraordinary measures to demonstrate its safety.
How you do this for something like full self driving where there is a trained system involved (i.e., that you don't know how it works) I have no idea.
Electronics are wonderful to inform the driver their clutch cable broke. It may fail and tell you it's broken when it isn't. You could continue to drive and have it fixed eventually. Other data would be available so that the diagnosis can change to a defective clutch cable sensor.
It can then register the defect on the manufacturer website and garages along your regular driving route and/or near your home can bid on replacing the sensor. You pick the bid most convenient to you, they order the part, you arrive at the dynamically negotiated time, they replace it immediately or give you a loaner.
Long story short, I'm getting a framework laptop. (haha)
As someone who works in the rail business, it's absolutely possible to have software controlling safety-critical functions. The difference is apparently that it's regulated in rail (SIL4 [0]) and not in road vehicles.
Also
-use model based design? Dead link? It's strange reading old articles with the problem solving buzzards of yesteryears strewn in as recommendation.. Oo will save the day.
Wikipedia Artikel critcism:
" While Model-based design has the ability to simulate test scenarios and interpret simulations well, in real world production environments, it is often not suitable. Over reliance on a given toolchain can lead to significant rework and possibly compromise entire engineering approaches. While it's suitable for bench work, the choice to use this for a production system should be made very carefully. "