On 18 January, the U.S. National Research Council’s Committee on Electronic Vehicle Controls and Unintended Acceleration released a report titled, “The Safety Promise and Challenge of Automotive Electronics.” The report assesses the U.S. National Highway Transportation Safety Administration’s (NHTSA’s) handling of the investigation into complaints of unintended acceleration in Toyota vehicles from summer 2009 through spring 2010. It also makes recommendations on how the agency can effectively provide safety assurance and oversight to automakers as cars—with the addition of electronic components for safety, performance, and entertainment—become ever more complex.
After NHTSA had concluded that electronic throttle control systems (ETCs) were not the cause of unintended acceleration, lingering doubts about this specific phenomenon morphed into a more general suspicion about electronic automotive components. NHTSA eventually turned to NASA experts to review the data. And if the agency could not definitively and authoritatively declare the matter closed with ETCs (which the committee characterized as relatively simple and mature technologies) how will it, the report reasons, keep the car-buying public from harboring suspicions that complex and highly interactive systems are behind some future series of erratic vehicle behaviors?
(To be fair, part of the unwillingness to accept NHTSA’s conclusions was due to the delay in examining the vehicles that had raced out of control. For a while, the agency was at the mercy of Toyota because only the automaker had the tool needed to retrieve data from the vehicles’ event data recorders (EDRs). EDRs, colloquially black boxes, are part of a vehicle’s airbag control module and store performance data including speed, throttle position, when the brakes were applied, and how forcefully.)
The committee says unequivocally that NHTSA made the right call regarding the electronic throttle control systems in Toyota vehicles, but made seven recommendations to the agency aimed at preventing a repeat of that disconcerting series of events. Among them are calls to:
- Become more familiar with and engaged in standard-setting and other efforts by which manufacturers ensure the safe performance of their automotive electronics systems ("Hopefully, Congress will include the findings and recommendations of the National Academy of Sciences study, specifically the security needs for automotive electronic systems to prevent unauthorized access,” says Thomas M. Kowalick, who heads the IEEE’s EDR standards effort.)
- Convene a standing technical advisory panel comprising people with expertise in the design, development, and safety assurance of automotive electronics—including software and systems engineering, electronics hardware, and human factors (The committee, however, was reluctant to prescribe a specific number and mix of experts the agency should hire or to tell it what research and testing facilities it should create. The group acknowledged that it “would make little sense [to do so] without knowing more about the specific functions [these electronics or system safety engineers] would perform.)
- Ensure that EDRs be “commonplace in new vehicles…recognizing that the utility of more extensive and capable EDRs will depend in large part on the extent to which the stored data are available for safety investigation.” (According to Adrian K. Lund, a member of the committee who is president of the Insurance Institute for Highway Safety, a nonprofit safety research group funded by auto insurers, the committee didn’t issue a firm recommendation that EDRs be made mandatory because of the as yet unresolved privacy issues related to who owns EDR data and who should have access to it.)