No sane engineer would waste his time and money trying to collect the $1million prize for finding the problem with Toyota throttle controls. Firstly, the lawyers would have made it impossible to collect with the fine print. Secondly, how would you find the intermittent vehicle, let alone the intermittent fault without total access to the technical documentation? It would take one a long time to get familiar with the technical hardware and software details. I guarantee you that Toyota would not be particularly friendly to you. Let's face it, your life would be destroyed if you are shown to be a whistle-blower. It's human nature.
In the 70's I owned a Ford farm tractor which had the standard issue Ford lap-belt seen in all Ford vehicles. What disturbed me was that whenever I went over the very bumpy plowed sections of the field, the lapbelt would release by itself. Closer examination of the construction showed the hinged cover folded back so its ends were flush with the back face of the belt buckle. What was happening was that the fat in my stomach (6'4" 175lbs at the time) when I was pushed into the buckle would push the cover out and release the belt. I could demonstrate this release mechaism by simply leaning into the belt buckle. I wonder how many people died wearing this belt, and were recorded as seat belt not buckled. Oh the humanity! When I contacted Ford, they asked me to mail in the belt. The new belt I then bought had the back wrapped around the side avoiding the problem. So Ford engineers obviously knew what was happening and had quietly fixed the problem.
The mentioned dual-pedal-application fix, and the many posters problem with it preventing intentional dual pedal use when needed could be remidied by having a timer delay in the software coding, say requiring 3-5 seconds of continuous dual pedal application to trigger the shutoff. That would allow the occasional valid use of dual pedals that is occasionally useful, and yet maintain the shutdown feature when it is really needed.
Not really. While a manual transmission obviously requires hill holding skill for even the mildest incline, steep roads will even cause an automatic to roll backwards as the idle speed does not produce sufficient torque through the converter. First hand knowledge, don't ya know. :-) But either way a gas/brake interlock has to be smart and tolerant or it'll be an annoyance at best and dangerous at worst.
I find it telling that Toyota was still using carbon pots for the critical throttle position sensor, while at that time the whole automotive industry had long abandoned carbon pots for digital encoders for the volume control of their car radios, because pots were too noisy.
Not that other sensors aren't susceptible to analogous disturbances.
A couple of months back I took a new Toyota Sienna for a test drive. After all, it's the only van "recommended" by Consumers Reports. I found it very difficult to control its speed. Even on a flat smooth and level road, with my foot braced against the center console, the car would slow down and speed up by itself making driving tiring. When I engaged the cruise control, everything settled right down. As you may expect the saleslady with me denied there was anything wrong. Apparently she gets these paranoid test drivers all the time. My hunch was a throttle control problem - still.
How does one go about checking 280,000 lines of code? One immediately thinks of Microsoft Windows, which gets updated ("corrected") weekly. A car manufacturer doesn't have this luxury.
Today's development cycle is highly cost and time constrained. How often have you heard the announcement, "Well, it seems to work. Let's get it out into the field." Further tests are costly and would rob our lead in the marketplace. Then when problems develop in the field, it's always the "stupid users" fault. Wouldn't it make sense to design with the "stupid user" in mind? We can blame it all on human nature's tendency to pass the buck and blame the victim.
Let's just give a thought to how many of our electronic devices have failed in some way in the last 10 years. Couldn't most of those failures been avoided by better design? Same old - same old lousy engineering. We're all human after all.
I would think manual transmissions would be exempt from this measure. Other reasons (besides starting uphill) could exist that the operator might want or need to press brake and accelerator at the same time.
The manual transmission is about the operator having control of power delivery rather than the machine having control over it. Drivers who prefer manual transmissions are generally going to be of a higher skill level and less likely to forget that there are numerous ways to stop unintentional acceleration - and the clutch pedal is right next to the brake. (Yes, I've been using manual transmissions on a wide range of vehicle types for over 30 years. I started very young.:))
Here's another solution looking for a problem. I do not like idea of putting this on every car in the universe simply because a few people fail to hit the correct pedal. I am tired of seeing this panic everytime a problem like this hits the news. Yes, its unfortunate that someone gets hurt or killed, but life is full of risk.
Besides - If we are still in the land of the free and home of the brave, (not sure about that anymore).. I would really like to retain the option to hold the brake and roast the tires. OR - at least know that it is still possible even if I'm too much of an old fuddy-duddy to actually do it.
The gas pedal sensor has been called a potentiometer, and now a dual-pot encoder in these posts. A 'pot' or potentiometer is not an encoder. Does someone know the exact nomenclature of this device ? The encoders that I am familiar with are optical = led's and a rotary grating.
I think that trying to get to feature to work in software and co-exist with times when you might want to depress the throttle and brake is an exercise in futulity.
The 'safety' feature needs to exist apart from the normal throttle, brake and gear shift controls. We already have plenty of experience providing this type of safety system.
I am amazed that auto manufacturers haven't had to do what industrial equipment makes have had to do--- install a big red e-stop (panic) button. When we still had mechanical keys we effectively had this.
Now that electronic 'keyless' systems have been in wide use, we have lost the method for shutting down a misbehaving system and this current condition was bound to happen.
You mentioned "tin whiskers" and I have some recent experience supporting this hypothesis. For several years, I've been 'rebuilding' 2001-03 Prius accelerator assemblies. A dual-pot encoder, when they become "noisy" the control computers detect this and trigger a safe-home mode. This caused the vehicle to behave as if a big-hand was holding the vehicle back.
The replacement accelerator assembly cost ~$500 not counting labor to install. So Doug Schaffer figured out how to rebuild the encoder and I carried this on when he went to China. A simple process, we used a Dremel tool to remove the cover and clean the contacts and surfaces. Reassembled using JB Weld epoxy, it was a cost effective solution. But eventually with the low volumes, I stopped doing this. Then I read the 'tin whisker' papers from GSFC.
I still had a number of 'broken' encoders so following the procedure described in the papers, verified the broken ones had similar characteristics. Then using a 9 V battery to 'burn out' the tin whiskers, I retested them and their failure symptoms were gone.
Modern encoders are Hall effect devices, not dual-pots, so the tin whisker threat is significantly reduced. Furthermore, the older 2001-03 Prius are going out of service and the data suggests these problems were limited to the first year or two of production. The 2003 model year encoders haven't shown similar failure rates. Regardless, 'burning out' the tin whiskers turned out to be a simple and effective solution.
Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.