There were several statements that really stood out for me. One was:
"We need informed oversight."
I am truly bothered by what seems to be factual evidence in the statement. "We need to pass it to know what's in it". If course this was made some time ago but certainly fits this situation. To me, this pretty much defines the West Wing and Congress and I'm not talking about just this administration. Engineers and programmers play a good game (and need to) rather than talking a good game. I get the distinct feeling that most members of the House and Senate become bored very quickly with all things technical and most of the called testimonies are for grand-standing only; i.e. "face time". With some exceptions, they simply do not have background necessary to make sound judgments when it comes to structuring a bill that will lessen risk of this nature and certainly one that will solve problems of this nature.
Also, I can understand confidentiality but the process described in the post for looking and working with the "code" was absolutely insane. The furtherest thing from transparency. I'm not too sure this problem will go away quickly and I agree with William in that I probably will not see an autonomous automobile in my lifetime. Maybe that's for the best. Great post Charles—thank you for the update.
You make really good points, Zippy, to show why any arguing or proprietary posturing over standards for cars is pretty ridiculous. Companies really need to get together on this effort, pronto. It also shows that our perception of what is important is a bit warped sometimes. This should be a real no-brainer.
DO-178 is a good example of solutions via "process control" and "bureaucracy".
I have worked in Allied Signal's avionics group. Please believe me when I say this is not a solution. (flight management, naviagtion systems, ACARS, Flight tracking, etc..)
Like so many other methods intended to improve products, they still rely on well meaning , educated humans to make it "work". We can not guarantee mistakes will not be made. These "tools" just reduce the chance that the problems will be fielded.
Charles.... as you indicated with comment on latest GM/Toyota legal woes, the public is demanding more and more protections from "engineering" mistakes.
If we can't guarantee a locking mechanism on a car to be free of "defects" (percieved) - how can society expect perfection on a product that involves dozens of processors , running millions of line of code? REGARDLESS OF COSTS REQUIRED (never really an option).
I doubt we can all agree on what defines a mistake! (that is not a bug! that is a "feature"!)
I remain skeptical of autonomous cars being in my future. Even if perfected, I don't see society giving up their love of manual driving. Making the expected safety improvements of "autonomous" driving.. mmm.... questionable?
As often the case, this is a people problem, not really solvable with technology.
Definitely true, Zippy. We've come to accept that 30,000 fatalities figure. But if 200 people died in self-driving cars, the media cry and legislative action would stop self-driving cars in their tracks.
I wonder if all this interest in self-driving cars just falls under the "Because We Can" category. The more you peel back the onion on everything necessary to go allowing one of these on the road, the worse the financial case becomes.
As another post alluded to, the DOT is not likely to hold the automakers' feet to the fire & force them to adhere to some rigorous public, open standards to design their autonomous cars. If they had to go through exhaustive software verification, sensor and actuator redundancy (and the ballooning software that goes with that), and a barrage of "what-if" testing, i doubt that we'd ever see an autonomous car. $100k? Naw, more like half-a-million. Apiece. And i would bet that the DOT wouldn't even start to seriously clamp down on these vehicles until a few of them started plowing into crowded cafes at full speed.
Well, and you wouldn't see a bunch of college kids writing this code as if they were building websites by the hundreds; they would need highly experienced, serious, rigorous software engineers. The kind that are coding the untold thousands of lines of code in our newest fly-by-wire, LCD-display, auto-takeoff-and-landing aircraft that can handle multiple sensor failures and not cheerfully fly into the ground. Read: bigger bucks yet.
I certainly wouldn't want a drunk in a self-driving car. At least a sober guy could have a chance of shutting the thing off if it went nuts - if he had enough time to do it!
Using the FAA as an example is a good one. Keep in mind that the difference between similar avionics equipment certified vs non-certified is huge, usually more than double!
Keep in mind also that aircraft are kept MILES apart from each other except for landing and takeoff so there is lots of reaction time for a pilot to take over when there is a problem. (and even so, problems arise)
As another poster noted, the roadway is littered with obsticals, other vehicles in close formation, and lots of anomolies that must be dealt with quickly.
The self-driving car is MUCH more difficult than an aircraft with autopilot. Want to buy a $100,000 Corolla?
I guess I will be continuing to maintain my existing vehicles for a long time. Not interested in a self-driving car, or willing to trust that it will be reliable.
Systems CAN become too complex. We CAN expect too much perfection. Sometimes simpler is better.
I have enough trouble with engine computers that are bug filled and subject to hardware failure.
Those of us in industrial controls see the complexity and cost required to get high reliability and robust safety. Are we prepared to purchase cars with SIL3 control systems. OF COURSE the reliability of these systems will be compromised, they will be unable to get the cost down any other way! Not just redundate control computers, but redundance in the sensors and the actuators!
Self driving car? Perhaps for thee, but not for me.
FM is certainly correct in that there are standards and processes for creating software that is a lot more bug free than what is currently offered on cars. Of course following those procedures is a bit more time consuming and it does take more effort, and a whole lot of lazy programmers would have no concept about what it was all about. BUT that is not the major roadblock for the autonomous automobile. Rather, the problem will be that they are simply unable to handle exceptions, and they will most likely NEVER be able to handle exceptions. In addition, the computerized car will not be able to make correct judgements based on human evaluations. Just consider the child-sized empty cement bag on the expressway that gets floipped up by the draft from the vehicle ahead: a human would understand that it was only a piece of litter and not initiate a panic stop to avoid it, while the computerized system would either initiate a maximum panic stop or else swerve to miss it, which either one is the wrong choice in 70MPH traffic. And what about tha5t huge pothole that we see, but the vision system and the radar just don't detect?Those are only two examples of the sort of exceptions that happen. And we know for certain that a large portion of drivers in such cars would not be paying any attention to the situation if the computer was driving the car. Why else would they spend the money for the system, if the car would not take over the respnsibility of driving? The best we can hope for is that the driverless technology would get drunks home safely and reduce drunk driving fataalities.
Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.