Tuesday, March 16, 2010

Toyota -- The Blue Screen of Death

UPDATE March 17m 2010
More than 100 complaints lodged over fixed Toyotas The The National Highway Traffic Safety Administration reported today that sudden acceleration reports by owners of Toyotas that have already had the recall repair to their throttle (gas) pedal completed has increased to 105. The throttle pedal repair may help some Toyotas, but does not begin to address the underlying computer control problem.

A typical report is from Mr. John Moscicki, a mechanic from Lake Oswego, OR who formerly specialized in restoration of high performance Porsche vehicles. "It just went to the floor like some other system had control of it," said the performance car expert. He was going to give the car to his daughter, but now says, "I wouldn't let her anywhere near this car."

Original Post March 16, 2010
Toyota has given a whole new meaning to the compute phenomena called “Blue screen of death.” Any of us who have spend very much time with a PC has seen the blue screen of death. When some bug happens, when one software gets into conflict with another software, or some memory bit malfunctions, the computer crashes. When your PC malfunctions, or “crashes,” sometimes it just stops with whatever screen you were last viewing. Sometimes the PC gives you a blue screen with a cryptic message. Computer geeks have long called that the “Blue screen of death.” It means that you have to unplug your computer and reboot it from the beginning. PC computers have gotten more reliable in the past decade so we don't see the Blue screen of death as often as we once did, but it still happens once in a while.

When your PC crashes, you lose whatever document you might have been working on. Two hours of typing into a word document may be lost. When web surfing a Blue screen of death only costs you the time to reboot and log back into the web site, unless you are in the middle of a financial transaction and have given your VISA card number and haven't gotten the confirmation back. But now Toyota Motors has given us a whole new meaning for the “Blue screen of death.”

New cars are more and more controlled by computers, and Toyota has been leading the revolution of automatic control for several decades. Control of the vehicle has continually been taken more and more away from the driver and given to an automatic control system. The driver may notice interlocks that have been added for safety. For example, you cannot shift the vehicle out of “park” until and unless you put your foot on the brake peddle. It is a safety feature as long as your computer is functioning properly, but when the computer crashes, or goes to the Blue screen of death, you may be in big trouble. When the computer goes south, even the manufacturer trained maintenance mechanics often can't figure out what to do. Here are a couple of examples.

Some years ago Bob owned a Toyota Corolla. One of Bob's neighbors had an identical model and year. We lived in a town where the summer weather often had 100 degree (F) afternoons. There was some problem in the Toyotas that would not allow the driver to start the engine on a hot afternoon. My neighbor took his to the Toyota dealer half a dozen times, and they assured him that it was all working properly. Only when he came out of work wanting to start the car to drive home, he had to ask for help to push the car to get it started. I had the same problem. Once you get 4 men to push the car you could pop the clutch and get it started, but on a hot summer afternoon it would not start by itself. I eventually figured out that I could open the hood and take a jumper wire from the battery to the starter solenoid, and it would start right up. We tried to trace the wires from the key “start” switch to the starter solenoid but it got lost in a jumble of relays and control features all designed to control the functions without driver knowledge or ability to control. I eventually got tired of having to open the hood and jumper the electric system every time I wanted to drive the car so I ran a bypass wire from the solenoid to a new switch for the driver. In summer I could push my new (non Toyota) switch and start the engine. Once started it would run fine, but I got rid of the Corolla and have never driven a Toyota since. New Toyotas now need a new wire and new switch to be safe. More on that later.

In the past couple of decades Toyota has replaced most of their control relays with a computer control system that takes away even more of the driver's control. The throttle (gas) pedal no longer has a mechanical linkage to the engine throttle. A sensor measures the position of the throttle peddle and tells the computer how far down the driver has pushed it. The computer is connected by wires to servo devices that control the engine fuel and air. The Toyota computer adjusts the fuel injection system and air intake according to its software instructions that depend on many factors such as throttle peddle position, cruise control setting, brake peddle position, engine temperature, exhaust gas composition, and other factors.

The Toyota computer usually does a fine job of regulating all the settings to optimize gas mileage and allowing ignorant drivers to operate the vehicle. The Toyota computer, not the driver, is in control of the vehicle. The driver cannot control gas, brakes, speed, or gear shift without the computer functioning properly. Its not just the throttle linkage that has been removed and replaced with sensors and computer operated actuators. A malfunctioning computer can set the engine to full throttle and refuse to acknowledge any driver control, depending on the particular malfunction. The blue screen of death can kill you.

The brake system is tied to a computerized “anti-lock” feature that is supposed to prevent skids by killing the brakes on any wheel that is skidding on ice or pavement. It works fine and allows you to stop in less distance especially on ice or snow, but it is dependent on normal computer function to stop at all. A malfunctioning computer can disrupt the brakes. A malfunctioning computer can mistake normal braking for skidding and prevent braking by any or all wheels. The brakes of a Prius are even more complicated in that they sometimes use a backward force from electric motors acting a generators to recapture energy and recharge the batteries instead of wasting the energy in brake pad heat. One complaint with the Prius was that it took about 3 seconds for the computer to engage the actual brakes in some emergency stops. A malfunctioning computer may never engage the brakes, depending on the particular malfunction. The blue screen of death can kill you.

The gear shift is also tied to the computer. A required “safety” feature prevents shifting out of park unless the computer knows that you have your foot on the brake pedal. That is supposed to prevent you from accidentally shifting into forward when a competent driver does not intend to do so. It also keeps dogs and small children from accidentally shifting into forward because they can't reach the brake pedal at the same time. It is a safety feature that probably has prevented numerous runaway vehicles operated by dogs or children, but it can cause problems when the computer malfunctions. A lesser known “safety” feature can prevents you from shifting out of forward into neutral in certain conditions. One of the conditions is that shifting from forward to neutral while accelerating at high speed is prevented or can be prevented by a nonfunctional computer. On some Toyota vehicles, such as the Prius, the shift control is no longer actually connected to a transmission either. A malfunctioning computer may block a shift to neutral, depending on the particular malfunction. The blue screen of death can kill you.

One night I was driving a 1954 Ford down Interstate 5 near Seattle. The gas peddle linkage return spring suddenly broke (SNAP!). The gas peddle fell to the floor and stayed there. I was able to shut the key switch off within seconds. I then was able to continue down the freeway by turning the key switch on and off running the engine at full power intermittently until I came to an exit and coasted to a safe stop. Toyota no longer allows the driver to turn off the engine. It no longer has a throttle linkage, only a computer linkage. The Toyota throttle peddle only is connected to a sensor that is supposed to tell the computer where the peddle is located. Toyota claims that friction in the peddle became too much for their return spring so the peddle got stuck. Perhaps that was part of the problem, or perhaps a few return springs broke. But on Toyota there is no fail-safe mode. The driver no longer has a key switch to shut the engine off. If there is a mechanical problem in the Toyota throttle peddle your life is at risk. That is an unacceptable risk in my opinion. Peddles stick and return springs sometimes break. It should not kill the driver.

Some years later I was driving down Interstate 90 in a GMC truck from a well known trailer and truck rental company. A plastic clip holding the throttle linkage together broke and the linkage disconnected. The engine went to full throttle. Once again I was able to use the key switch to cut the ignition, and by intermittently turning the ignition on and off I was able to exit into a rest area. A quick fix with some bailing wire and we were off down the road again. But Toyota vehicles no longer even have a mechanical throttle linkage. When the Toyota computer or any of those sensors has malfunctioned it can suddenly go to full engine power and there is nothing that the driver can do about it. On Toyota there is no fail-safe mode. The driver no longer has a key switch to shut the engine off. If there is a mechanical problem, a computer problem, a wiring problem, or a sensor problem, in the Toyota your life is at risk. That is an unacceptable risk in my opinion. Any of those complicated sensors, wires, or computers can sometimes malfunction. It should not kill the driver.

In older cars there was always the key switch as the last resort. No so any more. Toyota, and other companies, have done away with the driver controlled “OFF” position on a key switch. In the new cars they have a push button “START” switch to start the car instead of turning a key switch. In a Toyota you are supposed to press and HOLD the “START” button for 3 seconds to stop the engine. It was done for convenience and to have more high tech sales features. On some Chevrolet models your key has a button that can start your car while you are in your house. On some car models the car senses when you bring the key into the vehicle and shut the door. It then locks the door and starts the vehicle without you having to even press a button. All these features are wonderful but when the computer goes blue screen you can be in a world of hurt.

When the Toyota control computer goes into some failure modes it runs the engine to full power, prevents effective braking and won't let you shift into neutral. There is no key switch to turn it off. Unlike your home PC, when the blue screen of death happens to a Toyota product you are in extreme danger of actual physical death. It can and will kill you. Here is the recording of the last words of a man as his Lexus came to the end of a highway at 125 mph. Toyota 911 Call Of Family's Fatal Lexus Crash

Toyota continues to deny that there is any problem. The mentality of Toyota is typical of Japanese culture, with a high reliance on established authority. In WW II the Japanese military continued to rely on the weapons and tactics it began the war without recognizing that their Zero airplane, for example, had become largely obsolete by 1943. The Japanese culture leads to bull headed adherence to authority even in the face of many contradictory facts and events. Toyota says that they are “unable to reproduce the failure.” DUH! A flipped bit computer failure is not reproducible. The next computer failure will be some other flipped bit or software glitch. A Prius driver in California drove his Prius for 3 years without any problems. Then one day the computer went to blue screen and almost killed him. He was able to slow down and stop only after the California Highway Patrol (CHP) suggested the “emergency” or “parking” brake. It is the only braking system that is not computer controlled. Toyota subsequently examined the Prius for 2 days and was unable to recreate the event. Not surprising. It had functioned 100% normal for 3 years. One time out of thousands its computer went blue screen and tried to kill the driver. The next thousands of times it may function 100% normally.

The data captured from the memory of the malfunction Prius should be used by Toyota computer and control engineers as clues to what causes runaway vehicles. Instead of using the information to fix the problem, Toyota is still denying the problem. See: Toyota dismisses Calif. man's runaway Prius report Also See; Toyota Co. rebuffs critic who blames electronics

Toyota has tried to blame a sticky bearing in the throttle pedal for the blue screen deaths, and has been making small “fixes” to the pedals, but the runaway Toyota vehicles and deaths continue. As of March 5, more than 60 drivers have experienced runaway Toyotas after having their gas pedals “fixed” by Toyota. Obviously their underlying computer problem has not been addressed.

Part of the denial at Toyota may be motivated by thousands of lawsuits that are being filed by lieyers for Toyota owners. See: Some Toyota drivers suing in US for a full refund

But its not just disgruntled customers asking for refunds. In Orange County California the District Prosecuting Attorney has filed charges of racketeering and fraud against Toyota for lying to the public. See: Racketeering, Unfair Business Practices Claims Added Against Toyota Lying to the public is a crime in the US. Toyota has been denying that there are any problems for a decade now, and the problems keep getting worse.

Yes, there have been runaway vehicles of other manufacturers. Yes sometimes the other vehicles crash and result in death or injury. National Highway Traffic Safety Administration received 15,174 complaints involving unintended acceleration in the past decade. In most cases the driver was able to shut off the vehicle. However, runaway Toyotas amount to almost half of all sudden acceleration deaths, and its getting worse. The nature of the runaway Toyota control system prevents the driver from stopping the vehicle. In my years of driving I have experienced 2 runaway acceleration problems in a Ford and a GM products. Both times I was able to shut off the engine before any damage occurred. In the new Toyota computerized system that “OFF” control has been taken away from the driver. When a Toyota has a runaway control system you are no longer able to stop it. When a Toyota control computer goes south, the blue screen of death has a whole new meaning. It can kill you.

One investigations currently going on is to test the Toyota computers for cosmic radiation bit flipping. It has long been known that cosmic rays, electromagnetic radiation, and other interference can sometimes change or “flip” memory bits from 0 to 1 or vice versa. Airplane and space ship computer systems take many precautions against random memory flipping by cosmic rays. At sea level there is less probably of cosmic ray caused bit flipping but it still happens sometimes. Only 1 flipped bit can send your whole computer into a total malfunction, depending on which bit is randomly flipped. See a report in the Detroit Free Press about government investigation of Toyota computers for cosmic ray bit flipping.

I recalled above how I once had to install a new wire in a Toyota Corolla to start the engine in hot weather. If you own a Toyota of any model that has no key “off” switch, you need to install an additional wire before you turn another wheel. Find the ignition coil and run a wire from the battery side of the coil to a newly installed grounding switch within reach of the driver. Connect the other side of the switch to a convenient ground on the vehicle chassis. When your Toyota computer goes into runaway mode you will be able to ground the engine ignition and stop the engine regardless of whatever command the computer is putting out. On a battery driven hybrid car such as the Prius you my also need to install a shut off switch for the battery pack to shut the electric motors off.

Somehow the Toyota engineers and managers got so busy making the car automatic that they took away all the driver controls that make it safe. It works fine as long as the computer is operating normally, but when you get the blue screen of death, it can kill you.