Fix Automobile Sudden Acceleration
ABS Brakes - The Stealth Killer
Design for Reliability

For safety critical systems like the ECU and ABS brakes, extra care is taken by using multiple processors to run the same tasks and compare the results. Data may be stored in multiple locations so a test that all are the same before being used and no lost bits are able to corrupt the system operation. The ABS module has a self check routine that is run every time the car is turned on. If anything is found a problem, the ABS electronics turns the ABS portion of the system off and it works like a prior hydraulic brake system. A light is on the dash to show drivers that it is running as expected.

With all the effort to insure the system runs as planned, it is still an electro-mechanical system and subject to unexpected combinations of inputs which it does not know how to handle. This can result in the a system lock up where nothing is processed, including activating the brakes as the Brake pedal is pushed. In this state it does not communicate with the system black box. The timing record of the crash does not show the proper brake pedal position by the driver, Unless the new "brake override" system being put into law, has an independant way to sense the brake pedal position and an independent way to report to the Black box, the new system will fail to give correct information also.

Another problem is the ABS Brakes may not be tested as a system after the car has finished assembly to insure the whole brake system works on the car with the wheel sensors and other modules. The tests are run though a diagnostic computer system. This has been designed to be a very comprehensive test but not the same as a real time test on the car.

Reliability of complex systems like this will normally have a few failures in its early life. Test strategies are developed to make this failure rate as close to 0% as possible, but a few will always slip through. This is tricky to assess since the module is in many cases rarely activated. If the module comes out of the factory nonfunctional, it may be months or years for the defect to show as a problem with braking.

