The impending crash of automotive software: will ISO 26262 stop it?

A recent article we saw on electronic recalls reads like a Who’s Who of automotive manufacturers struggling to cope with the complexity of electronic systems and paying the price in higher costs and damaged reputations. Will the introduction of ISO 26262 put the brakes on this growing trend or can we expect more of the same?

The Safety Record article* starts with a list of global automotive brand names which it says have recalled models because of problems in complex electronic systems. The companies are:

• Toyota and Nissan (faulty Engine Control Modules);
• Volvo (engine and transmission software calibration);
• Toyota (sensor faults);
• GM (signal interruption to the steering column).

These companies are by no means alone, with the latest data saying 722 recall campaigns related to electronics were launched in the twelve months up to July 2011. With the total value of electronics in the automotive industry reaching nearly $4 billion in 2010, recalls have the potential to become a hugely expensive drag on electronic development in the automotive industry.

So what are the causes and consequences of this trend towards increasingly complex electronic systems, and can anything help automotive manufacturers avoid or at least minimize the problems they face?

There are two main reasons for the trend:

• Manufacturers saw electronics as a way to produce safer and more reliable cars with advanced engine management and transmission control systems; and
• Consumers demanded more gadgets and gizmos to enhance their driving experience.

Of course, there is a consequence to being in thrall to the power of electronics; new compute-intensive applications required the adoption of the latest high performance embedded microprocessors, and the functionality provided by Electronic Control Units (ECUs) necessarily became more complex.

As a result, the job of testing for correct functional and timing behaviour grows ever more difficult. As The Safety Record puts it, “Interconnectivity and the intermittent nature of these electronic issues creates a whole new level of diagnostic and forensic challenges for engineers and technicians and greater challenges for regulators examining potential safety-related defects.”

This is where ISO 26262 arrives in the car park. Designed to help automotive system designers and software developers assess the safety of their components, with clear guidelines about how to perform the analysis but also how to provide evidence of it, ISO 26262 heralds a significant change in the regulatory environment. The question is: given everything we now know about the problems in complex electronic systems, will ISO 26262 stop the impending crash of automotive software?

*“The Next Defect Frontier: Electronic Recalls”, The Safety Record, Volume 8, Issue 2, July 2011.