Rabu, 09 Februari 2011

NASA on Toyota: Tin Whiskers May Be An Issue

The headline for the NHTSA/NASA report on the Toyota unintended acceleration, as widely reported, was that Toyota's electronics were not at fault, because the overwhelming evidence was that people were either pressing the wrong pedal, or the pedal was entrapped/stuck.

NASA evaluated Toyota's diagnostic strategy, and as I blogged about before, found that the only way to have an undetected failure with a runaway throttle would be a very specific mutli-point failure, virtually impossible in the real world. This was professor Gilbert's trick, which I covered here.

However, buried in the NASA report (here) was one interesting find. One customer returned pedal, while it did not cause unintended acceleration, did result in "jerky" throttle response and sometimes did not set a fault. It turned out that a "tin whisker" had grown between the pins of the two pedal position sensors.

Vehicle testing using a defective potentiometer accelerator pedal assembly from a VOQ vehicle with a resistive short, within a narrow range of values between the sensors outputs, identified a vulnerability that may compromise nominal limp home mode fail-safe operation on subsequent ignition key cycles and affect the malfunction indicator lamp (MIL) display and/or DTC generation under certain specific conditions. Destructive physical analysis of this pedal assembly found tin whiskers, one of which had formed the resistive partial short circuit between the pedal signal outputs. A second tin whisker of similar length was also found in this pedal assembly that had not caused an electrical short. If a resistive short between the potentiometer accelerator pedal signal outputs exists, the system may be vulnerable to a specific second fault condition that could theoretically lead to UA.However, if resistive faults were occurring during normal use, DTCs would be expected from at least the first ignition key cycle and the following cycles that did not meet the specific criteria. Subsequent review of the warranty data does not support an observable failure signature of pedal-induced DTCs. Electrical measurements on six VOQ vehicles found no indication of the resistive paths necessary for this failure scenario.

This condition must be very rare, and is not an explanation for the many UA cases that NHTSA investigated. However, I think a smarter design would not have the two position sensor pins located next to one another. If a tin whisker had grown between the sensor pin and ground, for example, a fault would have likely been triggered.


Tidak ada komentar:

Posting Komentar