Tough Road To Quality Code

Automakers are using software to build better cars but struggle with the challenge of developing error-free code
While automakers work their way through the tangle of proposed and existing quality standards, their engineers continue to push on with new (and from a quality-control aspect, somewhat ad hoc) software-enabled capabilities. For instance, the integrated approach to software in newer cars is adding complexity. Software in years past enhanced the performance of a specific function, such as a fuel-injection system. But in some cars, software modules now communicate over controller-area networks, increasing communication among numerous functions of a car.

Also, manufacturers are starting to build cars based on a feature known as drive-by-wire, which means using software instead of mechanical parts to command braking and steering, similar to systems found in modern commercial jets. The BMW 325i operates with throttle-by-wire, meaning there's no mechanical connection between the throttle pedal and the engine; it's electronically controlled. "In any complicated code other than a single line, there are multiple ways for software to fail," says Michael Osterman, a research scientist and director for the Computer Aided Life Cycle Engineering Electronics Products System Center at the University of Maryland. "It becomes almost impossible to test every scenario the software could create."

As BMW has experienced, software innovations can sometimes result in setbacks. BMW recalled the 745i and 745Li models with N62 engines shipped to the United States in 2002. Nearly 12,000 autos were affected by a digital engine-management software error, which could have led to a rough-running engine, misfiring, and even stalling. Recalled cars were reprogrammed at dealers' sites. Another bug last year in the 700 series BMW, which contains about 80 microprocessors, was found in a chip embedded with Windows CE. That version of Microsoft's operating system, primarily used for personal computers, assists in powering iDrive, a single device in the dashboard designed to replace more than 200 functions controlling things such as seat position, navigation, climate control, and the entertainment console. A Microsoft spokeswoman says tests never proved its software was the culprit. BMW could not be reached for comment.

Problems potentially can be introduced in the testing phase. Code for removing bugs is occasionally left in software that ends up in cars, several engineers told InformationWeek. "You never want to see [debugging] code left in the finished product because it could interfere with another device's function," says an engineer with an auto subsystem supplier, explaining this can result from a programmer who's either sloppy or working too quickly under pressure to meet development deadlines. "If the erroneous message remains in the software, it might communicate an illegal message that could corrupt or disrupt the functions at the receiving subsystem."

Software quality concerns aren't limited to four-wheel vehicles. Harley-Davidson Motor Co. in 2001 recalled 6,802 ignition modules in certain twin-cam 88 Screamin' Eagle kits sold as dealer-installed accessories. The modules were manufactured with a software flaw allowing motorcycles to shut off without warning, and the National Highway Traffic Safety Administration reported that "sudden loss of power could cause a loss of control of the motorcycle and result in a crash, possibly resulting in serious injury or death." Harley-Davidson said it immediately notified customers and replaced the faulty system, which did not result in any accidents. Quality-control efforts have since been heightened.

"When software comes in, it works three-quarters of the time correctly, and of the time it doesn't work, it's typically due to a misinterpretation or miscommunication of specifications between the manufacturer and supplier," says John Kaehler, senior project engineer at Harley-Davidson.

In the auto industry, there's considerable interest in using automatically generated code, thus limiting the amount of human intervention. This method theoretically could minimize code errors and even eliminate them altogether. Engineers would continue to write software specifications, but insiders say manufacturers could look to third-party vehicle-design firms to generate code written by computers. The drawback is that computers lack the human thought process that goes into testing the real-life effectiveness of code and feature development.

Still, it's a positive sign the auto industry is looking for creative solutions to the mounting challenge of software quality. Keeping ahead of the problem will require creating a more unified approach, which should result in fewer recalls, more satisfied customers, and a solid framework for supporting the expected increase in the amount of software in automobiles.

Editor's Choice
Samuel Greengard, Contributing Reporter
Cynthia Harvey, Freelance Journalist, InformationWeek
Carrie Pallardy, Contributing Reporter
John Edwards, Technology Journalist & Author
Astrid Gobardhan, Data Privacy Officer, VFS Global
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing