View unanswered posts | View active topics It is currently Wed Nov 14, 2018 2:04 am



Reply to topic  [ 8 posts ] 
How not to design an ECU 
Author Message
LQFP112 - Up with the play

Joined: Thu Apr 10, 2008 5:51 pm
Posts: 205
https://www.dropbox.com/s/wnzqidngrtj8y ... DACTED.pdf

The Bookout vs Toyota unintended acceleration case, transcript of testimony from Michael Barr. This is a very important read in my opinion. It shows how inept even a company like Toyota is at producing quality firmware for an ECU.

If the link goes down I have a copy of the PDF.

He found:
Spaghetti code
4000+ C files
11,000+ global variables
No mirroring of critical variables
No EEC ram even though they claimed to have it
No error detection whatsoever in operating system
Cruise control, brake override, and DTC diagnostics in same task
Buffer Overflows
Stack overflows
Invalid pointer dereferencing
Nested schedule unlocking
Unsafe Casting
Race conditions

And more...

"And they're all linked together with these global variables. Some of which are 25, 30 characters long and some don't have vowels and some -- two of them are identical, except one has a P and one has a D, or a P and 2 a B."

_________________
Keith MacDonald
Control Engineering (Systems) Technologist


Wed Oct 30, 2013 5:41 am
Profile
Moderator
User avatar

Joined: Tue Jan 15, 2008 2:31 pm
Posts: 15194
Location: Home sweet home!
Oh man! I thought this thread was going to be much shorter! Something like "Don't do what FreeEMS has done!" ;-)

Just finished page 36, no meat yet. Saved the file and will read it on the weekend when I know I will have a lot of time and little else to do but read.

Thanks for this. I'll comment on the specifics later, but I'm sure I've violated quite a few items from your list so far. It's more that I've not unviolated them yet in other cases :-)

Fred.

_________________
DIYEFI.org - where Open Source means Open Source, and Free means Freedom
FreeEMS.org - the open source engine management system
FreeEMS dev diary and its comments thread and my turbo truck!
n00bs, do NOT PM or email tech questions! Use the forum!
The ever growing list of FreeEMS success stories!


Wed Oct 30, 2013 10:21 am
Profile WWW
LQFP112 - Up with the play

Joined: Thu Apr 10, 2008 5:51 pm
Posts: 205
Fred wrote:
Thanks for this. I'll comment on the specifics later, but I'm sure I've violated quite a few items from your list so far. It's more that I've not unviolated them yet in other cases :-)


It can be be forgiven, since you aren't claiming to meet any standards but your own. :P Toyota, on the other hand...

_________________
Keith MacDonald
Control Engineering (Systems) Technologist


Wed Oct 30, 2013 12:07 pm
Profile
Moderator
User avatar

Joined: Tue Jan 15, 2008 2:31 pm
Posts: 15194
Location: Home sweet home!
That's untrue. I don't claim to meet my own standards! :-p

_________________
DIYEFI.org - where Open Source means Open Source, and Free means Freedom
FreeEMS.org - the open source engine management system
FreeEMS dev diary and its comments thread and my turbo truck!
n00bs, do NOT PM or email tech questions! Use the forum!
The ever growing list of FreeEMS success stories!


Wed Oct 30, 2013 12:39 pm
Profile WWW
LQFP112 - Up with the play
User avatar

Joined: Thu Jun 02, 2011 8:17 pm
Posts: 112
Link is down already, that was fast.

I'm guessing this was a leaked document?

_________________
<@TekniQue> but in the end, it's code that makes a computer useful


Thu Oct 31, 2013 10:24 pm
Profile
LQFP144 - On Top Of The Game
User avatar

Joined: Tue Mar 02, 2010 2:33 pm
Posts: 1201
Location: Australia
yep, link is broken.

can we get this rehosted/relinked please?


Thu Oct 31, 2013 11:32 pm
Profile
LQFP112 - Up with the play
User avatar

Joined: Sat Sep 29, 2012 9:16 pm
Posts: 148
Location: Rotterdam, the Netherlands
Google the document name, I found it mirrored somewhere yesterday.
If all else fails, I have a copy on my hard drive.

_________________
FABRICA MI DIEM, PVNC!


Fri Nov 01, 2013 9:49 am
Profile
LQFP112 - Up with the play

Joined: Thu Apr 10, 2008 5:51 pm
Posts: 205
Nope, not a leaked document, it's public record. Although I'd like to see a non-redacted version :)

Attachment:
Bookout_v_Toyota_Barr_REDACTED.pdf [834.06 KiB]
Downloaded 337 times

_________________
Keith MacDonald
Control Engineering (Systems) Technologist


Fri Nov 01, 2013 11:47 am
Profile
Display posts from previous:  Sort by  
Reply to topic   [ 8 posts ] 

Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group
Designed by ST Software for PTF. ColorizeIt.