[umvi]

> I don’t know the same about my car, which is why I’ll take it over a Max any day

"ignorance is bliss"

If you knew how much software went into a car vs. an airplane, you might think twice. Airplanes seem more complicated than cars, but software-wise they are much simpler. Cars have millions upon millions more SLOC than airplanes. You think MCAS is bad, how about cars that have sudden loss of steering, emergency brakes that mysteriously engage, or a throttle that can't be disengaged?

Serious design flaws in airplanes are these big dramatic events. Serious design flaws in cars pop up in the news every day, and we just ignore them [1][2].

[1] https://www.consumerreports.org/car-recalls-defects/mazda3-r...

[2] https://www.consumerreports.org/car-recalls-defects/more-car...

[magduf]

Software flaws in cars usually aren't fatal. If your car has a failure, you just pull over on the side of the road. You can't do that in an airplane.

>how about cars that have sudden loss of steering

Citation needed. I've never heard of a car having this problem, and it's generally impossible because there's a mechanical link between the steering wheel and the front wheels.

>or a throttle that can't be disengaged?

Citation needed. I've never heard of this happening where it's been proven to be real and not a publicity stunt. All the problems with "unintended acceleration", including on Toyotas a while back, have been shown to either be people using aftermarket carpet mats, or even people faking it. What's more, turning off the car in an emergency is not hard, even in push-button-start cars. Now of course, we can blame some wrecks from faulty systems on poor driver training, drivers who just aren't very good, drivers who can't handle an emergency, etc. This simply does not apply in an airplane: pilots go through a LOT of training to get that job, so if they crash anyway, that points to an unforgivable mistake in engineering or manufacturing.

[umvi]

> Citation needed. I've never heard of a car having this problem, and it's generally impossible because there's a mechanical link between the steering wheel and the front wheels.

https://www.usnews.com/news/national-news/articles/2018-09-1...

https://www.ncconsumer.org/news-articles/ford-issues-recall-...

[magduf]

That's not a loss of steering, that's a loss of power assist. You can still steer a vehicle just fine without power assist; you only need the assist at very low speeds.

[zaarn]

I've driven a car with intermittent failure of power steering, it's not impossible and at higher speed, the wheel provide stablization on their own already.

[tigershark]

That is a loss of power steering, it’s not a loss of steering. You can still steer the car although it requires more strength at low speeds.

[asynchronous13]

To be fair, "sudden loss of steering" is different than "sudden loss of power-assisted steering".

[tialaramex]

And it's actually comparable to the _intended_ failure mode of a 737 Max. If the system fails you can't let the computer control the trim, so there are manual trim wheels provided and you switch off electronic trim. Like the steering wheel of a large modern car, these wheels are mechanically connected to the thing you want to change but if you're feeble like me you'll struggle to even move them which is why the computer was in the loop.

As I understand it large trucks existed prior to power-assist, they just hired big strong chaps who could wrestle the steering.

We probably don't want (and Boeing doesn't want) to make 737 Max certification have a "Physical strength check" where you need to exert so-and-so much turning force for so-and-so many seconds or you can't fly their plane. So probably trim wheels need a re-think, whether that happens as part of the 737 Max work, its immediate aftermath or not for years because this incident scares manufacturers away from changing anything about trim.

Seismic shifts in safety considerations do happen, we haven't seen the last of them. And they aren't always ultimately for the better. Titanic had a few effects, many of them really good, but one notable one is that it pushed the narrative that you need to provide and test a LOT of lifeboats on an ocean liner. Titanic, as you can probably all recite, did not have enough lifeboats. But in practice lifeboats are very much a last resort for an ocean liner captain. You've got a whole lot of civilians who are incompetent at sea at the best of times, probably panicking and now you're trying to successfully get them into smaller boats under supervision of a relatively smaller number of crew. Some of them are likely to be injured or even die. A ship's master would prefer _anything_ over putting passengers into lifeboats, except them all drowning. Almost always the sensible course of action, taken by the ship's master, will be to take the still working ship to any port and unload the passengers. Yes even if the ship is somewhat on fire, or has grave engine problems, almost anything except actually sinking right now.

Meanwhile just owning the lifeboats means your crew have to keep testing them and servicing them, each time also has a chance of injury or death as crew fall into the water, boats fall on the crew, and so on. So owning a suite of lifeboats for your ocean liner (which you weren't planning to crash into an iceberg at any time) is probably a net negative in terms of injuries and deaths.

[magduf]

>We probably don't want (and Boeing doesn't want) to make 737 Max certification have a "Physical strength check"

Actually, I think they absolutely should. And then it should be made illegal to have a plane that has any such requirements, so these planes should be deemed unairworthy, and Boeing should be forced to scrap them. Either that, or female pilots should be able to claim discrimination, and every female or otherwise not-strong-enough pilot should get a free lifelong chief pilot salary as part of the settlement.

Basically, this plane should never have been built. It's a 1960s design, and because of crappy regulations that allowed this, Boeing kept making this 1960s tech because it was "grandfathered". Newly-built planes should not be allowed just because they were OK 50 years ago, when they aren't good enough according to modern standards.

[rightbyte]

How about bogger trim wheels, or servo motors for those?

[tialaramex]

I'm guessing you meant "bigger"? Otherwise I don't know what a bogger trim is. The wheels already have servo motors, but understandably the cut-out cuts those out also.

[Johnny555]

Software flaws in cars usually aren't fatal. If your car has a failure, you just pull over on the side of the road. You can't do that in an airplane.

Many modern cars have computer control of brakes, accelerator and even steering, so a software flaw could stop you in the opposing lane just as you start to pass a car, or accelerate and steer you into a bridge pillar (and since that car was already steering the car before that, the driver may not be able to react in time)

[ngcc_hk]

My old Auto car did that quite a few times and another just stop in the middle of a highway. Car broke down especially old and cheap car.

[bumby]

mechanical link between the steering wheel and the front wheels.

Steer by wire is becoming much more common. It’s already in luxury cars and, like most features, will probably eventually trickle into economy car designs

[quicklyfrozen]

It's not common at all. The Q50 had it for a while then reverted, and still had a manual link for backup. Beyond that, just some prototypes.

[bumby]

You’re right. I was conflating electrically powered steering with steer by wire. In either case, EPS relies on software to determine the amount of force/torque rather than hydraulic/mechanical means.

I did see one source indicating a roughly 25% increase in steer by wire by 2026, but it’s behind a paywall so I’m not sure how good that source is. According to a Tesla forum, there’s still a mandate for mechanical linkage

[magduf]

EPS has been used in economy cars for years now; most cars on the market now probably have it. The few laggards that don't have EHPS (electro-hydraulic PS), where software runs a pump that pressurizes the hydraulic system.

EPS has been on production cars now since the 1990s, and I've never heard of any software problems with those at all. In fact, it's probably been more reliable than hydraulic systems since it doesn't have so many moving parts, just an electric motor, and no hydraulic fluid to leak or get contaminated (due to not being replaced on time, a common thing for people to skip on maintenance).

Steer-by-wire is a no-go for now, because it's illegal to not have a mechanical linkage. That might eventually change when we get driverless cars, but there's no sign that those are coming nearly as quickly as many people used to think; there's just too many problems with them.

[bumby]

There’s been some issues related to recalls on EPS. An excerpt below is from a 2015 GM truck recall:

“Recalled products do not contain the updated software that mitigates the effect of the condition. When the system voltage drops below 8.8 volts for more than 1 second — e.g., during low-speed turns — EPS assist is disabled”

Honda has had similar recalls.

I don’t know if that can be used to claim software caused the initial hazard but does indicate software is used to mitigate safety issues with the implication that software failures can lead directly to hazards

[HarryHirsch]

The Takata airbag issue wasn't ignored at all, it was a very serious safety issue. For defects of that magnitude there's the Department of Transportation, and there will be recalls to pull the faulty part out of circulation.

[CydeWeys]

Software flaws in cars are not nearly so catastrophic.

[umvi]

Catastrophic as in 300 people will not die due to the flaw, yes.

But one-off car fatalities that kill 1-3 people happen regularly and they add up. The self-driving variety pop up with the highest visibility but if you go searching you'll find tons of accidents where brake failure at highway speeds cause a fatal crash.

I do concede that distracted driving and alcohol play a much bigger role in the large amount of car fatalities than software flaws. But I still stand by my original assertion that you are more likely to die due to the effects of a software flaw in your car than due to a software flaw in the 737 Max.

[CydeWeys]

How do software flaws in cars kill you exactly? The main example you bring up is brake failure at high speed, but that's not a software issue, that's a mechanical issue (and is oftentimes caused by neglecting maintenance on the part of the car owner).

Yes, there's the self-driving stuff, and there have been some egregious examples, but those systems also save lives by preventing accidents. Lane departure warnings, automatic braking, and electronic stability control all, on the balance of things, make driving much safer.

[kube-system]

> How do software flaws in cars kill you exactly?

Braking systems have been partially modulated by software for decades, i.e. ABS, TCS, ESC.

Additionally, other software controlled systems can induce mechanical issues. For example, in the case of the Toyota unintended acceleration debacle, an engine at WOT typically does not produce vacuum. However, power-assisted brakes almost universally are vacuum-powered. So, if the software-controlled throttle gets stuck wide open, you lose power-assist to the brakes.

https://users.ece.cmu.edu/~koopman/pubs/koopman14_toyota_ua_...

[zaarn]

Power assist not working in the breaks doesn't really equate to loosing the breaks entirely. You can still use them to slow down unless the break wire or hydraulics are literally cut.

[kube-system]

And successful control of the vehicle depends on the vehicle's specific characteristics and the physical ability and awareness of the driver. The point being: it has killed people.

[bumby]

Software is increasingly controlling safety critical systems in cars so I would expect software failures to take up an increasingly large number of fatal vehicle faults going forward. On safety systems that have been using software for decades, one can find examples of such potential failures [1]

[1]https://www.cnn.com/2010/WORLD/asiapcf/02/04/japan.prius.com...

[ulfw]

Only a heavy-software run car might (e.g. a Tesla autopilot or the Uber fatality). But I agree with you. I fail to see how software bug in a car would lead to a comparable outcome.

[bumby]

I don’t think most people realize how software dependent their “dumb” car is. From antilock braking to throttle response to steering response in some cases is largely controlled by software. It goes way beyond the infotainment systems we intuitively think of as software

[kube-system]

Electronically controlled throttles have been on the road for over 30 years now, and became extremely common in the mid 2000s.

[umvi]

I agree that cars are more safe now than ever before and that mechanical failure is more deadly than software failure.

The whole point of my comment was to put to bed the irrational fear of flying. You are still more safe travelling long distances in a faulty flight system such as the MAX than you are by car. There are just too variables to account for in cars, one of which includes increased software complexity.

[CydeWeys]

The 737 MAX crashed twice and killed 346 people. It's not an "irrational fear" to refuse to ever fly in one again.

Secondly, what are the exact figures you're using to show that the 737 MAX is safer than cars? And now compare it to other planes, the more realistic comparison? I'm not taking planes to places that are within driving distance. The 737 MAX was waaaay less safe than other planes.

[bumby]

I think we have to stop segmenting our thoughts into “software” and “hardware” and instead look at issues like the 737 Max as an integrated system failure. “Software” failures can easily manifest themselves into hardware failures; thinking of them as separate systems can lead to a complacency mindset of “its just software so we don’t have to be as rigorous in our design”

[Gibbon1]

> integrated system failure

I agree with you, that's exactly what it was. All of the components worked as designed. But it's pissing against the wind on HN to say that.