65,000+ Land Rovers Recalled Due To Software Bug 97
An anonymous reader writes with word that owners of Range Rover and Range Rover Sport SUVs (model year 2013 and newer) will need to get their cars' software updated, which means a visit to a dealer. The update will fix a bug in the cars' locking system, which occasionally resulted in car doors randomly unlocking and opening themselves (in one instance, when the car was moving). This is not the first time that a car manufacturer asked customers to contact dealers for a security update. In July, Ford has recalled over 430,000 cars in North America because of a bug that prevented the engine from shutting down even after the ignition key was put into the "off" position and removed.
Mobile data (Score:1)
I wonder how many issues like this have been silently fixed on models that have mobile data service for OTA updates.
Re: (Score:1)
Bad idea. It is better that the customer has a problem with your product that you solve when they ask about it than if the product works flawlessly.
That way you can establish a contact with your customer where you have gone through a rocky time together that ended up well because you fixed the problem.
It seems counterintuitive at first, everyone wants products that works out of the box.
What you don't get when everything works perfectly is a social connection with the customer where they feel that you care a
Re: (Score:2)
That explains why Windows is so popular!
Re: (Score:1)
I know I always feel better when I fly to Seattle and get Bill Gates to help solve driver incompatibility problems.
Bad idea roaming fees can cost more then the cars (Score:1)
Bad idea roaming fees can cost more then the cars cost.
as 1GB of updates when roaming can cost $15,360 - $20,480.
Re: (Score:2)
So you program the software to not pull the update if the car is roaming (or use data at all, for that matter).
Of all the reasons OTA may be a bad idea, I think this is one of the least concerning ones (as in, not at all).
Re: (Score:1)
Bad idea for who? The car manufacturer gets a cut of your data bill for your car.
I can guess the bug... (Score:5, Funny)
Only makes sense that car called the Range Rover would have either an off-by-one or Out of Array Bounds error.
Re: (Score:3)
65535 to be precised (Score:3)
Re: (Score:3)
Is this the new incarnation of... (Score:4, Insightful)
Is this the new incarnation of Lucas electrical systems?
http://www3.telus.net/bc_trium... [telus.net]
Emdedded = Low Salary (Score:1, Insightful)
Well, given that companies in the UK seem to think they can get a degree qualified senior embedded software engineer for GBP 35-40k, I'm not surprised they have a bunch of incompetents working on this stuff. If you are a good embedded dev you can easily move into mobile or enterprise but engineering companies seem oblivious to this connection.
Re: (Score:3, Insightful)
I am not sure how many software engineers are employed by Range Rover, but I expect that the subsystem providing the central locking features will have been outsourced just like all the major components to companies like Bosch, Visteon, Wipro, Yazaki etc.
In order to reduce costs the software engineers will have been outsourced to Eastern Europe and India, and although just like everywhere else the software teams will be a mixture of the competent/incompetent, it will likely be the management who will have
Engineering standards? (Score:2)
Does the software in cars fall under any particular standard for quality? Like actual engineering standards?
Or do we really have auto makers doing little better than people making apps for phones?
It just seems like if it controls any part of a car it should really be required to be subjected to much more rigorous verification.
Re:Engineering standards? (Score:4, Insightful)
Does the software in cars fall under any particular standard for quality? Like actual engineering standards?
No.
Or do we really have auto makers doing little better than people making apps for phones?
Well, it's quite a bit better than that, which is still terrible.
It just seems like if it controls any part of a car it should really be required to be subjected to much more rigorous verification.
They're nowhere near that. The complexity has gone way up, but the quality hasn't...
Re: (Score:1)
Re: (Score:2)
There are some quality/safety standards for UK automotive software
Those are just voluntary guidelines that everyone is free to ignore.
Re: (Score:2)
There are some quality/safety standards for UK automotive software
Those are just voluntary guidelines that everyone is free to ignore.
Oh, please. Do I have to quote you the formula for determining whether to make something safer? It involves cost of new parts, frequency of accidents, cost of lawsuits, and possibly soap made from human fat.
Re: (Score:3)
Just don't look too closely at the compliance audits and root cause analysis of previous faults while you're googling that one, or you may have a disappointed scowl all week. The trouble with standards like this is that unless there is some compulsion to actually follow them effectively, they are just squiggles on a piece of paper or someone's computer screen.
This is the industry where those stories about comparing the cost of the lawsuit when people die against the cost of the recall originated, remember.
Re: (Score:2)
QC didn't go up or down. It stayed the same but the complexity of the controllers has gone up. Contrary to circuit boards, software is far more flexible and allows for higher levels of complexity which results in higher probability of failure.
It scares me to think that auto makers are moving ABS, Cruise Control and other critical features to 100% software driven systems. With the coming of self driving cars there's no doubt QC will improve but until then we will see stuff like this.
Re: (Score:3)
It just seems like if it controls any part of a car it should really be required to be subjected to much more rigorous verification.
They're nowhere near that. The complexity has gone way up, but the quality hasn't...
QC didn't go up or down. It stayed the same but the complexity of the controllers has gone up.
Is there an echo in here?
Contrary to circuit boards, software is far more flexible and allows for higher levels of complexity which results in higher probability of failure.
Both have become massively more complex. My 1989 240SX had a 3MHz, 16-bit ECU. Modern PCMs are typically 32-bit and measured at minimum in double-digit MHz... for really boring, small engines. My 240SX's Hitachi ECU had probably half as much I/O as my Audi's PCM, which has probably half as much I/O as a really modern car. Maybe two-thirds.
It scares me to think that auto makers are moving ABS, Cruise Control and other critical features to 100% software driven systems.
Cruise control is not a critical feature. You hit the brakes and it shuts off. ABS is a critical feature. If the ABS goes full idiot, then you can
Re: (Score:2)
Is there an echo in here?
Was just adding weight to your argument.
Both have become massively more complex
Yes but until more recently only the combustion system was making use of complex software. The transmission in some cases. Now you have brakes, steering and throttle controlled by software with far more complex algorithms then could ever be included in non programmable circuit boards
Cruise control is not a critical feature. You hit the brakes and it shuts off
That was true of the non software driven cruise controls. If the software isn't taking action when the brake switch it depressed then you'll just keep driving away.
I would also like to point out that electric parking brakes are a horrible idea in every way
I agree. There's the arg
Re: (Score:2)
Re: (Score:2)
It is understandable that a software glitch might unlock the door. But opening a door should be a more controlled thing that is designed to be secure. For instance there should be a distinction between a request to open the door by someone putting the door handle and a request from software. The request from software should have fairly low priority
Looks great on the outside... (Score:1)
And with a high price tag commands a lot of 'prestige'. Ever sit inside one? They are very, very mediocre internally. Also extremely unreliable cars historically.
I still don't understand why people buy them, but I chalk it up to an issue of more money than sense. Or they might be rappers...
Re: (Score:3)
Re: (Score:1)
Maybe I could have (Score:2)
Re: (Score:3, Informative)
Re: Maybe I could have (Score:2)
Bad design (Score:4, Insightful)
Not taking the hint (Score:2)
Doors opening and engine not halting when ignition switched off
Gees, does Range Rover have to include Drivers Seat Extreme Side Tilt as an option in next year's model for people to get the hint? The car has places to go, get out of the damn car and let it have a little space of its own!
If monkeys are people then why can't cars be too? All these people and their bias against steel-based life forms.
Re: (Score:3)
Happened to me a few years ago. Some technicians were installing our telematics unit into a Mercedes Econic and wired something wrong, so engine wouldn't halt when ignition switched off. Pulling fuses wouldn't help either so they actually had to wait for several hours until the fuel tank was empty.
Re: (Score:2)
Pulling off the battery and alternator wouldn't work? Most engines will shut down when power is removed, you could even short the battery leads for a second to blow the alternator fuse.
Re: (Score:2)
Yep. The battery filters the output from the alternator and is required for proper operation
Re: (Score:2)
Probably was difficult to reach in a truck built for compactness.
Re: (Score:3)
What makes you think physical is any better? My daughter called me one night saying she could not shut her car off, ignition key would not turn. Purely physical, no software involved. Turns out she had the GM iginition switch problem. The major difference between physical and software was that she was without her car for 10 weeks while they waited for parts, vs a quick trip for a software update.
Re: (Score:2)
This is more likely just a demonstration of GM's well known incompetence.
Re: (Score:2)
It's a car. There will always be the physical component as a point of failure. Adding an electronic component on top of that adds another point of failure. In some cases the function is too important to add unnecessary points of failure.
I would try to think of a car analogy, but ...
I am seriously considering... (Score:2)
...never buying a new car again. Only cars old enough not to have this crap.
Re: (Score:2)
Me too, for both reliability and security/privacy reasons. Car security hasn't really advanced all that much since the invention of immobilisers (which effectively ended car theft as a serious risk) and alarms (which significantly reduce the risk of theft of what's inside the car). Arguably trackers help with back-of-lorry issues, but you're already into creepy remote-monitoring territory there. And the new ideas where software will track every little thing almost like a black box... except that instead of
Analog for the win. Again. (Score:3, Insightful)
I guess it's too difficult to leave the physical connections in place. They had to be replaced by shiny, just because.
There's a reason light switches work every single time. Physical connections are superior to digital connections.
Re: (Score:1)
Re: (Score:2)
Light switches certainly do not 'work every single time'. They are mechanical devices, and as such are subject to failure. And the failures can be quite spectacular, such as burning down the house. Many places now require 'anti-arcing' circuit breakers to prevent the fires caused by arcing switches.
Re: (Score:2)
The OP is referring to an Arc Fault Circuit Interrupter (AFCI), which are now widely mandated in residential buildings by electrical codes in the US. The breaker has an embedded signal processing circuit which analyzes the power waveform and cuts power when patterns that look like excessive arcing caused by a faulty device, damaged cable or frayed cord are observed.
Re: (Score:2)
Re: (Score:2)
because of a bug that prevented the engine from shutting down even after the ignition key was put into the "off" position and removed.
I guess it's too difficult to leave the physical connections in place. They had to be replaced by shiny, just because.
Its a Land Rover, people buy them because they need the shiny to justify their inflated ego's. They aren't cars for people who want reliable, trouble free or sensible motoring.
Re: (Score:1)
That's range rover, the original Chelsea tractor and prototypical suburban assault vehicle.
You can't expect much from a car whose average MSRP is only $112k. http://www.edmunds.com/land-ro... [edmunds.com]
Ford issue. (Score:3)
Re: (Score:1)
The Ford bulletin listed in TFS says: "This is a compliance issue with FMVSS 114 regarding theft protection and rollaway prevention." One would think the issue would simply be shutting off the engine when turned off so, you know, it doesn't keep running. I understand that software controls allow for more features and save the vendor money on hardware, but I don't think they actually makes things simpler, better, safer or more reliable. I know that, historically, whenever I have turned the engine off in my cars, the engine has always turned the fuck off.
Ah, you are obviously too young to remember the tail end of the carburetor era, when increasingly lean mixtures made dieseling after shutoff a pleasant feature of your every automotive journey, until somebody got the bright idea of putting a solenoid valve in the gas line.
Having the car not turn off isn't that serious, though. It will absolutely run out of gas, after a finite time interval.
Re: (Score:2)
Ah, you are obviously too young to remember the tail end of the carburetor era, when increasingly lean mixtures made dieseling after shutoff a pleasant feature of your every automotive journey, until somebody got the bright idea of putting a solenoid valve in the gas line.
I'm 52 and have replaced those solenoids in my younger years...
Having the car not turn off isn't that serious, though. It will absolutely run out of gas, after a finite time interval.
People have actually died from leaving their key fobs in cars with key-less ignition systems and exiting the vehicle while it was still running. At least one person has been run over and another died from CO poisoning.
I found that info while researching the sad, impending "all cars will have key-less ignition" future I see coming. I despise cars that *require* key-less entry/ignition because fobs are stupid to have carry around in your pocke
future headline (Score:2)
Kardashians die in Range Rover when unable to unlock doors. Kanye's last words were "fish filet."
Re: (Score:2)
Perhaps we shouldn't be so hasty with a fix, then?
Re: (Score:1)
Comment removed (Score:5, Interesting)
Re: (Score:2)
Putting so much software in cars is not engineering anymore, it's a science experiment and we're the guinea pigs.
No, it's a way to justify increasing the cost of cars when they're otherwise little different from the ones we drove twenty years ago.
Re: (Score:1)
Putting so much software in cars is not engineering anymore, it's a science experiment and we're the guinea pigs.
No, it's a way to justify increasing the cost of cars when they're otherwise little different from the ones we drove twenty years ago.
The internal combustion gasoline engine as exemplified in the automobile is an unbelievable kluge. These things are at their best for something like a pump or generator, where they just crank away at their torque peak all day long. To expect them to slow down and speed up a car is expecting a hell of a lot. Getting them to idle is a minor miracle. The carburetor is the ultimate "gadget". So, the advent of computer control, first of fuel injection, then of ignition and valve timing, is a major breakthrough i
The case for open source (Score:1)
It seems like a lot of the car manufacturers are having some major software issues. This Range Rover issue certainly isn't the worst one.
For instance, see this blog post (which links to US court testimony documents) where an embedded software expert (Michael Barr) reviews Toyota's code and finds numerous flaws:
http://embeddedgurus.com/barr-... [embeddedgurus.com]
Did Toyota fix these flaws? Who knows? Toyota still denies that there's even a problem. They released an update to the Prius last year [nytimes.com] which corrected a problem with p
Yawn (Score:2)
Survey on software defects in automotive (Score:1)
The need for graceful fail-safe mode (Score:1)
Most stop lights have (or, 20 years ago, had) a graceful fail-safe mode: When the software is confused or there is a hardware fault like "incompatible green lights detected" the systems go into a failsafe mode, which is usually an all-way stop.
A reasonable fail-safe mode for a car door lock would be that it could be locked and unlocked using purely mechanical means from the inside and at least one door (typically both front doors) could be locked and unlocked using purely mechanical means from the outside.
Another agile methodology success! (Score:2)
No problem (Score:2)
Vulnerabilities in keyless ignition feature .. (Score:2)
Is it really impossible to design a keyless ignition system that can't be compromises, or is it the case that the car manufacturers are not allowed to design such
Re: (Score:2)
In France, a group of english robbers stole around thirty expensive Range Rovers.
The technique is called "mouse jacking".
http://www.europe1.fr/faits-di... [europe1.fr]
And what's worse is that the insurance won't compensate the victims, since there is no trace of burglary.
Re: (Score:1)
Re: (Score:1)
"The update apparently will not solve the well-known vulnerabilities in the keyless ignition feature, which reportedly allow thieves to easily unlock the cars with the help of a hardware device that can be bought online .. it's generally believed that the industry is still far from creating a reliable system that can't be hacked and abuse" ref [net-security.org]
Is it really impossible to design a keyless ignition system that can't be compromises, or is it the case that the car manufacturers are not allowed to design such. The doors to your house can be picked with the right system, so as to allow the locksmith back in if you lose the keys.
So, let's see; the car unlocks when it receives the coded transponder signal of sufficient power; the transponder generating that signal is somewhere in the neighborhood of the car, like inside the house the car is parked outside, but just too far to trigger the unlocking..... Yeah, foolproof security, absolutely. How could you possibly beat that system.
Nothing new (Score:2)
My '89 Ford Escort was a lemon. I was the last American car I'll ever buy. In any case, from memory I was able to remove the key with the engine running. One of the many mechanical engineering defects with this vehicle. It was a horrible product.
Uhoh (Score:1)
I'm afraid I can't do that.