[car home Industry] First of all, let’s restore what happened. The driver said: On the morning of the incident, as usual, he tried to pull over, but found that the brake pedal was too hard to step on, so he turned left and returned to the main road. But the strange thing is that the vehicle began to accelerate crazily, and then the speed of Model Y increased rapidly, reaching a maximum of 198 km/h.
You can also see that the driver avoided electric cars and pedestrians all the way, and the airbag was ejected after hitting the tricycle, and then the car continued to drive until it hit the roadside shop. The driver’s family responded that the driver had been stepping on the brakes during this process, but the brakes were too hard to step on, and he tried to slow down by pressing the P gear, but it was useless.
Then, Tesla responded that the vehicle kept the throttle 100% at high speed, and the brake pedal was not stepped down all the time; During driving, the driver presses the P button four times and releases it quickly, at the same time, the brake light lights up and goes out quickly.
The whole thing has been recorded by video, which is clear to everyone, but Tesla and the owner’s responses are somewhat contradictory, and there are many incredible doubts in the whole incident, which have also caused extensive discussions. The truth of the incident is still under investigation. Let’s discuss the doubts of both sides’ responses from a technical point of view.
Doubt one, what is the probability of brake failure?
According to the owner, the brakes became hard and could not be stepped on, and he suspected that the brakes were out of order.
According to Tesla’s information, the brake system used by Tesla Model Y is Bosch’s ibooster brake product. This product has now come to version 2.0, and many new energy vehicles currently on sale are equipped with Bosch’s iBooster.
IBooster is a revolutionary technology compared with traditional brakes, which cancels the design of vacuum pump. When the driver steps on the brake pedal, the brake position sensor will tell the signal to the vehicle controller. After calculation, the vehicle controller will distribute the braking force. One part of the braking force is provided by the regenerative braking of the motor, and the other part is generated by the brake cylinder, which together help to brake. The following figure shows the working principle diagram of iBooster.
Let’s take a look at the working schematic diagram of the whole brake system. When people step on the brake pedal with a force of 200N (about 20 kg), this force will be amplified a little, and finally the force on the brake disc will reach 18500N N. In addition, the Vacuum Brake Booster in the above picture is now replaced by iBooster.
At this time, some people questioned that iBooster is an electronic component, and electronic components are not as stable as mechanical components, so iBooster sometimes fails. Therefore, Bosch’s iBooster has two backup measures to deal with possible failures.
Backup measure 1:
If the electronic component iBooster in the above picture fails, there will be no braking assistance, and the brakes will become hard and a little difficult to step on. At this time, ESP will realize that iBooster is broken and loses its power, so it will take over and provide braking power (active pressurization). The active pressurization of ESP will be accompanied by strong vibration and noise.
At this time, for the driver, the experience is that stepping on the brakes requires more strength, but it will not be impossible to step on it. For example, stepping on the brakes with 200N strength can provide at least 0.4g deceleration.
Backup measure 2:
If both iBooster and ESP are broken by accident (the probability of actual occurrence is very small), at this time, the whole braking system enters mechanical mode without any assistance, and how much deceleration can be achieved depends on how hard the driver steps on the brake pedal.
At this time, the appearance is that the brakes become hard and difficult to pedal, but the laws and regulations mandate that the brake pedal at this time can produce at least 0.25g deceleration under the strength of adults (including adult women) with 500N N.
Therefore, from the above analysis, it can be seen that "brake failure" itself is an imprecise statement. The brake can only lose its power, but it is almost impossible for the brake to fail, because in the end, it has mechanical braking to cover the bottom. If the brakes get hard, don’t doubt your feet at this time, and don’t hesitate to step on them.
Doubt two, do you want to carry the pot with a single pedal?
Stopping the car is only one aspect. Another big doubt of the Chaozhou accident is why the vehicle "suddenly accelerates". Whether the driver stepped on it wrongly or the program error of the car itself was out of control.
First of all, public opinion thinks that the driver stepped on the wrong foot because of Tesla’s single pedal mode. Should the single pedal carry the pot?
From a technical point of view, the single pedal is indeed a controversial thing. First of all, the name is very confusing, which makes many people think that this kind of car has only one accelerator pedal and no brakes.
The biggest change of single pedal mode to people is that it affects people’s driving habits. In the past, the car accelerated when stepping on the accelerator and slowed down when stepping on the brake, while in the single pedal mode, the car accelerated when stepping on the accelerator and slowed down when releasing the accelerator, which is similar to the sense of deceleration when stepping on the brake. After a long time, the driver will tie the accelerator and the brake together. When there is an emergency, it is easy to step on the accelerator with one foot, so the smart electric car now.
However, a trained driver, or a driver who can have a deep understanding of the single pedal mode, should always put his feet on the brakes, keep calm, and step on the brakes in time when he needs to slow down quickly.
For this question, whether the single pedal should take the blame for this matter, I think that the single pedal does bring about an increase in the proportion of misoperation of the accelerator when braking, but most of the misoperation is instantaneous, and most drivers will react after the instantaneous mistake and correct it in time. The strange thing about this incident is that the whole process lasted for about a minute and the car advanced 2.6 kilometers. Will someone really step on the accelerator by mistake for so long?
Therefore, it comes to the third doubt, what is the probability of sudden acceleration of the car?
Doubt 3: Unexpected acceleration probability of automobile?
Unexpected acceleration of automobile is a very professional statement in the automobile industry and a famous failure mode in the field of functional safety.
Unexpected acceleration: that is, the acceleration of the car is against the driver’s will. The driver did not step on the accelerator but the car kept accelerating.
The sudden acceleration of automobiles is nothing new in the industry. As early as 2000-2010, Toyota’s "unable to stop" in the United States caused 89 deaths, which is the "brake door" incident of Toyota.
In order to investigate these unstoppable Toyota cars, NHTSA and NASA launched an investigation on Toyota cars, including looking at the source code of Toyota cars. During 2011-2013, embedded software experts Michael barr and Philip Koopman started with the software, and looked at nearly 300,000 lines of code of Toyota in 18 months, and found some bugs in the software, which would lead to "unexpected acceleration" of the car and lead to out-of-control of the car.
Therefore, Toyota’s brake door also led to the development of later automotive embedded software specifications, and also led to the development of automotive electronic and electrical functional safety, and functional safety is to prevent any behavior against the driver’s will, which will affect people’s life safety, especially the sudden acceleration with great harm.
Back to this incident, Tesla’s software architecture and functional safety design has always been a mystery in the industry. No one knows what his car software architecture is like, including what operating system to use and whether it is functionally safe.
Therefore, to answer this question: the sudden acceleration of cars has almost disappeared in the new era, but what Tesla is really like needs more data to explain.
Speaking of data, it is actually the EDR data in Tesla car, which can record the running information of the vehicle before and after the incident.
Doubt 4: Can EDR restore the truth?
The state has mandatory regulations for automobile data recording system. According to the national standard GB39732:
"Passenger cars should be equipped with an event data recording system (EDR) that meets the requirements of GB 39732; If equipped with a vehicle-mounted video driving recording system that meets the requirements of GB/T 38892, it shall be deemed as meeting the requirements. This standard will be implemented for newly produced vehicles from January 1, 2022.
EDR, also known as automobile event data recording system, is a mandatory requirement for new energy vehicles in China. This EDR system records some key information of vehicles, including throttle position, brake pedal position, vehicle speed, etc., and also specifies the recording format, recording frequency and reading mode of these data.
For example, the information about the accelerator pedal and brake position that everyone cares about is stipulated in the regulations:
It can be seen that the data of brake and accelerator pedal are specific position information (percentage), which can reflect the real position of accelerator and brake in general.
Moreover, the EDR system can also be stored when there is no power, and the data is stored in the protected area, which cannot be tampered with and should not be deleted. If the third party has the ability to read the EDR data, it can read the real data.
In general, EDR can record the true accelerator pedal value (that is, the percentage of the driver’s depression, whether it is 50% or 100%). But this is not the original value. The original value should be the electric signal of throttle and brake, that is, a voltage signal of 0-5V, which will be converted to get the percentage.
For example, the brake or throttle position will be sampled by sensors to measure their real position; The original value sampled by the sensor is an electrical signal in the range of 0-5V. If the original electrical signal is wrong at the beginning, all the data after that are wrong.
At the same time, the original electrical signal becomes the percentage position information of throttle and brake after a series of conversion, which is the information that we can read by EDR. It is impossible to know whether there will be any fault in this conversion process.
So, to answer question 4, can EDR tell the truth?
It can be done 99% of the time, but it does not rule out that the system is wrong at the beginning, so the recorded values are also wrong. It is of course possible to explain a wrong phenomenon with a wrong data, but obviously, this "explanation" has deviated from the truth.
Anyway, let the bullet fly for a while. (Text/car home industry commentator Zhang Gong)
