Complex Systems
COMPLEX SYSTEMS
IGNITION
TDC
ARE WE PREPARED FOR AUTONOMOUS VEHICLES?
KEVIN CAMERON
I’d very much like to think we can just go ahead adding system after system to our new motorcycles and have those systems function as planned throughout those vehicles’ lifetimes. Back when electronic fuel injection was hitting auto showrooms, naysayers were sure that thousands of motorists would be stranded when such black-box systems stopped working. In general, that did not happen. EFI has not only proven reliable, but it has also reduced vehicle emissions while retaining excellent drivability.
Now we are told to prepare for the coming of autonomous vehicles: cars and trucks that drive themselves via computer and suites of actuators and sensors. Let’s ignore for the moment that such autonomous vehicles might mean the end of the road for highway use of motorcycles. Let’s instead consider a few small cracks in the smooth perfection of the onrushing future.
First is the fact that large programs have been funded, designed, and carried out despite containing unanticipated problems that could not be fixed without starting over at crushing expense.
One of those is Concorde, the supersonic transport airplane that flew the Atlantic for a number of years but was withdrawn after a crash and loss of 113 lives. A tire explosion during takeoff hurled fragments through a fuel tank and caused the accident. This airplane had a long documented history of its tires throwing fragments that penetrated its wings, but in this case, a piece of debris on the runway was blamed for the tire failure. It was not possible to prevent future accidents of a similar character without adding some form of wing armor whose weight would have reduced the plane’s modest payload.
Second is the much-lamented space shuttle, whose design placed fracture-prone carbon-carbon wing and fuselage parts in the path of insulation accidentally and chronically shed from the craft’s large central propellant tanks. This led to the 2003 loss of Columbia during reentry. Despite many efforts, it proved impossible to guarantee that pieces of insulation large enough to fatally damage the orbiter would not be shed again and again, and the program was terminated. Simpler concepts, such as the vertically stacked stages of the previous Apollo program Saturn V, placed the manned element at the top where it could not be hit by materials shed from stages below it.
The point here is that we humans confidently plan systems so complex that we cannot predict all their failure modes. Computer analysis may not offer a solution either because complex computer code is itself an example of such a system.
I just read an account of the loss of a B-2 bomber during takeoff in February of 2008. Depending upon what source you read, each of these planes (21 have been built) costs up to $1.4 billion, so you’d expect it to contain the most upto-date self-diagnostic systems to assure reliable operation. When the aircraft in question began its takeoff run on Guam, four of the sensors required for control somehow contained enough water vapor to interfere with their function and did not report their defective state to the onboard diagnostic system. As a result, the airplane rotated at too low a speed for safe climb, and then sensors reported it was nosing over. This was evidently a false report, for upon the system’s effort to correct, the airplane pitched up, stalled, fell off to the left, and crashed onto the runway and was destroyed. Fortunately the pilots were able to punch out safely.
In The New Yorker earlier this year, Raffi Khatchadourian reported on the multi-nation effort to develop nuclear fusion power technology at ITER, the International Thermonuclear Experimental Reactor located in the south of France. This program is too expensive for any one nation to undertake but might one day lead the way to unlimited power. The device uses magnetic confinement to compress a mass of hydrogen to such density that nuclear fusion—the mechanism that powers the sun—begins to occur. This project certainly has problems with complexity but with the added problem that ITER subsystems must be engineered in various nations, each of which has its own manufacturing standards, technical education, and ideas of best management.
BY THE NUMBERS
70
PERCENTAGE OF US CONTENT IN THE BOEING 787
10,000 DRILL HOLES IN 787 FUSELAGE (747 HAD MORE THAN 1 MILLION)
50 PERCENT OF 787, BY WEIGHT, IS CARBON FIBER
As I read this fascinating piece, I wondered when the author would refer to ITER as a “modern Tower of Babel,” but he never did. Is it possible for this kind of cooperation to routinely succeed? Or might we reach a zone in which further complexity only generates more uncertainty?
Another example has been the ongoing story of Boeing’s 787. Modern airliners are not manufactured as they once were: in a single gigantic building complex, directed by a coherent engineering team. Instead, each nation whose airlines plan to operate the new craft seeks to soften the balance-of-payments impact of these purchases by taking on the manufacture of some of the airplane’s structure or subsystems. This means that flap-track mechanisms made in Nation A must click, Lego-like, onto wing boxes made in Nation B and smoothly control flap elements made in Nation C. You can imagine the possibilities, and a good many of them have conspired to delay the 787. We can hope that successful methods of cooperation will emerge, but I also remember “Mr. Superbike,” Rob Muzzy, saying, “Do everything you can in your own shop. It’s the only way to have control.”
Am I making too much of all this? Last year in MotoGP, Honda teammates Marc Marquez and Dani Pedrosa collided, damaging a traction-control sensor on Pedrosa’s bike, causing him to crash. Should the sensor have been armored? Should the sensor be located only after an analysis of all possible vehicle collisions? Should there be three sensors, as in aircraft, reporting by logic voting and switching out any one dissenting sensor?
We hope common sense can solve these problems. Can it also coordinate the movements of 250 million autonomous cars and trucks on US highways so well that traffic fatalities disappear? As they say in industry: “Price, delivery, quality. Pick two.”
THE POINT HERE 15 THAT WE HUMANS CONFIDENTLY PLAN SYSTEMS 50 COMPLEX THAT WE CANNOT PREDICT ALL THEIR FAILURE MODES.
