cross-posted from: https://lemmy.world/post/1030687
EDIT: This PDF contains very detailed electrical information for the EEs who wanna go through the complaint: https://www.autoevolution.com/pdf/news_attachements/breaking-nhtsa-petition-shows-tesla-s-sudden-unintended-acceleration-is-real-and-curable-217525.pdf
Last year at /r/RealTesla, a Chinese video of a car rocketing at full speed for 1+ minutes before crashing / killing a pedestrian made the rounds. We all recognized it as one of the weirder cases of “Sudden Unintended Acceleration”, and I think that particular video really changed some minds.
While a lot of SUA events are from driver-error, it began a search into why Teslas seemed to be getting more SUA above-and-beyond the industry normal. This investigation (now filed under NHTSA) suggests that the ADC could be miscalibrated during a load-dump (or other electrical surge-like) scenario.
If the ADC associated with the accelerator pedal is off, then the Tesla will have the pedal at the wrong level of acceleration until the next calibration event, which is not going to happen until over a minute later.
This is extremely similar to that Chinese runaway Tesla, and perfectly seems to explain it. I’m glad that someone seems to have gotten to the bottom of this.
I do think an electrical solution (ex: Pi-filters and T-filters over the microcontroller… not the whole 12V supply. Just enough to keep the ADCs working and non-glitchy) is the goal. Even if the rest of the circuit browns-out, a Pi-filter’d Capacitor next to the microcontroller / CANbus should remain steady.
Honestly, with this much of a voltage swing on the damn sensor network being detected, I don’t think its possible to prevent all glitches. Microcontrollers all use less than 1W of power, it shouldn’t be too hard to build a capacitor/inductor network + Voltage Regulator that keeps that voltage steady and isolated from the rest of the car.
That being said: there’s enough capacitance around those chips that they’re clearly still able to send CANbus messages for the (false) pedal state back to the central computer. Maybe they do have good filtering on the uCs, but they forgot to filter the analog components or something? I dunno, its all so very strange.
Maybe a pure software solution does exist, not to fix the fundamental issue of course, but to at least solve the SUA event. The 1.65V calibration event clearly is able to (wrongfully…), detect this brownout condition. At least based off of the description of the .pdf. So yeah, maybe software can solve it.
Yeah, I’m much more focused on actually solving the SUA issue, especially since the resale value on this car is fucked lol it’s not going anywhere anytime soon.
It definitely is all so very strange.