Incident Details

Incident: Airbag Deployment Issue in Chevrolet Corvette ZR1's SDM Software.

Published Date: 2018-06-21

Postmortem Analysis
Timeline	1. The software failure incident with the Chevrolet Corvette ZR1's Sensing Diagnostic Module (SDM) happened during intense track driving at Road Atlanta on April 30 [72793]. Therefore, the software failure incident occurred in April 2018.
System	1. Sensing Diagnostic Module (SDM) in Chevrolet Corvette ZR1 [Article 72793]
Responsible Organization	1. Chevrolet - The software failure incident in the Chevrolet Corvette ZR1 was caused by a fault in the "Sensing Diagnostic Module" (SDM) during intense track driving, which could prevent the airbags from deploying in an accident. Chevrolet identified the issue, developed new software, applied it on the production line, and issued a recall to address the problem [Article 72793].
Impacted Organization	1. Chevrolet Corvette ZR1 owners [Article 72793]
Software Causes	1. The software cause of the failure incident was a fault in the "Sensing Diagnostic Module" (SDM) of the Chevrolet Corvette ZR1, which could prevent the airbags from deploying in an accident [72793].
Non-software Causes	1. Intense track driving conditions leading to fault in the Sensing Diagnostic Module (SDM) [Article 72793] 2. Hard braking and sustained acceleration events under certain track conditions triggering the fault mode in the SDM [Article 72793] 3. Inability to properly reset the SDM until the car's battery is disconnected [Article 72793]
Impacts	1. The software failure incident in the Chevrolet Corvette ZR1 resulted in a fault in the "Sensing Diagnostic Module" (SDM) during intense track driving, potentially preventing the airbags from deploying in an accident [72793]. 2. The fault mode of the SDM could lead to the airbags not functioning properly, posing a significant safety risk to the occupants of the vehicle [72793]. 3. As a response to the software failure incident, Chevrolet issued a recall for all Corvette ZR1 vehicles built between Dec. 8, 2017, and May 31, 2018, totaling 498 cars, to address the issue with the SDM and ensure the airbags are calibrated for more aggressive driving conditions [72793].
Preventions	1. Implementing more rigorous testing procedures during the development phase to simulate extreme track conditions that the Chevrolet Corvette ZR1 might encounter [72793]. 2. Conducting thorough post-production monitoring and analysis of the software performance in real-world scenarios to detect any potential faults or malfunctions before they pose a safety risk [72793]. 3. Regularly updating and calibrating the software to adapt to evolving driving conditions and ensure optimal functionality under all circumstances [72793].
Fixes	1. Chevrolet developed new software and applied it on the production line to address the fault in the Sensing Diagnostic Module (SDM) that was preventing the airbags from deploying in an accident [Article 72793].
References	1. Chevrolet's recall letter to the National Highway Traffic Safety Administration [Article 72793]

Software Taxonomy of Faults

Category	Option	Rationale
Recurring	one_organization	(a) The software failure incident related to the Chevrolet Corvette ZR1's SDM fault preventing airbag deployment happened within the same organization, Chevrolet. The incident was discovered during a media event hosted by Chevrolet at Road Atlanta and subsequently replicated at the automaker's Milford Proving Ground in Michigan [72793]. (b) There is no information in the provided article indicating that a similar software failure incident has happened at other organizations or with their products and services.
Phase (Design/Operation)	design	(a) The software failure incident in the Chevrolet Corvette ZR1 was related to the design phase. The article mentions that the car's "Sensing Diagnostic Module" (SDM) might suffer a fault during intense track driving, leading to a situation where the airbags might not deploy in an accident. This issue was discovered during a media event and subsequently replicated in trials at the automaker's proving ground. Chevrolet developed new software and applied it on the production line to address this design-related fault [Article 72793]. (b) The software failure incident was not related to the operation phase or misuse of the system.
Boundary (Internal/External)	within_system	(a) The software failure incident related to the Chevrolet Corvette ZR1's airbag deployment issue was within the system. The fault in the "Sensing Diagnostic Module" (SDM) was triggered by the intense track driving conditions the car was subjected to, causing the SDM to go into a fault mode and potentially preventing the airbags from deploying in an accident [Article 72793]. This indicates that the failure originated from within the system itself due to the specific operational conditions the car was designed to perform under.
Nature (Human/Non-human)	non-human_actions	(a) The software failure incident in the Chevrolet Corvette ZR1 was due to non-human actions. The fault in the "Sensing Diagnostic Module" (SDM) occurred during intense track driving conditions, specifically under extremely hard braking and sustained acceleration events under certain track conditions. This fault mode in the SDM could prevent the airbags from deploying in an accident, indicating a failure introduced without human participation [72793].
Dimension (Hardware/Software)	hardware	(a) The software failure incident in the Chevrolet Corvette ZR1 was due to a hardware issue. The article mentions that the "Sensing Diagnostic Module" (SDM) in the car might suffer a fault during intense track driving, which could prevent the airbags from deploying in an accident. This fault in the SDM is a hardware issue that originates in the car's onboard electronics [72793].
Objective (Malicious/Non-malicious)	non-malicious	(a) The software failure incident described in the article is non-malicious. The failure was due to the intense performance of the Chevrolet Corvette ZR1 during track driving, causing the "Sensing Diagnostic Module" (SDM) to suffer a fault, which could prevent the airbags from deploying in an accident. Chevrolet identified the issue during a media event and subsequent trials, leading to the development of new software and a recall to address the safety concern [72793].
Intent (Poor/Accidental Decisions)	unknown	(a) The software failure incident related to the Chevrolet Corvette ZR1 was not due to poor decisions but rather due to the intense performance of the car overwhelming its onboard electronics. The fault in the "Sensing Diagnostic Module" (SDM) was triggered during intense track driving, specifically under extremely hard braking and sustained acceleration events under certain track conditions. This was not a result of poor decisions but rather a consequence of the extreme capabilities of the vehicle exceeding the software's limits [72793]. (b) The software failure incident was also not due to accidental decisions but rather a result of the car's performance exceeding the capabilities of the onboard electronics. The fault in the SDM was discovered during a media event at Road Atlanta and subsequently replicated during trials at the automaker's Milford Proving Ground in Michigan. The issue was not caused by accidental decisions but rather by the extreme nature of the driving conditions the Corvette ZR1 was subjected to [72793].
Capability (Incompetence/Accidental)	accidental	(a) The software failure incident in the Chevrolet Corvette ZR1 was not due to development incompetence. The issue was identified during intense track driving and was specifically related to the Sensing Diagnostic Module (SDM) going into a fault mode under certain track conditions, which could prevent the airbags from deploying in an accident. Chevrolet addressed the issue by developing new software and applying it on the production line to recalibrate the module for more aggressive driving conditions [72793]. (b) The software failure incident in the Chevrolet Corvette ZR1 can be categorized as accidental. The fault in the SDM that could prevent airbag deployment was discovered during track driving events and replicated during trials at the automaker's testing grounds. It was not a result of intentional actions but rather an unintended consequence of the extreme driving conditions the car was subjected to during testing [72793].
Duration	temporary	The software failure incident related to the Chevrolet Corvette ZR1's SDM fault causing potential airbag deployment issues can be categorized as a temporary failure. The article mentions that the fault in the Sensing Diagnostic Module (SDM) occurs specifically during intense track driving conditions, such as "extremely hard braking and sustained acceleration events under certain track conditions" [Article 72793]. This indicates that the software failure is triggered by certain circumstances (intense track driving) rather than being a permanent issue affecting the system under all circumstances.
Behaviour	crash, value, other	(a) crash: The software failure incident in the Chevrolet Corvette ZR1 was related to a fault in the "Sensing Diagnostic Module" (SDM) that could prevent the airbags from deploying in an accident. The SDM could go into a fault mode during intense track driving, leading to a situation where the airbags don't function. This can be considered a crash behavior as the system fails to perform its intended function of deploying airbags in the event of an accident [72793]. (b) omission: The software failure incident in the Corvette ZR1 was not specifically described as an omission where the system completely omits to perform its intended functions at an instance(s) [72793]. (c) timing: The timing of the software failure incident was not highlighted as a specific issue where the system performed its intended functions correctly, but too late or too early [72793]. (d) value: The software failure incident in the Corvette ZR1 can be considered a value behavior as the system was performing its intended function of monitoring the vehicle's status, but it was doing so incorrectly due to the fault in the SDM, leading to the airbags potentially not deploying when needed [72793]. (e) byzantine: The software failure incident in the Corvette ZR1 was not described as exhibiting a byzantine behavior where the system behaves erroneously with inconsistent responses and interactions [72793]. (f) other: The other behavior exhibited by the software failure incident in the Corvette ZR1 could be classified as a fault in the system's monitoring and response mechanism under extreme driving conditions, leading to a critical safety issue related to airbag deployment [72793].

IoT System Layer

Layer	Option	Rationale
Perception	sensor	(a) The failure was related to the perception layer of the cyber physical system that failed due to contributing factors introduced by sensor error. The article mentions that the Chevrolet Corvette ZR1's "Sensing Diagnostic Module" (SDM) might suffer a fault during intense track driving, which could prevent the airbags from deploying in an accident. This fault in the SDM is a sensor-related issue as it is responsible for sensing and diagnosing the conditions that trigger airbag deployment [Article 72793].
Communication	unknown	<Article 72793> The software failure incident related to the Chevrolet Corvette ZR1 was not explicitly mentioned to be related to the communication layer of the cyber physical system that failed. The focus of the article was on the Sensing Diagnostic Module (SDM) fault that could prevent the airbags from deploying during intense track driving, indicating a potential issue with the software controlling the airbag deployment system. There was no specific mention of failures related to the communication layer at the link_level or connectivity_level in the provided article.</Article 72793>
Application	TRUE	The software failure incident described in Article #72793 was related to the application layer of the cyber physical system. The article mentions that the Chevrolet Corvette ZR1's "Sensing Diagnostic Module" (SDM) might suffer a fault during intense track driving, which could prevent the airbags from deploying in an accident. This fault in the SDM was addressed by developing new software and calibrating it for more aggressive driving conditions, indicating that the failure was indeed related to the application layer of the system [72793].

Other Details

Category	Option	Rationale
Consequence	harm	(a) death: People lost their lives due to the software failure (b) harm: People were physically harmed due to the software failure (c) basic: People's access to food or shelter was impacted because of the software failure (d) property: People's material goods, money, or data was impacted due to the software failure (e) delay: People had to postpone an activity due to the software failure (f) non-human: Non-human entities were impacted due to the software failure (g) no_consequence: There were no real observed consequences of the software failure (h) theoretical_consequence: There were potential consequences discussed of the software failure that did not occur (i) other: Was there consequence(s) of the software failure not described in the (a to h) options? What is the other consequence(s)? The consequence of the software failure incident in the article is related to potential harm to individuals due to the faulty airbag deployment system in the Chevrolet Corvette ZR1. The software fault could prevent the airbags from deploying in an accident, which poses a significant safety risk to the occupants of the vehicle [72793].
Domain	transportation	(a) The failed system in this incident was related to the automotive industry, specifically affecting the Chevrolet Corvette ZR1. The software failure incident involved the "Sensing Diagnostic Module" (SDM) in the car, which could prevent the airbags from deploying in an accident [Article 72793].

Sources

Chevrolet recalls almost every 2019 Corvette ZR1 for airbag problem - CNET - Published on: 2018-06-21
Article ID: 72793

Back to List