Published Date: 2019-01-17
| Postmortem Analysis | |
|---|---|
| Timeline | 1. The software failure incident involving Hyundai and Kia vehicles happened in September 2015 [Article 80974, Article 80881]. |
| System | 1. Engine control software in Hyundai and Kia vehicles [79941, 80881] 2. Catalytic converters in Kia Soul small SUVs [80974] 3. Engine oil pan in Tuscon and Sportage SUVs [80974] |
| Responsible Organization | 1. Hyundai and Kia were responsible for causing the software failure incident mentioned in the news articles [80974, 80881, 79941]. |
| Impacted Organization | 1. Hyundai and Kia [80974, 80881] 2. National Highway Traffic Safety Administration (NHTSA) [80974, 80881] |
| Software Causes | 1. The failure incident was caused by high exhaust gas temperatures damaging catalytic converters, leading to abnormal combustion and damage to pistons and connecting rods, ultimately causing fires [80974, 80881]. 2. The failure incident was also caused by an engine oil pan leak that could lead to fires [80974, 80881]. 3. Hyundai and Kia are conducting a "product improvement campaign" to install software that will alert drivers of possible engine failures and send the cars into a reduced-speed "limp" mode if problems are detected [80974, 80881]. |
| Non-software Causes | 1. High exhaust gas temperatures damaging catalytic converters, causing abnormal combustion and damage to pistons and connecting rods, leading to potential fires [80974, 80881]. 2. Engine oil pan leaks in certain Hyundai and Kia SUV models causing fires [80974, 80881]. 3. Improper installation or torquing of high-pressure fuel tube connected to the engine in Hyundai vehicles, potentially leading to fuel leaks and engine fires [79941]. |
| Impacts | 1. The software failure incident led to the recall of nearly 2.4 million vehicles by Hyundai and Kia for fire and engine failure problems since September of 2015, with additional recalls being added over time [80974, 80881]. 2. The incident resulted in a "product improvement campaign" covering another 3.7 million vehicles to install software that would alert drivers of possible engine failures and send the cars into a reduced-speed "limp" mode if issues were detected [80974, 80881]. 3. The failure caused high exhaust gas temperatures to damage catalytic converters in Kia Soul SUVs, leading to abnormal combustion, damage to pistons and connecting rods, and potential engine fires [80974, 80881]. 4. The software failure also caused engine oil pan leaks in Hyundai Tuscon and Sportage SUVs, which could also lead to fires [80974, 80881]. 5. The failure prompted Hyundai to issue a recall for approximately 100,000 vehicles to inspect and possibly replace the high-pressure fuel tube connected to the engine, which could lead to fuel leaks and engine fires if not properly installed or torqued during an earlier engine replacement [79941]. |
| Preventions | 1. Implementing proper software testing procedures to detect issues related to engine failures and fires before the vehicles are released to the market [80974, 80881]. 2. Conducting thorough software quality assurance checks to ensure that the software alerts drivers of possible engine failures and activates a reduced-speed "limp" mode when problems are detected [80974, 80881]. 3. Regularly updating and maintaining the software in vehicles to address any potential defects or vulnerabilities that could lead to engine failures or fires [79941]. 4. Ensuring that the software updates, such as the Knock Sensor Detection System, are promptly applied to vehicles to monitor engine vibrations and prevent potential engine failure [79941]. |
| Fixes | 1. Installing software that will alert drivers of possible engine failures and send the cars into a reduced-speed "limp" mode if problems are detected [80974, 80881]. 2. A software update for the engine control unit that adds a Knock Sensor Detection System to monitor for vibrations in the engine that could lead to engine failure [79941]. | References | 1. National Highway Traffic Safety Administration (NHTSA) [80974, 80881] 2. Center for Auto Safety [80974, 80881] 3. Hyundai [79941] 4. Kia [79941] |
| Category | Option | Rationale |
|---|---|---|
| Recurring | one_organization, multiple_organization | (a) The software failure incident having happened again at one_organization: - Hyundai and Kia have faced software-related issues in their vehicles before. They are conducting a "product improvement campaign" to install software that will alert drivers of possible engine failures and send the cars into a reduced-speed "limp" mode if problems are detected [80974]. - Hyundai and Kia also have a "product improvement campaign" that involves a software update for the engine control unit to add a Knock Sensor Detection System that can monitor for vibrations in the engine to prevent engine failure [79941]. (b) The software failure incident having happened again at multiple_organization: - The article mentions that Kia and Hyundai are not the only automakers facing software-related issues. It states that more than 500,000 Hyundai and Kia vehicles are being recalled following hundreds of complaints of the cars spontaneously catching on fire, indicating similar incidents at other organizations [80881]. |
| Phase (Design/Operation) | design | (a) The software failure incident occurring due to the development phases: - The articles mention that Hyundai and Kia are conducting a "product improvement campaign" to install software that will alert drivers of possible engine failures and send the cars into a reduced-speed "limp" mode if problems are detected [80974, 80881]. - Hyundai and Kia have a "product improvement campaign" that involves a software update for the engine control unit, adding a Knock Sensor Detection System to monitor for vibrations in the engine that could lead to engine failure [79941]. (b) The software failure incident occurring due to the operation phases: - The articles do not specifically mention any software failures due to the operation or misuse of the system. |
| Boundary (Internal/External) | within_system | (a) within_system: The software failure incident mentioned in the articles is primarily related to issues within the system. Hyundai and Kia are conducting recalls and product improvement campaigns to address engine failures and fires caused by internal factors such as high exhaust gas temperatures damaging catalytic converters, abnormal combustion, and oil leaks leading to fires. The recalls involve installing software to alert drivers of possible engine failures and sending the cars into a reduced-speed "limp" mode if problems are detected [80974, 80881, 79941]. (b) outside_system: There is no specific mention in the articles of the software failure incident being caused by contributing factors originating from outside the system. The focus of the recalls and campaigns is on addressing internal issues within the vehicles that could lead to engine failures and fires. |
| Nature (Human/Non-human) | non-human_actions | (a) The software failure incident occurring due to non-human actions: - The articles mention that Hyundai and Kia are conducting a "product improvement campaign" to install software that will alert drivers of possible engine failures and send the cars into a reduced-speed "limp" mode if problems are detected [80974, 80881]. - The software update for the engine control unit includes a Knock Sensor Detection System that can monitor for vibrations in the engine to detect potential engine failure [79941]. (b) The software failure incident occurring due to human actions: - The articles do not specifically mention any software failures caused by human actions. |
| Dimension (Hardware/Software) | software | (a) The software failure incident occurring due to hardware: - The articles do not specifically mention any software failure incidents occurring due to hardware issues. Therefore, there is no direct information available regarding software failure incidents originating from hardware in the provided articles. (b) The software failure incident occurring due to software: - The articles mention that Hyundai and Kia are conducting a "product improvement campaign" to install software that will alert drivers of possible engine failures and send the cars into a reduced-speed "limp" mode if problems are detected [80974, 80881]. - Additionally, Hyundai and Kia have a "product improvement campaign" that involves a software update for the engine control unit. The update adds a Knock Sensor Detection System that can monitor for vibrations in the engine that could indicate engine failure, specifically connecting rod bearing wear. If vibrations are detected, the software will blink the check-engine light and put the vehicle into a low-power "limp" mode to prevent further damage [79941]. |
| Objective (Malicious/Non-malicious) | non-malicious | (a) malicious: There is no indication of a malicious software failure incident in the provided articles. [80974, 80881, 79941] (b) non-malicious: The software failure incidents mentioned in the articles are non-malicious. The failures are related to engine failures and fires in Hyundai and Kia vehicles, leading to recalls and investigations by the National Highway Traffic Safety Administration. The software updates mentioned in the articles are aimed at alerting drivers of possible engine failures and sending the cars into a reduced-speed "limp" mode if problems are detected, indicating a non-malicious intent to address safety concerns. [80974, 80881, 79941] |
| Intent (Poor/Accidental Decisions) | unknown | The articles do not provide specific information about a software failure incident related to poor decisions or accidental decisions. Therefore, the intent of the software failure incident in this case is unknown. |
| Capability (Incompetence/Accidental) | accidental | (a) The articles do not mention any software failure incidents occurring due to development incompetence. (b) The software failure incidents reported in the articles are related to accidental factors such as high exhaust gas temperatures damaging catalytic converters, abnormal combustion, damage to pistons and connecting rods, and oil leaks that can cause fires in Hyundai and Kia vehicles [80974, 80881]. Additionally, the recalls involve installing software that will alert drivers of possible engine failures and send the cars into a reduced-speed "limp" mode if problems are detected [80974, 80881]. |
| Duration | temporary | The software failure incident related to the Hyundai and Kia recalls can be considered as a temporary failure. The articles mention that Hyundai and Kia are conducting a "product improvement campaign" to install software that will alert drivers of possible engine failures and send the cars into a reduced-speed "limp" mode if problems are detected [80974, 80881]. This indicates that the software issue is not permanent but rather introduced by certain circumstances to address the engine failure problems. |
| Behaviour | other | (a) crash: The articles do not mention any instances of a system crash where the software failed due to losing state and not performing any of its intended functions. (b) omission: The articles do not specifically mention any instances where the software omitted to perform its intended functions at an instance(s). (c) timing: The articles do not provide information about any failures related to the timing of the software, where it performed its intended functions either too late or too early. (d) value: The software failure incidents mentioned in the articles are related to engine failures and fires in Hyundai and Kia vehicles, not specifically related to the software performing its intended functions incorrectly. (e) byzantine: The articles do not describe any instances of the software behaving erroneously with inconsistent responses and interactions. (f) other: The software failure incidents mentioned in the articles are primarily related to engine failures and fires in Hyundai and Kia vehicles, with recalls and investigations being conducted to address these issues. |
| Layer | Option | Rationale |
|---|---|---|
| Perception | None | None |
| Communication | None | None |
| Application | None | None |
| Category | Option | Rationale |
|---|---|---|
| Consequence | property, non-human, theoretical_consequence | (a) death: The articles do not mention any deaths resulting from the software failure incident. [80881] (b) harm: The articles do not mention any physical harm to individuals resulting from the software failure incident. [80881] (c) basic: The articles do not mention any impact on people's access to food or shelter due to the software failure incident. [80881] (d) property: The software failure incident led to potential property damage as it caused fires in vehicles due to engine failures. [80881, 80974] (e) delay: The articles do not mention any delays caused by the software failure incident. [80881] (f) non-human: The software failure incident impacted non-human entities, specifically vehicles, leading to engine failures and fires. [80881, 80974] (g) no_consequence: The articles do not mention any real observed consequences of the software failure incident. [80881] (h) theoretical_consequence: The articles discuss potential consequences of fires and engine failures due to the software issues, but there is no specific mention of these theoretical consequences actually occurring. [80881, 80974] (i) other: The articles do not mention any other specific consequences of the software failure incident. |
| Domain | transportation, utilities | (a) The failed system was related to the transportation industry. The software failure incident involved Hyundai and Kia vehicles being recalled for engine failures and fires, affecting over 2.4 million vehicles since September 2015. The recalls were due to issues such as high exhaust gas temperatures damaging catalytic converters, abnormal combustion, and oil leaks that could lead to fires [80974, 80881]. (g) In addition to the transportation industry, the failed system was also related to the utilities industry. The recalls by Hyundai and Kia included fixing an engine oil pan leak that could cause fires in Tuscon and Sportage SUVs, which are part of the utilities industry as they provide power and transportation services [80974, 80881]. |
Article ID: 80974
Article ID: 80881
Article ID: 79941