Incident Details

Incident: Vacuum Pump Issue Leads to GM Recall of 3.46 Million Vehicles

Published Date: 2019-09-11

Postmortem Analysis
Timeline	1. The software failure incident of the vacuum pump issue affecting braking in General Motors vehicles occurred over time and was reported in the article published on September 11, 2019 [89374]. 2. The NHTSA opened a preliminary investigation into the issue last November, which indicates that the incident was known to authorities in November of the previous year. 3. Estimation: If the article was published on September 11, 2019, and the NHTSA opened the investigation in November of the previous year, the software failure incident likely occurred in November 2018.
System	1. Vacuum pump system in 2014-2018 model year vehicles including Cadillac Escalade, Chevrolet Silverado, Chevrolet Tahoe, GMC Sierra, Chevrolet Suburban, and GMC Yukon vehicles [Article 89374] 2. Engine control module software in 2018 Chevrolet Malibu cars with 1.5L turbo engines [Article 89374] 3. Seatbelt-unfastened warning light system in 2019 Chevrolet Express and GMC Savana vehicles [Article 89374]
Responsible Organization	1. General Motors Co - General Motors Co was responsible for causing the software failure incident in the recall of 3.46 million U.S. pickup trucks and SUVs due to a vacuum pump issue affecting braking systems [89374].
Impacted Organization	1. General Motors Co [Article 89374]
Software Causes	1. The vacuum pump issue in General Motors vehicles was caused by a decrease in the amount of vacuum created by the vacuum pump over time, leading to braking difficulties. This issue was related to the software programming of the electronic brake control module [89374].
Non-software Causes	1. Decrease in vacuum created by the vacuum pump over time, leading to braking issues [89374] 2. Accumulation of debris such as oil sludge on the filter screen of the vacuum assist pump [89374]
Impacts	1. Difficulty in braking: The software failure incident in General Motors vehicles led to a vacuum pump issue that could make braking more difficult, potentially affecting the braking system's performance [Article 89374]. 2. Increased risk of accidents and injuries: The vacuum pump issue linked to the software failure incident was associated with 113 accidents and 13 injuries, highlighting the safety risks posed by the malfunction [Article 89374]. 3. Potential brake boost failure: The National Highway Traffic Safety Administration (NHTSA) warned that the affected vehicles may experience brake boost failure, requiring increased brake pedal effort and potentially leading to a hard brake pedal feel and increased stopping distance [Article 89374].
Preventions	1. Implementing rigorous testing procedures during the software development phase to detect any potential issues before the vehicles are released to the market [89374]. 2. Conducting regular maintenance and inspections on the vacuum assist pump and its components to ensure proper functioning over time [89374]. 3. Enhancing the monitoring and reporting system for field reports and customer complaints to promptly identify any emerging issues related to the software or hardware components [89374].
Fixes	1. Dealers will reprogram the electronic brake control module to improve how the system utilizes the hydraulic brake boost assist function when vacuum assist is depleted [Article 89374]. 2. For the issue with the 2018 Chevrolet Malibu cars with 1.5L turbo engines, the software fix involves addressing an error in the engine control module software that may result in the fuel injectors being disabled [Article 89374]. 3. To address the problem with the 2019 Chevrolet Express and GMC Savana vehicles where the seatbelt-unfastened warning light does not illuminate promptly, a software update or modification may be required to ensure compliance with federal motor safety regulations [Article 89374].
References	1. National Highway Traffic Safety Administration (NHTSA) [Article 89374] 2. General Motors Co [Article 89374]

Software Taxonomy of Faults

Category	Option	Rationale
Recurring	one_organization	(a) The software failure incident related to the vacuum pump issue affecting braking in GM vehicles has happened again within the same organization. General Motors Co had previously recalled 310,000 vehicles in Canada for the same vacuum pump issue before recalling 3.46 million vehicles in the U.S. [Article 89374] (b) There is no information in the provided article indicating that the software failure incident related to the vacuum pump issue affecting braking in GM vehicles has happened at other organizations.
Phase (Design/Operation)	design, operation	(a) The software failure incident related to the design phase is evident in the article as General Motors Co recalled 3.46 million U.S. pickup trucks and SUVs due to a vacuum pump issue that could make braking more difficult. The recall was triggered because the amount of vacuum created by the vacuum pump may decrease over time, leading to brake boost failure in rare circumstances. This issue was identified in the design of the vacuum assist pump, which is lubricated with engine oil that flows into the pump through a filter screen. Over time, debris such as oil sludge can accumulate on the filter screen, causing the pump to lose effectiveness [89374]. (b) The software failure incident related to the operation phase is evident in the article as General Motors Co is recalling 270,000 additional U.S. vehicles in three smaller recalls. One of the recalls involves 177,000 2018 Chevrolet Malibu cars with 1.5L turbo engines because an error in the engine control module software may result in the fuel injectors being disabled. This issue is related to the operation of the vehicles, where the software error could impact the functioning of the fuel injectors during operation [89374].
Boundary (Internal/External)	within_system	(a) within_system: The software failure incident related to the vacuum pump issue affecting braking in General Motors vehicles was due to factors originating from within the system. The article mentions that the vacuum pump, which is lubricated with engine oil, can lose effectiveness over time due to debris accumulation on the filter screen within the pump itself [Article 89374]. This indicates an internal system issue leading to the software failure incident.
Nature (Human/Non-human)	non-human_actions	(a) The software failure incident related to non-human actions: The software failure incident in this case was not directly attributed to non-human actions. The recall by General Motors was due to a vacuum pump issue affecting braking in certain vehicles, specifically related to the vacuum assist pump losing effectiveness over time due to debris accumulation on the filter screen [Article 89374]. (b) The software failure incident related to human actions: The software failure incident in this case was not directly attributed to human actions. The recall by General Motors was due to technical issues such as a vacuum pump problem affecting braking and an error in the engine control module software disabling fuel injectors, rather than human actions introducing contributing factors to the failure [Article 89374].
Dimension (Hardware/Software)	hardware, software	(a) The software failure incident related to hardware: - The recall by General Motors was due to a vacuum pump issue that could make braking more difficult, affecting 3.46 million U.S. pickup trucks and SUVs [Article 89374]. - The vacuum assist pump, which is lubricated with engine oil that flows into the pump through a filter screen, can lose effectiveness over time due to debris accumulation, such as oil sludge on the filter screen [Article 89374]. (b) The software failure incident related to software: - General Motors is recalling 177,000 2018 Chevrolet Malibu cars due to an error in the engine control module software that may result in the fuel injectors being disabled [Article 89374].
Objective (Malicious/Non-malicious)	non-malicious	(a) The software failure incident related to the vacuum pump issue in General Motors vehicles does not appear to be malicious. It was a non-malicious failure caused by a decrease in the amount of vacuum created by the vacuum pump over time, leading to potential braking difficulties. The issue was attributed to the design of the vacuum assist pump and the accumulation of debris like oil sludge on the filter screen, affecting the brake assist system [89374].
Intent (Poor/Accidental Decisions)	accidental_decisions	(a) The software failure incident related to the vacuum pump issue in General Motors vehicles does not seem to be directly attributed to poor decisions. The issue was related to a decrease in vacuum created by the vacuum pump over time, leading to potential braking difficulties. The recall was triggered by reports of related crashes and injuries, prompting GM to investigate and take action to reprogram the electronic brake control module to address the problem [89374]. (b) The software failure incident appears to be more aligned with accidental decisions or unintended consequences rather than poor decisions. The issue with the vacuum pump and the error in the engine control module software in the Chevrolet Malibu cars were not explicitly linked to poor decisions but rather to technical faults or design flaws that led to safety concerns and the need for recalls [89374].
Capability (Incompetence/Accidental)	accidental	(a) The software failure incident related to the vacuum pump issue in General Motors vehicles was not explicitly attributed to development incompetence. The issue was described as a decrease in the amount of vacuum created by the vacuum pump over time, leading to potential braking difficulties. The recall was initiated to reprogram the electronic brake control module to improve the utilization of the hydraulic brake boost assist function when vacuum assist is depleted [Article 89374]. (b) The software failure incident related to the vacuum pump issue in General Motors vehicles was attributed to an accidental issue where the vacuum assist pump, lubricated with engine oil, could lose effectiveness over time due to debris accumulation on the filter screen. This accidental issue could lead to brake boost failure, requiring increased brake pedal effort and potentially increased stopping distance in rare circumstances [Article 89374].
Duration	permanent	(a) The software failure incident related to the vacuum pump issue affecting braking in General Motors vehicles is considered permanent. The issue was linked to 113 accidents and 13 injuries, leading to a recall of 3.46 million U.S. pickup trucks and SUVs [Article 89374]. The recall was triggered by a decrease in the amount of vacuum created by the vacuum pump over time, affecting braking in rare circumstances. This indicates a permanent failure as the issue was not limited to specific circumstances but posed a continuous risk to vehicle safety.
Behaviour	crash, value, other	(a) crash: The article mentions a software failure incident related to a recall by General Motors due to a vacuum pump issue that could make braking more difficult. This issue could lead to a crash as the vehicles may experience brake boost failure, requiring increased brake pedal effort and potentially increased stopping distance [Article 89374]. (b) omission: The article does not specifically mention a software failure incident related to omission where the system omits to perform its intended functions at an instance(s). (c) timing: The article does not mention a software failure incident related to timing where the system performs its intended functions correctly, but too late or too early. (d) value: The article does mention a software failure incident related to a value failure where the system performs its intended functions incorrectly. For example, in one of the recalls, 177,000 2018 Chevrolet Malibu cars are being recalled because an error in the engine control module software may result in the fuel injectors being disabled [Article 89374]. (e) byzantine: The article does not mention a software failure incident related to a byzantine failure where the system behaves erroneously with inconsistent responses and interactions. (f) other: The other behavior mentioned in the article is related to a software failure incident where the seatbelt-unfastened warning light in approximately 91,000 2019 Chevrolet Express and GMC Savana vehicles will not illuminate for approximately five seconds after the ignition is moved to the "on" or "start" position, which means they are not in compliance with federal motor safety regulations [Article 89374].

IoT System Layer

Layer	Option	Rationale
Perception	None	None
Communication	None	None
Application	None	None

Other Details

Category	Option	Rationale
Consequence	theoretical_consequence	(a) death: People lost their lives due to the software failure (b) harm: People were physically harmed due to the software failure (c) basic: People's access to food or shelter was impacted because of the software failure (d) property: People's material goods, money, or data was impacted due to the software failure (e) delay: People had to postpone an activity due to the software failure (f) non-human: Non-human entities were impacted due to the software failure (g) no_consequence: There were no real observed consequences of the software failure (h) theoretical_consequence: There were potential consequences discussed of the software failure that did not occur (i) other: Was there consequence(s) of the software failure not described in the (a to h) options? What is the other consequence(s)? The articles do not mention any direct consequences such as death, physical harm, impact on basic needs, property loss, or non-human entities due to the software failure incidents discussed. The consequences mentioned are related to potential safety risks and issues with braking systems in vehicles, which could lead to accidents and injuries but do not specify any actual incidents of harm or fatalities [89374].
Domain	manufacturing	(a) The software failure incident reported in the article is related to the automotive industry, specifically affecting General Motors Co's pickup trucks and SUVs due to a vacuum pump issue that could impact braking performance [Article 89374]. (b) The article does not mention any software failure incident related to the transportation industry. (c) The article does not mention any software failure incident related to the natural resources industry. (d) The article does not mention any software failure incident related to the sales industry. (e) The article does not mention any software failure incident related to the construction industry. (f) The software failure incident in the article is directly related to the manufacturing industry as it involves the recall of vehicles manufactured by General Motors Co due to a vacuum pump issue affecting braking performance [Article 89374]. (g) The article does not mention any software failure incident related to the utilities industry. (h) The article does not mention any software failure incident related to the finance industry. (i) The article does not mention any software failure incident related to the knowledge industry. (j) The article does not mention any software failure incident related to the health industry. (k) The article does not mention any software failure incident related to the entertainment industry. (l) The article does not mention any software failure incident related to the government industry. (m) The article does not mention any software failure incident related to any other industry.

Sources

GM recalls 3.8 million vehicles in North America due to braking issue - Reuters - Published on: 2019-09-11
Article ID: 89374

Back to List