Incident: Unintended Braking Software Error in GM Chevy and GMC Vehicles

Published Date: 2019-10-31

Postmortem Analysis
Timeline 1. The software failure incident happened in the past, as the article mentions that General Motors has issued a new recall this week due to a software error [90559]. 2. Published on 2019-10-31. 3. The software failure incident likely occurred in October 2019.
System 1. Electronic brake control module software in 2014-2018 Chevy Silverado 1500, 2015-2020 Chevy Suburban and Tahoe, 2014-2018 GMC Sierra 1500, and 2015-2020 GMC Yukon [90559].
Responsible Organization 1. General Motors [90559]
Impacted Organization 1. General Motors (GM) [90559]
Software Causes 1. The software error was caused by faulty electronic brake control module software in the affected vehicles, leading to unintended braking [90559].
Non-software Causes 1. A wheel-speed sensor failure in vehicles with a 5.3-liter V8 engine, 3.08-ratio rear axle, and four-wheel drive [90559].
Impacts 1. The software error in the affected Chevy and GMC pickup trucks and SUVs could result in unintended braking, leading to unexpected braking from the wheel opposite of the wheel that houses the failed speed sensor, potentially causing the vehicle to pull to one side unexpectedly and increasing the risk of a crash [90559].
Preventions 1. Regular software testing and quality assurance procedures during the development phase could have potentially identified the software error before it reached production [90559]. 2. Implementing robust monitoring systems that can detect anomalies in the software behavior post-deployment could have helped in identifying the issue earlier and preventing unintended consequences [90559]. 3. Conducting thorough risk assessments and scenario testing to anticipate potential failure modes, such as the interaction between the wheel-speed sensor failure and the software, could have preemptively addressed the issue [90559].
Fixes 1. The software failure incident in the affected Chevy and GMC vehicles can be fixed by reprogramming the Electronic Brake Control Module (EBCM) by a technician for free [90559].
References 1. National Highway Traffic Safety Administration (NHTSA) [90559]

Software Taxonomy of Faults

Category Option Rationale
Recurring one_organization (a) The software failure incident related to unintended braking due to a software error has happened again within the same organization, General Motors. The recall issued by GM affects hundreds of thousands of Chevy and GMC pickup trucks and SUVs due to faulty electronic brake control module software [90559]. This indicates a recurring software issue within GM's vehicles. (b) There is no information in the provided article about the software failure incident happening at other organizations or with their products and services.
Phase (Design/Operation) design, operation (a) The software failure incident in the GM vehicles was due to a design issue related to the electronic brake control module software. The faulty software, combined with a wheel-speed sensor failure, led to unintended braking and activation of the driveline-protection system, causing the vehicle to pull to one side unexpectedly, increasing the risk of a crash [90559]. (b) The operation-related contributing factor mentioned in the article is that drivers may inadvertently trigger the unintended braking by selecting four-wheel drive or traveling between 41 mph and 60 mph. When a wheel-speed sensor fails, drivers will see warning lights on the dashboard, indicating issues with electronic stability control and antilock brakes [90559].
Boundary (Internal/External) within_system (a) The software failure incident in the GM vehicles, leading to unintended braking, is within the system. The article mentions that the issue is related to faulty electronic brake control module software and incorrect axle-ratio calibrations within the affected Chevy and GMC vehicles [90559].
Nature (Human/Non-human) non-human_actions (a) The software failure incident in this case is attributed to non-human actions. The issue stems from a software error in the electronic brake control module software of certain Chevy and GMC pickup trucks and SUVs, specifically affecting vehicles with a 5.3-liter V8 engine, 3.08-ratio rear axle, and four-wheel drive. The faulty software, in combination with a wheel-speed sensor failure, leads to unintended braking from the wheel opposite of the one with the failed speed sensor, potentially causing the vehicle to pull to one side unexpectedly and increasing the risk of a crash [90559].
Dimension (Hardware/Software) hardware, software (a) The software failure incident in the GM vehicles was due to a hardware-related issue. Specifically, a wheel-speed sensor failure in vehicles with a 5.3-liter V8 engine, 3.08-ratio rear axle, and four-wheel drive could lead to unintended braking due to the faulty electronic brake control module software [90559].
Objective (Malicious/Non-malicious) non-malicious (a) The software failure incident described in Article 90559 is non-malicious. The issue stemmed from a software error in the electronic brake control module software of certain Chevy and GMC pickup trucks and SUVs, leading to unintended braking. This unintended braking was triggered by a wheel-speed sensor failure not aligning well with the software, causing the driveline-protection system to activate unexpectedly. The software error resulted in the inability to properly calculate wheel speed, leading to issues with the driveline-protection system and the risk of the vehicle pulling to one side unexpectedly, increasing the risk of a crash [90559].
Intent (Poor/Accidental Decisions) accidental_decisions (a) The software failure incident related to the unintended braking in Chevy and GMC pickup trucks and SUVs was not due to poor decisions but rather a software error that could result in unintended braking. The issue was attributed to faulty electronic brake control module software interacting with a wheel-speed sensor failure, leading to the driveline-protection system activating unexpectedly, causing the unintended braking [90559].
Capability (Incompetence/Accidental) development_incompetence (a) The software failure incident in the GM vehicles was due to a development incompetence issue. The faulty electronic brake control module software had incorrect axle-ratio calibrations, leading to the inability to properly calculate wheel speed and causing issues with the driveline-protection system [90559]. This indicates a lack of professional competence in the development of the software that resulted in the unintended braking problem.
Duration temporary (a) The software failure incident in this case is considered temporary. The article mentions that the issue with the faulty electronic brake control module software affects specific vehicles with a 5.3-liter V8 engine, 3.08-ratio rear axle, and four-wheel drive. The unintended braking occurs under certain conditions, such as when a driver selects four-wheel drive or travels between 41 mph and 60 mph. This indicates that the failure is not permanent but rather triggered by specific circumstances [90559].
Behaviour crash, omission, value, other (a) crash: The software error in the affected Chevy and GMC vehicles could result in unintended braking, leading to unexpected braking from the wheel opposite of the wheel that houses the failed speed sensor. This behavior might occur when a driver selects four-wheel drive or travels between 41 mph and 60 mph, potentially causing the vehicle to pull to one side unexpectedly, increasing the risk of a crash [90559]. (b) omission: The software issue in the electronic brake control module software of the recalled vehicles could lead to the driveline-protection system activating incorrectly due to a wheel-speed sensor failure not being properly detected by the software. This omission could result in unintended braking and the vehicle pulling to one side unexpectedly, posing a crash risk [90559]. (c) timing: The software failure incident does not specifically mention any timing-related issues where the system performs its intended functions but at the wrong time. (d) value: The software error in the brake control modules of the affected vehicles leads to incorrect axle-ratio calibrations, causing the system to be unable to properly calculate wheel speed. This incorrect value calculation results in issues with the driveline-protection system and unintended braking, increasing the risk of a crash [90559]. (e) byzantine: The software failure incident does not exhibit behaviors of inconsistent responses or interactions that would classify it as a byzantine failure. (f) other: The software failure incident involves a combination of unintended braking, incorrect axle-ratio calibrations, and driveline-protection system activation due to a wheel-speed sensor failure, which could be categorized as a combination of crash and value-related failures [90559].

IoT System Layer

Layer Option Rationale
Perception sensor, embedded_software (a) The software failure incident in the GM vehicles was related to a sensor error. Specifically, a wheel-speed sensor failure may not interact properly with the faulty electronic brake control module software, leading to unintended braking from the wheel opposite of the one with the failed speed sensor [90559].
Communication connectivity_level The software failure incident reported in Article 90559 is related to the connectivity_level of the cyber-physical system. The issue stemmed from a software error in the electronic brake control module software of certain Chevy and GMC pickup trucks and SUVs. This software error led to unintended braking, specifically when a wheel-speed sensor failed to communicate properly with the software, resulting in the activation of the driveline-protection system and unexpected braking from the wheel opposite the one with the failed speed sensor. This failure was not directly linked to the physical layer (link_level) but rather to the network or transport layer (connectivity_level) of the system [90559].
Application TRUE The software failure incident reported in Article 90559 was related to a software error in the electronic brake control module software of certain Chevy and GMC pickup trucks and SUVs. This error could result in unintended braking, specifically affecting vehicles with a 5.3-liter V8 engine, 3.08-ratio rear axle, and four-wheel drive. The issue was attributed to incorrect axle-ratio calibrations in the brake control modules, leading to the inability to properly calculate wheel speed and triggering problems with the driveline-protection system. This failure can be categorized as an application layer issue within the cyber physical system, as it was caused by a bug in the software [90559].

Other Details

Category Option Rationale
Consequence harm (a) death: People lost their lives due to the software failure (b) harm: People were physically harmed due to the software failure (c) basic: People's access to food or shelter was impacted because of the software failure (d) property: People's material goods, money, or data was impacted due to the software failure (e) delay: People had to postpone an activity due to the software failure (f) non-human: Non-human entities were impacted due to the software failure (g) no_consequence: There were no real observed consequences of the software failure (h) theoretical_consequence: There were potential consequences discussed of the software failure that did not occur (i) other: Was there consequence(s) of the software failure not described in the (a to h) options? What is the other consequence(s)? The consequence of the software failure incident described in the article is related to potential harm (b) where the unintended braking caused by the software error could lead to the vehicle pulling to one side unexpectedly, increasing the risk of a crash. This could physically harm the occupants of the affected vehicles [90559].
Domain transportation (a) The software failure incident reported in Article 90559 is related to the transportation industry. The affected vehicles in the recall issued by General Motors are Chevy and GMC pickup trucks and SUVs [90559]. The issue with the electronic brake control module software in these vehicles could lead to unintended braking, posing a risk to drivers and potentially causing crashes.

Sources

Back to List