Incident Details

Incident: Porsche Taycan Recall Due to Software Fault Causing Engine Shutdown.

Published Date: 2021-07-02

Postmortem Analysis
Timeline	1. The software failure incident with Porsche's Taycan occurred in June 2021 as mentioned in Article 117180 which was published on July 2, 2021 [117180].
System	1. Taycan electric cars by Porsche [117180, 117024]
Responsible Organization	1. Porsche AG [117180, 117024] 2. Volkswagen group [117180]
Impacted Organization	1. Porsche AG [117180] 2. Volkswagen group [117180]
Software Causes	1. The software causes of the failure incident in the Porsche Taycan vehicles include faulty software that can cause the battery-powered engine to suddenly shut down, leading to a loss of motive power at random [117180]. 2. Another software cause is the vehicle's self-monitoring software sensing a serious fault that isn't there and shutting down the vehicle, increasing the likelihood of a crash [117024].
Non-software Causes	1. Unknown
Impacts	1. The software failure incident in Porsche's Taycan cars caused the battery-powered engine to suddenly shut down, potentially leading to safety concerns and accidents [117180]. 2. The issue resulted in Porsche having to recall 43,000 Taycan vehicles produced and delivered by June for a software update to fix the problem [117180]. 3. Owners of affected 2020 and 2021 Taycan models faced the risk of losing all motive power at random due to the faulty software, increasing the likelihood of crashes [117024]. 4. Porsche's recall encompassed 10,373 vehicles, and affected owners were notified to have their vehicles reprogrammed free of charge to address the software issue [117024].
Preventions	1. Implementing thorough software testing procedures during the development phase to identify and rectify potential faults before the vehicles are released to customers [117180, 117024]. 2. Conducting comprehensive quality assurance checks to ensure the self-monitoring software accurately detects genuine faults and does not trigger unnecessary shutdowns [117024]. 3. Regularly updating and maintaining the software to address any emerging issues and enhance the overall performance and reliability of the system [117180]. 4. Implementing a robust monitoring system to track and analyze software performance in real-time, allowing for prompt identification and resolution of any anomalies or failures [117024].
Fixes	1. Reprogramming the Taycan's power electronics and motor control unit [Article 117024] 2. Software update to fix the issue in all Taycan vehicles produced and delivered by June [Article 117180]
References	1. Porsche AG executive Klaus Rechberger [Article 117180] 2. Porsche's customer service department [Article 117024]

Software Taxonomy of Faults

Category	Option	Rationale
Recurring	one_organization, multiple_organization	(a) The software failure incident related to the Porsche Taycan losing all motive power at random due to faulty software has happened again within the same organization. Porsche had to recall 43,000 Taycan cars over faulty software that caused the battery-powered engine to suddenly shut down [117180]. Additionally, Porsche had to recall 10,373 vehicles due to the same issue of the vehicle's self-monitoring software sensing a serious fault that isn't there and shutting things down [117024]. (b) The software failure incident related to the Porsche Taycan losing all motive power at random due to faulty software has also happened at multiple organizations. The issue with the Taycan's self-monitoring software causing the vehicle to lose power randomly affected various models including Taycan Turbo, Taycan Turbo S, Taycan 4S, Taycan Cross Turismo, Taycan Turbo S Cross Turismo, Taycan 4S Cross Turismo, and Taycan Turbo Cross Turismo [117024].
Phase (Design/Operation)	design	(a) The software failure incident in the Porsche Taycan vehicles was related to the design phase. The articles mention that the issue was caused by faulty software that could lead to the battery-powered engine suddenly shutting down due to the vehicle's self-monitoring software sensing a serious fault that wasn't actually present [117180, 117024]. This indicates that the problem was introduced during the development phase of the software. (b) The articles do not provide specific information indicating that the software failure incident was related to the operation phase.
Boundary (Internal/External)	within_system	(a) within_system: The software failure incident with the Porsche Taycan cars was due to faulty software within the system. The issue involved the self-monitoring software sensing a serious fault that wasn't actually present, leading to the vehicle losing all motive power at random and potentially increasing the risk of a crash [117024]. Additionally, Porsche mentioned that the problem was observed in around 130 cars, indicating an internal software issue [117180]. (b) outside_system: There is no information in the articles suggesting that the software failure incident with the Porsche Taycan cars was caused by contributing factors originating from outside the system.
Nature (Human/Non-human)	non-human_actions	(a) The software failure incident occurring due to non-human actions: - Both articles [117180, 117024] report that the software failure in Porsche's Taycan electric cars was due to faulty software that caused the battery-powered engine to suddenly shut down. This issue was related to the vehicle's self-monitoring software sensing a serious fault that wasn't actually present, leading to the loss of motive power at random. The articles mention that this was a teething issue with the new model and affected a significant number of vehicles, requiring a software update or reprogramming to fix the issue. (b) The software failure incident occurring due to human actions: - There is no specific mention in the articles of the software failure incident being caused by human actions. The focus is on the faulty software and the need for software updates or reprogramming to address the issue.
Dimension (Hardware/Software)	hardware, software	(a) The software failure incident related to hardware: - The software failure incident in the Porsche Taycan cars was due to faulty software that can cause the battery-powered engine to suddenly shut down, indicating a hardware-related issue [117180]. - The issue involved the vehicle's self-monitoring software sensing a serious fault that isn't there and shutting down, which can lead to a crash, pointing to a hardware-related issue [117024]. (b) The software failure incident related to software: - The Porsche Taycan cars experienced a software failure that required a software update to fix the issue, indicating a software-related problem [117180]. - The fix for the issue involved reprogramming the Taycan's power electronics and motor control unit, highlighting a software-related issue [117024].
Objective (Malicious/Non-malicious)	non-malicious	(a) The software failure incident related to the Porsche Taycan involved a non-malicious objective. The incident was caused by faulty software that could lead to the battery-powered engine suddenly shutting down, potentially causing the vehicle to lose all motive power at random. Porsche acknowledged the issue and initiated a recall to address the software problem in affected vehicles [117180, 117024].
Intent (Poor/Accidental Decisions)	poor_decisions	(a) The software failure incident related to the Porsche Taycan involved poor decisions. The incident was caused by faulty software that could cause the battery-powered engine to suddenly shut down, leading to a loss of motive power in the vehicle [117180, 117024]. This issue was due to the self-monitoring software sensing a serious fault that wasn't actually present, resulting in the vehicle shutting down unexpectedly, which could increase the likelihood of a crash. Porsche had to recall thousands of vehicles to address this software flaw, indicating that the incident was a result of poor decisions in the software development process.
Capability (Incompetence/Accidental)	development_incompetence, accidental	(a) The software failure incidents reported in the articles are related to development incompetence. Both articles [117180, 117024] mention that the software issue causing the Taycan to suddenly shut down or lose motive power is due to faulty software or self-monitoring software that can sense a serious fault that isn't there. Porsche is addressing these issues through software updates and reprogramming of the power electronics and motor control unit. These issues were not intentional but rather a result of software development issues or lack of professional competence in the software design process.
Duration	temporary	(a) The software failure incident in the Porsche Taycan cars was temporary. The articles mention that the issue involved the Taycan losing all motive power at random due to the vehicle's self-monitoring software sensing a serious fault that wasn't actually present and shutting things down [Article 117024]. Porsche offered a fix by reprogramming the power electronics and motor control unit, which indicates that the issue was not permanent and could be resolved through a software update [Article 117024]. (b) The software failure incident was not described as permanent in the articles.
Behaviour	crash, omission, other	(a) crash: The software failure incident in the Porsche Taycan cars involved the battery-powered engine suddenly shutting down, leading to a loss of motive power, which can be considered a crash in terms of software failure [117180, 117024]. (b) omission: The software issue in the Taycan involved the self-monitoring software sensing a serious fault that wasn't actually present and shutting down the vehicle, which can be seen as an omission in terms of the system omitting to perform its intended functions correctly [117024]. (c) timing: There is no specific mention of a timing-related failure in the articles. (d) value: The software failure incident did not involve the system performing its intended functions incorrectly due to incorrect outputs or calculations. (e) byzantine: The software failure incident did not exhibit behaviors of inconsistency or erratic responses. (f) other: The software update to fix the issue required a physical visit to a repair center, indicating an inconvenience for the Taycan owners beyond just the software malfunction itself [117180].

IoT System Layer

Layer	Option	Rationale
Perception	sensor, processing_unit, embedded_software	(a) sensor: The software failure incident related to the Porsche Taycan involved a faulty software that caused the battery-powered engine to suddenly shut down, indicating a sensor-related issue where the self-monitoring software sensed a serious fault that wasn't there and shut things down [117180, 117024]. (b) actuator: There is no specific mention of an actuator-related failure in the provided articles. (c) processing_unit: The software update to fix the issue in the Taycan involved reprogramming the power electronics and motor control unit, suggesting a processing unit-related issue [117024]. (d) network_communication: There is no mention of a network communication-related failure in the provided articles. (e) embedded_software: The software failure incident in the Porsche Taycan was directly related to faulty software, indicating an embedded software error that required a software update to fix the issue [117180, 117024].
Communication	unknown	The software failure incidents reported in the provided articles were not related to the communication layer of the cyber-physical system that failed. Instead, the failures were related to faulty software in the electric Taycan cars produced by Porsche, leading to issues such as the battery-powered engine suddenly shutting down or the vehicle losing all motive power at random. The failures were attributed to the self-monitoring software sensing serious faults that were not present, causing the system to shut down to prevent potential crashes. The fixes for these issues involved reprogramming the power electronics and motor control unit through software updates provided by Porsche [117180, 117024].
Application	TRUE	The software failure incidents reported in the provided articles were related to the application layer of the cyber physical system. Both articles [117180, 117024] mention that the failures were caused by faulty software that led to the sudden shutdown of the battery-powered engine in Porsche's Taycan electric cars. The issues were attributed to the self-monitoring software in the vehicles, which could sense a serious fault that wasn't actually present and consequently shut down the system, potentially increasing the risk of a crash. These descriptions align with the definition of failures related to the application layer, which can be caused by bugs, operating system errors, unhandled exceptions, and incorrect usage.

Other Details

Category	Option	Rationale
Consequence	no_consequence	(a) death: People lost their lives due to the software failure (b) harm: People were physically harmed due to the software failure (c) basic: People's access to food or shelter was impacted because of the software failure (d) property: People's material goods, money, or data was impacted due to the software failure (e) delay: People had to postpone an activity due to the software failure (f) non-human: Non-human entities were impacted due to the software failure (g) no_consequence: There were no real observed consequences of the software failure (h) theoretical_consequence: There were potential consequences discussed of the software failure that did not occur (i) other: Was there consequence(s) of the software failure not described in the (a to h) options? What is the other consequence(s)? The consequence of the software failure incident based on the articles is as follows: (g) no_consequence: Both articles mention that no accidents were known to have happened as a result of the software failure in the Porsche Taycan vehicles. The issues with the software caused the engine to shut down unexpectedly, but there were no reported incidents of harm, death, or other consequences resulting from this software failure [117180, 117024].
Domain	transportation	(a) The software failure incident reported in the articles is related to the automotive industry, specifically affecting luxury sports carmaker Porsche AG and its electric Taycan vehicles [117180, 117024].

Sources

Porsche recalls flagship electric model Taycan over software issue - Reuters - Published on: 2021-07-02
Article ID: 117180
Porsche recalls 10373 Taycan and Cross Turismo models over power loss - CNET - Published on: 2021-07-06
Article ID: 117024

Back to List