Incident: Software Glitches Delay Driverless Bus Trial in Inverness, Scotland

Published Date: 2022-10-06

Postmortem Analysis
Timeline 1. The software failure incident happened on the day of the official launch, which was on Thursday [133724]. Estimation: Step 1: The article mentions that the software glitches occurred on Thursday at the official launch. Step 2: The article was published on 2022-10-06. Step 3: The incident likely occurred on Thursday, which would be October 6, 2022.
System 1. Deep learning programs 2. Software glitches 3. Autonomous vehicle passenger services system
Responsible Organization 1. The software failure incident in the driverless bus trial in Inverness was caused by software glitches, which were likely a result of the software development process or implementation by the autonomous vehicle company NAVYA [133724].
Impacted Organization 1. The autonomous vehicle passenger services trial in Inverness was impacted by the software failure incident [133724].
Software Causes 1. Two of the three software glitches on Thursday were resolved with a third requiring further work. - [133724]
Non-software Causes 1. The driverless bus had to be driven manually at its launch due to software issues, indicating a potential hardware or integration issue [Article 133724].
Impacts 1. The self-driving bus in the Scottish trial had to be driven manually at its launch due to software issues, impacting the intended autonomous operation of the vehicle [Article 133724]. 2. Two out of three software glitches on the launch day were resolved, but one glitch required further work, indicating a delay in achieving full autonomous functionality [Article 133724].
Preventions 1. Thorough testing and quality assurance procedures during the development phase could have potentially prevented the software failure incident [133724]. 2. Implementing robust error handling mechanisms within the software to address unexpected glitches or faults could have helped prevent the incident. 3. Continuous monitoring and maintenance of the software to identify and address any potential issues proactively could have mitigated the software glitches. 4. Conducting regular software updates and patches to address any vulnerabilities or bugs that may arise during the trial period could have prevented the software failure incident.
Fixes 1. Conducting a thorough analysis of the software code to identify and rectify any bugs or faults that led to the glitches [133724]. 2. Implementing software updates or patches to address the identified software issues [133724]. 3. Enhancing the testing procedures to ensure comprehensive testing of the autonomous vehicle software before future launches or trials [133724].
References 1. Organisers of the trial in Inverness 2. Hitrans (regional transport organisation) 3. Transport Jenny Gilruth

Software Taxonomy of Faults

Category Option Rationale
Recurring multiple_organization (a) The software failure incident having happened again at one_organization: The article does not mention any previous incidents of software failures within the same organization or with its products and services. Therefore, it is unknown if a similar incident has happened before within the organization involved in the driverless bus trial in Inverness. (b) The software failure incident having happened again at multiple_organization: The article mentions a similar project running in Hannover, Germany, where an autonomous bus shuttle is being trialled. This indicates that similar autonomous vehicle projects are being conducted in different locations, suggesting that software failure incidents could potentially happen at multiple organizations conducting such trials [133724].
Phase (Design/Operation) design (a) The software failure incident in the driverless bus trial in Inverness was attributed to software glitches that arose during the operation of the vehicle. The article mentions that the bus had to be driven manually at its launch due to software issues, with three software glitches identified on the day of the official launch. Two of the glitches were resolved, while a third required further work [133724]. This indicates that the failure was related to contributing factors introduced during the system development or updates rather than solely due to operational factors.
Boundary (Internal/External) within_system (a) The software failure incident with the driverless bus in Inverness was within the system. The article mentions that the driverless bus had to be driven manually at its launch due to software issues, specifically three software glitches that occurred on the day of the official launch [133724]. The glitches were identified as internal issues within the software system of the autonomous vehicle, which required further work to resolve. This indicates that the failure originated from within the system itself.
Nature (Human/Non-human) non-human_actions (a) The software failure incident in the article was attributed to non-human actions, specifically software glitches that affected the driverless bus during its trial in Inverness. The article mentions that the bus had to be driven manually at its launch due to software issues, with three software glitches identified, two of which were resolved on the spot while the third required further work [133724]. These glitches were not introduced by human actions but were inherent in the software system being tested.
Dimension (Hardware/Software) software (a) The software failure incident in the article was not attributed to hardware issues but rather to software glitches. The driverless bus had to be driven manually at its launch due to software issues, with three software glitches identified on the day of the official launch [133724]. (b) The software failure incident was specifically mentioned to be due to software issues. The article highlighted that the driverless bus had to be operated manually at its launch because of software glitches, with two of the three glitches being resolved and the third requiring further work [133724].
Objective (Malicious/Non-malicious) non-malicious (a) The software failure incident mentioned in the article is non-malicious. The driverless bus in the Scottish trial of autonomous vehicle passenger services experienced software glitches that required manual intervention during its launch in Inverness. The glitches were identified as part of the trial, and efforts were made to resolve them, indicating that the failure was not due to malicious intent but rather a technical issue during the testing phase [133724].
Intent (Poor/Accidental Decisions) unknown The software failure incident related to the driverless bus trial in Inverness was not explicitly attributed to poor decisions or accidental decisions in the articles provided [133724]. The incident was described as being caused by software glitches that required manual intervention during the launch of the autonomous vehicle passenger service trial. The glitches were identified as part of the trial process, and efforts were made to resolve them, indicating a proactive approach to addressing the software issues.
Capability (Incompetence/Accidental) accidental (a) The software failure incident in the article was not attributed to development incompetence. The article mentions that the driverless bus had to be driven manually at its launch due to software issues, specifically three software glitches that occurred on the day of the official launch in Inverness [133724]. (b) The software failure incident in the article was categorized as accidental. The article describes the software glitches that affected the driverless bus during the trial in Inverness as unexpected issues that needed to be resolved, indicating that the failure was accidental rather than due to incompetence [133724].
Duration temporary The software failure incident reported in Article 133724 was temporary. The article mentions that the driverless bus had to be driven manually at its launch due to software issues, specifically three software glitches that occurred on the day of the official launch. Two of the glitches were resolved, while the third required further work. This indicates that the software failure was not permanent but rather temporary, as it was due to specific circumstances on the launch day [133724].
Behaviour crash, other (a) crash: The software glitches in the driverless bus trial in Inverness led to the bus having to be driven manually at its launch, indicating a failure due to the system losing state and not performing its intended functions [133724]. (b) omission: The article does not specifically mention any instances of the system omitting to perform its intended functions at an instance(s). (c) timing: The article does not mention any failures due to the system performing its intended functions correctly, but too late or too early. (d) value: The article does not mention any failures due to the system performing its intended functions incorrectly. (e) byzantine: The article does not mention any failures due to the system behaving erroneously with inconsistent responses and interactions. (f) other: The software glitches in the driverless bus trial could be categorized as "other" as they led to the bus having to be driven manually, which is a behavior not explicitly covered by the options (a) to (e) [133724].

IoT System Layer

Layer Option Rationale
Perception sensor (a) The software failure incident in the article was related to the perception layer of the cyber physical system, specifically the sensor. The article mentions that the driverless bus had to be driven manually at its launch due to software issues, with two of the three software glitches being resolved and a third requiring further work [133724]. This indicates that the failure was related to issues with the sensors or perception systems of the autonomous vehicle.
Communication unknown The article does not provide specific details indicating whether the software failure incident related to the driverless bus in Inverness was specifically related to the communication layer of the cyber-physical system that failed. The focus of the article is on software glitches that required manual intervention during the trial of the autonomous vehicle passenger service. Therefore, it is unknown whether the failure was at the link_level or connectivity_level.
Application TRUE The software failure incident reported in Article 133724 was related to the application layer of the cyber physical system. The article mentions that the driverless bus had to be driven manually at its launch due to software issues, specifically three software glitches that occurred on the day of the official launch. These glitches were attributed to software problems, which align with the definition of failures introduced by bugs, operating system errors, unhandled exceptions, and incorrect usage typically associated with the application layer of a system [133724].

Other Details

Category Option Rationale
Consequence delay The consequence of the software failure incident in the reported article was a delay. The self-driving bus in the Scottish trial had to be driven manually at its launch due to software issues, specifically three software glitches that occurred on the day of the official launch [133724].
Domain transportation (a) The failed system was intended to support the transportation industry. The software glitches affected a self-driving bus being trialled in Inverness for autonomous vehicle passenger services [133724]. The bus, named Itsy Bitsy Teenie Weenie Driverless Machiney, was tested on a two-mile route in Inverness and had to be manually driven at its launch due to software issues. The project is a part of the trial for autonomous vehicles in Scotland and involves collaboration with regional transport organization Hitrans, bus giant Stagecoach, autonomous vehicle company NAVYA, Highland Council, and Inverness Campus. The bus is designed to carry passengers between Inverness Campus and Inverness Retail and Business Park, showcasing its intended support for the transportation industry.

Sources

Back to List