Toyota's decision to suspend sales and production of some of its best-selling models in the U.S., after a series of sudden acceleration accidents, deserves applause. But it also raises a question. How could such bad things happen to a brand once a watchword for quality control?

The writer William Langewiesche recently upset some readers with his praise for the automated flight control technology of the Airbus 320--and his belief that the engineer, ace pilot, and Airbus executive Bernard Ziegler, responsible for its design, should share credit with the captain of US Airways Flight 1549, Chesley Sullenberger III, for its miraculous landing in the Hudson early last year.

But if fly-by-wire, as the Airbus electronic system is called, is such a safety milestone, why does there seem to be a problem with drive-by-wire? In November, the Los Angeles Times reported:
 

Unlike mechanical systems, electronic throttles--which have the look and feel of traditional gas pedals--are vulnerable to software glitches, manufacturing defects and electronic interference that could cause sudden acceleration, they say.

"With the electronic throttle, the driver is not really in control of the engine," said Antony Anderson, a Britain-based electrical engineering consultant who investigates electrical failures and has testified in sudden-acceleration lawsuits. "You are telling the computer, will you please move the throttle to a certain level, and the computer decides if it will obey you."

Why electronic throttle control in the first place? According to the LA Times, it's economics: "cheaper to install." Other sources disagree, and manufacturers probably aren't releasing actual cost data. But even if it costs more, it's a mark of the power of Moore's Law that it's now competitive to manufacture and install a pedal position sensor, an electronic control module, a throttle position sensor, a throttle control motor, and all the connecting electric wiring versus using a conventional steel cable.

The continuing mystery of sudden acceleration is a familiar technological problem. As systems become more complex electronically, they can be more efficient to manufacture. Standardization of parts across models, adopted at Toyota and other companies, saves even more money. But it also raises the stakes. In the absence of expensive multiple computers of different design checking on each other's results, an electronic or electronic-mechanical system may fail more catastrophically. And without a log or black box like those on airlines, diagnosis can be challenging. Where software bugs can be actuated by user error, results can be tragic, as allegedly in some radiation therapy X-rays. In driving and cancer therapy, normal operation is better with advanced computer-control and there are fewer problems, but when they do happen, they are more severe. Some safety experts call the sinking of the Andrea Doria in 1956 "the world's first radar-assisted collision."

One question remains. If malfunction of a single electronic-mechanical subsystem can shut down much of a world leader, how can we test the safety of tomorrow's "intelligent vehicles?"

Photo credit: danielctw/flickr