> Microsoft wanted to handle some of the software development but when Ford asked Microsoft to sign off on some legal agreement asking MS to take any and all responsibility for things like inadvertently deploying an air bag, they backed off. ... Think about the not so long ago Toyota problem where they tried to blame floor mats for gas peddles getting stuck.
Are you saying that the navigation and entertainment system in Ford vehicles is not isolated from the critical safety systems? If that's the case I hardly think sluggish interaction is the biggest problem.
Normally they are seperated.
Safety related features run on dedicated ECUs running a real-time OS like Autosar. They are communicating via bus systems (CAN, LIN, Flexray). Even the vehicle related features on infotainment systems normally run on a dedicated CPU in the headunit (running an RTOS) which communicates with the entertainment-related CPU (running WinCE, QNX, Linux...) by IPC.
Some bad designs might neglect those guidelines and build everything in one box to save costs. However I hope that those only happens in the cheapest offerings.
However I think the discussion between Ford and MS could be more due to political reasons. Automotive OEMs like to put all risks (whether likely or unlikely) to their suppliers and make them liable. Changes from standard automotive contracts are unlikely. And MS might not be not accept such a standard contract.
>If that's the case I hardly think sluggish interaction is the biggest problem.
It is crazy because it's not as though a CAN or LIN bus is an expensive thing. It has been discussed ad nauseam that the option systems need to be segregated from the critical systems, and as far as I was aware, the entertainment / option systems were segregated.
Ford's also the company that has critical systems disable if the key is bumped out of the ignition. And then "Fixed" it by closing the hole on the keyfob so people couldn't hook more stuff on it and thus reduce the chance of it falling out.
The fact that any safety critical systems just die when the key comes out of the ignition, while moving at high speeds, is even more damning, IMO.
Oh dear, you're right, but it's too late to edit. Please downvote to hide it.
My point though is that the fact cars would be that fragile at all, that simple mistakes could disable critical systems, is bizarre. The MP3 player system should be totally unable to affect other operations, full stop. The ignition system shouldn't be able to kill power to critical systems.
Airplane passengers shouldn't be able to access flight controls.
Are you saying that the navigation and entertainment system in Ford vehicles is not isolated from the critical safety systems? If that's the case I hardly think sluggish interaction is the biggest problem.