On 3/7/13 11:27 AM, Nancy Leveson wrote:
> It did happen 20 years ago. Remember the Audi experience in the 90's?

Yes, I do. I used it as an example in a talk I gave on a hazard analysis of charging electric road vehicles last year, to point out to engineers why we need to perform a hazard analysis of new public procedures involving potentially dangerous processes such as grid-electricity and ultra-high-capacity batteries in objects in public space which can move relative to one another. The car companies apparently hated that suggestion :-(

Those Audi 5000 incidents were allegedly about people using the brake pedal on a stationary car and having the car accelerate instead, and then hit people and things within a couple of seconds. The NTSB investigated and found nothing technically amiss (which of course doesn't mean that there wasn't something that was overlooked).

These incidents are different. They concern events that persist over minutes to hours during which the victim is often in communication with emergency services using a mobile telephone. Presumably those services could say "put the brakes full on; the car will gradually stop" or "turn off the ignition" or "force it out of gear / force the automatic-shift lever into "Park". In some cases, the emergency services have even had time to call up mechanics familiar with the vehicle and solicit their advice.

> This particular case is a little suspect although I don't doubt most of them.

I haven't looked at the video.

