It can be proven that several driver assistance systems reproducibly fail simultaneously and side effects lead to unwanted behavior of the vehicle. In the event of malfunctions, incorrect or illogical entries can be detected in the fault memories. Such illogical entries are present here.
It can also be proven that the vehicle has an assistance system with a function for automatic acceleration that is outside the specification. There are other assistance systems that can cause acceleration.
If a system error occurs at the wrong moment (in this case shortly before an accident), it is possible that it will not be reflected in the error memory, but may instead be masked by incorrect values.
Similarly, many of the level 2 driver assistance systems described here are not obliged to make entries in the fault memory from the outset; the functions only report within the system that they are not available.
The failure of assistance systems can even explain an incorrect detection time of the collision, which inevitably leads to subsequent errors in the interpretation of the fault memory. An automatic addition of power by an assistance system could then be interpreted as a manual application of the accelerator before the collision, when in fact the cars had already collided and several had been pushed into each other.
What all accidents have in common is that the car accelerated independently at low speeds and during braking. This can be explained by the feature update described in C46 as a function of the vehicle.
What needs to change?
In the future, the use of increasingly complex assistants will require completely different data to be collected in order to investigate accidents. The position of the sun can influence the front camera, the position of induction loops may also play a role and the status of the driver assistance systems, including resets that are currently in progress, must be stored in the accident data memory. The tests carried out by the Federal Motor Transport Authority on the accident data memory must include use cases in which malfunctions of the assistance systems are included.
In my opinion, the existing procedures for fault and accident recording have not kept pace with the growing technological advances in the vehicle sector. A half-second recording in the accident data memory matches errors caused by mechanical components. Processor units that operate in the gigahertz range and can control, accelerate and brake vehicles must also be treated as such complex systems in the event of a fault and make log and trace data available and accessible to the experts. For their part, they will need training in software in the future in order to be able to help in the event of a dispute.
The fact that not every fault is stored in the fault memory, especially in the level 2 area, is also not in keeping with the power of this system.
Of course, it is clear that the driver still has the ultimate responsibility and must be prepared to intervene. In our opinion, however, this cannot apply to (sometimes serious) system malfunctions in which the vehicle takes on a life of its own and initiates completely implausible, unpredictable driving maneuvers.