The recent news of the Volkswagen “Diesel-gate” cover-up sent another shockwave through the auto industry. The Volkswagen scandal is a culmination of the efforts and practices the company began or continued to engage in when it set the goal of surpassing Toyota as the world’s number one automaker. Volkswagen did, indeed, announced that it had surpassed Toyota only in July of this year. But by September, questions regarding VW’s use of a defeat device to meet emissions standards could no longer be ignored.
The revelation that VW cheated on emissions tests by rigging the car’s computer with a defeat device to detect when it was being emissions-tested opens a new and even more troubling chapter in the recent spate of car and auto parts recall. While the serious auto recalls of 2014 & 2015 occurred due to inaction and purported failures in “connecting the dots” regarding consumer complaints and evidence of the defect, this Volkswagen defect provides clear proof of intent and active steps to subvert the regulatory regime that ensures vehicles are capable of what the manufacturer purports. Unfortunately, there is no reason as to why the same intent could not be applied to vehicle safety testing rather than emissions testing.
To get a better understanding of the defects and glitches that have rocked the auto industry in recent years and the practices that allowed them to develop, we will analyze three of the largest recalls in history – with all three of these auto defect scandals occurring recently within the past decade.
#1: Toyota Unintended Acceleration Defect
Toyota’s sudden unintended acceleration defect (SUA) was present in Toyota and Lexus vehicles produced from roughly 2000 to 2010. While an investigation into the problem was first opened in 2004, federal regulators failed to connect the dots and the investigation was closed by NHTSA’s ODI. The defect was not conclusively discovered until 2008 when it became apparent that upholstery in the 2004 Sienna minivan could cause the gas pedal to become stuck in an accelerating position. Furthermore, despite Toyota’s assurances to the contrary, it was later discovered that problems existed in the vehicle’s electronic control systems. In all, the defect caused at least 89 deaths and 52 injuries. For the safety defect and Toyota’s efforts in concealing the problem, the company was fined $1.2 billion as part of a deferred prosecution agreement.
The company’s knowledge of not one, but two causes of this defect and subsequent inaction coupled with the high death and injury toll make the Toyota SUA defect particularly appalling.
#2: GM Ignition Switch Defect
The GM ignition switch issue has been widely covered in the media since February of 2014 when GM first recalled 800,000 affected vehicles. The defect centers around ignition switches installed in numerous popular cars, trucks, and SUVs that required only small amounts of torque to move out of the active position. In fact, something as insignificant as a heavier than average keychain and a slight bump in the road could cause the defect to activate. When the defect occurred, an array of effects could occur including the loss of power to the vehicle, loss of steering, and deactivation of airbags. In short, the defect increased the chances of a loss of vehicle control leading to an accident. Furthermore, the loss of key safety features due to the defect generally made the consequences of crashes more severe.
But what makes this defect particularly shocking are the number of missed opportunities that GM had to catch it. GM first detected the defect back in 2001 during Saturn Ion testing. In 2003, a GM technician again observed the glitch in a stalling Ion and identified a heavy keyring as a problem. In 2004, GM again recognized the defect as the company transitioned from the Cavalier to the Cobalt. In 2005, a proposal to fix the defect was rejected due to cost and time concerns. In 2005, GM issued a safety bulletin regarding the problem but fails to issue a recall. More chances to catch and address the problem existed, but the point is clear that GM missed numerous opportunities to catch the defect and to save lives.
The more than a decade delay in action by GM contributed to the confirmed 124 vehicle defect deaths. Also at fault is NHTSA who had information about GM’s faulty ignition switches as far back as 2007. However, until 2014 the agency deferred to the company it was supposed to regulate allowing a defect to fester and grow until it became a crisis.
#2: Takata Airbag Defect
The Takata airbag defect is also particularly appalling due to its legal strategy of individual settlements and the company’s refusal to admit that problems with its airbag inflators existed for months despite clear evidence to the contrary.
The glitch is chemically complex, but the mechanism of injury is quite simple. The inflators in many Takata airbags use an ammonium nitrate propellant that can deploy with excessive force send fragments of metal shrapnel into the face and neck of the vehicle occupants. The defect can be traced back to Takata’s decision to replace its more exotic or novel propellants with ammonium nitrate – a substance commonly used in demolitions – due to cost concerns. Ammonium nitrate is known to have phase change problems making the inflators prone to exploding with too much force – a characteristic that is exacerbated in high humidity environments. In fact, the original recall was limited to only high-humidity environments but at NHTSA urging and over the objections of Takata, it has since been expanded nationwide.
The defect affects many popular makes and models including Honda, Toyota, Nissan, and Chrysler. Six deaths and at least 30 injuries have been attributed to the inflator problem. More than 17 million vehicles in the United States have already been recalled.
#4: The VW Defeat Device
This instance of the use of a defeat device involved the emissions testing of a vehicle. However, one could easily imagine a scenario where active and calculated steps by a manufacturer to defeat government tests is used to conceal safety defects. Consider vehicle computers that can detect that the car is in a testing environment and can:
Ensure that all airbags in a vehicle deploy upon impact despite problems with certain airbag sensors failing to activate.
Be programmed to anticipate the standard testing criteria and cause the car to brake fractions of a second earlier thereby reducing the speed the impact occurs at and improving the apparent safety of the vehicle.
Place the vehicle into a mode that is particularly effective for the test at hand but impractical for everyday driving.
In short, VW’s Emission-gate is yet another sign that computerized cars can have significant drawbacks. Perhaps one of the largest downsides to these vehicles is the fact that parts manufacturers may be able to use software to mask deficiencies and problems with parts. Automakers, in turn, can also use software to fool government regulators and create public perceptions regarding a make or model that diverge from reality. This doesn’t even account for the malfeasance that can be wrought by sophisticated hackers using little more than a computer and an internet connection. In fact, GM recently released a patch to fix a full-takeover hack found in its OnStar onboard system – five years after its discovery.
#5: GM took 5 Years to Fix Full Control Hack In Millions of Vehicles Equipped with OnStar
Back in 2013, people first sounded the alarm concerning the potential hacking of new vehicles with complex computerized systems after security expert Chris Valasek seized control of a Toyota Prius using a tethered (wired) exploit. At the time, auto manufacturers and other dismissed the hack because it could only be carried out with a laptop attached to the vehicle.
But, in 2014, at the annual Black Hat security conference, Valasek and fellow security researcher Charlie Miller demonstrated an exploit that could function without a physical connection to the car over the Bluetooth or WiFi interface. At the time we speculated that with the increasing prevalence of WiFi and Bluetooth in vehicles and the announcement of cellular 4g LTE radios in vehicles, such as OnStar 4g LTE, that 2015 could be the year where wireless vehicle hacking goes mainstream.
However, recently revealed information shows that remote vehicle hacking has progressed even more quickly than we initially believed from the demonstrations provided by Valasek and Miller. In fact, a functional remote control hack of GM vehicles was developed and disclosed to GM back in 2009. Despite having knowledge of the hack for more than five years, GM only recently took effective action to address it. All previous attempts were insufficient and did not prevent the remote seizing of vehicle control from the driver. The researchers from the University of California at San Diego and the University of Washington also state that they informed NHTSA in 2009.
The hack was tested on a 2009 GM Chevy Impala, but it should work on vehicles with similar hardware where the OnStar system functions over a Verizon CDMA voice network. OnStar systems that use this network type operate in a fashion not completely different from an analog modem that listens for a certain tone to negotiate connection. The system was designed in this fashion since, in 2009 and earlier, Verizon’s voice network had a much larger footprint than its data network. By reverse engineering the communications protocol and simulating this tone, a remote hacker could begin to gain control of the car eventually taking control of the CAN bus.
The hack was essentially a full-takeover of the vehicle. The hack could track vehicles, engage the brakes, and disable the brakes. In short and without belaboring the point, the exploit could accomplish everything that Valasek & Miller’s exploit could. According to one researcher who worked on the project, “We basically had complete control of the car except the steering.”
Due to their knowledge, experience, and watching GM attempt to address their problem the security researchers state that GM was not negligent or asleep at the switch while a serious safety problem existed in its vehicles. Rather, the researchers believe that GM and other companies simply were not prepared and did not have the institutional knowledge and experience to handle these challenges. They believe that many automakers still lack this critical ability.
Finally, in early 2015, GM apparently developed a fix that would prevent this hack from seizing full control over a vulnerable vehicle. However, the problem with older OnStar models is that there is no over-the-air (OTA) update functionality. Any software fix would have likely required a recall. Thus GM developed a method to remotely hack its customer’s vehicles to enable an OTA update feature. According to Jeff Massimilla, chief security officer for GM, “We provided a software update over the air that allowed us to remediate the vulnerability.”
Mr. Massimilla admits that “Five years ago, the organization was not structured optimally to fully address the concern.” However, he believes that GM is now positioned to respond swiftly and diligently to emerging cybersecurity threats. However, the proof will be in the results. While GM’s fairly rapid recent fix for an exploit found in its iPhone OnStar app is encouraging, but the true test will come when we see the company’s response to the next 0-day exploit – and hopefully that exploit won’t be a 0-day public release.
Injured by a Defective Vehicle?
If you have suffered a serious, life-altering injury due to a defective car, truck, or SUV the experienced product defect attorneys of The Reiff Law Firm can fight for you. Whether the defect is a low-tech mechanical problem or a high-tech software glitch, we can fight for the compensation you need to cover your medical bills and other expenses. To schedule a no-cost, private initial consultation contact our experienced legal team today by calling (215) 709-6940 today.