As an automotive system developer, you might well know the meaning of a Warning and Degradation Concept.
It describes the various ways, how any irregular and potentially hazardous behavior of the vehicle or a part of it is being handled, if it is not possible to reach a safe state within the so-called Fault Tolerant Time Interval (FTTI). This concept is defined early in system development and is covered and part of the Safety Requirement Specification. As the name indicates, the concept has two aspects how to mitigate the risk after detection of a fault:
One approach could be to reduce the functionality of the vehicle – i.e. simply shut off certain functions – in order to focus the remaining capabilities of the system to the goal of reaching a safe state. The driver should still be able to handle this situation after realizing it. The strategy that defines, which functions to shut off and which to keep alive is called the Degradation Concept.
Latest if the system itself is no longer capable to reach a safe state it has to include the driver in the mitigation loop by communicating the problem e.g by warning lamps, buzzers or other kind of indications. The related Warning Concept here considers the driver as an actor who is able to interpret these symptom, to apply human expertise and decision making and eventually bring the system under control again in order to transfer it to a safe state. Supported by specific instructions e.g. provided in a system manual, this concept should allow to avoid severe hazards.
So far the theory, well defined e.g. in the automotive safety standard ISO26262.
However, real life might look slightly different, as shown by the dashboard shown above: The picture was taken some months ago, during a trip through the beautiful West-African country of Ghana – while sitting in the second row of a bus more than fully occupied with 25+ people, going full speed uphill and downhill on narrow country-roads 😉
Not only that engine speed as well as velocity indicators were permanently showing „Zero“. Also x-many telltales were illuminated simultaneously, indicating problems with Brake, ECU, engine, ABS, ESP and more!
So the warning concept definitely was working; the degradation concept – maybe (well, better don’t think about degradations that could have happened).
Any concerned driver? – Not at all:
When asked about the meaning of the illuminated lamps, he simply responded in a typical African way: „No idea, bro! That’s normal, you know; always on!“
But one possible explanation appeared after taking a closer look at the driver’s workplace: it showed an AT mode selector and a MT gearstick, both in one vehicle!
Obviously the bus once had an automatic transmission („No, bro, not working …“), which later was replaced by (at least the mechanical part of) a manual gearshift – in a workshop somehow and somewhere …
Welcome to Africa and the cultural differences in safety engineering!
P.S.: Come back soon, there is more to report about African Automotive Engineering …