feature article
Subscribe Now

Cheat Codes for Your Car

Volkswagen’s Firmware Kerfuffle Highlights Engineering Responsibilities

“Will no one rid me of this troublesome priest?” – King Henry II [1133 – 1189], referring to Thomas Becket, Archbishop of Canterbury

In Grand Theft Auto V you can press LB, LT, RB, RT, Left, Right, Left, Right, Right to fly like Superman. Or, in Plants vs. Zombies, you can type the word “future” to give the zombies funny 3D glasses. If you enter the correct cheat code on your PlayStation 4 you can change the players’ jerseys in NBA2K14. But on a Volkswagen Jetta you just have to take it to the shop to get smog tested.

Too soon?

By now you’ve no doubt read, heard, or tweeted about Volkswagen’s massive firmware fraud. The company admitted to gaming the engine-control code in its diesel-powered cars to fake the results of government-mandated emissions tests. In brief, the cars could detect when they were being tested (as opposed to being driven on the road normally), and they would temporarily switch to a super-clean, low-emissions mode to pass the test. Once the test was over, the cars reverted back to normal mode, which could spew as much as 30 times more nitrogen oxide and other pollutants than it does during the brief test. In short, VW cheated.

To his credit, Volkswagen CEO Martin Winterkorn admitted the wrongdoing almost as soon as it came to light, and then promptly resigned. He won’t spend the rest of his life destitute, but he’ll probably never work again. Then again, the 68-year-old Winterkorn probably doesn’t need to. But the company’s stock plunged 30% in just a few days. That’s billions of dollars of other people’s money wiped out in hours, on one piece of bad software news. VW is – or at least, it was – the largest automaker in the entire world, recently surpassing Toyota, so dropping almost one-third of its market capitalization is like misplacing the entire economy of a small country. 

So the question is, what did the company’s engineers really do? Who told them to do it, and who knew about it? CEO Winterkorn says he didn’t personally know anything about the scandal, but he took the fall anyway (or was pushed out by his board of directors). Surely something as complicated as modern engine-control firmware wasn’t hacked together by one rogue programmer. Several people had to be in on it. Did they fully realize what they were doing, or were the poor coders duped into adding a suspect feature under pressure from upper management?

Was this a bottom-up idea, or a top-down diktat? In other words, did the firmware developers come up with the idea and pitch it to their bosses, who then signed off on it, or did the neckties command their minions to install the backdoor regardless of their personal feelings on the matter?

Or maybe there was a third option: maybe everyone sat around in a weekly engineering meeting and brainstormed ways to pass the increasingly stringent US emissions requirements. “If only there were some way to pass the stupid test without actually choking off the engine and losing torque…”  Everyone casts skeptical glances at everyone else. Are you thinking what I’m thinking? Sensing a twinkle in the chief programmer’s eye, the boss says, “Make it so.” Everyone has plausible deniability. Nobody actually admitted to their colleagues that they’d cheat, only that they’d find an unorthodox workaround. Meeting adjourned. Back-slaps all around. Let’s get to work. 

So far, nobody has reverse-engineered the suspect firmware, so we don’t know exactly how it sidesteps the emissions test, or even how it knows it’s being tested. As possibilities, the firmware might detect when the hood is open, the rear wheels are turning but the front ones aren’t (or vice versa, in the case of a front-drive car), the steering wheel isn’t moving, and there’s no weight in the driver’s seat. If all four conditions are true, the car is being dyno tested, not driven, and it switches to super-secret “clean mode.”

Some observers have facetiously suggested that the cars could use also their onboard GPS to tell whether they’re inside a certified testing facility, or perhaps peer through the backup camera to look for shiny testing equipment. Maybe use Bluetooth microphones to listen for American voices discussing nitrogen oxide levels? With all the sensors and processors on a modern car, the possibilities are endless – and endlessly creepy.

It’s also not entirely clear why VW felt that it needed to cheat in the first place. Its diesel-powered cars obviously can meet US emissions standards without cheating; the test results prove that. So why cheat at all? Presumably, the affected cars get better gas mileage when they’re not in clean mode, and even a small 1 or 2 MPG difference can weigh heavily on a buyer’s mind at the sales lot. Or maybe the engine loses torque in clean mode, making the cars a bit less peppy (although that’s generally not a concern for economy-minded buyers of diesel-powered cars).

Looking at it from the point of view of the developers, it’s possible they felt they were getting boxed into a corner. Government regulations, as well as corporate marketing, dictate ever-better fuel economy, lower emissions, and longer durability. Maybe it wasn’t possible to deliver all those things with traditional mechanical engineering. Maybe VW’s diesel engines just aren’t able to deliver on all three fronts without a bit of creative assistance from the firmware.

This whole escapade exhibits all the symptoms of something we talked about in June: What gets measured gets done. The US emissions tests are very specific. You hook up the car to the test equipment like this, you exercise it like that, and you look for certain results. Cut and dried, just like a good testing procedure should be. But is that what you really want to measure? The car isn’t being tested on the road in real-world conditions, so VW didn’t optimize it for those conditions. It’s designed to pass the test, which it did. That’s a success from an engineering point of view, even if VW observed the letter of the regulations while ignoring the spirit. You could even make an argument that the test itself is fatally flawed and that the engineers responsible had no other option. “The regulations made me do it.”

Somewhere in Wolfsburg is a group of firmware engineers in fear for the jobs, if not their lives. Their work cost the company CEO his career and cost VW’s investors many billions of dollars. Their employer is now under federal investigation, with potential fines and penalties that could add additional billions more to the damage. The financial loss could derail R&D projects for decades. The PR fallout could tank VW sales for years, much the same way that specious or inaccurate reports of unintended acceleration, risks of rollover, or exploding tires have damaged other automakers. But this time, VW’s malfeasance is real, not just badly researched PR spin and hype mongering. The company admitted its guilt and promised to fix nearly a half-million affected vehicles.

In a few more months, we’ll no doubt learn many of the technical details of VW’s firmware workaround. It will be an interesting bit of forensic engineering. How did the developers detect testing conditions, how did they alter the car’s behavior, and how did they manage to cover their tracks, if at all? It’s currently illegal in most countries to disassemble a car’s onboard firmware, but I bet about a thousand shade tree mechanics/programmers are doing just that right now. Let’s see what we can learn from VW’s mistakes.

Volkswagen sister company Audi’s corporate slogan is “Vorsprung durch Technik,” or “progress through technology.” Oddly, the company uses that motto worldwide, except in the United States, where it’s replaced by “Truth in Engineering.” I’ll leave you to ponder the irony. 

Leave a Reply

featured blogs
Jan 27, 2023
Wow, it's already the last Friday in January, so time for one of my monthly update posts where I cover anything that doesn't justify its own full post or which is an update to something I wrote about earlier. Automotive Security I have written about automotive secur...
Jan 26, 2023
By Slava Zhuchenya Software migration can be a dreaded endeavor, especially for electronic design automation (EDA) tools that design companies… ...
Jan 24, 2023
We explain embedded magnetoresistive random access memory (eMRAM) and its low-power SoC design applications as a non-volatile memory alternative to SRAM & Flash. The post Why Embedded MRAMs Are the Future for Advanced-Node SoCs appeared first on From Silicon To Software...
Jan 19, 2023
Are you having problems adjusting your watch strap or swapping out your watch battery? If so, I am the bearer of glad tidings....

featured video

Synopsys 224G & 112G Ethernet PHY IP OIF Interop at ECOC 2022

Sponsored by Synopsys

This Featured Video shows four demonstrations of the Synopsys 224G and 112G Ethernet PHY IP long and medium reach performance, interoperating with third-party channels and SerDes.

Learn More

featured chalk talk

Solving Design Challenges Using TI's Code Free Sensorless BLDC Motor Drivers

Sponsored by Mouser Electronics and Texas Instruments

Designing systems with Brushless DC motors can present us with a variety of difficult design challenges including motor deceleration, reliable motor startup and hardware complexity. In this episode of Chalk Talk, Vishnu Balaraj from Texas Instruments and Amelia Dalton investigate two new solutions for BLDC motor design that are code free, sensorless and easy to use. They review the features of the MCF8316A and MCT8316A motor drivers and examine how each of these solutions can make your next BLDC design easier than ever before.

Click here for more information about Texas Instruments MCF8361A Sensorless FOC 3-Phase BLDC Driver