[Federal Register Volume 60, Number 232 (Monday, December 4, 1995)]
[Proposed Rules]
[Pages 62061-62064]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 95-29453]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF TRANSPORTATION
National Highway Traffic Safety Administration
49 CFR Part 571
[Docket No. 95-93; Notice 01]
RIN 2127-AF76
Federal Motor Vehicle Safety Standards; Accelerator Control
Systems
AGENCY: National Highway Traffic Safety Administration (NHTSA), DOT.
ACTION: Request for comments.
-----------------------------------------------------------------------
SUMMARY: NHTSA is considering issuing a proposal to amend the Federal
motor vehicle safety standard on accelerator control systems. The
standard was last revised in 1973, when only mechanical systems were
common on motor vehicles. In order to determine whether to propose
amending the standard to include requirements specifically tailored for
electronic accelerator control systems and to clarify possibly
ambiguous language, NHTSA poses a series of questions in this document.
NHTSA undertakes this action as part of its effort to implement the
President's Regulatory Reinvention Initiative to make regulations
easier to understand and to apply.
DATES: Comments must be received on or before February 2, 1996.
ADDRESSES: Comments must refer to the docket and notice numbers cited
at the beginning of this notice and be submitted to: Docket Section,
Room 5109, NHTSA, 400 Seventh Street SW., Washington, D.C. 20590. It is
requested, but not required, that 10 copies of the comments be
provided. The Docket Section is open on weekdays from 9:30 a.m. to 4
p.m.
FOR FURTHER INFORMATION CONTACT: For non-legal issues: Mr. Patrick
Boyd, Office of Vehicle Safety Standards, Office of Safety Performance
Standards, NHTSA, 400 Seventh Street SW., Washington, D.C. 20590. Mr.
Boyd's telephone number is (202) 366-6346, and his FAX number is (202)
366-4329.
For legal issues: Ms. Dorothy Nakama, Rulemaking Division, Office
of Chief
[[Page 62062]]
Counsel, NHTSA, 400 Seventh Street SW., Washington, D.C. 20590. Ms.
Nakama's telephone number is (202) 366-2992, and her FAX number is
(202) 366-3820. Please note that written comments should be sent to the
Docket Section rather than faxed to the above contact persons.
SUPPLEMENTARY INFORMATION:
President's Regulatory Reinvention Initiative
Pursuant to the March 4, 1995 directive ``Regulatory Reinvention
Initiative'' from the President to the heads of departments and
agencies, NHTSA undertook a review of its regulations and directives.
During the course of this review, the agency identified rules that it
could propose to eliminate as unnecessary or to amend to improve their
comprehensibility, application or appropriateness. As described below,
NHTSA has identified Federal Motor Vehicle Safety Standard (FMVSS) No.
124, Accelerator control systems, as one rule that may benefit from
amendments.
Background of Standard No. 124
Standard No. 124's purpose is to reduce deaths and injuries
resulting from loss of control of a moving vehicle's engine, due to
malfunctions in the vehicle's accelerator control system. Since 1972,
Standard No. 124 has specified requirements for ensuring the return of
a vehicle's throttle to the idle position under each of the following
two circumstances, (1) when the driver removes the actuating force
(typically, the driver's foot or cruise control) from the accelerator
control, and (2) when there is a severance or disconnection in the
accelerator control system. Standard No. 124 applies to passenger cars,
multipurpose passenger vehicles, trucks, and buses.
Paragraph S5.1 of Standard No. 124 requires that, under any load
condition, and within the time specified in S5.3, the throttle must
return to the idle position from any accelerator position or any speed
of which the engine is capable, whenever the driver removes the
actuating force. The standard defines the throttle as ``the component
of the fuel metering device that connects to the driver-operated
accelerator control system and that by input from the driver-operated
accelerator control system controls the engine speed.''
Standard No. 124 has two further requirements to provide safety in
the event of accelerator control failure. The first, specified at S5.1,
requires ``at least two sources of energy,'' each capable of returning
the throttle to idle position within the time limit for normal
operation, from any accelerator position or speed whenever the driver
removes the opposing actuating force. The second, specified at S5.2,
requires that the throttle return to idle ``whenever any one component
of the accelerator control system is disconnected or severed at a
single point'' and the driver releases the pedal.
Paragraph S5.3 requires that the throttle return to idle within 1
second for vehicles of 10,000 pounds or less gross vehicle weight
rating (GVWR) and within 2 seconds for vehicles with a GVWR greater
than 10,000. The maximum allowable time is increased to 3 seconds for
any vehicle that is exposed to ambient air at O degrees to -40 degrees
F. during the test or for any portion of a 12 hour conditioning period.
Standard No. 124 Applies to Electronic Accelerator Control Systems
When promulgated, the definitions and requirements of Standard No.
124 were easy to understand and apply because their language was
strongly influenced by the design of mechanical accelerator control
systems and because all control systems were mechanical then. The
``throttle'' of a gasoline engine was the carburetor shaft that opened
and closed the air passages in the base plate. The ``throttle'' of a
diesel engine was the control rod, or rack that controlled fuel flow to
the high pressure injectors. The two energy sources were simply two
return springs acting on the linkages and/or cables between the
accelerator pedal and the throttle. If at least one of those springs
was connected directly to the carburetor or to the diesel fuel
injection rack, it would cause the throttle to return to idle in the
event of a disconnection of the linkage. And, if the single
contemplated failure occurred at one spring, the other would permit
continued driver control.
Subsequent to the promulgation of Standard No. 124, electronic
accelerator controls with on-board computer systems were introduced on
motor vehicles. Their use is steadily increasing, especially in heavy
trucks.
The introduction of electronic systems led to questions about their
status and treatment under the Standard. Stating that some of the
language in Standard No. 124 seemed more appropriate for mechanical
accelerator control systems than for electronic ones, Isuzu Motors
America, Inc., asked the agency a variety of questions concerning
electronic systems. Its central question was whether the Standard
applies to electronic systems. In an August 8, 1988 interpretation
letter to Isuzu, NHTSA stated that the Standard does apply to
electronic accelerator control systems. Among its other questions,
Isuzu asked whether a severance in electric wires in its electronic
accelerator control system is a severance within the meaning of S5.2 of
Standard No. 124. Isuzu expressed its belief that because the electric
wires were not a ``moving part,'' the answer should be ``no.'' NHTSA
disagreed.
It interpreted Standard No. 124's requirement that the throttle
return to idle ``whenever any one component of the accelerator control
system is disconnected or severed at a single point,'' to include all
severances or disconnections of any component of the accelerator
control system as within the standard, not just disconnections of
moving parts.
Need To Amend Standard No. 124
Most accelerator linkages on the largest classes of trucks (i.e.,
those over 33,001 lbs. GVWR) are now electronic. A mechanical
accelerator linkage controlling a fuel rack (i.e., a device that
controls fuel flow to the high pressure injectors) is now rare on the
largest classes of trucks. Most of today's heavy diesel trucks have no
mechanical connection between the accelerator pedal and the throttle.
Although the agency has been issuing interpretations about the
Standard's application to electronic accelerator control systems for
the last seven years, the flow of interpretation requests remains
unabated. Manufacturers continue to ask the basic question of whether
the Standard applies to electronic accelerator control systems. One
correspondent presumed that since those systems do not include springs
and linkages, as described in Standard No. 124, electronic accelerator
controls are not regulated. Another asked for a legal interpretation of
``throttle,'' as applied to electronic accelerator control systems.
Other correspondents have understood Standard No. 124 to mean simply
that two return springs should be placed on the treadle assembly. In
response, the agency has recited in its interpretation letters the
requirement that the sources of energy must be capable of returning the
throttle to idle in the event of a single severance or disconnection.
The correspondents did not submit sufficient information to enable the
agency to determine whether the proper mechanical operation of the
treadle was sufficient to assure return to idle in the event of an
electrical severance.
NHTSA notes that although the use of two springs on the treadle
assembly may
[[Page 62063]]
represent good treadle design, it does not intrinsically overcome a
disconnection anywhere within an electronic accelerator control system.
Thus, good treadle design does not provide an electronic accelerator
control system with the same degree of fail-safe operation provided a
mechanical system by redundant return springs on a traditional fuel
control rack. Those springs on a traditional rack could overcome an
accelerator control disconnection and return the throttle to idle.
Further, providing good treadle design does not solve the problem of
single point disconnection in electronic systems which now would
include connectors, wires, computer components and possibly even
software elements. Even parties recognizing the analogy between wire
severance and linkage severance have asked whether the standard applies
to subsequent short circuits as well as open disconnections.
NHTSA believes that the volume of requests for interpretation might
be reduced if, instead of answering these questions by drawing
analogies between traditional mechanical components and new electronic
systems, it amended the Standard to include provisions and language
specifically tailored to electronic systems. There are limitations to
the agency's ability to make regulatory language, which reflects the
design of mechanical systems, serve the purpose of regulating both
mechanical and electronic systems. NHTSA also believes that amending
the Standard not only to update it, but also possibly to redefine what
constitutes fail safe operation might give manufacturers more
flexibility in designing electronic systems and enable the agency to
better ensure that electronic systems function safely. In order to do
this, the agency must identify the most common predictable failures for
electronic systems and ascertain the most appropriate response to those
failures.
NHTSA is also concerned that regulating electronic systems by
drawing analogies to mechanical systems may have the effect of limiting
the permissible responses to failures in electronic systems to the
fail-safe modes of mechanical systems. At present, the failure modes
(i.e., disconnection and severance) specified in Standard No. 124 are
the predictable failure modes of a mechanical system. The agency
believes that the regulation of electronic systems in a manner tailored
to them can be beneficial to manufacturers, vehicle users, and the
public. For example, with electronic systems, there may be failure
modes in which it is wiser to either shut down the engine or to provide
for a fail-safe mode in which the engine has just enough power to
permit the vehicle to be driven to the side of the road, than to
require that the engine be returned to idle. Since such choices were
not feasible with mechanical controls, they were not included in
Standard No. 124.
Through this request for comments, NHTSA wishes to determine
whether it can propose amendments which identify the predictable
failure modes of electronic systems and specify an acceptable safe
response for each mode.
Normal v. Failure Modes
On many trucks, locking hand controls are necessary for the
operation of engine-driven vocational equipment, i.e., work-performing
equipment such as garbage compactors or cement mixers, when the vehicle
is parked. Similar locking hand controls are also provided to
facilitate engine warm-up. Obviously, locking hand controls can be
thought of as preventing the return to normal idle speed when the
accelerator pedal is released (defined in the Standard as a failure).
Several requests for interpretation have resulted. However, locking
hand controls do not affect highway safety because the locking controls
are not meant to be used to drive vehicles. Explicit specification in
the standard of what is or is not permissible with respect to the
operation of locking hand controls could eliminate a source of
ambiguity.
Likewise, the lack of absolute repeatability in the normal
operation of some electronic accelerator controls results in the return
to a range of idle speeds instead of a single idle speed. While this
range is narrow enough to permit safe operation of a vehicle, the
return to a range of speeds instead of a single speed nevertheless
introduces questions about whether a range is narrow enough to be
regarded as complying with the requirements of the standard for return
to idle speed. A revision of the standard offers an opportunity to
adopt language that distinguishes between normal safe characteristics
of accelerator controls and instances of failure.
Questions for Comment
In order to determine whether the agency should propose to amend
Standard No. 124 and to obtain a better idea of technology that is
presently available, NHTSA asks the following questions to clarify
engineering issues. Sections A and B apply to electronic systems only.
Sections C, D, E and F are of general applicability.
A. Industry Consensus
The Society of Automotive Engineers (SAE) has developed recommended
practices for electronic signal interfaces for heavy diesel vehicle
engine control processors and for some aspects of accelerator pedal
position sensor performance. The SAE's recommended practice specifies
that the accelerator position sensor (APS) assembly shall comply with
all appropriate Federal motor vehicle safety standards.
A1. Has the SAE or other industry consensus standards organizations
considered fail-safe provisions for electronic accelerator controls? Is
there industry agreement (informal or formal) concerning what fail-safe
provisions should be adopted for electronic accelerator control
systems?
A2. What fail-safe strategies are now being employed by vehicle and
component manufacturers?
B. Technical Considerations of a Fail-Safe Electronic Accelerator
Control System
NHTSA believes that the potential points of failure of an
electronic accelerator control system are:
--the mechanical linkage and return springs between the pedal and the
accelerator position sensor (APS);
--the electrical connections between the APS and the engine control
processor;
--the electrical connections between the engine control processor and
other critical sensors;
--the electrical connections between the engine control processor and
fuel or air metering devices which determine engine speed;
--power to the engine control processor, the APS and critical sensors;
and
--the integrity of the engine control processor, APS, and other
critical sensors.
A single point disconnection would mean the severance of a single
wire or the disconnection of all the terminals housed in a single
connector. The consequences both of an open circuit or a short circuit
would ordinarily be relevant, but NHTSA does not exclude the
possibility that some designs could prevent either a short circuit or
an open circuit in the event of a disconnection. Critical sensors are
those whose malfunction or disconnection could cause a significant
uncontrolled engine overspeed. The agency is not aware that sensors
other than the APS are critical in a safety sense.
With this background, NHTSA asks the following questions:
B1. Are there other predictable points of failure of an electronic
control system?
[[Page 62064]]
B2. Are sensors other than the APS critical to safety on either
gasoline or diesel engines?
B3. Are engine development trends pushing other sensors toward
safety critical operation (i.e., to become a sensor whose malfunction
or disconnection could cause a significant uncontrolled engine
overspeed)?
B4. Is it practical (from an engineering standpoint) to expect a
fail-safe design of a unitary electronic accelerator control system,
even in the limited sense of ensuring fail-safe performance in the case
of single point failures at predictable locations? Would it be more
practical (and still meet the need for safety) to use a redundant,
simplified APS and engine controller, active only at the idle position
of the pedal? Is the use of redundant systems more practical than a
single system to achieve fail-safe performance?
B5. Do any currently produced vehicles with electronic accelerator
control systems use redundancy to achieve fail-safe operation?
C. Vehicle Drive Functions v. Vocational Functions
NHTSA legal interpretations regarding hand throttle controls view
their operation as setting a new idle speed to which the throttle
should return in the prescribed time limits ``upon release of the
driver-operated accelerator control system.'' This view is accurate for
traditional ``fast idle'' setting devices for cold engine operation.
But, it may also have resulted in interpretations that do not
distinguish between accelerator control systems that drive the vehicle,
and auxiliary accelerator controls meant to allow the operation of
vocational equipment (such as the compactor on a garbage truck) on a
parked vehicle.
C1. How is the cold engine fast idle function accomplished with
electronic accelerator controls?
C2. How is the engine of a parked vehicle held at the appropriate
speed to operate vocational equipment when the vehicle is equipped with
an electronic accelerator control system?
C3. Is there a general way to distinguish between accelerator
controls affecting the driving of the vehicle and those affecting only
the vehicle's operation as a power source for vocational equipment,
presumably without effect on highway safety?
D. Initial Idle Speed
Manufacturers have been concerned with the question of how
consistently a vehicle's engine must return to exactly the same idle
speed to meet Standard No. 124. Apparently, the resolution and
hysteresis of the various sensors and the discrete nature of digital
systems create idle speed variations that do not in any way indicate
failure.
D1. Would it be practical to designate a range about a vehicle's
initial idle speed to clarify the difference between normal and
abnormal performance of an accelerator control system? Please describe
the desirable extent of such a range and provide a rationale for that
range.
E. Public Technical Meeting
NHTSA believes that the development of any proposal to amend
Standard No. 124 may benefit from a direct, oral exchange of ideas
among NHTSA, vehicle manufacturers, and other affected parties.
Reliance solely on written public comments may not be the most
effective means of assessing the appropriate steps for ensuring the
safe operation of electronic accelerator control systems.
E1. Once the agency has analyzed the written comments submitted in
response to this document, should it hold a public technical meeting to
discuss possible proposals for amending the Standard No. 124? If so, on
which issues should such a public technical meeting focus?
F. Other Issues
F1. Should the agency propose to amend Standard No. 124 in any
other respect that has not been discussed above? If so, please describe
how the agency should propose to amend the Standard, and provide a
rationale for the recommended change.
Rulemaking Analyses and Notices
1. Executive Order 12866 and DOT Regulatory Policies and Procedures
This request for comment was not reviewed under Executive Order
12866 (Regulatory Planning and Review). NHTSA has analyzed the impact
of this request for comment and determined that it is not
``significant'' within the meaning of the Department of
Transportation's regulatory policies and procedures. The agency
anticipates if a proposal and ultimately a final rule should result
from this request for comment, new requirements would not be imposed on
manufacturers with respect to the currently regulated systems. The
request for comment seeks to find cost effective means to make Standard
No. 124 more understandable when applied to electronic accelerator
control systems. If NHTSA decides to initiate rulemaking, it is NHTSA's
intent that the rulemaking not impose any additional costs.
Procedures for Filing Comments
Interested persons are invited to submit comments on this request
for comment. It is requested but not required that 10 copies be
submitted.
All comments must not exceed 15 pages in length. (49 CFR 553.21).
Necessary attachments may be appended to these submissions without
regard to the 15-page limit. This limitation is intended to encourage
commenters to detail their primary arguments in a concise fashion.
If a commenter wishes to submit certain information under a claim
of confidentiality, three copies of the complete submission, including
purportedly confidential business information, should be submitted to
the Chief Counsel, NHTSA, at the street address given above, and seven
copies from which the purportedly confidential information has been
deleted should be submitted to the Docket Section. A request for
confidentiality should be accompanied by a cover letter setting forth
the information specified in the agency's confidential business
information regulation. 49 CFR part 512.
All comments received before the close of business on the comment
closing date indicated above for the proposal will be considered, and
will be available for examination in the docket at the above address
both before and after that date. To the extent possible, comments filed
after the closing date will also be considered. Comments received after
the comment due date will be considered as suggestions for any future
rulemaking action. Comments on the request for comment will be
available for inspection in the docket. The NHTSA will continue to file
relevant information as it becomes available in the docket after the
closing date, and it is recommended that interested persons continue to
examine the docket for new material.
Those persons desiring to be notified upon receipt of their
comments in the rules docket should enclose a self-addressed, stamped
postcard in the envelope with their comments. Upon receiving the
comments, the docket supervisor will return the postcard by mail.
Authority: 49 U.S.C. 322, 30111, 30115, 30117, and 30166;
delegation of authority at 49 CFR 1.50.
Issued on: November 28, 1995.
Barry Felrice,
Associate Administrator for Safety Performance Standards.
[FR Doc. 95-29453 Filed 12-1-95; 8:45 am]
BILLING CODE 4910-59-P
