Tesla vs Safety Engineering

Yesterday came news of the unfortunate death of a driver in a Tesla which backed into a pond, whereupon the power cut making the doors unable to open and the windows essentially unbreakable. How many things went wrong here, and who could have foreseen this?

Inscrutable Safety Features Cost Lives

As reported by numerous outlets, CNN confirms ^[1] the death of Angela Chao in a drowning accident with her Tesla Model X SUV.

It’s always sad when someone is hurt or killed. Even more so when, as here, the death is from a probably-preventable accident. But in some ways what makes me saddest is that people are paying attention because of social status: Angela Chao is (a) very rich as the CEO of a large shipping concern, and (b) the sister of Elaine Chao, Trump’s former Secretary of Transportation & spouse of Republican Majority Leader Sen. Mitch McConnell. Her connections via economic power of the shipping company she owns, her wealth, and her connection to fame & political power drive the coverage.

It is a singularly damning fact of our times that we pay attention to the misfortunes of the rich, powerful, and famous over those of… well, everyone else.

Still… let’s try to get past the gag factor of our fascination with the dominance hierarchy of wealth, power and fame. What happened, and what are the parts that went wrong?

What Happened?

Chao was on her ranch in central Texas, far from emergency help. She was momentarily confused by the touch screen controls for the Tesla gears, and backed up instead of going forward in a 3-point turn. This backed her car into a pond, to the point it began to submerge. The power cut, the doors would not open (and were under external water pressure anyway), and the laminate glass is near-impossible to break. She was able to phone a friend for help, but it took 24 minutes to arrive. After being underwater for an hour, her body was retrieved, but could not be resuscitated.

What Went Wrong?

Several things came together in lethal fashion:

• She was far from first responders.
• She was confused by the touch screen, as had apparently happened before, and shifted to reverse accidentally.
• The pond embankment was too easy to go over in a car, apparently without a retaining wall.
• Without power, the Tesla doors could only be opened manually from the inside, which is quite an obscure procedure (q.v.) only for those who have thoroughly read their car’s operating manual. (Most of us do not do that.)
• The doors were under high pressure from the outside water, and even if released, would have been difficult for a small-ish Asian woman to push open.
• The laminate glass is almost impossible to break, especially without tools, in a cramped space, and underwater.

Once we make the fatal mistake of using a touch screen, that initial error is is the root of an inevitable cascade of further errors. It is not only inevitable, it had already happened a couple of times to Chao going inadvertently into reverse. After that, everything else cascaded to make it impossible to escape and impossible to be rescued in time.

What Did Tesla Think Should Have Happened?

The Model X Owner’s Manual ^[2] does have a procedure for opening a door from inside, to escape a car that has no power, as shown here:

• Front Door: Without any visible indicators for guidance, one must pull up something on the front of the switch group you normally use. This apparently unlocks the door so you can push it open… except for the pressure of the water on the other side. (Oddly, this trick also apparently works if the car is moving, so maybe not something to teach your kids?)
• Rear Door: Again without any visible indicators for guidance, one must partly disassemble the finish of the door by removing a speaker grille and then pulling on an unmarked wire. Amusingly, if there’s power to the car, it will apparently warn you that doing this may damage the car’s trim.

Here’s a YouTube video explaining the same thing, though apparently in a slightly different model.

Keep in mind that these procedures are (a) pretty obscure, beyond what ordinary drivers are going to bother learning, and (b) something you must do under severe circumstances like a car that’s on fire, or sinking in a lake and filling with water, or in complete darkness.

This is not Safety Engineering. This is engineering without any consideration of how human factors impact safety. In other words, an accident waiting to happen.

I wonder how many times something like this has already happened, but we’re just hearing about it now because our media obsesses almost exclusively with the welfare of rich, powerful, and famous people?

Haven’t We Been Here Before?

Now, something about this bugged me, beyond the macabre nature of the death and the tiresome obsession with the status and dominance hierarchy. I was sure I’d heard something like this before.

It took a bit of digging, and it wasn’t about Teslas, or cars at all. It was about a US Navy destroyer, The USS John S. McCain, as summarized here in an article on Pro Publica after 2 years of research. ^[3]

Now, a naval destroyer is a bit of a step up in size from a car, even if the care is a “land barge” SUV. But the fault is similar: a desire to use the latest tech had the McCain’s throttle and rudder control done by touch screen. Apparently the software wasn’t exactly beloved by the sailors, but more importantly there’s no physical feedback from a touch screen compared to a wheel or a lever.

And so, on 2017-Aug-21, the McCain collided with a 30,000 ton Liberian flagged oil tanker. Ten Navy sailors died, though apparently there were no casualties on the tanker. It was the Navy’s worst accident in 40 years.

One report blamed “training”, but in fact one really shouldn’t have to train people not to do things that the equipment begs them to do. Far better to remove the problem in the first place, with equipment that makes accidents more difficult to happen in the first place. The NTSB report ^[4] finally admitted this:

“The design of the John S McCain’s touch-screen steering and thrust control system, increased the likelihood of the operator errors that led to the collision.”

So the Navy blamed the crew and their training, while the NTSB blamed the controls. Sailors were punished for failing to master the steering system that they admitted was flawed in the first place and which the Navy admitted it didn’t understand either.

So now they’re going back to physical throttles and simplified touch screens on 32 destroyers over the next 7 years.

Now, you might regard that as just a horrible coincidence. But would it change your mind to learn that a similar accident happened 2 months earlier? The USS Fitzgerald collided with a tanker off the coast of Japan, killing 7.

The Weekend Conclusion

Normally I’m reluctant to wag a finger and say “you should have known” at the engineers of equipment involved in accidents. People are pretty creative about the ways they cause accidents!

But given that similar accidents had happened multiple times in the Navy, shouldn’t Tesla have noticed that fact and learned a bit about the value of physical controls?

I’m not claiming they should be legally liable – nobody should take any legal opinion from me under any circumstance – but I am saying it fits a pattern of being high-tech just for coolness, rather than functionality or safety.

Maybe don’t do that?

(Ceterum censeo, Trump incarcerandam esse.)

---

Notes & References

1: C Boyette & R Riess, “Shipping CEO Angela Chao, sister of former Cabinet member Elaine Chao, died after car became submerged in pond, WSJ reports”, CNN Business, 2024-Mar-10. ↩

2: Tesla Staff, “Opening Doors with No Power”, Tesla Model X Owner’s Manual, retrieved 2024-Mar-10. ↩

3: TC Miller, et al., “Collision Course”, Pro Publica, 2019-Dec-20. ↩

4: NTSB Staff, “Collision between US Navy Destroyer John S McCain and Tanker Alnic MC Singapore Strait, 5 Miles Northeast of Horsburgh Lighthouse August 21, 2017”, Marine Accident Report NTSB/MAR-19/01, PB2019-100970, 2017-Aug-21. ↩