Yep, nobody can be everywhere, but one sort of gets an idea of the complexity of the design (especially if one's life has been spent in similar systems of high complexity). This is not a new problem. To put it in perspective how does the complexity of Prius System and any other DBW design compare to the design and testability required to build an Intel Core 7 processor with high yield and reliability containing 731,000,000 transistors? or NVIDIAs GPU processor with 1.4 billion transistors? or IBM Blue Gene Supercomputer with up to 16 cabinets, with each cabinet containing holding 1,024 compute nodes.
The DA systems behind these complex products would be above all things, the most interesting to see first hand, but understandable that this has alway been the most guarded of intellectual property.
Although there are a lot of specifics marked as proprietary and not disclosed in FSM Volumes 1 through 4 approximately 5000 pages for the Prius (my 19 pound collection of volumes only for the 2006 model, sorry), does remarkably disclose a tremendous amount of information on the monitor strategy, enabling conditions, malfunction thresholds, and fail safes in the system. I find the 471 page ES (Engine Control System) section in Volume 1 a particularly interesting read and also the 569 page HV section (hybrid control) in volume 2. btw I count 5 major processors on the BEAN bus and another 5 on the CAN, but I guess that depends on the defintion of major versus minor. Anybody can buy these documents for about $610.22 including tax and shipping :<)
The Oak Ridge National Lab tear down study published about 4 years is quite revealing on the electro-mechanicals but doesn't touch upon control except in the most basic aspect.
One of Toyota's patent descriptions on the power demand/energy storage/control algorithms is 92 pages long, and a good concept description. Compare to most, 4-5 concept pages seems typical.
I agree RTOS systems aren't so simple, nor are they the only technique, many favor Finite State machines implemented in program logic arrays as a simpler more verifyable design. Interesting to read a bit on Wind River Systems development of the Common Core System for the Boeings 7E7 Dreamliner and here on some of the work going on.
So far as the "must be EM theory", I think the level of discussion in this engineering forum could be more fruitful if it evolved more toward specifics on the standards and test practices and whether they are adequate. Anybody close to and a bit more up to date on the list of generally used automotive EMC/EMI standards and test practices than below?
CISPR 12 IEC Global X Radiated emissions and immunity 2001
CISPR 25 IEC Global X Radiated immunity 2002
ISO 7637 ISO Global X Transient immunity 2002
ISO 10605 ISO Global X X ESD 2001
ISO 11451 ISO Global X Radiated immunity 2001
ISO 11452 ISO Global X Radiated immunity 2002
SAE J551 SAE North America X Radiated emissions and immunity 1995
SAE J1113 SAE North America X Radiated emissions and immunity 1995
How would these or current standards compare for example to the applicable sections of Mil 461-E? or the standards that were used to test the Boeing 757 FBW and documented in the NASA/LLNL FBL/PBW Program Boeing 757 HIRF Test Plan?
The latter is not so out of line as cars driven in close proximity to some of the ground facilities used in testing the 757 e.g. Greenville, NC VOA station or Wallops Island Delaware or similar facilities could receive similar exposure levels..
I guess a major point of this post is a lot of what is being put in vehicles these days and seen with controversy has a very long predecessor history in related fields. And in engineering, many times the answers can be found outside one's own sandbox.
