If you haven’t heard about VW’s cheating diesel cars, here’s a link.
In a nutshell, the engine management software was programmed to change the performance (and emissions) of the engine if it detected that it was on a dynamometer, and therefore likely having it’s emissions checked. The engine would then revert to it’s standard, way out of spec polluting mode when on a normal road.
There are millions of polluting cars on the road thanks to this behavior, from VW and from other manufacturers VW supplies. Due to the grand scope of this issue, VW themselves have described this event as “existence threatening.”
In this case, it’s fairly clear that this functionality was introduced intentionally – but it very easily could have been a defect. Regardless of intent, this behavior was enabled by the engine management computer knowing the wheel speed of the *unpowered rear wheels* – something that really has nothing to do with keeping the engine running.
This is a great example of chapter 3. If the functions that managed the engine were only aware of engine states, the possibility of a defect (or in this case, a ‘defeat device’) causing unexpected behavior goes away.
Keep your functions empty minded, and give them only what they need.