Log Reliability & Automotive Data Recorders

When are logs reliable?

Toyota's official answer seems to be either "It depends" or "The data retrieved from the EDR is far from reliable", unless the data exonerates them, in which case "the EDR information obtained in those specific incidents is accurate".

There’s got to be a blog post somewhere in that.

Accuracy: 
  • Did the log record what actually happened. Did the log record when something actually happened?
  • Do the logs represent the events in the order that they occurred?
  • Are the time stamps accurate? 
Time syncing all you systems is fundamental, obvious and a best practice for the last fifteen years or so, but unless you log time sync failures, you don't necessarily know if the time stamp on a logs is accurate. I like syslog capable systems that time stamp the logs at the source and syslog servers that time stamp them again as they are caught and written. That helps verify the accuracy of time stamps.

Completeness: 
  • Are there gaps in the logs? If so, can we determine where the gaps are? 
Unless the logs are stamped with a serial number, odds are that you cannot verify completeness.

I've never testified in court.