Crashworthy Code

79 Pages Posted: 6 Nov 2018 Last revised: 31 Mar 2019

See all articles by Bryan H. Choi

Bryan H. Choi

Ohio State University (OSU) - Michael E. Moritz College of Law

Date Written: 2019


Code crashes. Yet for decades, software failures have escaped scrutiny for tort liability. Those halcyon days are numbered: self-driving cars, delivery drones, networked medical devices, and other cyber-physical systems have rekindled interest in understanding how tort law will apply when software errors lead to loss of life or limb.

Even after all this time, however, no consensus has emerged. Many feel strongly that victims should not bear financial responsibility for decisions that are entirely automated, while others fear that cyber-physical manufacturers must be shielded from crushing legal costs if we want such companies to exist at all. Some insist the existing liability regime needs no modernist cure, and that the answer for all new technologies is patience.

This Article observes that no consensus is imminent as long as liability is pegged to a standard of “crashproof” code. The added prospect of cyber-physical injury has not changed the underlying complexities of software development. Imposing damages based on failure to prevent code crashes will not improve software quality, but will impede the rollout of cyber-physical systems.

This Article offers two lessons from the “crashworthy” doctrine, a novel tort theory pioneered in the late 1960s in response to a rising epidemic of automobile accidents, which held automakers accountable for unsafe designs that injured occupants during car crashes. The first is that tort liability can be metered on the basis of mitigation, not just prevention. When code crashes are statistically inevitable, cyber-physical manufacturers may be held to have a duty to provide for safer code crashes, rather than no code crashes at all. Second, the crashworthy framework teaches courts to segment their evaluation of code, and make narrower findings of liability based solely on whether cyber-physical manufacturers have incorporated adequate software fault tolerance into their designs.

Requiring all code to be perfect is impossible, but expecting code to be crashworthy is reasonable.

Keywords: software liability, self-driving cars, torts, crashworthiness, cyber-physical systems, software fault tolerance

Suggested Citation

Choi, Bryan H., Crashworthy Code (2019). 94 Washington Law Review 39, Ohio State Public Law Working Paper No. 465, Available at SSRN:

Bryan H. Choi (Contact Author)

Ohio State University (OSU) - Michael E. Moritz College of Law ( email )

55 West 12th Avenue
Columbus, OH 43210
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics