|
Server : Apache/2.4.62 System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64 User : www ( 80) PHP Version : 8.3.8 Disable Function : NONE Directory : /domains/srakitin/newsletter/vol8/no3/ |
Upload File : |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Food for Thought: Just Because We Can, Doesn’t Mean We Should</title>
<link href="/StyleSheet.css" rel="stylesheet" type="text/css">
</head>
<OpenTracking/>
<!-- Do NOT delete previous line if you want to get statistics on the number of opened emails -->
<body>
<table width="600" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="center" valign="top">
<td colspan="2"><img src="/images/food_for_thought_big.gif" alt="Food for Thought" width="436" height="169"></td>
</tr>
<tr class="Reference">
<td align="left" valign="top"><p><br>
An e-newsletter published by<br>
Software Quality Consulting, Inc. </p>
</td>
<td align="right" valign="top"><p><br>
May 2011, Vol. 8 No. 3<br>
[<a href="/newsletter/vol8/no3/vol8no3.txt" target="_blank">Text-only Version</a>]</p>
</td>
</tr>
</table>
<br>
<table width="600" border="0" align="center" cellpadding="0" cellspacing="0" class="BodyText">
<tr>
<td align="left" valign="top">
<p>Welcome to <em><strong>Food for Thought™</strong></em>, an e-newsletter from <a href="/index.html?Intro" target="_blank">Software Quality Consulting</a>. I've created free subscriptions for my valued business contacts. If you find this newsletter informative, I encourage you to continue reading. Feel free to pass this newsletter along to colleagues by clicking on the <strong>Forward Email</strong> link at the bottom of this email. If you’ve received this newsletter from a colleague and would like to subscribe, please click this <a href="/e_newsletter.html" target="_blank">Enter New Subscription</a> link. If you don't wish to receive this newsletter, click the <a href="#bottom">SafeUnSubscribe</a>™ link at the bottom of this newsletter, and you won’t be bothered again.</p>
<p>Your continued feedback on this newsletter is most welcome. Please send your comments and suggestions to <a href="mailto:[email protected]">[email protected]</a>.</p></td>
</tr>
</table>
<br>
<table width="600" border="0" align="center" cellpadding="0" cellspacing="0" class="BodyText">
<tr>
<td width="145" align="left" valign="top"><img src="/images/in_this_issue.gif" alt="In This Issue" width="145" height="36"></td>
<td width="15" align="left" valign="top"> </td>
<td width="440" align="left" valign="top">In <a href="#article">This Month's Topic</a>, I discuss the benefits and risks associated with software.<br>
<p> Regular features to look for each month are: </p>
<ul>
<li> <a href="#morsel">Monthly Morsels</a><br>
Hints, tips, techniques and reference info related to this month’s topic</li>
</ul>
</td>
</tr>
</table>
<br>
<br>
<a name="article"></a>
<table width="600" border="0" align="center" cellpadding="0" cellspacing="0" class="BodyText">
<tr>
<td width="145" align="left" valign="top"><img src="/images/this_months_topic.gif" alt="This Month's Topic" width="146" height="35">
</td>
<td width="15"> </td>
<td width="440" align="left" valign="top" class="BodyText"><div align="center" class="Headline">Just Because We Can, Doesn’t Mean We Should…
</div>
<p>The movie, <em>2001: A Space Odyssey</em>, released in 1968, was way ahead of its time. Written by Stanley Kubrik and Arthur C. Clarke, the movie attempted to illustrate man’s complex relationship to the universe. The movie was recently recognized as one of the most important movies ever made.</p>
</td>
</tr>
<tr>
<td width="145" align="left" valign="top"><p><img width="145" height="145" src="/newsletter/vol8/no3/vol8no3_clip_image001_0004.jpg" alt="Hal-9000.jpg"></p>
<p align="center" class="Reference">“Hello Dave” </p></td>
<td> </td>
<td width="440" align="left" valign="top" class="BodyText"><blockquote>
<p>One of the most memorable characters in the film is the soft-spoken on-board computer named HAL - represented by the iconic red eye. HAL is an acronym for <strong>H</strong>euristically programmed <strong>AL</strong>gorithmic computer (to the dismay of those who initially thought HAL represented IBM plus one letter) and was a member of the 9000 family of computers – which had an impeccable record for infallibility.</p>
<p>HAL was the computer on board an American spaceship bound for Jupiter, along with two astronauts (Dave Bowman and Frank Poole) and three scientists who were in cryogenic hibernation. HAL ran most of the spaceship’s operations and was programmed to complete the mission at all costs. </p>
<p>As it turned out, HAL wasn’t infallible after all. Dave and Frank started to suspect something was wrong after HAL reported the imminent failure of a device that controlled the spaceship's main antenna. After retrieving the component, Dave and Frank could not find anything wrong with it. HAL suggested reinstalling it and letting it fail so the problem could be found. Mission control on Earth concurred, but advised the astronauts that results from their twin HAL 9000 computer indicated the spaceship's HAL is in error predicting the fault.</p>
<p>When queried, HAL insisted that the problem was due to "human error". Concerned with HAL's behavior, Dave and Frank discussed the situation in a sealed pod out of HAL’s earshot. They had a bad feeling about HAL despite HAL’s infallibility record. They decided to follow his suggestion to replace the unit. The astronauts discussed deactivating HAL if he was proven wrong - unaware that HAL was reading their lips.</p>
<p>When he attempted to replace the unit during a spacewalk, Frank's EVA pod, controlled by HAL, severed his oxygen hose and set him adrift. Dave, not realizing HAL was responsible for this, took another pod to attempt a rescue, leaving his helmet behind. While he was gone, HAL terminated the life support functions of the three crew members in cryogenic hibernation. When Dave returned to the spaceship with Frank's body, HAL refused to let him in and said their plan to deactivate him jeopardized the mission. Dave manually opened the ship's emergency airlock and entered the spaceship risking his own death.</p>
<p>After donning a helmet, Dave entered HAL's memory banks intent on disconnecting the computer. HAL first tried to reassure Dave, then pleaded with him to stop, and finally began to express fear - all in a steady monotone voice. Dave ignored him and disconnected each of the computer's memory modules. HAL eventually regressed to his earliest programmed memory, and sang the song "Daisy Bell".</p>
</blockquote>
<p>One of the many complex themes intertwined throughout the movie is the danger of creating technologies that are not fully controllable by humans. </p>
<p><strong>Understanding Risks and Benefits</strong></p>
<p>The movie illustrates the point that just because it is possible to develop software to perform some function doesn’t mean it’s always a good idea. This doesn’t just apply to software – other fields such as medicine have similar issues which is why the role of bioethicists has been established at many medical schools and teaching hospitals. </p>
<p>With every new software application, we need to take a careful look at BOTH the benefits AND the risks. One important principle to keep in mind with respect to new technology is that we often trade one set of problems and risks for a different set of problems and risks.</p></td>
</tr>
<tr>
<td width="145" align="left" valign="top"><img width="145" height="141" src="/newsletter/vol8/no3/vol8no3_clip_image001_0003.jpg"> </td>
<td> </td>
<td width="440" align="left" valign="top" class="BodyText">The recent controversy involving Apple’s iPhone and iPad and its tracking information is a good example…
<table width="440" border="0" cellpadding="10" cellspacing="0" class="BodyText">
<tr align="left" valign="top">
<td><strong>Benefits</strong>:</td>
<td>Having accurate location information on your phone enables apps to identify nearby restaurants and shops as well as provide driving directions.</td>
</tr>
<tr align="left" valign="top">
<td><strong>Problem Solved</strong>:</td>
<td>Having location information available in your phone solves the problem of easily finding local businesses for those who may be unfamiliar with an area.</td>
</tr>
<tr align="left" valign="top">
<td><strong>Risks</strong>:</td>
<td>Since your location information is stored in the phone, it may be used for purposes that you are not aware of and without your knowledge.</td>
</tr>
<tr align="left" valign="top">
<td><strong>Problem Created</strong>:</td>
<td>Having location information available in your phone can create problems since you can’t prevent that information from being used for unintended purposes – such as tracking an individual’s location - without the user’s knowledge or permission.</td>
</tr>
</table>
<p>If the risks seem to outweigh the benefits, then perhaps this software is not worth developing – even if it is possible…</p>
<p>Let’s look at how this applies to software used in several key industries:</p></td>
</tr>
<tr>
<td width="145" align="left" valign="top"><img width="145" height="176" src="/newsletter/vol8/no3/vol8no3_clip_image001_0002.jpg">
<p align="center"><span class="Reference">An infusion pump meters out a specified amount of drug therapy over a specified time. Infusion pump recalls are among the highest of all software-based medical devices.</span> </p></td>
<td> </td>
<td width="440" align="left" valign="top" class="BodyText"><strong>Medical Device Industry</strong>:
<table width="440" border="0" cellpadding="10" cellspacing="0" class="BodyText">
<tr>
<td align="left" valign="top"><strong>Benefits</strong>:</td>
<td align="left" valign="top">Software-based medical devices have saved many thousands of lives and improved the health of many more thousands. Software provides many new capabilities and helps improve overall device safety and efficacy. Medical device software is developed under rigorous regulations and standards.</td>
</tr>
<tr>
<td align="left" valign="top"><strong>Risks</strong>:</td>
<td align="left" valign="top">Failures of software-based medical devices have resulted in many deaths and serious injuries. [1] Already this year, FDA has issued over 75 device recalls for software-related issues. Further, FDA studies have shown that a significant number (~80%) of device errors are introduced when software is changed.<br>
<br>
The following chart summarizes software-based device recalls between 1994-2008. [7] As you can see, the number of software-based recalls has been growing almost exponentially.</td>
</tr>
</table>
<img width="440" height="358" src="/newsletter/vol8/no3/vol8no3_clip_image002_0001.gif"><br>
<br></td>
</tr>
<tr>
<td width="145" align="left" valign="top"><img width="145" height="85" src="/newsletter/vol8/no3/vol8no3_clip_image001_0001.jpg">
<p align="center" class="Reference">The 2005 Toyota Prius was recalled because of a software defect – the engine would stop when cruising at highway speeds. </p></td>
<td> </td>
<td width="440" align="left" valign="top" class="BodyText"><strong>Automotive Industry</strong>:
<table width="440" border="0" cellpadding="10" cellspacing="0" class="BodyText">
<tr align="left" valign="top">
<td><strong>Benefits</strong>:</td>
<td>Critical functions controlled by embedded software enable better fuel efficiency, safety, and advanced accident avoidance features. Carmakers have been replacing mechanical cables and analog controls with digital controls as ways to lower cost, improve reliability, and add features. They have developed software systems to control braking, acceleration, airbags, climate control, transmission performance, emissions, navigation, and many other functions. The result of many of these changes has led to improved reliability, better fuel economy, and improved safety.</td>
</tr>
<tr align="left" valign="top">
<td><strong>Risks</strong>:</td>
<td>2011 model year cars are projected to have as much as <strong>300 million lines of code</strong>. Automotive software is not currently required to meet rigorous safety standards commonly used in other industries. As a result, failures of automotive software have resulted in an indeterminate number of deaths and injuries. In many cases, as with the recent Toyota recalls, pinpointing the root cause of failures is difficult. Proposed legislation requiring automotive black boxes will help quantify the real root cause and frequency of occurrence of such failures. [6]<br>
<br>
“Buggy software and the lack of government standards, along with a lack of uniformity in the auto industry, [has] put car owners in the middle of safety issues with the multiple software systems that control their vehicles.” [5]
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td width="145" align="left" valign="top"><img width="145" height="96" src="/newsletter/vol8/no3/vol8no3_clip_image001_0000.jpg"></td>
<td> </td>
<td width="440" align="left" valign="top" class="BodyText"><strong>Nuclear Power Industry</strong>:
<table width="440" border="0" cellpadding="10" cellspacing="0" class="BodyText">
<tr align="left" valign="top">
<td><strong>Benefits</strong>:</td>
<td>Nuclear plants use software for a variety of safety-critical and non-safety-critical applications. There are 104 operating nuclear plants in the US. Many of these plants were constructed in the 1970s-80s. Collectively, these plants have a remarkable safety record and have been providing low cost electricity for almost four decades.<br>
<br>
Software for safety-critical systems is developed to meet rigorous regulations and standards. While there have been software failures in nuclear plants, no deaths or injuries have been attributed to such failures to date.</td>
</tr>
<tr align="left" valign="top">
<td><strong>Risks</strong>:</td>
<td>Risks associated with software used in nuclear power plants are relatively low because of the fact that most software was developed under stringent rules in compliance with regulations and standards. Even so, one study identified 30 reportable software failures at nuclear plants between 1990 and 1993. [1]</td>
</tr>
</table>
</td>
</tr>
<tr>
<td width="145" align="left" valign="top"><img width="145" height="120" src="/newsletter/vol8/no3/vol8no3_clip_image001.jpg"></td>
<td> </td>
<td width="440" align="left" valign="top" class="BodyText"><strong>Banking and Financial Services Industry</strong>:
<table width="440" border="0" cellpadding="10" cellspacing="0" class="BodyText">
<tr align="left" valign="top">
<td><strong>Benefits</strong>:</td>
<td>Banks and financial services companies rely on software for managing your money and protecting your personal financial information. Software-based automated teller machines (ATMs) and recently announced smart phone applications provide customers with the ability to manage their funds whenever and wherever they are.</td>
</tr>
<tr align="left" valign="top">
<td><strong>Risks</strong>:</td>
<td>Providing personal financial information to banks and financial services companies has led to millions of cases of identity theft. Personal financial information has been stolen from ATM machines, banks, financial institutions, and retail and e-commerce sites. Costs for banks were estimated at $1 billion annually back in 2003. [8] Costs to customers following identity theft were estimated to be <strong>$54 billion</strong> in 2009. [9]</td>
</tr>
</table></td>
</tr>
<tr>
<td width="145" align="left" valign="top"><img width="145" height="214" src="/newsletter/vol8/no3/vol8no3_clip_image002.jpg"></td>
<td> </td>
<td width="440" align="left" valign="top" class="BodyText"><strong>Aviation and Air Travel Industry</strong>:
<table width="440" border="0" cellpadding="10" cellspacing="0" class="BodyText">
<tr align="left" valign="top">
<td><strong>Benefits</strong>:</td>
<td>Software is used extensively in commercial airliners to control critical flight operations. Fly-by-wire systems which are currently used on many commercial airplanes has many advantages over the older mechanical and hydro-mechanical systems, including lower weight and improved safety. In addition, most fly-by-wire systems are implemented using four independent channels to prevent loss of signal conditions from compromising safety. Such software is developed under rigorous regulations and standards.<br>
<br>
Software also plays a critical role in helping air traffic controllers manage an ever-increasing volume of air traffic.</td>
</tr>
<tr align="left" valign="top">
<td><strong>Risks</strong>:</td>
<td>Air travel has proven to be very safe compared to other modes of transport. However, the combination of increased density of airspace use and the development of planes capable of carrying large numbers of passengers, pose an increasing safety risk. [2] In addition, the current system used to manage the airspace over the US is based on technology from the 1970’s. The FAA has been trying unsuccessfully to upgrade the air traffic control (ATC) system for many years.<br>
<br>
As an example of the risks posed by ATC software, consider an event that occurred at the Los Angeles airport in September 2004. The ATC system failed and air traffic controllers lost radio contact with 800 airplanes they were tracking over the southwestern United States.<br>
<br>
“The radio system shutdown, which lasted more than three hours, left 800 planes in the air without contact to air traffic control, and led to at least five cases where planes came too close to one another, according to comments by the Federal Aviation Administration reported in the LA Times and The New York Times. Air traffic controllers were reduced to using personal mobile phones to pass on warnings to controllers at other facilities, and watched close calls without being able to alert pilots, according to the LA Times report.” [10]</td>
</tr>
</table>
<strong>In Summary…</strong>
<p>One of the key findings of the <strong>National Research Council’s</strong> study of software dependability is:</p>
<blockquote>
<p>“Avoidable software failures have already been responsible for loss of life and for large economic losses. The quality of software produced by the industry is extremely variable, and there is inadequate oversight in some critical areas. Unless improvements are made, more pervasive deployment of software in the civic infrastructure may lead to catastrophic failures. Software has the potential to bring benefits to society, but it will not be possible to realize these benefits - especially in critical applications - unless software becomes more dependable.” [2]</p>
</blockquote>
<p>‘till next time…</p></td>
</tr>
</table>
<br>
<br>
<a name="morsel"></a>
<table width="600" border="0" align="center" cellpadding="0" cellspacing="0" class="BodyText">
<tr>
<td width="145" align="left" valign="top"><img src="/images/monthly_morsels.gif" alt="Monthly Morsels" width="145" height="35"></td>
<td width="15"> </td>
<td width="440" align="left" valign="top">Every month in this space, you’ll find additional information related to this month’s topic.
<ol>
<li>Chapin, D. M. et.al., <em><a href="http://www.nap.edu/openbook.php?record_id=5432" target="_blank">Digital instrumentation and control systems in nuclear power plants: Safety and Reliability Issues</a></em>, National Research Council, National Academies Press, 1997.<br>
<br>
</li>
<li>Jackson, D. et. al., <em><a href="http://www.nap.edu/catalog.php?record_id=11923" target="_blank">Software for Dependable Systems - Sufficient Evidence?</a></em> National Research Council, National Academies Press, 2007.<br>
<br>
</li>
<li>Leveson, N., <em>Safeware – System Safety and Computers</em>, Addison-Wesley, 1995.<br>
<br>
</li>
<li>Wiener, L., <em>Digital Woes - Why We Should Not Depend on Software</em>, Addison-Wesley, 1993.<br>
<br>
</li>
<li>Germain, J. M., “<a href="http://www.technewsworld.com/story/69571.html?wlc=1305493448" target="_blank">The Gaping Hole Where Auto Software Standards Should Be</a>”, <em>TechNewsWorld</em>, March 18, 2010.<br>
<br>
</li>
<li>Whorisky, P., “<a href="http://www.washingtonpost.com/wp-dyn/content/article/2010/04/29/AR2010042904700.html" target="_blank">Auto bill draft would require black boxes, allow NHTSA to issue quick recalls</a>”, <em>Washington Post</em>, April 30, 2010.<br>
<br>
</li>
<li>Majchrowski, B., “Medical Device Software: Practical Guidance for Healthcare Facilities”, presented at AAMI Conf, June 6-8, 2009.<br>
<br>
</li>
<li>Sullivan, B., “<a href="http://www.msnbc.msn.com/id/3078480/ns/technology_and_science-tech_and_gadgets/t/id-theft-costs-banks-billion-year/" target="_blank">ID thefts costs banks $1 billion a year</a>”, MSNBC, March 26, 2003.<br>
<br>
</li>
<li>Barrett, L. “<a href="http://www.esecurityplanet.com/trends/article.php/3864616/Identity-Theft-Cost-Victims-54B-in-2009.htm" target="_blank">Identity Theft Cost Victims $54B in 2009</a>”, <em>e-Security Planet</em>, February 12, 2010.<br>
<br>
</li>
<li>Broersma, M., “<a href="http://news.techworld.com/operating-systems/2275/microsoft-server-crash-nearly-causes-800-plane-pile-up/" target="_blank">Microsoft server crash nearly causes 800-plane pile-up</a>”, <em>Techworld</em>, September, 2004.<br>
</li>
</ol></td>
</tr>
</table>
<br>
<br>
<table width="600" border="0" align="center" cellpadding="0" cellspacing="0" class="BodyText">
<tr>
<td width="145" align="left" valign="top"><img src="/images/about_SQC.gif" alt="About SQC" width="145" height="35"></td>
<td width="15"> </td>
<td width="440" align="left" valign="top">Software Quality Consulting provides a full-range of software engineering services for safety-critical industries and mission-critical projects. Our goal is to help create safety-critical and mission-critical software that meets our client’s needs, complies with all applicable standards and regulations, with the highest level of quality possible, and in the most cost-effective and timely manner possible.
<p>To learn more about how we can help your organization, <a href="/index.html?AboutSQC" target="_blank">visit our web site</a> or <a href="mailto:[email protected]">send us an email</a>.</p></td>
</tr>
</table>
<br>
<div align="center" class="Reference">Food for Thought, Predictable Software Development, Act Like a Customer,<br>
and ALAC are trademarks of Software Quality Consulting, Inc.<br>
Copyright 2011. Software Quality Consulting, Inc. All rights reserved.<br>
Graphic design by <a href="http://www.sarahcoledesign.com/" target="_blank">Sarah Cole Design</a>.</div>
<a name="bottom"> </a></body>
</html>