Ethics in Information Technology, Second Edition: Software Development

Ethics in Information Technology, Second Edition
Chapter 7 Software Development
Objectives
Why do companies req ire high!q ality soft"are in b siness systems, ind strial process control systems, and cons mer prod cts# What ethical iss es do soft"are man fact rers face in ma$ing tradeoffs bet"een project sched les, project costs, and soft"are q ality#
Objectives &contin ed'

What are the fo r most common types of soft"are prod ct liability claims, and "hat actions m st plaintiffs and defendants ta$e to be s ccessf l# What are the essential components of a soft"are development methodology, and "hat are its benefits#
Objectives &contin ed'

)o" can *apability +at rity +odel Integration improve an organi,ation-s soft"are development process# What is a safety!critical system, and "hat actions are req ired d ring its development#
Strategies to Engineer / ality Soft"are

)igh!q ality soft"are systems
0 Operate safely and dependably 0 )ave a high degree of availability 0 1eq ired to s pport the fields of
2ir traffic control 3 clear po"er 2 tomobile safety )ealth care +ilitary and defense Space e4ploration
Strategies to Engineer / ality Soft"are &contin ed'

+ore and more sers are demanding high q ality soft"are Soft"are defect
0 *o ld ca se a system to fail to meet sers- needs 0 Impact may be trivial or very serio s 0 6atches may contain defects
Soft"are q ality
0 7egree to "hich soft"are meets the needs of sers

/ ality management
0 )o" to define, meas re, and refine the q ality of the development process and prod cts 0 Objective
)elp developers deliver high!q ality systems that meet the needs of sers
7eliverables
0 6rod cts s ch as9
Statements of req irements :lo"charts ;ser doc mentation
Ethics in Information Technology, Second Edition 8

6rimary ca se for poor soft"are q ality
0 7evelopers do not $no" ho" to design q ality into soft"are 0 Or do not ta$e the time to do so
7evelopers m st
0 7efine and follo" a set of rigoro s engineering principles 0 =earn from past mista$es 0 ;nderstand the environment in "hich systems operate 0 7esign systems relatively imm ne to h man error
Ethics in Information Technology, Second Edition <

6rogrammers ma$e mista$es in t rning design specifications into code
0 2bo t one defect for every ?@ lines of code
6ress re to red ce time!to!mar$et :irst release

0 Organi,ations avoid b ying the first release 0 Or prohibit its se in critical systems 0 ;s ally has many defects
>
The Importance of Soft"are / ality

A siness information systems are a set of interrelated components
0 Incl ding
)ard"are Soft"are 7atabases 3et"or$s 6eople 6roced res
?@
The Importance of Soft"are / ality &contin ed'

A siness information system e4amples
0 Order!processing system 0 Electronic!f nds transfer system 0 2irline-s online tic$et reservation system
7ecision s pport system &7SS'

0 ;sed to improve decision ma$ing
Soft"are for ind strial se Soft"are controls the operation of many ind strial and cons mer prod cts
Ethics in Information Technology, Second Edition ??
The Importance of Soft"are / ality &contin ed'

+ismanaged soft"are can be fatal to a b siness Ethical q estions
0 )o" m ch effort and money to invest to ens re high!q ality soft"are 0 Whether prod cts co ld ca se damage
=egal e4pos re if they did
?2
=egal Overvie"9 Soft"are 6rod ct =iability

6rod ct liability
0 =iability of man fact rers, sellers, lessors, and others for inj ries ca sed by defective prod cts 0 There is no federal prod ct liability la"
+ainly state la" 2rticle 2 of the ;niform *ommercial *ode
Strict liability
0 7efendant held responsible for the inj ry 0 1egardless of negligence or intent
?%
=egal Overvie"9 Soft"are 6rod ct =iability &contin ed'

Strict liability
0 6laintiff m st prove only that the soft"are prod ct is defective or nreasonably dangero s and that the defect ca sed the inj ry 0 3o req irement to prove that the man fact rer "as careless or negligent
Or to prove "ho ca sed the defect
0 2ll parties in the chain of distrib tion are liable
?(

=egal defenses sed against strict liability
0 7octrine of s pervening event 0 Bovernment contractor defense 0 E4pired stat te of limitations
3egligence
0 2 s pplier is not held responsible for every prod ct defect that ca ses a c stomer or third!party loss 0 1esponsibility is limited to defects that co ld have been detected and corrected thro gh CreasonableD soft"are development practices
Ethics in Information Technology, Second Edition ?.

3egligence
0 2rea of great ris$ for soft"are man fact rers 0 7efense of negligence may incl de
=egal j stification for the alleged miscond ct 7emonstrate that the plaintiffs- o"n actions contrib ted to inj ries
?5

Warranty
0 2ss res b yers or lessees that a prod ct meets certain standards of q ality 0 E4pressly stated 0 Implied by la"
Areach of "arranty claim

0 6laintiff m st have a valid contract that the s pplier did not f lfill 0 *an be e4tremely diffic lt to prove
Aeca se the soft"are s pplier "rites the "arranty
Ethics in Information Technology, Second Edition ?8

Intentional misrepresentation
0 Seller or lessor either misrepresents the q ality of a prod ct 0 Or conceals a defect in it 0 :orms of representation
2dvertising Salespersons- comments Invoices Shipping labels
?<
Soft"are 7evelopment 6rocess

=arge soft"are project roles
0 0 0 0 0 0 0 0 System analysts 6rogrammers 2rchitects 7atabase specialists 6roject managers 7oc mentation specialists Trainers Testers
?>
Soft"are 7evelopment 6rocess &contin ed'

Soft"are development methodology
0 Wor$ process 0 *ontrolled and orderly progress 0 7efines activities and individ al and gro p responsibilities 0 1ecommends specific techniq es for accomplishing vario s activities 0 Offers g idelines for managing the q ality of soft"are d ring vario s stages of development
2@

Safer and cheaper to avoid soft"are problems at the beginning than to attempt to fi4 damages after the fact
0 Identify and remove errors early in the development process
*ost!saving meas re +ost efficient "ay to improve soft"are q ality
2?

Effective methodology
0 1ed ces the n mber of soft"are errors that might occ r 0 If an organi,ation follo"s "idely accepted development methods, negligence on its part is harder to prove
Soft"are q ality ass rance &/2' refers to methods "ithin the development cycle
0 B arantee reliable operation of prod ct 0 Ideally applied at each stage thro gho t the development cycle

7ynamic testing
0 Alac$!bo4 testing
Tester has no $no"ledge of code
0 White!bo4 testing
Testing all possible logic paths thro gh the soft"are nit With thoro gh $no"ledge of the logic +a$e each program statement e4ec te at least once
2%

Static testing
0 Static analy,ers are r n against the ne" code 0 =oo$s for s spicio s patterns in programs that might indicate a defect
Integration testing
0 2fter s ccessf l nit testing 0 Soft"are nits are combined into an integrated s bsystem 0 Ens res that all lin$ages among vario s s bsystems "or$ s ccessf lly
Ethics in Information Technology, Second Edition 2(

System testing
0 2fter s ccessf l integration testing 0 Eario s s bsystems are combined 0 Tests the entire system as a complete entity
;ser acceptance testing

0 Independent testing 0 6erformed by trained end sers 0 Ens res that the system operates as they e4pect
2.
*apability +at rity +odel Integration for Soft"are

6rocess improvement approach 7efined by the Soft"are Engineering Instit te
0 2t *arnegie +ellon ;niversity in 6ittsb rgh
7efines essential elements of effective processes Beneral eno gh to eval ate and improve almost any process :req ently sed to assess soft"are development practices
25
*apability +at rity +odel Integration for Soft"are &contin ed'

7efines five levels of soft"are development mat rity Identifies iss es most critical to soft"are q ality and process improvement Organi,ation cond cts an assessment of its soft"are development practices
0 7etermines "here they fit in the capability model 0 Identifies areas for improvement
2ction plans are needed to pgrade the development process
*apability +at rity +odel Integration for Soft"are &contin ed'

+at rity level increases
0 Organi,ation improves its ability to deliver good soft"are on time and on b dget
2<
*++I +at rity =evels
2>
Fey Iss es in Soft"are 7evelopment

*onseq ences of soft"are defects in certain systems can be deadly
0 *ompanies m st ta$e special preca tions
%@
7evelopment of Safety!*ritical Systems

Safety!critical system
0 :ail re may ca se inj ry or death 0 E4amples
2 tomobile-s antiloc$ bra$es 3 clear po"er plant reactors 2irplane navigation 1oller coasters Elevators +edical devices
%?
7evelopment of Safety!*ritical Systems &contin ed'

Fey ass mption
0 Safety "ill not a tomatically res lt from follo"ing the organi,ation-s standard development methodology
+ st go thro gh a more rigoro s and time!cons ming development process than other $inds of soft"are 2ll tas$s req ire
0 2dditional steps 0 +ore thoro gh doc mentation 0 +ore chec$ing and rechec$ing
Ethics in Information Technology, Second Edition %2

6roject safety engineer
0 E4plicit responsibility for the system-s safety 0 ;ses a logging and monitoring system
To trac$ ha,ards from the project-s start to finish
)a,ard log
0 ;sed at each stage of the soft"are development process 0 2ssesses ho" it has acco nted for detected ha,ards
%%

Safety revie"s
0 )eld thro gho t the development process
1ob st config ration management system

0 Trac$s all safety!related doc mentation
:ormal doc mentation req ired

0 Incl ding verification revie"s and signat res
Fey iss e
0 7eciding "hen /2 staff has performed eno gh testing
Ethics in Information Technology, Second Edition %(

1is$
0 6robability of an ndesirable event occ rring times the magnit de of the event-s conseq ences if it does happen 0 *onseq ences incl de
7amage to property =oss of money Inj ry to people 7eath
%.

1ed ndancy
0 6rovision of m ltiple interchangeable components to perform a single f nction 0 In order to cope "ith fail res and errors
3!version programming
0 :orm of red ndancy 0 Involves the e4ec tion of a series of program instr ctions sim ltaneo sly by t"o different systems 0 ;ses different algorithms to e4ec te instr ctions that accomplish the same res lt
Ethics in Information Technology, Second Edition %5

3!version programming
0 1es lts from the t"o systems are compared 0 If a difference is fo nd, another algorithm is e4ec ted to determine "hich system yielded the correct res lt 0 Instr ctions for the t"o systems are9
Written by programmers from t"o different companies 1 n on different hard"are devices
0 Aoth systems are highly nli$ely to fail at the same time nder the same conditions
%8

7ecide "hat level of ris$ is acceptable
0 *ontroversial 0 If the level of ris$ in a design is j dged to be too great, ma$e system modifications
+itigate the conseq ences of fail re

0 Ay devising emergency proced res and evac ation plans
1ecall prod ct
0 When data indicates a problem
%<

1eliability
0 6robability of a component or system performing "itho t fail re over its prod ct life
) man interface
0 Important and diffic lt area of safety!critical system design 0 =eave the operator little room for erroneo s j dgment
%>
/ ality +anagement Standards

ISO >@@@ standard
0 B ide to q ality prod cts, services, and management 0 Organi,ation m st s bmit to an e4amination by an e4ternal assessor 0 1eq irements9
Written proced res for everything it does :ollo" those proced res 6rove to the a ditor the organi,ation f lfilled the first t"o req irements
Ethics in Information Technology, Second Edition (@
/ ality +anagement Standards &contin ed'

:ail re mode and effects analysis &:+E2'
0 ;sed to eval ate reliability 0 7etermine the effect of system and eq ipment fail res 0 Boal9
Identify potential design and process fail res early in a project
(?
/ ality +anagement Standards &contin ed'

:ail re mode and effects analysis &:+E2'
0 :ail re mode
7escribes ho" a prod ct or process co ld fail
0 Effect
2dverse conseq ence that a c stomer might e4perience
0 Seldom is a one!to!one relationship bet"een ca se and effect
(2
/ ality +anagement Standards

7O!?8<AGE;1O**2E E7!?2<
0 Eval ation standard for the international aviation comm nity 0 7eveloped by 1adio Technical *ommission for 2erona tics &1T*2'
(%
+anager-s *hec$list for Improving Soft"are / ality
((
S mmary
+ore and more sers are demanding high q ality soft"are Soft"are prod ct liability claims are freq ently based on
0 0 0 0 Strict liability 3egligence Areach of "arranty +isrepresentation
(.
S mmary &contin ed'

Soft"are development methodology
0 7efines activities in the soft"are development process 0 7efines individ al and gro p responsibilities 0 1ecommends specific techniq es 0 Offers g idelines for managing the q ality of prod cts
*++I
0 7efines five levels of soft"are development mat rity
Safety!critical system
0 :ail re may ca se inj ry or death
Ethics in Information Technology, Second Edition (5

Ethics in Information Technology, Second Edition: Software Development

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ethics in Information Technology, Second Edition: Software Development

Uploaded by

Copyright:

Available Formats

Ethics in Information Technology, Second Edition

Chapter 7 Software Development