"Chirgwin, Richard" wrote:
> a) Does the widespread expectation that software will crash weaken a
> common-law claim?
IANAL! Did the widespread expectation that smoking cigarettes causes
cancer weaken class action claims against the Tobacco Giants in the USA
recently?
> b) What would constitute a "reasonable expectation" of software quality
> (since 100% is beyond our grasp)?
Perhaps chalk up the reliability of various platforms, software packages,
etc, and rank them. But I must admit that getting a reasonable estimate of
reliablility vs. cost is difficult.
For example, I can demonstrate that a system running a Linux 2.2 kernel
and some basic Internet services (for a software licence cost of zero)
is far more reliable (stays up, secure, etc) than a Windows NT 4.0 server
doing the same job (cost ... several $1000's?)
In simple terms, I expect the underlying operating system to be secure,
does not crash and does not corrupt data. An expectation of 100% is
unreasonable for any software system, but 99% is not expecting too much.
As for application software, I expect it to function in a reasonable
manner, and produce expected results reliably and consistently across
multiple invocations. A minor bug/glitch/hiccup is acceptable, but
a freeze-up/crash/'GPF' or similar is not acceptable. The latter should
be caught by regression, unit and integration test during QA before
product release.
These expectations are based on what is by now years of experience the
world and the industry have had with computer systems. They are not
unreasonable expectations. For heaven's sake, back in my uni days in the
the 70's the above criteria were consistently being met by all the systems
on which I did my undergraduate work. Such expecations and concepts are
not new. QA concepts are not new.
> c) Where is the line between safety-critical and non-safety-critical? For
> eg: the software in a heart monitor is safety-critical. My word processor is
> not. But what of the case of Canterbury Hospital (I think) in Sydney, where
> a badly-coded database UI led to the wrong drugs being dispensed from the
> hospital pharmacy? My bet is that such a system runs on a commercial OS (if
> not MS then a Unix and a database) - and I'd also wager that nobody even
> considered in advance whether the product liability waivers applied in that
> case.
I've never had to work on a safety critical system. The stress and burden of
responsbility must be enormous. That said, I treat all software projects as if
they were safety-critical. I test the hell out them before they leave my control.
To do anything less I consider negligent.
If I did have the responsibility of a safety-critical software system, I think
testing and proof of safety would take upwards of 90% of the project time.
Back to the thread. To sum up some points made so far:
1. sys admins are responsible for maintaining the integrity and security
of the systems they deploy; this is all the more important when those
systems reside on the open Internet, for their negligence can contribute
to the spread a malicious software to hundreds of thousands of other
similarly connected machines;
2. software is considered a service not a product, thus hindering action that
can be taken against a software producer (this came as sad news to me);
3. *some* software producers make it very difficult to see 'under the hood'
of their systems, making it difficult to harden their systems against
attack; and *some* of these systems arive out of the box in a very insecure
state that must be 'hardened' by a diligent sys admin;
4. *some* software producers have made the regime of patching and maintaining
their systems with updates onerous to the point of being overwhelming
It seems there is a balance to be reached between software producers
selling reasonably secure and reliable systems and users of said systems
maintaining the future security of same with reasonable diligence.
I once again make the point that proposed American legislation to heap
the burden of secure systems entirely upon sys admins and their diligence
in applying patches is unfair and further removes any incentive for
software producers to produce quality systems.
Rgds
Rick W
_____________________________________________
Rick Welykochy || Praxis Services Pty Limited
"Those who do not understand Unix are condemned to reinvent it, poorly."
- Henry Spencer
This archive was generated by hypermail 2.1.1 : Fri Aug 31 2001 - 03:10:02 EST