software development

Ethics in Information Technology, Second Edition Chapter 7Software Development

Ethics in Information Technology, Second Edition

Ethics in Information Technology, Second Edition*ObjectivesWhy do companies require high-quality software in business systems, industrial process control systems, and consumer products?

What ethical issues do software manufacturers face in making tradeoffs between project schedules, project costs, and software quality?


Ethics in Information Technology, Second Edition*Objectives (continued)What are the four most common types of software product liability claims, and what actions must plaintiffs and defendants take to be successful?

What are the essential components of a software development methodology, and what are its benefits?


Ethics in Information Technology, Second Edition*Objectives (continued)How can Capability Maturity Model Integration improve an organizations software development process?

What is a safety-critical system, and what actions are required during its development?


Ethics in Information Technology, Second Edition*Strategies to Engineer Quality SoftwareHigh-quality software systemsOperate safely and dependablyHave a high degree of availabilityRequired to support the fields of Air traffic controlNuclear powerAutomobile safetyHealth careMilitary and defenseSpace exploration


Ethics in Information Technology, Second Edition*Strategies to Engineer Quality Software (continued)More and more users are demanding high quality softwareSoftware defectCould cause a system to fail to meet users needsImpact may be trivial or very seriousPatches may contain defectsSoftware quality Degree to which software meets the needs of users


Ethics in Information Technology, Second Edition*Strategies to Engineer Quality Software (continued)Quality management How to define, measure, and refine the quality of the development process and productsObjective Help developers deliver high-quality systems that meet the needs of usersDeliverablesProducts such as: Statements of requirementsFlowchartsUser documentation


Ethics in Information Technology, Second Edition*Strategies to Engineer Quality Software (continued)Primary cause for poor software quality Developers do not know how to design quality into software Or do not take the time to do soDevelopers must Define and follow a set of rigorous engineering principles Learn from past mistakesUnderstand the environment in which systems operate Design systems relatively immune to human error


Ethics in Information Technology, Second Edition*Strategies to Engineer Quality Software (continued)Programmers make mistakes in turning design specifications into codeAbout one defect for every 10 lines of codePressure to reduce time-to-marketFirst release Organizations avoid buying the first releaseOr prohibit its use in critical systemsUsually has many defects


Ethics in Information Technology, Second Edition*The Importance of Software QualityBusiness information systems are a set of interrelated components Including Hardware SoftwareDatabases NetworksPeopleProcedures


Ethics in Information Technology, Second Edition*The Importance of Software Quality (continued)Business information system examplesOrder-processing systemElectronic-funds transfer systemAirlines online ticket reservation systemDecision support system (DSS)Used to improve decision makingSoftware for industrial useSoftware controls the operation of many industrial and consumer products


Ethics in Information Technology, Second Edition*The Importance of Software Quality (continued)Mismanaged software can be fatal to a businessEthical questionsHow much effort and money to invest to ensure high-quality softwareWhether products could cause damageLegal exposure if they did


Ethics in Information Technology, Second Edition*Legal Overview: Software Product LiabilityProduct liabilityLiability of manufacturers, sellers, lessors, and others for injuries caused by defective productsThere is no federal product liability lawMainly state lawArticle 2 of the Uniform Commercial CodeStrict liability Defendant held responsible for the injuryRegardless of negligence or intent


Ethics in Information Technology, Second Edition*Legal Overview: Software Product Liability (continued)Strict liability Plaintiff must prove only that the software product is defective or unreasonably dangerous and that the defect caused the injuryNo requirement to prove that the manufacturer was careless or negligentOr to prove who caused the defectAll parties in the chain of distribution are liable


Ethics in Information Technology, Second Edition*Legal Overview: Software Product Liability (continued)Legal defenses used against strict liabilityDoctrine of supervening eventGovernment contractor defenseExpired statute of limitationsNegligenceA supplier is not held responsible for every product defect that causes a customer or third-party lossResponsibility is limited to defects that could have been detected and corrected through reasonable software development practices


Ethics in Information Technology, Second Edition*Legal Overview: Software Product Liability (continued)NegligenceArea of great risk for software manufacturersDefense of negligence may includeLegal justification for the alleged misconductDemonstrate that the plaintiffs own actions contributed to injuries


Ethics in Information Technology, Second Edition*Legal Overview: Software Product Liability (continued)WarrantyAssures buyers or lessees that a product meets certain standards of qualityExpressly stated Implied by lawBreach of warranty claimPlaintiff must have a valid contract that the supplier did not fulfillCan be extremely difficult to proveBecause the software supplier writes the warranty


Ethics in Information Technology, Second Edition*Legal Overview: Software Product Liability (continued)Intentional misrepresentation Seller or lessor either misrepresents the quality of a product Or conceals a defect in itForms of representationAdvertisingSalespersons commentsInvoicesShipping labels


Ethics in Information Technology, Second Edition*Software Development ProcessLarge software project rolesSystem analysts Programmers ArchitectsDatabase specialists Project managersDocumentation specialistsTrainersTesters


Ethics in Information Technology, Second Edition*Software Development Process (continued)Software development methodologyWork processControlled and orderly progressDefines activities and individual and group responsibilitiesRecommends specific techniques for accomplishing various activitiesOffers guidelines for managing the quality of software during various stages of development


Ethics in Information Technology, Second Edition*Software Development Process (continued)Safer and cheaper to avoid software problems at the beginning than to attempt to fix damages after the factIdentify and remove errors early in the development process Cost-saving measure Most efficient way to improve software quality


Ethics in Information Technology, Second Edition*Software Development Process (continued)Effective methodology Reduces the number of software errors that might occurIf an organization follows widely accepted development methods, negligence on its part is harder to proveSoftware quality assurance (QA) refers to methods within the development cycleGuarantee reliable operation of productIdeally applied at each stage throughout the development cycle


Ethics in Information Technology, Second Edition*Software Development Process (continued)Dynamic testingBlack-box testingTester has no knowledge of codeWhite-box testingTesting all possible logic paths through the software unit With thorough knowledge of the logicMake each program statement execute at least once


Ethics in Information Technology, Second Edition*Software Development Process (continued)Static testingStatic analyzers are run against the new codeLooks for suspicious patterns in programs that might indicate a defectIntegration testingAfter successful unit testingSoftware units are combined into an integrated subsystem Ensures that all linkages among various subsystems work successfully


Ethics in Information Technology, Second Edition*Software Development Process (continued)System testingAfter successful integration testingVarious subsystems are combined Tests the entire system as a complete entityUser acceptance testingIndependent testingPerformed by trained end users Ensures that the system operates as they expect


Ethics in Information Technology, Second Edition*Capability Maturity Model Integration for SoftwareProcess improvement approach Defined by the Software Engineering Institute At Carnegie Mellon University in PittsburghDefines essential elements of effective processesGeneral enough to evaluate and improve almost any processFrequently used to assess software development practices


Ethics in Information Technology, Second Edition*Capability Maturity Model Integration for Software (continued)Defines five levels of software development maturityIdentifies issues most critical to software quality and process improvementOrganization conducts an assessment of its software development practices Determines where they fit in the capability modelIdentifies areas for improvement Action plans are needed to upgrade the development process


Ethics in Information Technology, Second Edition*Capability Maturity Model Integration for Software (continued)Maturity level increasesOrganization improves its ability to deliver good software on time and on budget


Ethics in Information Technology, Second Edition*CMMI Maturity Levels


Ethics in Information Technology, Second Edition*Key Issues in Software DevelopmentConsequences of software defects in certain systems can be deadlyCompanies must take special precautions


Ethics in Information Technology, Second Edition*Development of Safety-Critical SystemsSafety-critical system Failure may cause injury or deathExamplesAutomobiles antilock brakes Nuclear power plant reactorsAirplane navigationRoller coastersElevatorsMedical devices


Ethics in Information Technology, Second Edition*Development of Safety-Critical Systems (continued)Key assumption Safety will not automatically result from following the organizations standard development methodologyMust go through a more rigorous and time-consuming development process than other kinds of softwareAll tasks require Additional stepsMore thorough documentation More checking and rechecking


Ethics in Information Technology, Second Edition*Development of Safety-Critical Systems (continued)Project safety engineerExplicit responsibility for the systems safetyUses a logging and monitoring system To track hazards from the projects start to finishHazard log Used at each stage of the software development process Assesses how it has accounted for detected hazards


Ethics in Information Technology, Second Edition*Development of Safety-Critical Systems (continued)Safety reviews Held throughout the development processRobust configuration management system Tracks all safety-related documentationFormal documentation requiredIncluding verification reviews and signaturesKey issueDeciding when QA staff has performed enough testing


Ethics in Information Technology, Second Edition*Development of Safety-Critical Systems (continued)Risk Probability of an undesirable event occurring times the magnitude of the events consequences if it does happenConsequences include Damage to property Loss of moneyInjury to peopleDeath


Ethics in Information Technology, Second Edition*Development of Safety-Critical Systems (continued)RedundancyProvision of multiple interchangeable components to perform a single function In order to cope with failures and errorsN-version programming Form of redundancyInvolves the execution of a series of program instructions simultaneously by two different systemsUses different algorithms to execute instructions that accomplish the same result


Ethics in Information Technology, Second Edition*Development of Safety-Critical Systems (continued)N-version programming Results from the two systems are comparedIf a difference is found, another algorithm is executed to determine which system yielded the correct resultInstructions for the two systems are:Written by programmers from two different companies Run on different hardware devicesBoth systems are highly unlikely to fail at the same time under the same conditions


Ethics in Information Technology, Second Edition*Development of Safety-Critical Systems (continued)Decide what level of risk is acceptableControversialIf the level of risk in a design is judged to be too great, make system modificationsMitigate the consequences of failure By devising emergency procedures and evacuation plansRecall productWhen data indicates a problem


Ethics in Information Technology, Second Edition*Development of Safety-Critical Systems (continued)Reliability Probability of a component or system performing without failure over its product lifeHuman interfaceImportant and difficult area of safety-critical system designLeave the operator little room for erroneous judgment


Ethics in Information Technology, Second Edition*Quality Management StandardsISO 9000 standard Guide to quality products, services, and managementOrganization must submit to an examination by an external assessorRequirements:Written procedures for everything it doesFollow those proceduresProve to the auditor the organization fulfilled the first two requirements


Ethics in Information Technology, Second Edition*Quality Management Standards (continued)Failure mode and effects analysis (FMEA)Used to evaluate reliabilityDetermine the effect of system and equipment failuresGoal:Identify potential design and process failures early in a project


Ethics in Information Technology, Second Edition*Quality Management Standards (continued)Failure mode and effects analysis (FMEA)Failure modeDescribes how a product or process could fail Effect Adverse consequence that a customer might experienceSeldom is a one-to-one relationship between cause and effect


Ethics in Information Technology, Second Edition*Quality Management StandardsDO-178B/EUROCCAE ED-128 Evaluation standard for the international aviation communityDeveloped by Radio Technical Commission for Aeronautics (RTCA)


Ethics in Information Technology, Second Edition*Managers Checklist for Improving Software Quality


Ethics in Information Technology, Second Edition*SummaryMore and more users are demanding high quality softwareSoftware product liability claims are frequently based on Strict liabilityNegligenceBreach of warrantyMisrepresentation


Ethics in Information Technology, Second Edition*Summary (continued)Software development methodology Defines activities in the software development processDefines individual and group responsibilities Recommends specific techniquesOffers guidelines for managing the quality of productsCMMI Defines five levels of software development maturitySafety-critical system Failure may cause injury or death


**********************************************

software development

Documents