Re: [SystemSafety] Stupid Software Errors [was: Overflow......]

From: Peter Bernard Ladkin < >
Date: Tue, 05 May 2015 08:17:26 +0200

Hash: SHA256

On 2015-05-04 23:02 , Steve Tockey wrote:
> PBL wrote:

>> "How about the following? We design a document called A Programmer's Pledge. It has thirty or
>> so numbered clauses:

> ...... I propose that only one clause is necessary:
> * I promise to be personally liable for all damage caused by any software defect I produce

There is a variety of issues if you wish to bring liability into it. The main one is that there is a large body of case law on liability with which it has to be compatible.

Expressed so generally, such liability is already covered in tort law in the UK. There is a general duty of care. However, in most cases it would be hard to be so clear about where responsibility lies. The SW defect will not have been the only phenomenon causal to the damage. Maybe the kit on which the SW runs could have had a mechanism inhibiting the damaging action commanded by the SW, and given that the SW was not known to be defect-free there is surely an argument that it should have had. Then there is the issue of how the defect could have made it through the company's quality assurance processes, which themselves must have been defective having let the SW defect through, so there is at least joint liability. You can't make a single person alone liable for something where there is de facto join liability.

I think that the UK MoD mooted in the late 1980's making a specific named engineer personally responsible for the correct functioning of critical software. (It didn't have to be the originator of the technology in use; such an engineer would be appointed at system-deployment time.) It might have been in the Draft Interim Defence Standard 00-55 in the 1989 version. I understood that it was given up because of the mooted lack of volunteers. Not surprising, when you think about it. I've found it hard to find references to this - perhaps others could help?

PBL Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany Je suis Charlie
Tel+msg +49 (0)521 880 7319

-----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJVSGB2AAoJEIZIHiXiz9k+EbEH/0ciH7bUau4UsPTMvDzZsiuf T52UiynqmMGbQRDw1rh9tJ6PF46AKRV8im6AIOvnbY+/8gQqvnipxuZvYQ3gmoCL yylX4lreskyTdLQtYaFY2cM5DpTtV7zglNYG/H09FeWJyiu2ae6SvdlxBZOABR0d T6QpmV94z6m603l3c0B3YaEl1C/e8NsiC+vmSdvLqfkgAgvv9sJqnyjTA52GcoP3 0bMz33gr/DWatkbiNJAMj0LDoVniFl/99u3nr/Vi7zmcbyrf7f38Al28fdAzWzJz z+KzBsr9yPA17ffDdO2/saFM1OUZqZPtbu4f+CLXPu/vuoyoo//yzZVlYIA+T/8= =udF9

The System Safety Mailing List
systemsafety_at_xxxxxx Received on Tue May 05 2015 - 08:17:35 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:07 CEST