Software engineering without question can be a long and complicated process. With having to account for so many features, it can turn into a downward whirlwind if the process is not managed appropriately. Those features that need to be accounted for but not limited to are security, safety, and an adaptive design. When these features are ignored or improperly managed there are adverse effects, thus raising the need for strict regulations on safety-critical systems.
The most noticeable of effects that can be seen with safety-critical systems are commonly found in the medical field, when safety and security features are handled irresponsibly. Irresponsible designed medical software is dangerous in safety-critical systems because it has the potential to affect masses of people. With the “Therac -25”, “2010 Radiation Follies”, and related articles, we see how the lack of strict regulations allowed for a continuous production of intolerable risky software (systems that can threaten human life). They highlight the need to have in place strict regulations that impose routine hazard analysis. It also highlights the need for manufactures to have well documented user manuals for their safety-critical devices, and for those institutions that utilize such devices, to employ certified technicians. By these steps alone it minimizes the denial of accountability. We see in the related articles that because there was lack of detailed operation procedures from manufactures, and unregulated device operation standards, it allowed for both the manufacturing and medical industries to avoid taking accountability for any detrimental effects that originated from their product or practice.
Improper software design is not limited to just affecting the safety of those devices found in the medical industry, it expands into compromising the security of our everyday infrastructure. That infrastructure being anything with a computer in it that we depend on to perform common routines that allows for us to sustain our quality of living… such as transportation. Vehicles are becoming more dependent upon computers that monitor and control many functions of the car. When these computer controlled systems are designed in a way that does not adhere to standard security design guidelines, it compromises its user and those around. We saw that due to poor software security measures in “FBI Auto Warning” and related articles, malicious software could be loaded into a vehicles onboard computer system, granting access and control to outside parties who could manipulate actions and functions of the car.
Adaptive design is another safety and security feature that should not be ignored when designing software systems. Adaptive design relates to the ability for the software to be used that is conducive to its specification, comprehensive to its users, and incorporates flexibility. This can otherwise be described as sociotechnical resilience. In the FBIs long quest to upgrade their outdated relational database system, the lack of sociotechnical resilience characteristics in the Sentinel system caused expensive delays for the agency. Because it did not incorporate some of the basic principals of sociotechnical resilience, its designers were always playing “catch-up”. Not always being user-friendly and incorporating basics features, and having to consistently update and include new features made the Sentinel project a long and unpleasurable process.
Adhering to safety-critical, secure and adaptive software guidelines is becoming more crucial as technology advances. We need to protect our infrastructure by enforcing strict regulations on intolerable risk systems and those that can massively jeopardize the quality of life. We see that irresponsible software design has extensive range that can negatively affect the individual or conglomerates such as the FBI. It would serve us best to implement and follow design principals that promote sociotechnical resiliency.
No comments:
Post a Comment