Ch07

Page 1

Ethics in Information Technology Chapter 7 Software Development


Learning Objectives  Why must companies place an increased emphasis on the use of high-quality software in business systems, industrial process-control systems, and consumer products?  What potential ethical issues do software manufacturers face in making trade-offs between project schedules, project costs, and software quality?  What are the four most common types of software product liability claims? 2


Learning Objectives  What are the essential components of a software development methodology, and what are the benefits of using such a methodology?  How can the Capability Maturity Model Integration® improve an organization’s software development process?  What is a safety-critical system, and what special actions are required during its development?

3


Introduction High-quality software systems • Easy to learn and use because they perform quickly and efficiently, meet their users’ needs, and operate safely and reliably so that system downtime is kept to a minimum Software defect • Error that, if not removed, could cause a software system to fail to meet its users’ needs Software quality • Degree to which a software product meets the needs of its users Quality management • Defining, measuring, and refining the quality of the development process and the products developed • Deliverables: Products of quality management 4


Causes of Poor Software Quality  Developers must define and follow a set of software engineering principles  Be committed to learning from past mistakes

 Developers must understand the environment in which their systems will operate  Design systems that are immune to human error

 Extreme pressure that software companies feel to reduce the time to market for their products  Resources needed to ensure quality are cut under the pressure to ship a new product 5


Importance of Software Quality  Business information system: Set of interrelated components that collects and processes data and disseminates the output  Decision support system (DSS)

 Controls industrial processes and the operation of industrial and consumer products  Mismanaged software can be fatal to a business  Miss product deadlines, increased product development costs, and delivery of low quality products

 Use of software introduces product liability issues 6


Software Product Liability  Product liability: That of manufacturers, sellers, lessors, and others for injuries caused by defective products  Based on strict liability, negligence, breach of warranty, or misrepresentation

 Strict liability: Defendant held responsible for injuring another person, regardless of negligence or intent  Plaintiff must prove only that the software product is defective or unreasonably dangerous and that the defect caused the injury 7


Software Product Liability  Legal defenses used against strict liability  Doctrine of supervening event  Government contractor defense  Expired statute of limitations

 Negligence  Failure to do what a reasonable person would do, or doing something that a reasonable person would not do  Contributory negligence: Plaintiffs’ own actions contributes to their injuries

8


Software Product Liability  Warranty: Assures buyers or lessees that a product meets certain standards of quality  Breach of warranty: Lessee can sue the lessor if the product fails to meet the terms of its warranty  Difficult to prove because the software supplier writes the warranty to limit liability

9


Software Development Methodology  Standard work process that enables controlled progress while developing high-quality software  Use of an effective methodology protects software manufacturers from legal liability  Reduces the number of software errors  If an organization follows widely accepted development methods, negligence on its part is harder to prove

 Quality assurance (QA): Methods within the development cycle designed to guarantee reliable operation of a product 10


Figure 7.2 - The Cost of Removing Software Defects

Source Line: Used with permission from LKP Consulting Group

11


Dynamic Testing  Dynamic testing: Entering test data and comparing the results with the expected results in a process  Black-box testing: Viewing the software unit as a device that has expected input and output behaviors but whose internal workings are unknown  If the unit demonstrates the expected behaviors for all the input data in the test suite, it passes the test

 White-box testing: Treats the software unit as a device that has expected input and output behaviors but whose internal workings are known 12


Types of Software Testing Static testing

Integration testing

System testing

User acceptance testing

13


Capability Maturity Model Integration (CMMI)  Process-improvement approach that defines the essential elements of effective processes  Identifies the issues that are most critical to software quality and process improvement

 Enables an organization to track, evaluate, and demonstrate its progress

14


Table 7.1 - Definition of CMMI Maturity Levels

Source Line: Used with permission from Carnegie Mellon University

15


Safety-Critical Systems  Whose failure may cause injury or death  Safe operation relies on the flawless performance of software

 Key assumption - Safety will not automatically result from following the organization’s standard development methodology  Tasks require:  Additional steps  More thorough documentation  Vigilant checking and rechecking 16


Safety-Critical Systems  System safety engineer: Uses a logging and monitoring system to track hazards from a project’s start to its finish  Hazard log: Used to assess how detected hazards have been accounted for

 When designing, building, and operating a safetycritical system a formal risk analysis is to be conducted  Redundancy: Provision of multiple interchangeable components to perform a single function in order to cope with failures and errors

17


Safety-Critical Systems  N-version programming: Approach to minimizing the impact of software errors by independently implementing the same set of user requirements N times  Multiple software versions are unlikely to fail at the same time under the same conditions

 Consequences of failure can be mitigated by devising emergency procedures and evacuation plans

18


Reliability and Safety in Safety-Critical Systems  Reliability: Measure of the rate of failure in a system that would render it unusable over its expected lifetime  Capability of the system to continue to perform

 Safety - Ability of the system to perform in a safe manner  System-human interface - Important and difficult areas of safety-critical system design  Design of the system should not allow for erroneous judgment on the part of the operator 19


Quality Management Standards  ISO 9001 family of standards  Guide to quality products, services, and management  Organization must submit to an examination by an external assessor to obtain the certificate

 Failure mode and effects analysis (FMEA)  Used to develop ISO 9001-compliant quality systems  By evaluating reliability and determining the effects of system and equipment failures  Failure mode: Describes how a product or process could fail to perform the desired functions described by the customer 20


Steps to Identify the Highest Priority Actions

Determine the severity rating

Determine the occurrence rating

Determine the criticality

Determine the detection rating

Calculate the risk priority rating

21


Summary  Demand for high-quality software is increasing  Developers are under extreme pressure to reduce time to market of products  Software product liability claims are frequently based on:  Strict liability  Negligence  Breach of warranty  Misrepresentation 22


Summary  Software development methodology  Defines activities in the development process  Defines individual and group responsibilities  Recommends specific techniques  Offers guidelines for managing product quality

 CMMI  Defines five levels of software development maturity

 Safety-critical system  Failure may cause injury or death 23


Summary  ISO 9001 standard is a guide to quality products, services, and management  Failure mode and effects analysis (FMEA) is an important technique used to develop ISO 9001compliant quality systems

24


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.