Ethics in Information

Technology, Fourth Edition

Chapter 7
Software Development
Ethics in Information Technology
 Objectives

• As you read this chapter, consider the following

questions:
– Why do companies require high-quality software in
business systems, industrial process control
systems, and consumer products?
– What potential ethical issues do software
manufacturers face in making trade-offs between
project schedules, project costs, and software
quality?
– What are the four most common types of software
product liability claims?

Ethics in Information Technology, Fourth Edition 2

 Objectives (cont’d.)
– What are the essential components of a software
development methodology, and what are the benefits
of using such a methodology?
– How can the Capability Maturity Model Integration
improve an organization’s software development
process?
– What is a safety-critical system, and what special
actions are required during its development?

Ethics in Information Technology, Fourth Edition 3

 Strategies for Engineering
Quality Software
• High-quality software systems:
– Perform quickly and efficiently
– Operate safely and reliably
– Meet their users’ needs
– Are required to support the fields of:
• Air traffic control
• Nuclear power
• Automobile safety
• Health care
• Military and defense
• Space exploration
Ethics in Information Technology, Fourth Edition 4
 Strategies for Engineering
Quality Software (cont’d.)
• Increased demand for high-quality software
– End users cannot afford system crashes, lost work,
or lower productivity, nor can they tolerate security
holes through which intruders can spread viruses,
steal data, or shut down Websites
• Software defect
– Could cause a system to fail to meet users’ needs
– Impact may be trivial or very serious
– Subtle and undetectable or glaringly obvious
• Software quality
– Degree to which software meets the needs of users
Ethics in Information Technology, Fourth Edition 5
Heathrow airport disaster
Software problems in the automated baggage sorting
system at Heathrow airport caused the system to go
offline for almost two days in February 2008.
As a result, carriers in the terminal were forced to sort
baggage manually, and 6,000 passengers
experienced delays, flight cancellations, and
frustration. The breakdown reportedly occurred during
a software upgrade, despite pretesting of the
software. The system continued to experience
problems in subsequent months

6
 Strategies for Engineering
Quality Software (cont’d.)
• Quality management
– Defines, measures, and refines the quality of the
development process and products developed
during various stages
– Objective
• Help developers deliver high-quality systems that
meet the needs of users
• Deliverables are products such as:
– Statements of requirements
– Flowcharts
– User documentation
Ethics in Information Technology, Fourth Edition 7
 Strategies for Engineering
Quality Software (cont’d.)
• Primary cause for poor software quality:
– Many developers do not know how to design quality
into software from the start
– Or do not take the time to do so
• Developers must:
– Define and follow rigorous engineering principles
– Learn from past mistakes
– Understand systems’ operating environment
– Design systems relatively immune to human error

Ethics in Information Technology, Fourth Edition 8

 Strategies for Engineering
Quality Software (cont’d.)
• Programmers make mistakes in turning design
specifications into code
– About one defect for every 7-10 lines of code
• Extreme pressure to reduce time to market
– Driven by need to:
• Deliver new functionality
• Begin generating revenue to recover costs
– Resources and time to ensure quality are often cut

Ethics in Information Technology, Fourth Edition 9

 Strategies for Engineering
Quality Software (cont’d.)
• Ethical dilemma: how much additional cost and
effort should be expended to ensure products and
services meet customers’ expectations?
• First release of software
– Organizations avoid buying the first release
– Or prohibit its use in critical systems
– Usually has many defects
• Established software products can also falter:
– When operating conditions change

Ethics in Information Technology, Fourth Edition 10

 Strategies for Engineering
Quality Software (cont’d.)
• Established software products can also falter:
– When operating conditions change the
software - in the Cincinnati Bell telephone switch
had been thoroughly tested and had operated
successfully for months after it was deployed. Later
that year, however, when the time changed from
daylight saving time to standard time, the switch
failed because it was overwhelmed by the number of
calls to the local “official time” phone number from
people who wanted to set their clocks. The large
increase in the number of simultaneous calls to the
same number was a change in operating conditions
that no one had anticipated.
Ethics in Information Technology, Fourth Edition 11
 The Importance of Software Quality

• Business information systems

– Set of interrelated components including:
• Hardware
• Software
• Databases
• Networks
• People
• Procedures
– Collect and process data and disseminate the output

Ethics in Information Technology, Fourth Edition 12

 The Importance of Software Quality
(cont’d.)
• Business information system examples
– Manufacturer’s order-processing system
– Bank’s electronic-funds transfer system
– Airline’s online ticket reservation system
• Decision support system (DSS)
– Used to improve decision making
• Software is used to control industrial processes
• Software controls the operation of many industrial
and consumer products

Ethics in Information Technology, Fourth Edition 13

 The Importance of Software Quality
(cont’d.)
• Mismanaged software can be fatal to a business
• Ethical questions
– How much effort and money to invest to ensure
high-quality software
– Whether products could cause damage and what the
legal exposure would be if they did
– The use of software introduces product liability
issues – concerns for executives

Ethics in Information Technology, Fourth Edition 14

 Software Product Liability

• Product liability
– Liability of manufacturers, sellers and others for
injuries caused by defective products
• Ford truck stalled because of a software defect in the
truck’s fuel injector. In the ensuing accident, a young
child was killed. A state supreme court later affirmed
1

an award of $7.5 million in punitive damages against

the manufacturer.
• In October 2008, a faulty onboard computer caused a
Qantas passenger flight en route to Perth from
Singapore to plunge some 8,000 feet in 10 seconds,
injuring 46 passengers.

Ethics in Information Technology, Fourth Edition 15

 Software Product Liability

• Product liability
– There is no federal product liability law
• Mainly common law - state level
– Software defect can cause lawsuit if
• Injury-death
• Loss of revenue
• Increase in cost

Ethics in Information Technology, Fourth Edition 16

 Software Product Liability
– Software liability claims are based on
• Strict liability
• Negligence
• Breach of warranty
• Misrepresentation
• Strict liability
– Defendant held responsible for the injury
– Regardless of negligence or intent

Ethics in Information Technology, Fourth Edition 17

 Software Product Liability (cont’d.)

• Strict liability
– Plaintiff must prove only that the software product is
defective or unreasonably dangerous and that the
defect caused the injury
– No requirement to prove that the manufacturer was
careless or negligent or to prove who caused the
defect
– All parties in the chain of distribution are liable
• Manufacturer
• Subcontractors
• Distributors

Ethics in Information Technology, Fourth Edition 18

 Strict Liability
• Doctrine of supervening event ?
– if the software was materially altered after it left the
seller’s possession and the alteration caused the
injury
• Government contractor defense ?
– a contractor must prove that the precise software
specifications were provided by the government,
that the software conformed to the specifications,
and that the contractor warned the government of
any known defects in the software
• Expired statute of limitations
– Claim within a specified period
Ethics in Information Technology, Fourth Edition 19
 Software Product Liability (cont’d.)

• Negligence
– Failure to do what a reasonable person would do, or
doing something that a reasonable person would not
do
– Responsibility is limited to defects that could have
been detected and corrected through “reasonable”
software development practices

Ethics in Information Technology, Fourth Edition 20

 Software Product Liability (cont’d.)

• Negligence
– Area of great risk for software manufacturers
– Defense of negligence may include:
• Legal justification for the alleged misconduct
• Demonstration that the plaintiffs’ own actions
contributed to injuries (contributory negligence)

Ethics in Information Technology, Fourth Edition 21

 Software Product Liability (cont’d.)

• Warranty
– Assures buyers or lessees that a product meets
certain standards of quality
– May be expressly stated or implied by law
• Breach of warranty claim
– When the product fails to meet the terms of its
warranty
– Plaintiff must have a valid contract that the supplier
did not fulfill
– Can be extremely difficult to prove because the
software supplier writes the warranty to limit liability
Ethics in Information Technology, Fourth Edition 22
 Software Product Liability (cont’d.)

• Intentional misrepresentation
– Seller or lessor either misrepresents the quality of a
product or conceals a defect in it
– Forms of representation
• Advertising
• Salespersons’ comments
• Invoices
• Shipping labels
– Most software manufacturers use limited warranties
and disclaimers to avoid any claim of
misrepresentation.
Ethics in Information Technology, Fourth Edition 23
 Software Development Process

• Large software project roles

– System analysts
– Programmers
– Architects
– Database specialists
– Project managers
– Documentation specialists
– Trainers
– Testers

Ethics in Information Technology, Fourth Edition 24

 Software Development Process
(cont’d.)
• Software development methodology
– Standard, proven work process
– Controlled and orderly progress
– Defines activities in software development process
– Defines individual and group responsibilities
– Recommends specific techniques for activities
– Offers guidelines for managing the quality of
software during various stages of development

Ethics in Information Technology, Fourth Edition 25

 Software Development Process
(cont’d.)
• Easier and cheaper to avoid software problems at
the beginning than to attempt to fix damages after
the fact
– Cost to identify and remove a defect in an early
stage can be up to 100 times less than removing a
defect in distributed software
– Identify and remove errors early in the development
process
• Cost-saving measure
• Most efficient way to improve software quality

Ethics in Information Technology, Fourth Edition 26

 Software Development Process
(cont’d.)
• Effective methodology protects from legal liability
– Reduces the number of software errors
– If an organization follows widely accepted
development methods, negligence on its part is
harder to prove
• Software quality assurance (QA) refers to methods
within the development cycle
– Guarantee reliable operation of product
– Are applied at each stage in the development cycle
– Include testing before the product ships

Ethics in Information Technology, Fourth Edition 27

 Software Development Process
(cont’d.)
• Dynamic testing
– Black-box testing
• Tester has no knowledge of code
– White-box testing
• Testing all possible logic paths in the software unit,
with thorough knowledge of the logic
• Makes each program statement execute at least once

Ethics in Information Technology, Fourth Edition 28

 Software Development Process
(cont’d.)
• Static testing
– Static analyzers are run against the new code
– Looks for suspicious patterns in programs that might
indicate a defect
• Integration testing
– Occurs after successful unit testing
– Software units are combined into an integrated
subsystem
– Ensures that all linkages among various subsystems
work successfully

Ethics in Information Technology, Fourth Edition 29

 Software Development Process
(cont’d.)
• System testing
– Occurs after successful integration testing
– Various subsystems are combined
– Tests the entire system as a complete entity
• User acceptance testing
– Independent testing performed by trained end users
– Ensures that the system operates as they expect

Ethics in Information Technology, Fourth Edition 30

 Capability Maturity Model Integration

• Process improvement approach

• Defined by the Software Engineering Institute
– At Carnegie Mellon University in Pittsburgh
• Defines essential elements of effective processes
• General enough to evaluate and improve almost
any process
• Frequently used to assess software development
practices

Ethics in Information Technology, Fourth Edition 31

 Capability Maturity Model Integration
(cont’d.)
• Defines five levels of software development
maturity
• Identifies issues most critical to software quality
and process improvement
• Organization conducts an assessment of its
software development practices
– Determines where they fit in the capability model
– Identifies areas for improvement
• Action plans defined to upgrade the development
process

Ethics in Information Technology, Fourth Edition 32

 Capability Maturity Model Integration
(cont’d.)
• Maturity level increases
– Organization improves its ability to deliver good
software on time and on budget
• CMMI-Development
– Set of guidelines for 22 process areas related to
systems development
– Organizations that do these 22 things well will have
an outstanding software development and
maintenance process

Ethics in Information Technology, Fourth Edition 33

 22 Process Areas
1. Causal Analysis and Resolution
2. Configuration Management
3. Decision Analysis and Resolution
4. Integrated Project Management
5. Measurement and Analysis
6. Organizational Process Definition
7. Organizational Process Focus
8. Organizational Performance Management
9. Organizational Process Performance
10. Organizational Training
11. Product Integration
12. Project Monitoring and Control
13. Project Planning
14. Process and Product Quality Assurance
15. Quantitative Project Management
16. Requirements Development
17. Requirements Management
18. Risk Management
19. Supplier Agreement Management
20. Technical Solution
21. Validation
22. Verification 34
 Capability Maturity Model Integration
(cont’d.)

Ethics in Information Technology, Fourth Edition 35

 Key Issues in Software Development

• Consequences of software defects in certain

systems can be deadly
– Companies must take special precautions
• Ethical decisions involve a trade-off between quality
and cost, ease of use, and time to market

Ethics in Information Technology, Fourth Edition 37

 Development of Safety-Critical
Systems
• Safety-critical system
– A system whose failure may cause injury or death
– Examples
• Nuclear power plant reactors
• Airplane navigation
• Roller coasters
• Elevators
• Medical devices

Ethics in Information Technology, Fourth Edition 38

 Development of Safety-Critical
Systems (cont’d.)
• Key assumption
– Safety will not automatically result from following the
organization’s standard development methodology
• Requires a more rigorous and time-consuming
development process than other kinds of software
• All tasks require:
– Additional steps
– More thorough documentation
– Vigilant checking and rechecking

Ethics in Information Technology, Fourth Edition 39

 Development of Safety-Critical
Systems (cont’d.)
• Project safety engineer
– Explicit responsibility for the system’s safety
– Uses a logging and monitoring system:
• To track hazards from the project’s start to finish
• Hazard log
– Used at each stage of the software development
process to assess how project team has accounted
for detected hazards

Ethics in Information Technology, Fourth Edition 40

 Development of Safety-Critical
Systems (cont’d.)
• Safety reviews
– Held throughout the development process
• Robust configuration management system
– Tracks all safety-related documentation
• Formal documentation required
– Including verification reviews and signatures
• Key issues
– Ethical dilemmas re: increased time and expense
– Deciding when QA staff has performed enough
testing

Ethics in Information Technology, Fourth Edition 41

 Development of Safety-Critical
Systems (cont’d.)
• Risk
– Probability of an undesirable event occurring times
the magnitude of the event’s consequences
– Consequences include:
• Damage to property
• Loss of money
• Injury to people
• Death

Ethics in Information Technology, Fourth Edition 42

 Development of Safety-Critical
Systems (cont’d.)
• Redundancy
– Provision of multiple interchangeable components to
perform a single function
– Used to cope with failures and errors
– During times of widespread disaster, lack of
sufficient redundancy can lead to major problems
• Hurricane Katrina knocked out 2.5 million telephone
lines, four TV stations, and 36 radio stations, there
were inadequate backup communication systems to
replace those failed systems.

Ethics in Information Technology, Fourth Edition 43

 Development of Safety-Critical
Systems (cont’d.)
• N-version programming
– Form of redundancy
– Involves the execution of a series of program
instructions simultaneously by two different systems
– Uses different algorithms to execute instructions that
accomplish the same result
– IBM employs N-version programming to reduce disk
sector failures

Ethics in Information Technology, Fourth Edition 44

 Development of Safety-Critical
Systems (cont’d.)
• N-version programming (cont’d.)
– Results from the two systems are compared
– If a difference is found, another algorithm is executed
to determine which system yielded the correct result
– Instructions for the two systems can be:
• Written by programmers from two different companies
• Run on different hardware devices
– Rationale
• Both systems are highly unlikely to fail at the same
time under the same conditions

Ethics in Information Technology, Fourth Edition 45

 Development of Safety-Critical
Systems (cont’d.)
• Decide what level of risk is acceptable
– Difficult and controversial decision
– Make system modifications if level of risk is judged to
be too great
• Mitigate the consequences of failure
– Devise emergency procedures and evacuation plans
• Decide whether to recall a product:
– When data indicates a problem

Ethics in Information Technology, Fourth Edition 46

 Development of Safety-Critical
Systems (cont’d.)
• Reliability
– Probability of a component or system performing
without failure over its product life
• Human interface
– Important and difficult area of safety-critical system
design
– Should leave the operator little room for erroneous
judgment
– Poor design of a system interface can greatly
increase risk

Ethics in Information Technology, Fourth Edition 47

 Development of Safety-Critical
Systems (cont’d.)
• in July 1988, the guided missile cruiser USS Vincennes mistook an
Iranian Air commercial flight for an enemy F-14 jet fighter and shot
the airliner down over international waters in the Persian
Gulf—killing almost 300 people. Some investigators blamed the
tragedy on the confusing interface of the $500 million Aegis
radar and weapons control system. The Aegis radar on the
Vincennes locked onto an Airbus 300, but it was misidentified as a
much smaller F-14 by its human operators. The Aegis operators
also misinterpreted the system signals and thought that the target
was descending, even though the airbus was actually climbing. A
third human error was made in determining the target altitude— it
was off by 4,000 feet. As a result of this combination of human
errors, the Vincennes crew thought the ship was under attack and
shot down the plane.

Ethics in Information Technology, Fourth Edition 48

 Quality Management Standards

• ISO 9001 family of standards

– Guide to quality products, services, and
management
– Organization must submit to an examination by an
external assessor
– Requirements
• Written procedures for everything it does
• Follow those procedures
• Prove to the auditor the organization fulfilled the first
two requirements

Ethics in Information Technology, Fourth Edition 49

 Quality Management Standards
(cont’d.)
• Failure mode and effects analysis (FMEA)
– Technique used to evaluate reliability and determine
the effect of system and equipment failures
– Failures are classified by:
• Impact on a project’s success
• Personnel safety
• Equipment safety
• Customer satisfaction and safety
– Goal
• Identify potential design and process failures early in a
project
Ethics in Information Technology, Fourth Edition 50
 Quality Management Standards
(cont’d.)
• Failure mode and effects analysis (FMEA)
– LifeScan is part of Johnson & Johnson, and for over
20 years it has developed products for people with
diabetes. Every day, more than 3 million people
depend on its OneTouch Systems to capture
accurate test results of their blood glucose levels.
30

LifeScan uses FMEA methods to test the software

for the automated test and assembly stations on the
blood glucose meter manufacturing lines.

Ethics in Information Technology, Fourth Edition 51

Ethics in Information Technology, Fourth Edition 52
 Summary

• Demand for high-quality software is increasing

• Developers are under extreme pressure to reduce
time to market of products
• Software product liability claims are frequently
based on:
– Strict liability
– Negligence
– Breach of warranty
– Misrepresentation

Ethics in Information Technology, Fourth Edition 53

 Summary (cont’d.)

• Software development methodology

– Defines activities in the development process
– Defines individual and group responsibilities
– Recommends specific techniques
– Offers guidelines for managing product quality
• CMMI
– Defines five levels of software development maturity
• Safety-critical system
– Failure may cause injury or death

Ethics in Information Technology, Fourth Edition 54

 Summary (cont’d.)

• ISO 9001 standard is a guide to quality products,

services, and management
• Failure mode and effects analysis (FMEA) is an
important technique used to develop ISO
9001-compliant quality systems

Ethics in Information Technology, Fourth Edition 55