[SystemSafety] Stupid Software Errors [was: Overflow......]

Peter Bernard Ladkin ladkin at rvs.uni-bielefeld.de
Tue May 5 08:17:26 CEST 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256



On 2015-05-04 23:02 , Steve Tockey wrote:
> 
> PBL wrote:
>> "How about the following? We design a document called A Programmer's Pledge. It has thirty or
>> so numbered clauses:
> ...... I propose that only one clause is necessary:
> 
> * I promise to be personally liable for all damage caused by any software defect I produce

There is a variety of issues if you wish to bring liability into it. The main one is that there is
a large body of case law on liability with which it has to be compatible.

Expressed so generally, such liability is already covered in tort law in the UK. There is a
general duty of care. However, in most cases it would be hard to be so clear about where
responsibility lies. The SW defect will not have been the only phenomenon causal to the damage.
Maybe the kit on which the SW runs could have had a mechanism inhibiting the damaging action
commanded by the SW, and given that the SW was not known to be defect-free there is surely an
argument that it should have had. Then there is the issue of how the defect could have made it
through the company's quality assurance processes, which themselves must have been defective
having let the SW defect through, so there is at least joint liability. You can't make a single
person alone liable for something where there is de facto join liability.

I think that the UK MoD mooted in the late 1980's making a specific named engineer personally
responsible for the correct functioning of critical software. (It didn't have to be the originator
of the technology in use; such an engineer would be appointed at system-deployment time.) It might
have been in the Draft Interim Defence Standard 00-55 in the 1989 version. I understood that it
was given up because of the mooted lack of volunteers. Not surprising, when you think about it.
I've found it hard to find references to this - perhaps others could help?

PBL

Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany
Je suis Charlie
Tel+msg +49 (0)521 880 7319  www.rvs.uni-bielefeld.de




-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJVSGB2AAoJEIZIHiXiz9k+EbEH/0ciH7bUau4UsPTMvDzZsiuf
T52UiynqmMGbQRDw1rh9tJ6PF46AKRV8im6AIOvnbY+/8gQqvnipxuZvYQ3gmoCL
yylX4lreskyTdLQtYaFY2cM5DpTtV7zglNYG/H09FeWJyiu2ae6SvdlxBZOABR0d
T6QpmV94z6m603l3c0B3YaEl1C/e8NsiC+vmSdvLqfkgAgvv9sJqnyjTA52GcoP3
0bMz33gr/DWatkbiNJAMj0LDoVniFl/99u3nr/Vi7zmcbyrf7f38Al28fdAzWzJz
z+KzBsr9yPA17ffDdO2/saFM1OUZqZPtbu4f+CLXPu/vuoyoo//yzZVlYIA+T/8=
=udF9
-----END PGP SIGNATURE-----

More information about the systemsafety mailing list