[SystemSafety] Personal and corporate liabilities as a consequence of safety, security and other mistakes of similar importance

Olwen Morgan olwen at phaedsys.com
Tue Oct 9 11:38:23 CEST 2018


Thanks for this. I'm moderately familiar with the ways that behavioural 
economics goes about explaining seemingly irrational decisions. Yet I am 
sceptical about how well they apply to the problems we have in software 
engineering and would give the following example of a conversation I 
once had with a colleague about software testing.

In air traffic control, there is a need to track military aircraft that 
may be traversing airspace sectors not using standard air routes. At any 
given altitude, an airspace sector may have the form of a non-convex 
polygon. This makes it less than trivial to determine when a military 
aircraft has entered or left a sector. The problem can be radically 
simplified by decomposing the non-convex polygon into triangles. There 
are only four ways in which a flight track can traverse a triangle. It 
may intersect the triangle at:

(a)    a single vertex,

(b)    two vertices (in which case flight is along the side of a triangle)

(c)    a vertex and a side,

(d)    a side and a side.

With only four cases to consider, a set of boundary-value test cases 
that covers the algorithm is much smaller than if one is trying to cover 
an algorithm that tracks flight across a non-convex space (and a proof 
of correctness could be correspondingly shorter).

When discussing this with a colleague, he asked me how it was that I 
knew "so much" (sic) about test coverage measurement. I replied that I 
read a lot of books. He asked what kinds of books I read. I replied that 
I read academic and professional textbooks, to which he replied (now 
make sure you are sitting down) ...

"Oh. I stopped reading those when I left university."

At this point I thought, "Yes chum, it shows." but held my tongue.

This betokens not just irrational decision-making from an otherwise 
informed economic actor. It betokens a level of ignorance that does not 
even know what it is that it does not know. With all due respect to 
behavioral economists, I think that their discipline would be hard 
pushed to capture this kind of behaviour in any kind of bounded 
rationality model - though I'll happily stand corrected by better 
informed people.

O

PS: I ought to add that I don't have a very high regard for economists 
generally, mainly because of their parlously limited training in 
mathematics. AFAI can see, even the best of them know barely enough to 
be considered as any kind of mathematician.




On 09/10/18 09:03, Martyn Thomas wrote:
>
> You might consider Cambridge Professor Ross Anderson's papers on 
> /Security Economics/ relevant and technically respectable. He uses the 
> tools of classical economics to explain the bad decisions taken by 
> software developers. His blog https://www.lightbluetouchpaper.org/ 
> focuses mainly on topical security and privacy issues but it also 
> contains some of the best-informed and most entertaining rants about 
> technical matters that you will find anywhere.
>
> Martyn
>
>
> On 09/10/2018 08:47, Olwen Morgan wrote:
>>
>> All,
>>
>>
>> On 08/10/18 20:07, Peter Bernard Ladkin wrote:
>>> There is virtually no "technically respectable" literature on how 
>>> the phenomenology of programs
>>> relates to the cultural aspects of programming.
>>>
>>
>> There is a *DESPERATE* need for research in this area. Having spent 
>> my entire working life as a software engineer, I am both astonished 
>> and dismayed that there has been no serious effort to explain why 
>> working practices are so arrantly irrational. And before anyone says 
>> there's no evidence of such irrationality, I'd point out that in most 
>> workplaces I've seen, you couldn't even get repeatable measurements 
>> on whence to produce a sound evidence-based assessment of the degree 
>> of rationality of working methods.
>>
>> It's what makes me glad that I'm now semi-retired and can pick and 
>> choose what work I take on.
>>
>>
>> regards,
>> O
>>
>>
>> _______________________________________________
>> The System Safety Mailing List
>> systemsafety at TechFak.Uni-Bielefeld.DE
>>
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20181009/1b5c2325/attachment-0001.html>


More information about the systemsafety mailing list