1 Can We Trust the Computer? What Can Go Wrong? Case Study: The Therac-25 Increasing Reliability and Safety Perspectives on Failures, Dependence, Risk,

Slides:

Advertisements

Similar presentations

Auditors Have a Great Responsibility

Advertisements

A Gift of Fire, 2edChapter 4: Can We Trust the Computer?1 PowerPoint ® Slides to Accompany A Gift of Fire : Social, Legal, and Ethical Issues for Computers.

CHAPTER © 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2 The Use of Health Information Technology in Physician Practices.

Social Implications of a Computerized Society Computer Errors Instructor: Oliver Schulte Simon Fraser University.

Understanding & Managing Risk

Can We Trust the Computer?

Ethics CS-480b Network Security Dick Steflik. ACM Code of Ethics This Code, consisting of 24 imperatives formulated as statements of personal responsibility,

Slides prepared by Cyndi Chie and Sarah Frye. Fourth edition revisions by Sharon Gray. A Gift of Fire Fourth edition Sara Baase Chapter 8: Errors, Failures,

Accident Causes, Prevention and Control

Chapter 29 Ethics in Accounting

A Gift of Fire Third edition Sara Baase

9.401 Auditing Chapter 1 Introduction. Definition of Auditing The accumulation and evaluation The accumulation and evaluation Of evidence about information.

A Gift of Fire Third edition Sara Baase

Errors, Failures and Risks CS4020 Overview Failures and Errors in Computer Systems Case Study: The Therac-25 Increasing Reliability and Safety Dependence,

> > > > The Financial System Chapter 17. Learning Goals Outline the structure and importance of the financial system. List the various types of securities.

©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.

Safety and Health Programs

Chapter 3 Needs Assessment

Chapter 1 Database Systems. Good decisions require good information derived from raw facts Data is managed most efficiently when stored in a database.

Essential Standard 2.00 Understand the nature of business. 1.

Ethical and Social...J.M.Kizza 1 Module 8: Software Issues: Risks and Liabilities Definitions Causes of Software Failures Risks Consumer Protection Improving.

Slides prepared by Cyndi Chie and Sarah Frye A Gift of Fire Third edition Sara Baase Chapter 8: Errors, Failures, and Risks Version modified by Cheryl.

5.02 PowerPoint Objective 5.02 Understand ethics and ethical decision-making.

PROJECT RESOURCES AND RISKS By Catherine Cowper. AVAILABLE RESOURCES When doing a project there are various resources that need to be made available for.

Objective 5.02 Understand ethics and ethical decision-making.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 3-1 Chapter Three Risk Assessment and Materiality Chapter Three.

Chapter 8: Errors, Failures, and Risk

Liability for Computer Errors Not covered in textbook.

Slides prepared by Cyndi Chie and Sarah Frye1 A Gift of Fire Third edition Sara Baase Chapter 8: Errors, Failures, and Risks.

Introduction to Auditing. Introduction The role of audits is critical in the business environment of the early twenty-first century. Important decisions.

Can We Trust Computers? CS 301 (Spring 2007) Mark Luntzel, Niel Ngyuen, and James Cheng.

Security and Reliability THERAC CASE STUDY TEXTBOOK: BRINKMAN’S ETHICS IN A COMPUTING CULTURE READING: CHAPTER 5, PAGES

1 Chapter 3 Critical Systems. 2 Objectives To explain what is meant by a critical system where system failure can have severe human or economic consequence.

Therac-25 Case Family vs. Programmer. People Suffered From Different Type of Bad Programming Database accuracy problems. Many people could not vote in.

© 2007 McGraw-Hill Higher Education. All rights reserved. Chapter 3: Legal Liability and Insurance.

Dimitrios Christias Robert Lyon Andreas Petrou Dimitrios Christias Robert Lyon Andreas Petrou.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 3 Slide 1 Critical Systems 1.

CS 4001Mary Jean Harrold 1 Can We Trust the Computer?

©2001 Southern Illinois University, Edwardsville All rights reserved. Today Fun with Icons Thursday Presentation Lottery Q & A on Final Exam Course Evaluations.

CptS 401 Adam Carter. Announcement  Executive decision: no class Thursday! (CH and exam review will take place tomorrow instead)  Be sure that.

Copyright © 2007 Pearson Education Canada 1 Chapter 1: The Demand for Auditing and Assurance Services.

What is Failure. “an IS system is some combination of hardware, communication technology and software designed to handle information related to one or.

A Gift of Fire, 2edChapter 4: Can We Trust the Computer?1 Can We Trust the Computer?

Organizational Leadership Imperatives Organizations have great impacts on the public, they must accept responsibilities to society. Leaders of organization.

On the Definition of Survivability J. C. Knight and K. J. Sullivan, Department of Computer Science, University of Virginia, December 2000.

McGraw-Hill/Irwin © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. 1.

McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.

CHAPTER 12 Professional Conduct National Pesticide Applicator Certification Core Manual Chapter 12 and Category E Chapter 10.

CS 4001Mary Jean Harrold1 Class 20 Software safety Rest of semester 11/1 (Thursday) Term paper approach due 11/13 (Tuesday) Assignment 8 on software.

©2001 Southern Illinois University, Edwardsville All rights reserved. Today Finish Ethics Next Week Research Topics in HCI CS 321 Human-Computer Interaction.

Professional Ethics and Responsibilities

Copyright © 2007 Pearson Education Canada 9-1 Chapter 9: Internal Controls and Control Risk.

Chapter 8: Errors, Failures, and Risk Zach Archer Daniel O’Hara Eric Strittmatter.

Can We Trust the Computer? FIRE, Chapter 4. What Can Go Wrong? What are the risks and reasons for computer failures? How much risk must or should we accept?

The Law of Sports Injury

Ethical and Legal Considerations

Air Carrier Continuing Analysis and Surveillance System (CASS)

Material Requirements Planning (MRP)

A Gift of Fire Third edition Sara Baase

PowerPoint® Slides to Accompany

Reliability and Safety

Reliability and Safety

Week 13: Errors, Failures, and Risks

Reliability and Safety

Computer in Safety-Critical Systems

Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.

A Gift of Fire Third edition Sara Baase

CS-480b Network Security Dick Steflik

Presentation transcript:

1 Can We Trust the Computer? What Can Go Wrong? Case Study: The Therac-25 Increasing Reliability and Safety Perspectives on Failures, Dependence, Risk, and Progress Computer Models

2 What Can Go Wrong? Facts About Computer Errors Facts About Computer Errors Error-free software is not possible. Error-free software is not possible. Errors are often caused by more than one factor. Errors are often caused by more than one factor. Errors can be reduced by following good procedures and professional practices. Errors can be reduced by following good procedures and professional practices. Q : How do we distinguish between tolerable or unavoidable errors in software versus careless software development?

3 What Can Go Wrong? The Roles of People in Computer-related Problems: The Roles of People in Computer-related Problems: –Computer User At home or work, users should understand the limitations of computers and the need for proper training and responsible use. At home or work, users should understand the limitations of computers and the need for proper training and responsible use. –Computer Professional Understanding the source and consequences of computer failures is valuable when buying, developing, or managing a complex system. Understanding the source and consequences of computer failures is valuable when buying, developing, or managing a complex system. –Educated Member of Society Personal decisions and political, social, and ethical decisions depend on understanding computer risks. Personal decisions and political, social, and ethical decisions depend on understanding computer risks.

4 What Can Go Wrong? Categories of Computer Errors and Failures Categories of Computer Errors and Failures –Problems for Individuals: usually in their role as consumers. usually in their role as consumers. who are incorrectly identified by inaccurate law enforcement databases. who are incorrectly identified by inaccurate law enforcement databases. –System Failures: affecting large numbers of people and/or costing large amounts of money. affecting large numbers of people and/or costing large amounts of money. –Safety-Critical Applications: where people may be injured or killed. where people may be injured or killed.

5 What Can Go Wrong? Problems for Individuals Problems for Individuals –Billing Errors Lack of tests for inconsistencies and inappropriate amounts. Lack of tests for inconsistencies and inappropriate amounts. –Database Accuracy Problems Incorrect information resulting in wrongful treatment or acts. Incorrect information resulting in wrongful treatment or acts. Q : Describe a computer error or failure that has affected you.

6 What Can Go Wrong? Problems for Individuals (cont ’ d) Problems for Individuals (cont ’ d) –Causes: Large population. Large population. Human common sense not part of automated processing. Human common sense not part of automated processing. Overconfidence in the accuracy of data from a computer. Overconfidence in the accuracy of data from a computer. Errors in data entry. Errors in data entry. Information not updated or corrected. Information not updated or corrected. Lack of accountability for errors. Lack of accountability for errors.

7 What Can Go Wrong? System Failures System Failures –Communications: Telephone, online, and broadcast services. Telephone, online, and broadcast services. –Business: Inventory and management software. Inventory and management software. –Financial: Stock exchange, brokerages, banks, etc.. Stock exchange, brokerages, banks, etc.. –Transportation: Reservations, ticketing, and baggage handling. Reservations, ticketing, and baggage handling.

8 What Can Go Wrong? System Failures (cont ’ d) System Failures (cont ’ d) –Causes: Insufficient testing and debugging time. Insufficient testing and debugging time. Significant changes in specifications (during and after project begun). Significant changes in specifications (during and after project begun). Overconfidence in system. Overconfidence in system. Mismanagement of the project. Mismanagement of the project. Q : Describe a recent system failure that affected many people or resulted in a great monetary loss.

9 What Can Go Wrong? Safety-Critical Applications Safety-Critical Applications –Military –Power Plants –Aircraft –Trains –Automated Factories –Medicine – … others.

10 What Can Go Wrong? Safety-Critical Applications Safety-Critical Applications –Causes: Overconfidence. Overconfidence. Lack of override features. Lack of override features. Insufficient testing. Insufficient testing. Sheer complexity of system. Sheer complexity of system. Mismanagement. Mismanagement. Q : What activities do you participate in that are controlled by safety-critical applications?

11 Case Study: The Therac-25 The Therac-25 was a software-controlled radiation-therapy machine used to treat people with cancer. The Therac-25 was a software-controlled radiation-therapy machine used to treat people with cancer. –Overdoses of radiation Normal dosage is 100 – 200 rads. Normal dosage is 100 – 200 rads. It is estimated that 13,000 and 25,000 rads were given to six people. It is estimated that 13,000 and 25,000 rads were given to six people. Three of the six people died. Three of the six people died. Q : What determines whether the risks associated with a safety-critical application are acceptable?

12 Case Study: The Therac-25 Therac-25 Radiation Overdose Therac-25 Radiation Overdose –Multiple Causes: Poor safety design. Poor safety design. Insufficient testing and debugging. Insufficient testing and debugging. Software errors. Software errors. Lack of safety interlocks. Lack of safety interlocks. Overconfidence. Overconfidence. Inadequate reporting and investigation of accidents. Inadequate reporting and investigation of accidents.

13 Increasing Reliability and Safety What Goes Wrong? What Goes Wrong? –Computer Systems Fail Because: The job they are doing is inherently difficult, and The job they are doing is inherently difficult, and The job is done poorly. The job is done poorly. –Compounding the Reliability Issue: Developers and users exhibit overconfidence in the system. Developers and users exhibit overconfidence in the system. Reused system software may not work in different environments. Reused system software may not work in different environments. Q : Identify the elements needed as an incentive to increase reliability and safety.

14 Increasing Reliability and Safety Professional Techniques Professional Techniques Follow good software practices. Follow good software practices. Exhibit professional responsibility at all levels of development and use. Exhibit professional responsibility at all levels of development and use. Construct well-designed user interfaces. Construct well-designed user interfaces. Take human factors into account. Take human factors into account. Include built-in redundancy. Include built-in redundancy. Incorporate self-checking where appropriate. Incorporate self-checking where appropriate. Follow good testing principals and techniques. Follow good testing principals and techniques. Q : What human interface features should be considered for ordinary business applications?

15 Increasing Reliability and Safety Law and Regulation Law and Regulation –Criminal and Civil Penalties: to recover loss from faulty or unsafe systems. to recover loss from faulty or unsafe systems. –Liability and Civil Laws: to provide incentives to produce reliable and safe systems. to provide incentives to produce reliable and safe systems. –Warranties: to guarantee a certain level of quality. to guarantee a certain level of quality. –Federal or State Regulations: to protect the public. to protect the public.

16 Increasing Reliability and Safety Law and Regulation (cont ’ d) Law and Regulation (cont ’ d) –Database Accuracy Enforcement: to protect the public from inaccurate information maintained by private companies and government. to protect the public from inaccurate information maintained by private companies and government. –Mandatory Licensing of Software Developers: to ensure proper training, competency, and continuing education. to ensure proper training, competency, and continuing education. Q : How can consumers protect themselves from faulty software?

17 Perspectives on Failures, Dependence, Risk, and Progress Failures Failures What are acceptable rates of failures? What are acceptable rates of failures? How accurate should software be? How accurate should software be? Dependence Dependence How dependent on computer systems are our ordinary activities? How dependent on computer systems are our ordinary activities? How useful are computer systems to our ordinary activities? How useful are computer systems to our ordinary activities? Risk and Progress Risk and Progress How do new technologies become safer? How do new technologies become safer? Can progress in software safety keep up with the pace of change in computer technology? Can progress in software safety keep up with the pace of change in computer technology?

18 Computer Models Points to Consider: Points to Consider: Models are simplifications of either physical or intangible systems. Models are simplifications of either physical or intangible systems. Those who design and develop models must be honest and accurate with results. Those who design and develop models must be honest and accurate with results. Computer professionals and the general public must be able to evaluate the claims of the developers. Computer professionals and the general public must be able to evaluate the claims of the developers. Q : What problems in your community have been or could be studied with computer models?

19 Computer Models Evaluating Models Evaluating Models –Why Models Might Not Be Accurate: Developers have incomplete knowledge of the system being modeled. Developers have incomplete knowledge of the system being modeled. Data might be incomplete or inaccurate. Data might be incomplete or inaccurate. Power of the computer might be inadequate. Power of the computer might be inadequate. Variables are difficult to numerically quantify. Variables are difficult to numerically quantify. Political and economic motivation to distort results. Political and economic motivation to distort results. Q : For each item above, give an example of a model or simulation that was inaccurate.

20 Computer Models Evaluating Models (cont ’ d) Evaluating Models (cont ’ d) –Regarding the Car-Crash Models Described in the Text: How well do the modelers understand the system and/or materials being studied? How accurate and complete are the data? How well do the modelers understand the system and/or materials being studied? How accurate and complete are the data? What are the assumptions and simplifications in the model? What are the assumptions and simplifications in the model? Do the results or predictions correspond with the real world? Do the results or predictions correspond with the real world?

21 Computer Models Evaluating Models (cont ’ d) Evaluating Models (cont ’ d) –Regarding the Climate Models Discussed in the Text: How well do the modelers understand the system and/or materials being studied? How accurate and complete are the data? How well do the modelers understand the system and/or materials being studied? How accurate and complete are the data? What are the assumptions and simplifications in the model? What are the assumptions and simplifications in the model? Do the results or predictions correspond with the real world? Do the results or predictions correspond with the real world?