thought: safety - Software Engineering vs other Engineering displanes
-
Saw a comic strip the other day semi-joking about Aeroplanes being relatively safe Bridges being safe then software built voting system - 😭 Several bits come to mind, some obvious like physical access. But one that stands out the most is scale of access. Recent Phillips light bulk hack indicates this train of though. Breaking 1 bit of software potentially allows access to the whole thing. Tampering a plane or bridge to fail are more localised to the one occurrence. But "hack" a tesla, or digital polling station, and the spread risk is high. So yes, funny as a joke, but seriously, it is not so much that software engineering is more poorly implemented (ignoring the 90% of low code quality) then physical engineering disciplines, but have a wider risk effect when flaws exist. In contrast, software flaws can be fixed and updated/spread more rapidly then hardware flaws. How long was the gap between enthusiast plan makers to standardised specification for commercial use? HIPPA offers a bunch of guides (if i understand HIPPA 🤷♂️). How linnet is HIPPA compared to commercial plan requirements?
I'm very reluctant to put the word "engineering" after "software". There isn't the same level of agreement about how to do things in the software community as there is in the engineering community. We have competing language families, processes, methodologies, and even design patterns (the latter being a stab at something that starts to look like engineering). Engineering over-designs systems by a considerable factor to reduce the risk of failure. What's the equivalent in software, maybe building lots of defensive checks into the code? Still a pale imitation. On the other hand, a customer who came back to the engineering team saying that he wanted his bridge lengthened by 200m on its "next release" would be laughed out of the room, as would someone who took his car to a mechanic and asked for it to be fixed ("patched") while still traveling down the road.
-
Saw a comic strip the other day semi-joking about Aeroplanes being relatively safe Bridges being safe then software built voting system - 😭 Several bits come to mind, some obvious like physical access. But one that stands out the most is scale of access. Recent Phillips light bulk hack indicates this train of though. Breaking 1 bit of software potentially allows access to the whole thing. Tampering a plane or bridge to fail are more localised to the one occurrence. But "hack" a tesla, or digital polling station, and the spread risk is high. So yes, funny as a joke, but seriously, it is not so much that software engineering is more poorly implemented (ignoring the 90% of low code quality) then physical engineering disciplines, but have a wider risk effect when flaws exist. In contrast, software flaws can be fixed and updated/spread more rapidly then hardware flaws. How long was the gap between enthusiast plan makers to standardised specification for commercial use? HIPPA offers a bunch of guides (if i understand HIPPA 🤷♂️). How linnet is HIPPA compared to commercial plan requirements?
This one? xkcd: Voting Software[^]
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
-
lopatir wrote:
when the app you're on crashes it just pisses you off.
That may be true for a lot of them; but sometimes an error may cause financial damage or endanger health.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
that's why I absolutely stay away from banking apps on my phone, touch screens weren't designed for folks like me with bent and fat fingers.
Do you accept the T&C ... [as in you click the wrong thing it's your fault]
No! damn, accidentally clickedYes, ...uninstall...no not:update...uninstall...uninstall...UNINSTALLyou POS ...finallyafter many otherwise intelligent sounding suggestions that achieved nothing the nice folks at Technet said the only solution was to low level format my hard disk then reinstall my signature. Sadly, this still didn't fix the issue!
-
Have you ever seen an (non-Boeing) aeroplane or bridge being built using the Agile methodology? :)
maze3 wrote:
but have a wider risk effect when flaws exist.
Like grounding an entire fleet of planes? Or recalling all cheeses from the supermarket due to contamination?
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
ah yeah, I guess i was thinking more along the lines of external threat actors, rather then inherit design failings 🤣 my mind is now imagining an agile built plane. Developers: here, test this plane. Results: did not take off and crashed into a wall. Killed 8 people. Developers: Sorry about this, but could you details the issue a bit better, do you have some images of what the pilot was doing?
-
Saw a comic strip the other day semi-joking about Aeroplanes being relatively safe Bridges being safe then software built voting system - 😭 Several bits come to mind, some obvious like physical access. But one that stands out the most is scale of access. Recent Phillips light bulk hack indicates this train of though. Breaking 1 bit of software potentially allows access to the whole thing. Tampering a plane or bridge to fail are more localised to the one occurrence. But "hack" a tesla, or digital polling station, and the spread risk is high. So yes, funny as a joke, but seriously, it is not so much that software engineering is more poorly implemented (ignoring the 90% of low code quality) then physical engineering disciplines, but have a wider risk effect when flaws exist. In contrast, software flaws can be fixed and updated/spread more rapidly then hardware flaws. How long was the gap between enthusiast plan makers to standardised specification for commercial use? HIPPA offers a bunch of guides (if i understand HIPPA 🤷♂️). How linnet is HIPPA compared to commercial plan requirements?
maze3 wrote:
In contrast, software flaws can be fixed and updated/spread more rapidly then hardware flaws.
By the same token, newly introduced flaws or bugs are spread more rapidly to those trusting end users...especially mobile. :laugh: Confession...I once broke the auto-update feature for one of our products...not fun. Bugs happen. :)
"Go forth into the source" - Neal Morse
-
This one? xkcd: Voting Software[^]
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
Hey now, don't bury it _my_ desert.
-
Have you ever seen an (non-Boeing) aeroplane or bridge being built using the Agile methodology? :)
maze3 wrote:
but have a wider risk effect when flaws exist.
Like grounding an entire fleet of planes? Or recalling all cheeses from the supermarket due to contamination?
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
Eddy Vluggen wrote:
Have you ever seen an (non-Boeing) aeroplane or bridge being built using the Agile methodology?
Well said. Nothing in the real world that I'm aware of uses Agile except supposedly software development. I think that says something (either about my ignorance or the stupidity of Agile, I suspect the latter, not the former.)
Latest Articles:
Abusing Extension Methods, Null Continuation, and Null Coalescence Operators -
ah yeah, I guess i was thinking more along the lines of external threat actors, rather then inherit design failings 🤣 my mind is now imagining an agile built plane. Developers: here, test this plane. Results: did not take off and crashed into a wall. Killed 8 people. Developers: Sorry about this, but could you details the issue a bit better, do you have some images of what the pilot was doing?
maze3 wrote:
Developers: Sorry about this, but could you details the issue a bit better, do you have some images of what the pilot was doing?
Developers: It was a user error. Oh gee, that sounds familiar. :sigh:
Latest Articles:
Abusing Extension Methods, Null Continuation, and Null Coalescence Operators -
Have you ever seen an (non-Boeing) aeroplane or bridge being built using the Agile methodology? :)
maze3 wrote:
but have a wider risk effect when flaws exist.
Like grounding an entire fleet of planes? Or recalling all cheeses from the supermarket due to contamination?
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
All manufacturing uses the agile methodology; they just don't call it agile, and everyone does the same thing every sprint. Software is a special case, though, because it's more like bespoke carpentry, where the whole process, from ideation to design to production, can be carried out by one person -- or for bigger things, like making pianos, three guys get a leg each. It's just a process for doing your daily work. Whether it's better or worse than other methods is purely a matter of taste -- for my tastes, it doesn't matter which method is followed (and I've done 'em all). Just get the work done. If the process becomes your work, you're not a developer, any more.
I wanna be a eunuchs developer! Pass me a bread knife!
-
All manufacturing uses the agile methodology; they just don't call it agile, and everyone does the same thing every sprint. Software is a special case, though, because it's more like bespoke carpentry, where the whole process, from ideation to design to production, can be carried out by one person -- or for bigger things, like making pianos, three guys get a leg each. It's just a process for doing your daily work. Whether it's better or worse than other methods is purely a matter of taste -- for my tastes, it doesn't matter which method is followed (and I've done 'em all). Just get the work done. If the process becomes your work, you're not a developer, any more.
I wanna be a eunuchs developer! Pass me a bread knife!
No, that's not agile; manufacturing has a clear and well-defined endproduct; there's no basement of a house while being undecided about the amount of stories, or the amount of stairs and elevators. The only stuff that's agile outside our own trade, is pharmacy; medication that doesn't work, but has reliable side-effects gets re-marketed to that side-effect as being the main thing.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
-
I'm very reluctant to put the word "engineering" after "software". There isn't the same level of agreement about how to do things in the software community as there is in the engineering community. We have competing language families, processes, methodologies, and even design patterns (the latter being a stab at something that starts to look like engineering). Engineering over-designs systems by a considerable factor to reduce the risk of failure. What's the equivalent in software, maybe building lots of defensive checks into the code? Still a pale imitation. On the other hand, a customer who came back to the engineering team saying that he wanted his bridge lengthened by 200m on its "next release" would be laughed out of the room, as would someone who took his car to a mechanic and asked for it to be fixed ("patched") while still traveling down the road.
Greg Utas wrote:
as would someone who took his car to a mechanic and asked for it to be fixed ("patched") while still traveling down the road.
Tesla?
Wrong is evil and must be defeated. - Jeff Ello
-
Saw a comic strip the other day semi-joking about Aeroplanes being relatively safe Bridges being safe then software built voting system - 😭 Several bits come to mind, some obvious like physical access. But one that stands out the most is scale of access. Recent Phillips light bulk hack indicates this train of though. Breaking 1 bit of software potentially allows access to the whole thing. Tampering a plane or bridge to fail are more localised to the one occurrence. But "hack" a tesla, or digital polling station, and the spread risk is high. So yes, funny as a joke, but seriously, it is not so much that software engineering is more poorly implemented (ignoring the 90% of low code quality) then physical engineering disciplines, but have a wider risk effect when flaws exist. In contrast, software flaws can be fixed and updated/spread more rapidly then hardware flaws. How long was the gap between enthusiast plan makers to standardised specification for commercial use? HIPPA offers a bunch of guides (if i understand HIPPA 🤷♂️). How linnet is HIPPA compared to commercial plan requirements?
Bridges collapse, planes crash, the little piece of string holding up my blinds broke. And so does my software contain a couple of bugs. The difference is that my software changes constantly, is on a tight budget, has no budget for R&D at all and has a strict deadline. Yet, my software works quite well. Until someone uses all kinds of power tools, external software and social hacking to make it break or get in. Trust me, if I had the physical equivalent of the tools hackers use to break software, I'd be able to break bridges and planes. And let's be honest, if you used a sledgehammer to wreck your neighbors house no one would blame the structural integrity of the house, yet when hackers do the same to software, it's the software that's at fault. That said, a lot of bad programmers and crap software exist and sometimes I'm ashamed of the industry :(
Best, Sander sanderrossel.com Migrating Applications to the Cloud with Azure arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
-
Saw a comic strip the other day semi-joking about Aeroplanes being relatively safe Bridges being safe then software built voting system - 😭 Several bits come to mind, some obvious like physical access. But one that stands out the most is scale of access. Recent Phillips light bulk hack indicates this train of though. Breaking 1 bit of software potentially allows access to the whole thing. Tampering a plane or bridge to fail are more localised to the one occurrence. But "hack" a tesla, or digital polling station, and the spread risk is high. So yes, funny as a joke, but seriously, it is not so much that software engineering is more poorly implemented (ignoring the 90% of low code quality) then physical engineering disciplines, but have a wider risk effect when flaws exist. In contrast, software flaws can be fixed and updated/spread more rapidly then hardware flaws. How long was the gap between enthusiast plan makers to standardised specification for commercial use? HIPPA offers a bunch of guides (if i understand HIPPA 🤷♂️). How linnet is HIPPA compared to commercial plan requirements?
A problem I face all the time on my own workplace is that software is considered to be malleable. Well, it technically is, but to achieve safety (or even something resembling quality), the mindset has to shift towards an engineering "think first" aproach. My product managers don't want to. They prefer a more artisinal aproach: telling roughly what they want, seeing the result, having things change, seeing the result of that and so on. I suppose, the main issue with software is this aproach working at first. Sure, it breaks down later (let's say because the main engine of what I'm building isn't capable of something that TOTALLY HAS TO BE ADDED a month or two later) but at first, it's malleable and the cost of this nonsense is all-too-easy to dump on the programmer because hey, I'm the one introducing all the bugs, aren't I? Building a bridge or a plane, it's kinda obvious that things have to be thought through in advance. But building software, there's no immediate need to do anything in advance. And as people are, they tend to ignore everything that comes tomorow for the sake of today.
-
maze3 wrote:
Developers: Sorry about this, but could you details the issue a bit better, do you have some images of what the pilot was doing?
Developers: It was a user error. Oh gee, that sounds familiar. :sigh:
Latest Articles:
Abusing Extension Methods, Null Continuation, and Null Coalescence OperatorsAnd then factor in support when you have a, let's call it suboptimal, product. There the 'it's not my/our fault' really gets to shine. EG:I could not use a slightly advanced feature on an internet connection (open a port to the outside) and documented it had to be a problem ISP side. They kept repeating the same inane and refuted advice mixed with telling me what they couldn't do, never said a word to what they could do, until someone (bless him) decided my cablemodem was a bit old. They sent a replacement and stuff worked. Don't want to know what would have happened if my modem had been newish. So I should be happy. And I am. But look a bit closer and you will see that their actual assistance was zilk, without my own knowledge I would have been helpless, and that they probably easily avoided learning anything from this small incident, the more so since not closing an issue is regarded as bad perfomance. The guy who helped my out probably thought he did a good deed and left it there. Upshot: support is (another) step down from product quality and even more likely to suffer under the letal mix of under pressure psychology and management. Quite comparable to boeing saying they will fix the software when they should fix the plane, and then having more critical (software) flaws discovered. Software to the rescue! Then support gets kicked up the ladder (to communication and higher) who are obviously completely unsuited for this job, but cannot admit it. There are real disasters waiting to happen. But it won't be my fault (/s. I regard this sentence as the first law of psychology so I keep using it in sarcastic mode). I've just put on Industrial Disease (Dire Straits). Good for the mood.
-
No, that's not agile; manufacturing has a clear and well-defined endproduct; there's no basement of a house while being undecided about the amount of stories, or the amount of stairs and elevators. The only stuff that's agile outside our own trade, is pharmacy; medication that doesn't work, but has reliable side-effects gets re-marketed to that side-effect as being the main thing.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
Eddy Vluggen wrote:
medication that doesn't work, but has reliable side-effects gets re-marketed to that side-effect as being the main thing.
I'll have to assume that you have more knowledge than I about little blue pills.
I wanna be a eunuchs developer! Pass me a bread knife!
-
Greg Utas wrote:
as would someone who took his car to a mechanic and asked for it to be fixed ("patched") while still traveling down the road.
Tesla?
Wrong is evil and must be defeated. - Jeff Ello
-
Eddy Vluggen wrote:
Have you ever seen an (non-Boeing) aeroplane or bridge being built using the Agile methodology?
Well said. Nothing in the real world that I'm aware of uses Agile except supposedly software development. I think that says something (either about my ignorance or the stupidity of Agile, I suspect the latter, not the former.)
Latest Articles:
Abusing Extension Methods, Null Continuation, and Null Coalescence OperatorsI'd also point out that physical engineering has thousands or hundreds of years of experience in building the things they build, where software has decades. Also, the time from design to implementation in their world is decades or years, not weeks. They are different disciplines in that way; software can be (relatively) easily changed, bridges cannot. Thus, it might make sense to have different approaches. I think the underlying point Marc's driving at is valid, though. There are areas of development where agile simply isn't acceptable: life-critical devices, software operating aircraft, financial markets, etc. Developers in those fields probably need to take an approach closer to engineering.
-
Had to look up that. I just don't understand that religion. I also believe batteries is a dead end, and the future lies in fuel cells.
Wrong is evil and must be defeated. - Jeff Ello
-
Saw a comic strip the other day semi-joking about Aeroplanes being relatively safe Bridges being safe then software built voting system - 😭 Several bits come to mind, some obvious like physical access. But one that stands out the most is scale of access. Recent Phillips light bulk hack indicates this train of though. Breaking 1 bit of software potentially allows access to the whole thing. Tampering a plane or bridge to fail are more localised to the one occurrence. But "hack" a tesla, or digital polling station, and the spread risk is high. So yes, funny as a joke, but seriously, it is not so much that software engineering is more poorly implemented (ignoring the 90% of low code quality) then physical engineering disciplines, but have a wider risk effect when flaws exist. In contrast, software flaws can be fixed and updated/spread more rapidly then hardware flaws. How long was the gap between enthusiast plan makers to standardised specification for commercial use? HIPPA offers a bunch of guides (if i understand HIPPA 🤷♂️). How linnet is HIPPA compared to commercial plan requirements?
<rant> It is astounding to me how little things have actually changed. Like. Ever. Software creation (don't like "engineering" or "development," try that on) has, in my experience beginning in the '70s, always suffered from silver-bullet-syndrome. (See: [No Silver Bullet - Wikipedia](https://en.wikipedia.org/wiki/No\_Silver\_Bullet)) Example: Agile et al. was an answer to the perceived deficiencies of waterfall. It became THE hammer in a world of nails for many people. The fact is, (ok, I admit, TO ME) all methodologies have their logical strengths and place; they aren't mutually exclusive and can be combined in a large project. As someone mentioned above, there are so many languages! I would add: And Frameworks! And libraries! And IDEs! And, for that matter operating systems and db and server platforms! Paradigms shift. I get that. But why the elephant do we need ALL these? Except to give creator$ and early adopter$ an edge. Imagine how much time and money could have been saved over the decades if we'd settled for just a couple of languages with necessarily different strengths. </rant> [deep calming breath] I just needed to get that out of my system. We now return you to your regularly scheduled programming.
Cheers, Mike Fidler "I intend to live forever - so far, so good." Steven Wright "I almost had a psychic girlfriend but she left me before we met." Also Steven Wright "I'm addicted to placebos. I could quit, but it wouldn't matter." Steven Wright yet again.
-
I'm very reluctant to put the word "engineering" after "software". There isn't the same level of agreement about how to do things in the software community as there is in the engineering community. We have competing language families, processes, methodologies, and even design patterns (the latter being a stab at something that starts to look like engineering). Engineering over-designs systems by a considerable factor to reduce the risk of failure. What's the equivalent in software, maybe building lots of defensive checks into the code? Still a pale imitation. On the other hand, a customer who came back to the engineering team saying that he wanted his bridge lengthened by 200m on its "next release" would be laughed out of the room, as would someone who took his car to a mechanic and asked for it to be fixed ("patched") while still traveling down the road.
Greg Utas wrote:
Engineering over-designs systems by a considerable factor to reduce the risk of failure. What's the equivalent in software, maybe building lots of defensive checks into the code? Still a pale imitation.
We can't afford the microseconds, you know... I have been through several "ages" of SW development. When I started my studies (end 1970s), machines were so slow that there was a good reason to do all sorts of (unsafe) tricks to make the programs fast enought to be useful. Then we had some years ever faster machines, and the word was more or less "code any way you want; don't worry about speed - just switch to the next generation hardware if it is too slow". So coders ignored complexity issues of both data structures and algorithms (1980s). But as problem sizes grew, algorithmic complexity became important, and we started a new race against the microseconds that still lasts. It has more or less become an obsession with us. We can never state "It is fast enough!" - if I can do it faster than you, then I am a better developer. Like, I made this Sudoko solver (not primarily for solving Sudoko puzzles, but to illustrate backtracking). The most difficult puzzle I found took 0.6 sec to solve. When I mentioned this to some other developers, I was immediately turned down: It can be done much faster than that! ... But who needs to solve Sudoko puzzles in much less than 0.6 sec? Beating each other by milliseconds is far more important than having robust code, even when the speed is really useful for nothing else than winning the race. I learned a lesson quite early: When PCs were entering the mainstream market, I talked with an architect who had got one. In the early days, drawing on a PC was out of the question; it was used for calculating project costs. Their main program went through the budget to verify that they had included the cost of all the required elements - door handles and locks and whatever. This architect told that in the first use of this program, it had reminded them of overlooked expenses significantly exceeding the cost of the PC and the software. The company was awarded the contract (on the adjusted budget), so the PC paid for itself in full on its very first serious job! So I was curious about the PC hardware. CPU, harddisk ... No, they didn't have any harddisk. What?? The A: floppy held DOS and this database application, the B: floppy held their project data. But - running it from floppies<
