Would a manufacturer of automobiles, for instance, be willing to warrant his products against catastrophic failure if he were forced to build his product using materials from sources who refused to make similar guarantees, because the materials from which they manufactured their products offered no guarantees?
No. He'd be insane.
When you write software, you can't guarantee much unless you can be certain that the software used to create it and the software upon which it depends come with the same assurances.
What about liability? ISVs have been playing the blame game for years. They get away with it because their denials are plausible. I doubt this will ever change.
| [reply] |
A doctor can be sued for malpractice because the medicines s/he uses are certified by the federal government. An engineer can be sued because s/he does no building, only planning. If the building goes according to spec and the building fails, the design (aka, the engineer) is at fault.
Hence, if compilers and toolkits are certified by some board/government, and I use them, and my software fails ... I am liable. If I create software that allows for a known hack, such as buffer overflow, to happen ... I am liable. If I make a design and it is faithfully executed, but the application fails ... I am liable.
I think that programmer liability is a very good thing. It would require that programmers be certified, similar to a bar or CPA exam. I would take one and accept its results.
It would require that the pace of innovation be slowed down so that advances are scrutinized. I would prefer this.
(Think about it this way - would you want to go into an operating room knowing your doctor is using a technique he developed and no-one else has scrutinized?)
It would require that there is some standardization in the world. As far as I know, there is no perlmonk who would vote against this idea. (Some of us might be out of jobs, but I know I don't like retrofitting interfaces ... do you?)
I think that board-certifying programmers is an excellent idea. That way, employers have a guarantee on what that candidate can do.
The first thing that needs to be certified is not products, but people.
------
We are the carpenters and bricklayers of the Information Age. Don't go borrowing trouble. For programmers, this means Worry only about what you need to implement.
| [reply] |
Actually, I'd argue that you're looking at this from the wrong angle.
Certification in engineering, at least, means that you have had schooling, shown competiency in the field, and have proven your knowledge and skills on a battery of written tests. For most projects which call for the construction of buildings, infrastructure, process plants, etc, the ground cannot be broken until every part of the construction, from groundwork, environmental impact, and the like, has been signed off by a respective certified engineer (that is, your civil eng. would sign off on the infrastructure and land usage, your mech eng. on the structural stability, etc.) This is to ensure that any construction that has potental public impact (which typically is ANY large-scale construction) has been 'approved' at some point by people competitent in the field. If that structure should fail in a way that should have been predictable, then those that signed off on it are responsible.
However, not *every* construction project has to be approved or signed off by a Professional Engineer. For example, if you wanted to add on to your house, you typically need to get some license for construction and approval by a local government before you start, but they typcially don't care about the full extent of construction, only the general type of work that you're doing.
Applying the analogy to computer programming, there ought to be a PE classification for programmers, certainly, but I would not necessarily see it as mandatory for all programmers. A duty of a so-called CompEng PE would be to make sure that code that is bound for release into a sector that may affect the well-being of the public is as bug-proof as possible. And note that this would not be for all code: we're talking ares such as medical devices, traffic control systems (ground or air), and similar fields that if the code fails, lives could be in danger; if some code happened to lose your tax payment for the year, for example, that's not life threatening, and thus not critical for a PE review, but certainly couldn't hurt. The need for such a PE review for code would require frequent code reviews, as well as processes in place for companies to earmark code as 'passed', such that when ready to ship, the PE only needs to sign off on it. But you'd only need to have one or two PEs around for a small company, as adding that PE to your name CAN increase your base pay as well.
But there are people that program not for companies but on their own; if we forced any code that was released into the world to have been PE-approved, the small-time, shareware/OSS programmer may become a dying breed. Instead, we want the situation where you can modify your house without PE intervention; you want to be able to write your own code without having to answer to someone else. So requiring certification for all code is a bad idea.
While I do support the concept of a PE for comp eng, I think that the attitudes of many businesses in the tech field is a long way off from it. As you point out, the rapid-release cycle of late, which is a major cause for many bugs, would be too much for a CE PE to be able to keep up with. Again, we have Netscape to blame for this, as they were probably the first group to widely distribution true 'beta' versions of their software to the public en masse, and thus being the development cycle of releasing many weak versions often instead of one strong version once with patches between versions. Certification of developers would not help with that.
-----------------------------------------------------
Dr. Michael K. Neylon - mneylon-pm@masemware.com
||
"You've left the lens cap of your mind on again, Pinky" - The Brain
"I can see my house from here!"
It's not what you know, but knowing how to find it if you don't know that's important
| [reply] |
5 minutes after such a liability law was passed, I would decide never to post code publically to places like PerlMonks, and not to post code to places like CPAN.
Even if I was perfectly sure that I wrote code with no mistakes, there is no way I want to have to prove that in a court that is hard for me to get to because some idiot in South Dakota refused to understand that the bug is in their code, not mine. And, of course, I am not perfectly sure. Reasonably sure? Yes. But if you are writing software for monitoring hearts, and you use code I gave away for fun, then should be your responsibility to validate that the code is sufficient to your needs before you use it.
I think you will find that, no matter how you cut it, this is a thorny issue.
| [reply] |
... if compilers and toolkits are certified by some
board/government, ...
... require that there is some standardization in
the world. As far as I know, there is no perlmonk who
would vote against this idea.
- Isn't this Ada?
Now, Ada has it's uses, but do we really want
all software to look like that?
- The certifying experts can be wrong too. How does one
decide who to sue?
- There is always a tradeoff between safety and freedom
and, IMNSHO, the apparent gains of safety are seldom real
and seldom worth the loss in freedom.
- Not all software is important enough to require certified
programmers willing to bet their family's financial future
on the likelyhood that their software won't fail.
- Laws already exist to handle the situations where it
is important enough. If Boeing's new airliner starts
falling out of the sky because some yayhoo wrote bad code,
they're going to get in serious legal trouble, disclaimers
of non-fitness for a particular purpose or not.
</rant>
| [reply] |