Computing Technology: Errors and Risks

Questions and Answers

What is a common challenge in producing error-free programs?

• Lack of funding for development
• Too many developers working on a project
• To make programs compatible with old technology
• High complexity of most applications (correct)

Which of the following is a factor contributing to individual problems with data in computer systems?

• High quality control standards
• Data encryption protocols
• Manual data entry systems
• Large populations that may share names (correct)

What was a primary cause of the baggage system failure at Denver Airport?

• High employee turnover rates
• Insufficient development time (correct)
• Outdated software technology
• Inadequate training for staff

What is a significant risk associated with voting systems?

Vulnerability to software manipulation or hacking (D)

What is a primary reason researchers study failures in computer systems?

To learn how to avoid future errors (D)

Which issue could result from automated data processing?

Inaccurate data interpretation in special cases (C)

Which statement describes a contributing factor to system failures?

Changes in specifications after project initiation (B)

What role does overconfidence in data accuracy play in computer system failures?

It can lead to overlooking errors in data entry. (B)

What can lead to system failures due to inadequate consideration during design?

Inadequate consideration of user input errors (C)

Which of the following is a reason for abandoning computer systems?

Extreme flaws in the system (A)

What is a common issue that leads to project failure in computer systems?

Poor management and communication (B)

How can the use of new technology impact computer systems?

Introduces unknown reliability issues (D)

What problem can arise due to interaction with physical devices in computer systems?

Unexpected software behavior (B)

What is a characteristic of legacy systems?

Shallow documentation (D)

Which issue may contribute to overly optimistic expectations in project planning?

Underestimation of time requirements (A)

Which factor is crucial in ensuring safe design and development of computer systems?

Consideration of potential safety risks (B)

What was a major contributing factor to the errors experienced with the Therac-25?

Use of updated software without retesting (B)

Which of the following correctly describes a responsibility for the Therac-25 failures?

The manufacturer, programmers, and clinics all share responsibility (D)

What issue was identified in the operator interface of the Therac-25?

Weaknesses in design causing user confusion (D)

What misconception did the manufacturer of Therac-25 hold regarding the incidents?

Changes made did not address the actual problems (B)

Which of the following problems is not considered a management issue in computer systems?

Insufficient testing post-software reuse (C)

What do massive radiation overdoses from Therac-25 illustrate about software systems?

They signify the importance of thorough testing and verification (B)

What is a common misconception about interpreting results or outputs from computer systems?

Users can fully trust output without verifying (A)

Which action is considered essential when reusing software in new environments?

Re-examining specifications and risks (A)

What action did the FDA take after the fifth accident involving the Therac-25?

Declared the machine defective (A)

What was a notable factor contributing to accidents on other radiation treatment equipment?

Technicians attending leisure activities during treatment (D)

Which of the following is NOT listed as a professional technique to enhance safety?

High-speed programming techniques (A)

What principle is emphasized in high reliability organizations?

Preoccupation with failure (C)

What approach helps in identifying risks in safety-critical applications?

Identifying risks and protecting against them (B)

Which aspect must be understood for effectively implementing software specifications?

The needs of the client (D)

Which of the following does NOT relate to professional responsibility in software engineering?

Ignoring minor design errors (D)

What does complacency in safety-critical systems often lead to?

Heightened risk of accidents (C)

Which of the following characteristics are essential for user interfaces to enhance safety and reliability?

Providing clear instructions and error messages (C)

What is an effect of a workload that is too low for users interacting with a system?

Potentially dangerous situations may arise (A)

What is meant by voting redundancy in computing systems?

Multiple computers perform the same task and validate each other's results (B)

Which type of testing ensures that even small changes in a system are thoroughly evaluated?

Beta testing (A)

What is a primary concern when introducing civil and criminal penalties for system producers?

Providing sufficient incentives for development (C)

How should risks associated with computers be compared?

Against the benefits they provide and other dependency risks (D)

In the context of airplane safety, what is a function of the Traffic Collision Avoidance System (TCAS)?

Preventing certain pilot actions to avoid collisions (C)

What role do independent verification and validation (IV & V) play in reliability when changes to a system are made?

They ensure that all changes have been thoroughly checked and validated (B)

Flashcards

Computer System Errors

Complex computer applications often contain errors, and system failures can stem from multiple factors.

Individual Errors

Errors in computer systems can affect individuals through incorrect billing, inaccurate data, and misinterpretations.

System Failures

Computer systems, like voting systems, baggage handling systems, and transportation systems, can experience malfunctions.

Voting System Failures

Technical glitches and potentially malicious manipulations (by programmers or hackers) can compromise the accuracy of voting systems.

Denver Airport Baggage System Failure

The baggage system at the Denver Airport failed due to real-world issues, problems elsewhere, and software bugs.

Software Bugs

Issues within computer programs that can cause errors and failures.

Insufficient Development Time

When designing programs, projects must respect allotted time.

Specification Changes

Changes in project requirements during development can lead to software issues.

User Input Errors

Mistakes made by users when interacting with a computer system.

Abandoned Systems

Computer systems that are discarded due to significant flaws.

Poor System Goals/Specs

Projects that fail due to unclear or poorly defined goals and necessary details.

Legacy Systems

Old computer systems that are difficult to replace.

Design and Development Problems

Issues in the design and creation of computer systems leading to faults.

Insufficient Testing

Not enough testing of a computer system before launch leading to unexpected problems.

Unexpected Inputs/Circumstances

Problems that emerge due to unforeseen user actions or environmental conditions.

Therac-25 Accidents

A series of radiation overdoses caused by a faulty medical linear accelerator, resulting in patient injuries and deaths.

Therac-25 Design Flaws

The Therac-25's design contained multiple flaws, including a race condition in the software and a lack of proper safety checks.

Programmer Responsibility

The programmer responsible for the Therac-25's software is partially responsible for the accidents due to the design flaws and lack of testing.

Manufacturer Responsibility

The manufacturer bears responsibility for the inadequate safety procedures and the lack of proper testing, which allowed the Therac-25 to be released with design flaws.

Hospital/Clinic Responsibility

Hospitals and clinics using the Therac-25 bear some responsibility for not properly evaluating its safety and implementing better procedures to mitigate risks.

Importance of Software Engineering

Thorough software engineering practices, including rigorous testing and code review, are essential to prevent accidents like those involving the Therac-25.

Redundancy and Self-Checking

Software should incorporate redundancy and self-checking mechanisms to ensure that critical errors are detected and prevented.

Safety-Critical Applications

Software used in applications that could cause harm if faulty, like medical devices or aircraft systems, require extra vigilance in safety measures.

User Interface Guidelines

Principles for designing user interfaces to be clear, consistent, and error-resistant. They aim to prevent major system failures caused by user mistakes.

User Feedback in Systems

Providing users with clear and timely feedback on their actions and the system's status. This helps users understand what is happening and anticipate system behavior.

Redundancy for Reliability

Using multiple systems to perform the same task, so if one fails, another can take over. This increases reliability and safety.

Testing for System Safety

Thoroughly testing systems to identify and fix potential errors before deployment. This includes various stages like independent verification and beta testing.

TCAS: Trusting the Computer?

A system in some airplanes that automatically prevents certain pilot actions to enhance safety. Raises questions about the balance between human and computer control.

Incentives for Safe Systems

Laws and regulations that encourage companies to create safe and reliable systems by imposing penalties for failures. However, it shouldn't stifle innovation.

Computer Dependence and Risks

Considering the risks of relying on computers as essential tools. Although computers are important, we should also understand their limitations and potential hazards.

Technological Progress and Safety

New technologies, like computers, often start with some risks. We learn from accidents, improve safety measures, and balance risk with potential benefits.

Data-entry errors

Mistakes made by users when inputting data into a computer system. These errors can lead to inaccurate results and system failures.

Inadequate User Training

Users not properly trained on how to use software can lead to errors, incorrect interpretations, and data integrity issues.

Software Overconfidence

Users may trust the software too much and fail to double-check results or interpret them properly, leading to potential misinterpretations and incorrect decisions.

Out-of-Date Information

Databases and systems that are not regularly updated can contain outdated data, leading to inaccurate decisions based on incomplete information.

Misrepresentation of Problems

Companies or individuals involved in developing or using software may hide or downplay problems, preventing timely solutions.

Insufficient Incentives for Quality

Lack of strong market pressure or regulations can lead to companies prioritizing profits over developing high-quality, error-free software.

Software Reuse

Reusing software from previous projects without proper analysis and retesting can introduce old bugs into new systems, leading to unexpected issues.

Therac-25 Case Study

A real-world incident where a radiation therapy machine, the Therac-25, delivered lethal doses of radiation due to software bugs, design flaws, and inadequate testing. It highlights the potential for software errors to have serious consequences.

Study Notes

Chapter 8: Errors, Failures, and Risks

• Chapter 8 discusses errors, failures, and risks related to computing technology.

What We Will Cover

• Failures and errors in computer systems are covered
• Case study of the Therac-25
• Increasing reliability and safety
• Dependence, risk, and progress

Failures and Errors in Computer Systems

• Most computer applications are complex, making it virtually impossible to create error-free programs.
• Failures are often caused by multiple factors.
• Computer professionals must study failures to learn how to avoid them and understand the consequences of poor work.

Problems for Individuals

• Billing errors are common.
• Data in databases can be inaccurate or misinterpreted.
• Large populations where names are shared can cause problems for automated processing.
• Automated processing may not recognise special cases.
• Overconfidence in data accuracy can lead to errors.
• Errors in data entry are frequent.
• Accountability for errors is sometimes lacking.

System Failures

• Examples include Galaxy IV and Amtrak failures,
• Voting systems can experience technical issues, or be rigged to give inaccurate results. Software may be vulnerable to viruses.
• Denver Airport's baggage system failed due to various complications, including inadequate development time and last minute specification changes.
• Airports in Hong Kong and Kuala Lumpur had problems due to inadequate user input consideration by the designers.
• Some system flaws are so serious that systems are abandoned after significant investment.

System Failures - Additional Issues

• Systems may suffer from a lack of clearly defined goals and specifications, poor management, and poor communication among involved parties.
• Unrealistic expectations set by management regarding time and budgets can contribute to failure.
• Using new technology with unknown reliability and issues.
• Refusal to acknowledge potential problems early on.

Legacy Systems

• Legacy systems – often reliable – are typically inflexible, expensive to replace, and lack proper documentation.

What Goes Wrong?

• Design and development problems can lead to software and/or hardware not working as intended.
• Inadequacy in design for potential risks, interactions with untested physical devices, software incompatibility, unexpected inputs, confusing user interfaces, insufficient testing of software, reuse of software without proper evaluation, and overconfidence in software.
• Management and use issues can be addressed by recognizing errors in data entry, inadequate user training, incorrect interpretation of results, failure to maintain databases up-to-date, and user overconfidence.
• Misrepresenting issues, hiding problems, and providing inadequate responses to issues can compound problems.

Reuse of Software

• Reusing software needs careful consideration of original specifications, potential dangers, and rigorous testing in the new environment. Examples like the Ariane 5 rocket and "No Fly" lists illustrate this.

Case Study: The Therac-25

• The Therac-25 radiation therapy machine delivered massive radiation overdoses, leading to severe injuries and deaths, due to several flawed design choices. Re-used software from older systems contained undetected bugs. Weaknesses in the human-machine interface, and inadequate testing contributed to the problems. The developer should have looked for safety risks but did not. The manufacturer made ineffective changes after an incident, and failed to correct all underlying issues. The FDA ultimately declared the machine defective after a series of accidents.

Increasing Reliability and Safety

• Professional techniques such as good software engineering, clear user interfaces, redundancy and self-checking, and rigorous testing are essential.
• Management should have clear communication and a 'preoccupation with failure' mindset.
• Safety critical systems necessitate proper planning and the identification and mitigation of potential hazards.
• Specifications must accurately reflect client needs. Understanding how clients use the system is critical.
• User interfaces should provide clear instructions, be consistent, and incorporate input checks.
• User feedback is important and systems should behave predictably. Too little workload can be dangerous.
• Redundancy, voting redundancy, thorough testing, independent verification and validation, and beta testing improves resilience.

Trust the Human or the Computer System?

• The use of systems like the Traffic Collision Avoidance System (TCAS) raises the question of how to balance automation with human intervention. Computer systems sometimes override human control to prevent an event.

Law, Regulation, and Markets

• Penalties can incentivize positive practices but potentially stifle creativity.
• Regulations can be implemented for safety-critical applications. Licensing requirements are frequently debated.
• Responsibility is a critical component to address problems.

Dependence, Risk, and Progress

• The growth of technology also brings dependence, issues like computers only being 1 facet of this, as well as electricity. Technology is dependent on other systems (for example, electricity).
• New technologies, while making progress, were not always initially safe, and this is recognized to have improved. Improvements have stemmed from accidents and disasters. Comparisons are needed to see the risks of technology against those for other methods as well as the potential benefits.

Description

This quiz covers Chapter 8 on errors, failures, and risks in computing technology. It includes a case study of the Therac-25 and discusses the importance of increasing reliability and safety in computer systems. Understanding how failures arise and the impact of errors on individuals will also be explored.