Prev: Example of building a list of file names?
Next: Could this unclosed() byteArrayInputStream cause high Heap usage ?
From: Andy Champ on 10 Feb 2010 16:53 John Koy wrote: <snip> > Exactly. Engineering is about measurable outcomes, quantification. > What's the equivalent of "this building can withstand a quake of > magnitude 7.5 for 30 seconds" in software? Can any of us state "this > software will stand all virus attacks for 12 months" or "this software > will not crash for 2 years, and if it does your loss won't exceed 20% of > all digital assets managed by it" ? </snip> To some extent that's an unfair comparison. Can any locksmith or burglar alarm maker guarantee that a building will withstand all attacks for 12 months? _That_ is the equivalent of withstanding all virus attacks for 12 months - and it's on a far simpler system. And "your loss won't exceed 20% of all digital assets"? That's a very soft target. I have put together systems designed to safeguard data, and have lost no data, and would not expect to lose data. It's called redundancy. Software failures really do not wipe a fifth of the stored data - we're _much_ better than that. The residents of Haiti might have a few words about buildings designed to withstand 7.5 magnitude earthquakes. And after all, it was due: http://www.sciencedaily.com/releases/2005/02/050205102502.htm Andy
From: Volker Borchert on 10 Feb 2010 16:23 Pete Becker wrote: > Seebs wrote: > > The job of the engineer is to know enough to build something as reliably > > as possible with the available tools, > > And within the available budget. > > and tell you how reliable that is. > > Anyone can build a bridge that stands up. It takes an engineer to build > on that barely stands up. What about Galloping Gertie? -- "I'm a doctor, not a mechanic." Dr Leonard McCoy <mccoy(a)ncc1701.starfleet.fed> "I'm a mechanic, not a doctor." Volker Borchert <v_borchert(a)despammed.com>
From: James Kanze on 10 Feb 2010 17:15 On Feb 9, 11:02 pm, John Koy <John....(a)example.com> wrote: > Arved Sandstrom wrote: > [...] > > Engineering "certification" processes are considerably > > better and more comprehensive than anything that most > > software developers are ever exposed to. Starting with > > education - there's no requirement at all that software > > developers have a relevant degree or associate degree, or > > indeed any real SD training at all. Try that with > > prospective professional engineeers. > > It's not just entry-level certification that software > > developers lack. It's code of conduct, professional > > education, duty to the client, professional discipline and > > so forth. These are all standards. In order for software > > "engineering" to really be engineering it has to adopt > > similar standards. > As long as we disclaim all liability and give no warranties > for the solutions/products we build, SD cannot be an > engineering field and the term "software engineer" remains as > an oxymoron. But that's really only the case for shrink-wrapped software (and presumably, it doesn't exclude your legal guarantees). Most of the projects I've worked on did have guarantees, and contractual penalties for downtime. -- James Kanze
From: James Kanze on 10 Feb 2010 17:18 On Feb 10, 10:03 am, Malcolm McLean <malcolm.mcle...(a)btinternet.com> wrote: > On Feb 10, 1:02 am, John Koy <John....(a)example.com> wrote:> > Arved Sandstrom wrote: > > As long as we disclaim all liability and give no warranties > > for the solutions/products we build, SD cannot be an > > engineering field and the term "software engineer" remains > > as an oxymoron. > Basically no-one knows how to built bug-free software, so the > lability exclusions are necessary. Basically no one knows how to build 100% bug-free anything. Witness Toyota. Globally, in fact, you can probably do better with software than with most other things. And I've never worked on a project where there have been liability exclusions (which probably aren't legal anyway). > They would be commercial suicide in any other field. That > doesn't mean there is no such thing as software engineering, > only that it is new and undeveloped. Boilers used to regularly > explode at the beginning of the industrial revolution, now > such accidents are almost unheard of. Well written software fails a lot less frequently than automobile brakes. -- James Kanze
From: James Kanze on 10 Feb 2010 17:24
On Feb 10, 10:42 am, Malcolm McLean <malcolm.mcle...(a)btinternet.com> wrote: > On Feb 10, 12:29 pm, Arved Sandstrom <dces...(a)hotmail.com> wrote: > > In other words, we have adequate processes available but > > tend not to adopt them. And _then_ because the products are > > seriously flawed we disclaim liability because the products > > are in poor shape. > > We need to get pushed from the outside, by purchasers of our > > software. Unfortunately that hasn't happened. > Software management is not so stupid. If adequate procedures > were available that could ensure bug-free software, at > reasonable cost and time, they they would have been adopted. Guaranteed error-free doesn't exist in any domain. It's not too difficult to achieve error rates of less than one error per 100 KLoc, however, and at least one shop does less than one error per million lines of code. Curiously enough, achieving one error per 100 KLoc typical reduces your development costs. But for whatever reasons, in many companies, this goes unnoticed---in the end, if you're selling shrink wrapped software, development costs are more or less negligible, compared to marketing costs, so it doesn't matter if you spend a bit more. > Except in a few areas customers would soon shy away from 'no > warrantry including the implied warrantry of suitability for > any particular purpose' products. Legally, of course, you have certain rights, regardless of what the "warrenty" says. It's just that as far as I know, no one has attempted to enforce them for software. > The fact is that many many formal methods are in existence. > Some of them might work, to some extent, and in some > circumstances. But none have really proved themselves when it > comes to the acid test of developing real software for > non-trivial projects. Less that one error per million lines of code is achievable. And I've worked on projects where we had less than one error per 100 KLoc (going into integration). -- James Kanze |