[Text]

Reading

Characters

  • Randy Samuels - Programmer who is being prosecuted

    • labelled a 'prima donna' / 'diva'
    • Alex Allendale - Attorney (defense)
    • Ruth Witherspoon - Supporter

  • Bart Matthews - Robot operator who was killed

    • Roberta Matthews - Wife
    • Jane McMurdock - Attorney (attack)

  • Sam Reynolds - Robot project manager

    • SOFTWARE PERSON
    • Background in data processing, not robotics
    • Committed to using the Waterfall SDL approach
    • Valerie Thomas - His attorney
    • Ray Johnson - Robotics Division Chief - His boss
      • HARDWARE PERSON

  • Cindy Yardley - Software tester - Faked software tests to save her co-workers' jobs

  • Max Worthington - Security - Exposed Cindy's fake test results

    • aka. 'Martha' - Insider source

  • Michael Waterson - CEO - Put Sam in charge instead of Ray to save money

  • Jan Anderson - Ex programmer. Fired for opposing the use of the Waterfall Model

  • Sharon Skinner - Professor - Thought of Randy as overly sensitive to criticism

  • Horace Gritty - Professor - Laid blame to poor interface design

  • Bill Park - Professor - Confirmed Randy misunderstood robot dynamics equations

  • Wesley Silber - Professor - Reviewed software quality assurance

  • Harry Yoder - Analyst

  • Mabel Muckraker - Reporter

  • Robert Franklin - Reporter

  • Turina Babbage - Calls for an investigation

  • Sandra Henderson - Quality assurance investigator

The Death

  • Bart Matthews was killed by an assembly line robot
  • Robot malfunctions and waved its 'arm' violently
  • The arm struck Bart, "throwing him against a wall and crushing his skull"
  • Bart was the first operator of the new robot

The Charges

  • Jane McMurdock (attack attorney) said that Randy (prosecutee) was negligent in correctly interpreting the [physics] formula
  • Bill Park verified the formulas were right, but the code implementation was wrong

The Meta / Environment

  • The company had a time pressure to finish the project
    • They were 6 months behind schedule
  • There was friction between Sam Reynolds (Project Head) and Ray Johnson (Robotics Chief) of the company
  • Robotics Division might be terminated if the project failed
  • Twenty programmers were added
    • "the new hirees were not fully integrated into the project, even six months later, when ten Robbie CX30 robots, including the robot which killed Bart Matthews, were shipped out"

The Team

  • Randy (prosecutee) was labelled as a 'prima donna' - someone who could not accept criticism
    • He once stormed out of a code review meeting
  • The entire team was involved in the entire SDL
  • Sam Reynolds had background in data processing, not hardware - the project lead should have been given to Ray Johnson, who had a background in robotics
  • The president of the company moved Reynolds to the Robotics Division rather than to hire a new project leader - cost effectiveness

The Development

  • Waterfall vs Prototyping approach
    • Prototyping approach was much better suited, but the the project head (Sam Reynolds) opted for the Waterfall Model
    • Jan Anderson (ex-programmer) was fired for disagreeing
      • "Since operator interaction with the robot is so important, the interface cannot be designed as an afterthought"
  • The code was stated to be tolerant to 'exceptional conditions'
    • (Obviously it was not)

Dodgy Deals - Politics and Collusion

  • The company stated that they would deliver robots which would "cause no bodily injury to the human operator"
  • The prosecution was directed to Randy (prosecutee) rather than the company
  • The CEO had financially supported the attack attorney in her re-election campaign
  • The requirements specification would have stated that the company should be legally responsible for any injury or death, not any [specific] employee

Deployment - Training

  • The requirements document stated that operators will be exhaustively trained in safety procedures
    • Operators will be verified (by a test)
  • Staff of the client company were never trained or taught about how to handle the 'exceptional conditions'
    • Bart did try to open up the reference manual for errors

User Interface

Schneiderman's 'Eight Golden Rules'

  1. Strive for consistency
  2. Enable frequent users to use shortcuts
  3. Offer informative feedback
  4. Design dialogues to yield closure
  5. Offer simple error handling
  6. Permit easy reversal of actions
  7. Support internal locus of control
  8. Reduce short-term memory load

According to Horace Gritty, the user interface failed to adhere to even a single rule.

  • Keyboard but no mouse
  • Manuals for everything - rather that inbuilt help
    • WHY ARE THERE FOUR VOLUMES OF THE SAME MANUAL
  • Poor ergonomics
    • Computer screen was a distance away from the manuals (bad proximity)
    • Chair was bad
  • Menus were overcomplicated
  • Menus were not ideally arranged
  • Poor use of colours
  • Poor use of light effects
  • Poor choice of sound effects

Testing

  • Static Analysis, Dynamic Analysis

  • Whitebox and Blackbox tests

  • "Neither blackbox nor whitebox testing 'proves' that a program is correct"

  • A test succeeds when a bug is found

  • When comparing the test results with the outputs recorded in the test documents, they were found to be dissimilar

    • Tests may have been faked
    • The right code was written, but wrong version was deployed

Communications

  • Cindy Yardley admitted to doctoring fake test results
  • Discovered that Ray Johnson (Robotics Head) instructed Cindy to fake the results

Safety

"The user interface was designed so as to permit the operator to stop [...] any life-threatening robot motion"

"The user interface is our line of defense"

The safety of the robot was dependent on the competency of the operator

Code Reuse (IP)

Weee copyright

  • Code was taken from a commercial software package PACKSTAT 1-2-3

Comments

  • Time pressure
  • Job stability pressure
  • Adding more staff during the late stages
  • Wrong staff for the wrong job
  • Cost-saving
  • Workplace friction - ("wasting time" - Reynolds)
  • SDL - Waterfall vs Prototyping
  • Responsibility
  • Political collusion
  • Lack of training and verification
  • User interface - overcomplicated, unfamiliar, user not in control
  • Testing
  • Safety limitations not in place

Aside: Interesting quotes

  • "The idea of egoless programming is that a software product belongs to the team and not to the individual programmers. The idea is to be open to criticism and to be less attached to one's work. Code reviews are certainly consistent with this overall philosophy"

  • A test succeeds when a bug is found

  • "Burdens of responsiblity not guilt"