DIRC Workshop on Software Quality and the Legal System

13 February 2004, Gray's Inn, London

Focus of the Workshop

Software plays a key role in today's society. We depend on its correct functioning in many ways: software defects may cause economic loss, accidents and pollution. There are many factors playing a role in the creation of software. In the past, designers tended to concentrate on the technical issues, but as the contact between computers and users becomes ever more intense, more and more attention must be paid to the connection between people and computer systems. The broader view of “computer-based” systems is one of the focal points of the DIRC project which recognizes that progress can only be made by interdisciplinary approaches.

It is therefore interesting to ask what influence the legal system might have on software quality. In this workshop we wish to discuss the possible ways the legal system can help to improve software quality including consideration of potential pitfalls in trying to legislate in this difficult area. Questions that will be addressed are:

• Do we need separate product legislation for software dependability?
• What's the effect of the law regarding corporate manslaughter?
• Is there a difference between legal accountability for software defects and those of other products?
• What legal system serves the public interest with respect to software dependability best? Should the current system be improved?
• What are the dangers of legislation (increased cost to cover insurance, …)?
• What is the role of standards like IEC61508?
• What is the role of the Health and Safety at Work Act?
  

Workshop Programme

Organising Committee

Further Information

More information can be obtained from Meine van der Meulen, mjpm@csr.city.ac.uk, 020-70400274. There is a leaflet containing information on the workshop, for distribution.

Summaries of the Presentations

Functional Safety of electrical, electronic and programmable electronic safety-related systems by Ron Bell

Ron Bell is a Chartered Engineer and a Fellow of the Institution of Electrical Engineers. For over 20 years he has been involved with the development of guidelines and standards for safety-related control systems (particularly those that are computer based). He is Head of the Electrical and Control Systems Group in the Health & Safety Executive and a member of the bi-national (UK/France) Channel Tunnel Safety Authority.

He was chairman of one of the International Electrotechnical Commission (IEC) working groups responsible for developing IEC 61508; is currently project leader for the revision of IEC 61508 and chairs one of the two teams responsible for the revision. He is a member of the IEC Advisory Committee on Safety (ACOS) with particular responsibilities for functional safety and Chairman of the IEE Functional Safety Professional Network.

The presentation considers:

• Examples of systems and subsystems under consideration.
• What’s the problem?
• Essentials of functional safety.
• Legal considerations.
• Standards and “good practice”.

The presentation’s main aim is to provide an overview of the technical elements that make up functional safety and to examine some of the legal requirements relevant to functional safety.

Medical Device Manufacturers, Standards and the Law by Peter Jordan

Peter A. Jordan BA, C.Eng., MBCS, has recently retired from full-time employment as a software process improvement manager in Elekta Ltd, who manufacture radiotherapy equipment for the treatment of cancer. As an independent consultant, he currently contributes to standards in the medical device field, specialising in software and human factors.

Any manufacturer faces risk. The most obvious risks arise from strong competition, excessive costs, product failures, or industrial unrest. This paper will address the manufacturer’s safety risk: the risk accepted by the manufacturer that in spite of their best efforts their products will cause harm to a customer or member of the public. It will explore the question that the manufacturer has to answer: “how safe is safe?” from the point of view of different stakeholders. What will emerge is a number of conflicting answers. In choosing a level of safety, the manufacturer is forced to take legal risks, offering products that are not “perfectly” safe and accepting the risk of civil or even criminal liability. The paper will explore how a medical device manufacturer might resolve conflicts between cost and safety in a real, competitive situation.

Finally, the paper will suggest ways in which the law and standards could give more help to manufacturers. These considerations are particularly relevant to software. Software provides competitive new features. Time to market and development costs are important, and the desire to minimise these is in direct conflict with the desire to engineer robust (and therefore safe) software.

A Legal Framework for Understanding Software Systems Behaviour by Les Hatton

Les Hatton C.Eng, FBCS is Professor of Software Reliability at the Computing Laboratory, University of Kent and a director of Oakwood Computing Associates Ltd. He holds an MA and Ph.D in mathematics from Cambridge and Manchester respectively and recently an LL.M in IT law from Strathclyde. He has been involved with software failure for many years as a victim, perpetrator and latterly researcher for which he has been voted in the leading international scholars of systems and software engineering of the last 10 years by the US Journal of Systems and Software.

In this talk, he will attempt to describe dysfunctional software systems behaviour from the point of view of both the lawyer and the computer scientist. He will introduce the concept of digital convergence and the legal complications this causes and will go on to address inter alia, perceived differences between legal accountability for software defect and defects in other products and services. In particular, he will address whether software falls under existing categories of law or whether it should be treated sui generis.

Corporate Functional Safety Management by Chris Goring

C. J. Goring BA (Hons) MInstMC was Chief Executive Officer of a UK based International Group of Companies supplying software based safety systems and consultancy to the Petrochemical and Nuclear Industries and various National Security Organisations of the UK and US. He has recently been involved in the writing of IEC 61511, an international standard for the implementation of IEC 61508 in the process industry sector.

This presentation examines the role structure and importance of implementation of Corporate Functional Safety Management (CFSM). it explains how a thorough implementation of a top down CFSM policy can limit the scope for litigation when single or multiple human errors occur that have the potential to create a safety incident.

As well as the implementation and verification of safety procedures and the correct selection of qualified staff, it examines the correct or best practice approach to issues such as safety recall and modifications. The presentation also reviews the balance between safety and cost, and when, how and if weighting factors can be considered both at safety recall and initial specification stages. It also addresses the question as to whether different approaches can be taken in different markets both within national boundaries and in an international context.

Application of the HSE Competence Guidelines to Software Engineering by Rod May

Rod May is an engineering consultant providing services in safety and project assurance including issues of professional competence. He has been involved with the HSE/IEE/BCS study on competencies since 1995 and has worked on Competency Management Systems for several concerns. Previously Rod May held senior positions in design and marketing for Hewlett Packard and Eurotherm. A CEng and FIEE, he has a PhD and BSc in Engineering from Warwick and Leicester respectively.

The presentation will cover four topics:

• The IEC 61508 requirements for personnel competence. International standards like IEC 61508 are seen as “best practice” and can be used in support of a legal position.
• What makes a good standard of competency. A competency standard must capture accepted “best practice” to undertake a role, and must provide a mechanism for the assessment of an individual to perform that role to a defined level.
• The IEE Competency Guidelines. The IEE Competency guidelines introduce a good model of competency and provide standards of “best practice” for individuals undertaking roles as main-stream safety-related practitioners.
• Application of the guidelines to software engineering. The IEE Competency model has been used as the basis for the development of standards for software engineering and improved support for personnel assessments.

Legal Accountability for Software Defects by Alan Fisher