A ´crystal ball´ for software liability

Author

Voas, Jeffrey ; McGraw, Gary ; Kassab, Lora ; Voas, Larry

Author_Institution

Reliable Software Technologies, 21515 Ridgetop Cir., Suite 250, Sterling, VA, USA

Volume

30

Issue

6

fYear

1997

fDate

6/1/1997 12:00:00 AM

Firstpage

29

Lastpage

36

Abstract

Software developers are living in a liability grace period, but it won\´t last. To adequately insure themselves against potential liability, developers need tools to identify worst-case scenarios and help them quantify the risks associated with a piece of software. For assessing such risks associated with software, the authors recommend fault injection, which provides worst-case predictions about how badly a piece of code might behave and how frequently it might behave that way. By contrast, software testing states how good software is. But even correct code can have "bad days", when external influences keep it from working as desired. Fault injection is arguably the next best thing to having a crystal ball, and it certainly beats facing the future with no predictions at all. It should be a regular part of risk assessment. The greatest benefit from fault injection occurs when a piece of software does not tolerate injected anomalies. False optimism gives way to the only honest claim-that the software presents risks.

Keywords

DP industry; product liability; risk management; software engineering; software fault tolerance; system monitoring; correct code; external influences; fault injection; injected anomaly tolerance; potential liability insurance; risk assessment; risk quantification; software developers; software liability; software testing; worst-case scenarios; Companies; Computer industry; Costs; Information systems; Insurance; Law; Legal factors; Programming; Software performance; Software quality;

fLanguage

English

Journal_Title

Computer

Publisher

ieee

ISSN

0018-9162

Type

jour

DOI

10.1109/2.587545

Filename

587545