SAGE (1950s)

Processing radar images of entire US airspace

Coordinate response to nuclear attack

Strategic Defence Initiative (1980s)

System intended to protect US against ballistic missiles

Ground launched and space launched concepts

Patriot Missile (1990s-)

Anti-ballistic missile in operation nowadays

Software error in 1991 led to 28 deaths

Can such system ever work?

Union of Concerned Scientists opposition on political grounds

But is there also a
technical reason?

Why is software complex?

Analog systems
Small change in input causes small change in output
Analog computers of 1930s, audio synthesizers

Digital systems with repeated components
Non-linear, but we can test components in isolation
CPU units and much of modern hardware

Digital systems without repetition
Non-linear and very hard to test
Any modern software system!

Categories

Three categories of software systems

S-programs
Written according to exact specification

P-programs
Completely determined what it can do

E-programs
Closely linked to changing environment

Laws of software evolution (Lehman, 1980)

Continuing change
E-type system must be continually adapted or it becomes progressively less satisfactory

Increasing complexity
As E-type system evolves, its complexity increases

Environment expectations

Typical software development approaches

Start with imperfect and make it gradually better

Employ careful controlled user testing

Check with customer to see if we're getting close

Have "on call" duty to resolve any bugs

Star Wars (1980s)

Fully automatic software system to track and shoot down Soviet nuclear missiles

What development methods will fail?

Arguments that count (Slayton, 2013)

System would be unreliable

Since we have no spare planets on which to fight trial nuclear wars, testing of a global ABM system is impossible.

Principle

Complex software can only be mastered if it is developed progressively, with the aid of extensive testing, and then operated more or less continually in a somewhat lenient and forgiving environment.

Electronic Voting Systems

What properties of the environment make those hard to build?

Environment expectations

When can complex software be mastered

It is developed progressively

Using extensive testing

Operated more or less continually

In a somewhat forgiving environment

1968 NATO Conference

Programming started to make the transition from being a craft for a long-haired programming priest-hood to becoming a real engineering discipline.

Why software engineering?

Cultures of programming

Individualistic hacker culture
Programming as elusive black magic

Business and military engineering culture
Programmers are replaceable and can be trained

Organic and human-centric cultures
Programming as a craft to be done well

Why metaphors for programming matter?

Metaphor may offer a different way of thinking about problems and shift emphasis to different aspects

Environment and defence software

What makes software systems complex
Digital system without repeated components E-type systems and their environment

Importance of system environment
Developed progressively using extensive testing
Operated continuously, in forgiving environment

Metaphors for programming
Software engineering and NATO conference
Programming as writing, growing, building

CO886: Environment and defence software

What you should remember from this lecture

• Three categories of software systems
• What software can be effectively mastered
• Hacker, business and human-centric cultures

Tomas Petricek
t.petricek@kent.ac.uk | @tomaspetricek

Books and papers

• Rebecca Slayton (2013). Arguments that count
• Nathan Ensmenger (2010). Computer boys take over
• Fred Brooks (1975). The mythical man-month
• Steve McConnell (1993). Code Complete: A Practical Handbook of Software Construction
• David Parnas (1985). Software aspects of strategic defence systems