Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Professional Code of Ethics in Software Engineering

Professional Code of Ethics in Software Engineering

These are the slides that I delivered at Marmara University Computer Science Engineering department to undergraduates.

Lemi Orhan Ergin

March 28, 2012

More Decks by Lemi Orhan Ergin

Other Decks in Programming


  1. Professional Code of Ethics Professional Code of Ethics in Software

    Engineering in Software Engineering If you are not one of us, you are one of them! nmap run completed -- 1 IP address (1 host up) scanneds % sshnuke -rootpw-"Z1ON0101" Connecting to ... successful. Attempting to exploit SSHv1 CRC32 ... successful. Reseting root password to "Z1ON0101". System open: Access Level (9) % ssh -l root [email protected]'s password: RTF-CONTROL> disable grid nodes 21 - 48 Warning: Disabling nodes 21-48 will disconnect sector 11 (27 nodes) ARE YOU SURE ? (y/n) Grid Node 21 offline... Grid Node 22 offline... Grid Node 23 offline... Grid Node 24 offline... Grid Node 25 offline... Grid Node 26 offline... Grid Node 27 offline... Grid Node 28 offline... Grid Node 29 offline... Grid Node 30 offline... Grid Node 31 offline... Grid Node 32 offline... Grid Node 33 offline... Grid Node 34 offline... Grid Node 35 offline... Grid Node 36 offline... Grid Node 37 offline... Grid Node 38 offline... This presentation is brought to you by Lemi Orhan Ergin as a craftsman in software development
  2. Professional Professional Code of Ethics in Code of Ethics in

    Software Engineering Software Engineering Professional Professional Code of Ethics in Code of Ethics in Software Engineering Software Engineering Code of Ethics? Profession? Engineering or Craftmanship? Ethics in Development?
  3. • Craftsmanship vs Engineering • Is Software Engineering a Profession?

    • What is Code of Ethics? • Ethics in Software Engineering • Special Cases & Discussions Agenda
  4. “My early metrics book, Controlling Software Projects: Management, Measurement, and

    Estimates [1986], played a role in the way many budding software engineers quantified work and planned their projects. In my reflective mood, I'm wondering, was its advice correct at the time, is it still relevant, and do I still believe that metrics are a must for any successful software development effort? My answers are no, no, and no. I'm gradually coming to the conclusion that software engineering is an idea whose time has come and gone. Software development is and always will be somewhat experimental. The actual software construction isn't necessarily experimental, but its conception is. And this is where our focus ought to be. It's where our focus always ought to have been. “ Tom DeMarco IEEE Developed the world’s first commercial stored program telephone switch 1986 recipient of the Warnier Prize for "lifetime contribution to the field of computing" 1999 recipient of the Stevens Award for "contribution to the methods of software development" Software Engineering is dead
  5. Engineering is the discipline, art and profession of acquiring and

    applying technical, scientific and mathematical knowledge to design and implement materials, structures, machines, devices, systems, and processes that safely realize a desired objective or inventions. Engineering a Software Since NATO Software Engineering Conference in the 1968, it has continued as a profession and field of study dedicated to creating software that is of higher quality, more affordable, maintainable, and quicker to build. Wikipedia Software Engineering is the application of a systematic, disciplined, quantifiable approach to the development, operation, and maintenance of software, and the study of these approaches; that is, the application of engineering to software. Wikipedia Wikipedia
  6. Theorical Foundations Software engineering theories and methodologies are developed for

    dealing with complexity and intellectual challenges in large-scale software development. “Software Engineering Foundations: A Software Science Perspective” by Yingxu Wang Complexity Threshold
  7. Software Engineering has specific characters, such as... • its type

    (mission critical, of course) • its size (Google scale, naturally) • the audience (millions of daily users, obviously) • and so forth. “Software engineering is the science and art of specifying, designing, implementing and evolving – with economy, timeliness and elegance – programs, documentation and operating procedures whereby computers can be made useful to man.” J.A. McDermid, 1991 Software engineering is a discipline that adopts engineering approaches, such as established methodologies, processes, measurement, tools, standards, organisation methods, management methods, quality assurance systems and the like, in the development of large-scale software seeking to result in high productivity, low cost, controllable quality, and measurable development schedule. Yet Another Definition Professor of Software Engineering Leader of the High Integrity Systems Engineering Group (HISE) Department of Computer Science at the University of York, USA
  8. What DeMarco seems to be saying is that “Control is

    ultimately illusory on software development projects” If you want to move your project forward, the only reliable way to do that is to cultivate a deep sense of software craftsmanship and professionalism around it. People who show up every day eager to improve their craft will ultimately succeed. Software project success isn't about doing any one particular thing right; it's the much more daunting task of not doing anything wrong. It certainly gives you a new appreciation for those rare successful software projects. Most software projects fail! Control is ultimately illusory
  9. Software Craftsmanship is an DISCIPLINE in software development that emphasizes

    the coding skills of the software developers themselves. It is a response by software developers to the perceived ills of the mainstream software industry, including the prioritization of financial concerns over code quality. Software Craftsmanship http://parlezuml.com/softwarecraftsmanship/ Wikipedia
  10. What is a Profession? The term profession is applied to

    those persons who have specialized and technical skill or knowledge which they apply, for a fee, to certain tasks that ordinary and unqualified people cannot ordinarily undertake. The term derives from the Latin: "to swear (an oath)". … en.wikipedia.org/wiki/Profession The body of people in a learned occupation; an occupation requiring special education. wordnet.princeton.edu/perl/webwn
  11. 15 • Software engineering (SE) as a discipline and profession

    is relatively young, some even say “immature”. • In 1996, Ford and Gibbs listed designated eight infrastructure components that can be used to evaluate a mature profession: – a professional society – initial professional education – skills development – professional development – accreditation – certification – licensing – a code of ethics Software Engineering Profession
  12. 16 Professional Societies • There is no professional society devoted

    exclusively to software engineering, but there are two societies which provide mature support for the software engineering profession: – Association for Computing Machinery (ACM) (http://www.acm.org/) • Founded in 1947, ACM has 75, 000 members and has the objective of advancing the skills of computing professionals and students worldwide. • The ACM has 34 “special interest groups” (SIGS). The Special Interest Group on Software Engineering (SIGSOFT) focuses on issues relating to all aspects of software development and maintenance. – IEEE Computer Society (IEEE-CS) (http://computer.org/) • Founded in 1946, with nearly 100, 000 members, it is the largest of the 36 societies of the Institute of Electrical and Electronics Engineers (IEEE). • The Computer Society's vision is to be the leading provider of technical information and services to the world's computing professionals
  13. 17 Certification and Licensing • Certification is a voluntary process

    administered by a profession. • Currently there are many certification programs for various computing technologies. Many are brand name certifications (e.g. Cisco, Java/Sun, Microsoft, Novell, etc.) and do not deal with the software engineering profession directly. • The IEEE-CS offers a certification titled Certified Software Development Professional (CSDP). The CSDP has the following components: – At the time of application the candidate holds a baccalaureate or equivalent university degree and has a minimum of 9,000 hours of software engineering experience within at least six (6) of the eleven (11) SE knowledge areas (the ten SWEBOK areas and Professionalism and Engineering Economics). – Candidates are required to subscribe to the Software Engineering Code of Ethics and Professional Practice – Candidates must pass an exam demonstrating mastery of the knowledge areas
  14. 18 Certification and Licensing in US • Licensing is a

    mandatory process administered by a governmental authority. • In the U.S. licensing is administered at the state level. • Only about 18% of U.S. engineers (civil, electrical, mechanical , etc.) are registered. • Texas is currently the only state to license software engineers. • In recent years, no topic has stirred more controversy and debate than certification and licensing of software engineers. – This seems to signal that the nature and maturity of software engineering is not yet stable.
  15. 19 Licensing in Turkey Türkiye Cumhuriyeti Türk Mühendis ve Mimar

    Odaları Birliği (TMMOB) Elektrik Mühendisleri Odası (EMO) Bilgisayar Mühendisliği Meslek Dalı Ana Komisyonu Bilgisayar MEDAK‘ ın amacı, oda içindeki Bilgisayar Mühendisi üyeler arasında mesleki örgütlülüğe ve dayanışmaya yönelik politikalar geliştirmek ve Oda birimlerindeki alt komisyonlardaki (MDK) çalışmalarda koordinasyonunun, eşgüdümün sağlanması ve geliştirilmesi olarak tanımlanmaktadır. Kuzey Kıbrıs Türkiye Cumhuriyeti Bilgisayar Mühendisleri Odası 1992 yılında kurulan ve Bilgisayar Mühendislerini bünyesinde toplayan BMO, KTMMOB çatısı altında çalışan 14 meslek odasından biridir. Merkezi Lefkoşa'da olan BMO, merkezde yaptığı çalışmaların yanısıra Üniversitelerimizde gönüllü üyelerimizin oluşturduğu temsilciliklerde de Üniversitedeki üyelerimiz ile ilişkilerimizi geliştirmek, gerekli gördüğü aktiviteleri düzenlemek ve üye sayısını artırmak için çalışmaktadır. http://www.ktbmo.org http://www.emo.org.tr/komisyonlar/index.php? kod=536
  16. 20 SE Education & Training • Ford and Gibbs list

    four elements related to SE education: initial professional education, skills development, professional development and accreditation. • Initial Professional Education – Undergraduate degree programs in software engineering • Skills Development and Professional Development – Publications, conferences, workshop and tutorials. • Accreditation – The Accreditation Board for Engineering and Technology (ABET) has established accreditation criteria for software engineering programs.
  17. National Council of Examiners for Engineering and Surveying (NCEES) Engineering

    is considered to be a "profession" rather than an "occupation" because of several important characteristics: special knowledge, special privileges, special responsibilities. Professions are based on a large knowledge base requiring extensive training. Professional skills are important to the well-being of society. Professions are self-regulating, in that they control the training and evaluation processes that admit new persons to the field. Professionals have autonomy in the workplace; they are expected to utilize their independent judgment in carrying out their professional responsibilities. Finally, professions are regulated by ethical standards.
  18. Professional Ethics Defined • Professional ethics are set of rules,

    regulations, and a code of conduct that govern how a profession deals with each other and others outside of the profession. • Different from moral code • Different from legal code
  19. Why should we have a Professional Code of Ethics? •

    A Professional Code of Ethics serves several functions:  Symbolises the professionalism of the group.  Defines and promotes a standard for external relations with clients and employers.  Protects the group’s interests.  Codifies members’ rights.  Expresses ideals to aspire to.  Offers guidelines in “gray areas”.
  20. The purpose is to clearly set out an international standard

    for professional practice in information technology. The components of the standards are: Ethics of professional practice: Practitioners must publicly ascribe to the code of ethics published within the standard. Established body of knowledge: Practitioners must be aware of and have access to a well-documented current body of knowledge relevant to the domain of practice. Education and training: The minimum level of mastery of the body of knowledge must be at the baccalaureate level. Professional experience: In addition to a demonstrated mastery of the body of knowledge a minimum of the equivalent of two years supervised experience is recommended before the practitioner operates unsupervised. Best practice and proven methodologies: Practitioners should be familiar with current best practice and relevant proven methodologies. Maintenance of competence: Practitioners must be able to provide evidence of their maintenance of competence. (IFIP) International Federation for Information Processing’s Harmonization of Professional Standards (1998)
  21. Variance in Ethical Concerns in IT ACM Computing & Public

    Policy: • ACM Code of Ethics • Software Engineering Code of Ethics • Software Engineering and Licensing Issues • ACM Privacy Policy • ACM Copyright Policy • ACM Statement of Non-endorsement • Committee on Computers and Public Policy • Committee on the Status of Women in Computing • Coalition to Diversify Computing • RISKS Forum ACM Association-Level Policy Activities on: • Electronic Voting Systems • Intellectual Property / Copyright Protection • Privacy • Research and Data Access • Reliability of Computers
  22. Advantages of a Code of Ethics A Code of Ethics

    enables us to: • Set out the ideals and responsibilities of the profession • Exert a de facto regulatory effect, protecting both clients and professionals • Improve the profile of the profession • Motivate and inspire practitioners, by attempting to define their raison d'être (reason for being) • Provide guidance on acceptable conduct • Raise awareness and consciousness of issues • Improve quality and consistency
  23. Disadvantages of a Code of Ethics • Standards are obligatory,

    or are merely an aspiration • Whether such a code is desirable or feasible • Whether ethical values are universal or culturally relativistic • The difficulty of providing universal guidance given the heterogeneous nature of the profession • Can not cover all aspects of software development. • Who determines violations? • How are the rules interpreted? • What penalties exist for violations?
  24. Why have a Professional Code of Ethics in Computing? •

    Software has the potential to do good or cause harm, or to enable or influence others to do good or cause harm. (Dilemma Theory) • We have pride in our work and want the work that we do to be given recognition and respect. • We want to protect our livelihood.
  25. Why have a Professional Code of Ethics in Computing? •

    Software controls many aspects of our lives. • Safety  Cars: ABS and Air Bags  Auto/Air Traffic Control • Financial  Banking: Interest Calculations  Tax Filing Software • Just think about every piece of software that effects you life and who developed it.
  26. Some Examples • ACM Code of Ethics and Professional Conduct.

    – http://www.acm.org/constitution/code.html • Bitish Computer Society Code of Conduct – http://www1.bcs.org.uk/DocsRepository/03200/3224/default.htm • IEEE-CS/ACM Software Engineering Code of Ethics and Professional Practice – http://www.computer.org/tab/seprof/code.htm
  27. Characteristics of a Code of Ethics • They are not

    simple ethical algorithms that generate ethical decisions. • Sometimes elements of the code may be in tension with each other or other sources.  Requires the software engineer to use ethical judgement to act in the spirit of the code of ethics. • A good code of ethics will provide fundemental principles that require thought rather than blind allegiance.
  28. Joint IEEE-CS/ACM Code of Ethics and Professional Practice • Built

    on 8 principles  Public Interest  Client and Employer  Product  Judgement  Management  Profession  Colleagues  Self • The principle of Public Interest is central to the code.
  29. Public Interest • Software engineers shall act consistently with the

    public interest.  Approve software only if they have a well-founded belief that it is safe, meets standards, passes tests and does not diminsh quality of life, privacy or harm the environment.  Disclose any actual or potential danger to the user.  Be fair and avoid deception in all statements concerning software.
  30. Client and Employer • Software engineers shall act in a

    manner that is in the best interests of their client and employer, consistent with the public interest.  Be honest about any limitation of their experience and education.  Keep private any confidential information consistent with the public interest and the law.  Not knowingly use software that is obtained or retained either illegally or unethically.
  31. Product • Software engineers shall ensure that their products and

    related modifications meet the highest professional standards possible.  Strive for high quality, acceptable cost, and a reasonable schedule, ensuring significant tradeoffs are clear.  Ensure adequate testing, debugging, and review of software and related documents on which they work.  Treat all forms of software maintenance with the same professionalism as new development.
  32. Judgement • Software engineers shall maintain integrity and independence in

    their professional judgment.  Not engage in deceptive financial practices.  Disclose to all concerned parties those conflicts of interest that cannot reasonably be avoided or escaped.
  33. Management • Software engineering managers and leaders shall subscribe to

    and promote an ethical approach to the management of software development and maintenance.  Ensure that software engineers are informed of standards before being held to them.  Offer fair and just remuneration.  Not punish anyone for expressing ethical concerns about a project.
  34. Profession • Software engineers shall advance the integrity and reputation

    of the profession consistent with the public interest.  Promote public knowledge of software engineering.  Be accurate in stating the characteristics of software on which they work.  Take responsibility for detecting, correcting, and reporting errors in software and associated documents on which they work.
  35. Colleagues • Software engineers shall be fair to and supportive

    of their colleagues.  Credit fully the work of others and refrain from taking undue credit.  Give a fair hearing to the opinions, concerns, or complaints of a colleague.  In situations outside of their own areas of competence, call upon the opinions of other professionals who have competence in that area.
  36. Self • Software engineers shall participate in lifelong learning regarding

    the practice of their profession and shall promote an ethical approach to the practice of the profession.  Further their knowledge  Improve their ability to create safe, reliable, and useful quality software  Improve their ability to produce accurate, informative, and well-written documentation.
  37. Problems with codes of conduct • They don’t cover every

    case (nor should they). • Can a list of rules define a behaviour that everyone considers right? • Little penalty for non-compliance  Requires a Personal Code of Ethics that is broadly in line with the Professional Code.
  38. Ethical Delemma 1: Reverse Engineering • When is reverse engineering

    ethical? • Scenario: You are asked to produce software to read in a file (with an undisclosed proprietary format) into an application.  Test vectors and analysis?  Decompilation?  “Clean room” environment
  39. 45 Ethics and Professional Conduct • Why should we be

    interested in ethics and professional conduct? • Here is one answer:  Today the quality of software produced by software engineers is critical to society.  The success of many, if not most, human endeavors is dependent on high-quality software (e.g. applications used in financial, legal, library, health, personnel, and transportation systems)  Lives depend on the safety and reliability of many software systems (e.g. control of aircraft, medical devices, and nuclear power stations)  In additional to technical capability, the quality of software products depend on the ethics and professional conduct of the engineers that developer develop them.