$30 off During Our Annual Pro Sale. View Details »

Professional Code of Ethics in Software Engineering

Professional Code of Ethics in Software Engineering

These are the slides that I delivered at Marmara University Computer Science Engineering department to undergraduates.

Lemi Orhan Ergin

March 28, 2012
Tweet

More Decks by Lemi Orhan Ergin

Other Decks in Programming

Transcript

  1. Professional Code of Ethics
    Professional Code of Ethics
    in Software Engineering
    in Software Engineering
    If you are not one of us, you are one of them!
    nmap run completed -- 1 IP address (1 host up)
    scanneds
    % sshnuke 10.2.2.2 -rootpw-"Z1ON0101"
    Connecting to 10.2.2.2:ssh ... successful.
    Attempting to exploit SSHv1 CRC32 ... successful.
    Reseting root password to "Z1ON0101".
    System open: Access Level (9)
    % ssh 10.2.2.2 -l root
    [email protected]'s password:
    RTF-CONTROL> disable grid nodes 21 - 48
    Warning: Disabling nodes 21-48 will disconnect
    sector 11 (27 nodes)
    ARE YOU SURE ? (y/n)
    Grid Node 21 offline...
    Grid Node 22 offline...
    Grid Node 23 offline...
    Grid Node 24 offline...
    Grid Node 25 offline...
    Grid Node 26 offline...
    Grid Node 27 offline...
    Grid Node 28 offline...
    Grid Node 29 offline...
    Grid Node 30 offline...
    Grid Node 31 offline...
    Grid Node 32 offline...
    Grid Node 33 offline...
    Grid Node 34 offline...
    Grid Node 35 offline...
    Grid Node 36 offline...
    Grid Node 37 offline...
    Grid Node 38 offline...
    This presentation is brought to you by Lemi Orhan Ergin as a craftsman in software development

    View Slide

  2. PROFESSIONAL CODE OF ETHICS
    IN SOFTWARE ENGINEERING
    Have you ever heard of

    View Slide

  3. Professional
    Professional
    Code of Ethics in
    Code of Ethics in
    Software Engineering
    Software Engineering
    Professional
    Professional
    Code of Ethics in
    Code of Ethics in
    Software Engineering
    Software Engineering
    Code of Ethics?
    Profession?
    Engineering or Craftmanship?
    Ethics in Development?

    View Slide


  4. Craftsmanship vs Engineering

    Is Software Engineering a Profession?

    What is Code of Ethics?

    Ethics in Software Engineering

    Special Cases & Discussions
    Agenda

    View Slide

  5. Engineering
    Engineering
    Episode 1: What are we doing?
    Craftmanship
    Craftmanship vs
    vs

    View Slide

  6. “My early metrics book, Controlling Software Projects: Management,
    Measurement, and Estimates [1986], played a role in the way many
    budding software engineers quantified work and planned their projects. In
    my reflective mood, I'm wondering, was its advice correct at the time, is it
    still relevant, and do I still believe that metrics are a must for any
    successful software development effort? My answers are no, no, and no.
    I'm gradually coming to the conclusion that software engineering is an
    idea whose time has come and gone.
    Software development is and always will be somewhat experimental. The
    actual software construction isn't necessarily experimental, but its
    conception is. And this is where our focus ought to be. It's where our focus
    always ought to have been. “
    Tom DeMarco
    IEEE
    Developed the world’s first commercial stored program telephone switch
    1986 recipient of the Warnier Prize for
    "lifetime contribution to the field of computing"
    1999 recipient of the Stevens Award for
    "contribution to the methods of software development"
    Software Engineering is dead

    View Slide

  7. Engineering is the discipline, art and profession of acquiring
    and applying technical, scientific and mathematical
    knowledge to design and implement materials, structures,
    machines, devices, systems, and processes that safely
    realize a desired objective or inventions.
    Engineering a Software
    Since NATO Software Engineering Conference in the 1968,
    it has continued as a profession and field of study dedicated
    to creating software that is of higher quality, more
    affordable, maintainable, and quicker to build.
    Wikipedia
    Software Engineering is the application of a systematic,
    disciplined, quantifiable approach to the development,
    operation, and maintenance of software, and the study of
    these approaches; that is, the application of engineering to
    software.
    Wikipedia
    Wikipedia

    View Slide

  8. Theorical Foundations
    Software engineering theories and methodologies are developed for dealing with
    complexity and intellectual challenges in large-scale software development.
    “Software Engineering Foundations:
    A Software Science Perspective”
    by Yingxu Wang
    Complexity Threshold

    View Slide

  9. Software Engineering has specific characters, such as...

    its type (mission critical, of course)

    its size (Google scale, naturally)

    the audience (millions of daily users, obviously)

    and so forth.
    “Software engineering is the science and art of
    specifying, designing, implementing and evolving – with
    economy, timeliness and elegance – programs,
    documentation and operating procedures whereby
    computers can be made useful to man.”
    J.A. McDermid, 1991
    Software engineering is a discipline that adopts engineering approaches, such as
    established methodologies, processes, measurement, tools, standards, organisation
    methods, management methods, quality assurance systems and the like, in the
    development of large-scale software seeking to result in high productivity, low cost,
    controllable quality, and measurable development schedule.
    Yet Another Definition
    Professor of Software Engineering
    Leader of the High Integrity Systems Engineering Group (HISE)
    Department of Computer Science
    at the University of York, USA

    View Slide

  10. What DeMarco seems to be saying is that
    “Control is ultimately illusory on software development
    projects”
    If you want to move your project forward, the only reliable
    way to do that is to cultivate a deep sense of software
    craftsmanship and professionalism around it.
    People who show up every day eager to improve their craft
    will ultimately succeed.
    Software project success isn't about doing any one
    particular thing right; it's the much more daunting task of
    not doing anything wrong. It certainly gives you a new
    appreciation for those rare successful software projects.
    Most software projects fail!
    Control is ultimately illusory

    View Slide

  11. Software Craftsmanship is an DISCIPLINE in software
    development that emphasizes the coding skills of the software
    developers themselves. It is a response by software developers
    to the perceived ills of the mainstream software industry,
    including the prioritization of financial concerns over code
    quality.
    Software Craftsmanship
    http://parlezuml.com/softwarecraftsmanship/
    Wikipedia

    View Slide

  12. http://manifesto.softwarecraftsmanship.org
    Software Craftsmanship Manifesto

    View Slide

  13. Episode 2: Is SE a Profession?

    View Slide

  14. What is a Profession?
    The term profession is applied to those persons who have specialized
    and technical skill or knowledge which they apply, for a fee, to certain
    tasks that ordinary and unqualified people cannot ordinarily undertake.
    The term derives from the Latin: "to swear (an oath)". …
    en.wikipedia.org/wiki/Profession
    The body of people in a learned occupation; an occupation requiring
    special education.
    wordnet.princeton.edu/perl/webwn

    View Slide

  15. 15

    Software engineering (SE) as a discipline and profession is relatively young,
    some even say “immature”.

    In 1996, Ford and Gibbs listed designated eight infrastructure components that
    can be used to evaluate a mature profession:
    – a professional society
    – initial professional education
    – skills development
    – professional development
    – accreditation
    – certification
    – licensing
    – a code of ethics
    Software Engineering Profession

    View Slide

  16. 16
    Professional Societies

    There is no professional society devoted exclusively to software
    engineering, but there are two societies which provide mature
    support for the software engineering profession:
    – Association for Computing Machinery (ACM) (http://www.acm.org/)

    Founded in 1947, ACM has 75, 000 members and has the objective of
    advancing the skills of computing professionals and students worldwide.

    The ACM has 34 “special interest groups” (SIGS). The Special Interest
    Group on Software Engineering (SIGSOFT) focuses on issues relating to all
    aspects of software development and maintenance.
    – IEEE Computer Society (IEEE-CS) (http://computer.org/)

    Founded in 1946, with nearly 100, 000 members, it is the largest of the 36
    societies of the Institute of Electrical and Electronics Engineers (IEEE).

    The Computer Society's vision is to be the leading provider of technical
    information and services to the world's computing professionals

    View Slide

  17. 17
    Certification and Licensing

    Certification is a voluntary process administered by a profession.

    Currently there are many certification programs for various computing
    technologies. Many are brand name certifications (e.g. Cisco, Java/Sun,
    Microsoft, Novell, etc.) and do not deal with the software engineering
    profession directly.

    The IEEE-CS offers a certification titled Certified Software
    Development Professional (CSDP). The CSDP has the
    following components:
    – At the time of application the candidate holds a baccalaureate
    or equivalent university degree and has a minimum of 9,000
    hours of software engineering experience within at least six
    (6) of the eleven (11) SE knowledge areas (the ten SWEBOK
    areas and Professionalism and Engineering Economics).
    – Candidates are required to subscribe to the Software
    Engineering Code of Ethics and Professional Practice
    – Candidates must pass an exam demonstrating mastery of the
    knowledge areas

    View Slide

  18. 18
    Certification and Licensing in US

    Licensing is a mandatory process administered by a governmental
    authority.

    In the U.S. licensing is administered at the state level.

    Only about 18% of U.S. engineers (civil, electrical, mechanical , etc.)
    are registered.

    Texas is currently the only state to license software engineers.

    In recent years, no topic has stirred more controversy and debate
    than certification and licensing of software engineers.
    – This seems to signal that the nature and maturity of software
    engineering is not yet stable.

    View Slide

  19. 19
    Licensing in Turkey
    Türkiye Cumhuriyeti
    Türk Mühendis ve Mimar Odaları Birliği (TMMOB)
    Elektrik Mühendisleri Odası (EMO)
    Bilgisayar Mühendisliği Meslek Dalı Ana Komisyonu
    Bilgisayar MEDAK‘ ın amacı, oda içindeki Bilgisayar Mühendisi üyeler arasında mesleki örgütlülüğe ve
    dayanışmaya yönelik politikalar geliştirmek ve Oda birimlerindeki alt komisyonlardaki (MDK) çalışmalarda
    koordinasyonunun, eşgüdümün sağlanması ve geliştirilmesi olarak tanımlanmaktadır.
    Kuzey Kıbrıs Türkiye Cumhuriyeti
    Bilgisayar Mühendisleri Odası
    1992 yılında kurulan ve Bilgisayar Mühendislerini bünyesinde toplayan BMO, KTMMOB çatısı altında çalışan
    14 meslek odasından biridir. Merkezi Lefkoşa'da olan BMO, merkezde yaptığı çalışmaların yanısıra
    Üniversitelerimizde gönüllü üyelerimizin oluşturduğu temsilciliklerde de Üniversitedeki üyelerimiz ile
    ilişkilerimizi geliştirmek, gerekli gördüğü aktiviteleri düzenlemek ve üye sayısını artırmak için çalışmaktadır.
    http://www.ktbmo.org
    http://www.emo.org.tr/komisyonlar/index.php?
    kod=536

    View Slide

  20. 20
    SE Education & Training

    Ford and Gibbs list four elements related to SE education: initial professional
    education, skills development, professional development and accreditation.

    Initial Professional Education
    – Undergraduate degree programs in software engineering

    Skills Development and Professional Development
    – Publications, conferences, workshop and tutorials.

    Accreditation
    – The Accreditation Board for Engineering and Technology (ABET) has
    established accreditation criteria for software engineering programs.

    View Slide

  21. National Council of Examiners for
    Engineering and Surveying (NCEES)
    Engineering is considered to be a "profession" rather than an "occupation"
    because of several important characteristics:
    special knowledge,
    special privileges,
    special responsibilities.
    Professions are based on a large knowledge base requiring extensive training.
    Professional skills are important to the well-being of society.
    Professions are self-regulating, in that they control the training and evaluation
    processes that admit new persons to the field.
    Professionals have autonomy in the workplace; they are expected to utilize
    their independent judgment in carrying out their professional responsibilities.
    Finally, professions are regulated by ethical standards.

    View Slide

  22. Agreement
    Agreement
    What is
    What is
    ethical?
    ethical?
    Episode 3: What is Code of Ethics?

    View Slide

  23. Professional Ethics Defined

    Professional ethics are set of rules, regulations,
    and a code of conduct that govern how a
    profession deals with each other and others
    outside of the profession.

    Different from moral code

    Different from legal code

    View Slide

  24. Why should we have a Professional
    Code of Ethics?

    A Professional Code of Ethics serves several
    functions:
     Symbolises the professionalism of the group.
     Defines and promotes a standard for external relations
    with clients and employers.
     Protects the group’s interests.
     Codifies members’ rights.
     Expresses ideals to aspire to.
     Offers guidelines in “gray areas”.

    View Slide

  25. The purpose is to clearly set out an international standard for professional practice in
    information technology.
    The components of the standards are:
    Ethics of professional practice:
    Practitioners must publicly ascribe to the code of ethics published within the standard.
    Established body of knowledge:
    Practitioners must be aware of and have access to a well-documented current body of knowledge relevant to
    the domain of practice.
    Education and training:
    The minimum level of mastery of the body of knowledge must be at the baccalaureate level.
    Professional experience:
    In addition to a demonstrated mastery of the body of knowledge a minimum of the equivalent of two years
    supervised experience is recommended before the practitioner operates unsupervised.
    Best practice and proven methodologies:
    Practitioners should be familiar with current best practice and relevant proven methodologies.
    Maintenance of competence:
    Practitioners must be able to provide evidence of their maintenance of competence.
    (IFIP) International Federation for Information Processing’s
    Harmonization of Professional Standards (1998)

    View Slide

  26. Variance in Ethical Concerns in IT
    ACM Computing & Public Policy:

    ACM Code of Ethics

    Software Engineering Code of Ethics

    Software Engineering and Licensing Issues

    ACM Privacy Policy

    ACM Copyright Policy

    ACM Statement of Non-endorsement

    Committee on Computers and Public Policy

    Committee on the Status of Women in Computing

    Coalition to Diversify Computing

    RISKS Forum
    ACM Association-Level Policy Activities on:

    Electronic Voting Systems

    Intellectual Property / Copyright Protection

    Privacy

    Research and Data Access

    Reliability of Computers

    View Slide

  27. Advantages of a Code of Ethics
    A Code of Ethics enables us to:

    Set out the ideals and responsibilities of the profession

    Exert a de facto regulatory effect, protecting both clients and
    professionals

    Improve the profile of the profession

    Motivate and inspire practitioners, by attempting to define their
    raison d'être (reason for being)

    Provide guidance on acceptable conduct

    Raise awareness and consciousness of issues

    Improve quality and consistency

    View Slide

  28. Disadvantages of a Code of Ethics

    Standards are obligatory, or are merely an aspiration

    Whether such a code is desirable or feasible

    Whether ethical values are universal or culturally relativistic

    The difficulty of providing universal guidance given the
    heterogeneous nature of the profession

    Can not cover all aspects of software development.

    Who determines violations?

    How are the rules interpreted?

    What penalties exist for violations?

    View Slide

  29. Cracked
    Cracked
    Windows?
    Windows?
    Helal code?
    Helal code?
    Episode 4: Ethics in Development?

    View Slide

  30. Why have a Professional Code of
    Ethics in Computing?

    Software has the potential to do
    good or cause harm, or to enable
    or influence others to do good or
    cause harm. (Dilemma Theory)

    We have pride in our work and
    want the work that we do to be
    given recognition and respect.

    We want to protect our livelihood.

    View Slide

  31. Why have a Professional Code of
    Ethics in Computing?

    Software controls many aspects of our lives.

    Safety
     Cars: ABS and Air Bags
     Auto/Air Traffic Control

    Financial
     Banking: Interest Calculations
     Tax Filing Software

    Just think about every piece of software that effects
    you life and who developed it.

    View Slide

  32. Some Examples

    ACM Code of Ethics and Professional Conduct.
    – http://www.acm.org/constitution/code.html

    Bitish Computer Society Code of Conduct
    – http://www1.bcs.org.uk/DocsRepository/03200/3224/default.htm

    IEEE-CS/ACM Software Engineering Code of Ethics and
    Professional Practice
    – http://www.computer.org/tab/seprof/code.htm

    View Slide

  33. Characteristics of a Code of Ethics

    They are not simple ethical algorithms that generate
    ethical decisions.

    Sometimes elements of the code may be in tension
    with each other or other sources.
     Requires the software engineer to use ethical judgement to
    act in the spirit of the code of ethics.

    A good code of ethics will provide fundemental
    principles that require thought rather than blind
    allegiance.

    View Slide

  34. Joint IEEE-CS/ACM Code of Ethics
    and Professional Practice

    Built on 8 principles
     Public Interest
     Client and Employer
     Product
     Judgement
     Management
     Profession
     Colleagues
     Self

    The principle of Public Interest is central to the code.

    View Slide

  35. Public Interest

    Software engineers shall act consistently with the
    public interest.
     Approve software only if they have a well-founded belief that
    it is safe, meets standards, passes tests and does not
    diminsh quality of life, privacy or harm the environment.
     Disclose any actual or potential danger to the user.
     Be fair and avoid deception in all statements concerning
    software.

    View Slide

  36. Client and Employer

    Software engineers shall act in a manner that is in the
    best interests of their client and employer, consistent
    with the public interest.
     Be honest about any limitation of their experience and
    education.
     Keep private any confidential information consistent with the
    public interest and the law.
     Not knowingly use software that is obtained or retained either
    illegally or unethically.

    View Slide

  37. Product

    Software engineers shall ensure that their products
    and related modifications meet the highest
    professional standards possible.
     Strive for high quality, acceptable cost, and a reasonable
    schedule, ensuring significant tradeoffs are clear.
     Ensure adequate testing, debugging, and review of software
    and related documents on which they work.
     Treat all forms of software maintenance with the same
    professionalism as new development.

    View Slide

  38. Judgement

    Software engineers shall maintain integrity and
    independence in their professional judgment.
     Not engage in deceptive financial practices.
     Disclose to all concerned parties those conflicts of
    interest that cannot reasonably be avoided or
    escaped.

    View Slide

  39. Management

    Software engineering managers and leaders shall
    subscribe to and promote an ethical approach to
    the management of software development and
    maintenance.
     Ensure that software engineers are informed of
    standards before being held to them.
     Offer fair and just remuneration.
     Not punish anyone for expressing ethical concerns
    about a project.

    View Slide

  40. Profession

    Software engineers shall advance the integrity and
    reputation of the profession consistent with the public
    interest.
     Promote public knowledge of software engineering.
     Be accurate in stating the characteristics of software on
    which they work.
     Take responsibility for detecting, correcting, and reporting
    errors in software and associated documents on which they
    work.

    View Slide

  41. Colleagues

    Software engineers shall be fair to and supportive of
    their colleagues.
     Credit fully the work of others and refrain from taking undue
    credit.
     Give a fair hearing to the opinions, concerns, or complaints of
    a colleague.
     In situations outside of their own areas of competence, call
    upon the opinions of other professionals who have
    competence in that area.

    View Slide

  42. Self

    Software engineers shall participate in lifelong
    learning regarding the practice of their profession
    and shall promote an ethical approach to the
    practice of the profession.
     Further their knowledge
     Improve their ability to create safe, reliable, and
    useful quality software
     Improve their ability to produce accurate,
    informative, and well-written documentation.

    View Slide

  43. Problems with codes of conduct

    They don’t cover every case (nor should they).

    Can a list of rules define a behaviour that
    everyone considers right?

    Little penalty for non-compliance
     Requires a Personal Code of Ethics that is broadly
    in line with the Professional Code.

    View Slide

  44. Ethical Delemma 1:
    Reverse Engineering

    When is reverse engineering ethical?

    Scenario: You are asked to produce software to
    read in a file (with an undisclosed proprietary
    format) into an application.
     Test vectors and analysis?
     Decompilation?
     “Clean room” environment

    View Slide

  45. 45
    Ethics and Professional Conduct

    Why should we be interested in ethics and professional
    conduct?

    Here is one answer:
     Today the quality of software produced by software engineers is
    critical to society.
     The success of many, if not most, human endeavors is dependent on
    high-quality software (e.g. applications used in financial, legal, library,
    health, personnel, and transportation systems)
     Lives depend on the safety and reliability of many software systems
    (e.g. control of aircraft, medical devices, and nuclear power stations)
     In additional to technical capability, the quality of software
    products depend on the ethics and professional conduct of the
    engineers that developer develop them.

    View Slide

  46. Special Cases

    View Slide

  47. THA
    NKS

    View Slide