These are the slides that I delivered at Marmara University Computer Science Engineering department to undergraduates.
Professional Code of Ethics
Professional Code of Ethics
in Software Engineering
in Software Engineering
If you are not one of us, you are one of them!
nmap run completed -- 1 IP address (1 host up)
% sshnuke 10.2.2.2 -rootpw-"Z1ON0101"
Connecting to 10.2.2.2:ssh ... successful.
Attempting to exploit SSHv1 CRC32 ... successful.
Reseting root password to "Z1ON0101".
System open: Access Level (9)
% ssh 10.2.2.2 -l root
[email protected]'s password:
RTF-CONTROL> disable grid nodes 21 - 48
Warning: Disabling nodes 21-48 will disconnect
sector 11 (27 nodes)
ARE YOU SURE ? (y/n)
Grid Node 21 offline...
Grid Node 22 offline...
Grid Node 23 offline...
Grid Node 24 offline...
Grid Node 25 offline...
Grid Node 26 offline...
Grid Node 27 offline...
Grid Node 28 offline...
Grid Node 29 offline...
Grid Node 30 offline...
Grid Node 31 offline...
Grid Node 32 offline...
Grid Node 33 offline...
Grid Node 34 offline...
Grid Node 35 offline...
Grid Node 36 offline...
Grid Node 37 offline...
Grid Node 38 offline...
This presentation is brought to you by Lemi Orhan Ergin as a craftsman in software development
PROFESSIONAL CODE OF ETHICS
IN SOFTWARE ENGINEERING
Have you ever heard of
Code of Ethics in
Code of Ethics in
Code of Ethics in
Code of Ethics in
Code of Ethics?
Engineering or Craftmanship?
Ethics in Development?
Craftsmanship vs Engineering
Is Software Engineering a Profession?
What is Code of Ethics?
Ethics in Software Engineering
Special Cases & Discussions
Episode 1: What are we doing?
“My early metrics book, Controlling Software Projects: Management,
Measurement, and Estimates , played a role in the way many
budding software engineers quantified work and planned their projects. In
my reflective mood, I'm wondering, was its advice correct at the time, is it
still relevant, and do I still believe that metrics are a must for any
successful software development effort? My answers are no, no, and no.
I'm gradually coming to the conclusion that software engineering is an
idea whose time has come and gone.
Software development is and always will be somewhat experimental. The
actual software construction isn't necessarily experimental, but its
conception is. And this is where our focus ought to be. It's where our focus
always ought to have been. “
Developed the world’s first commercial stored program telephone switch
1986 recipient of the Warnier Prize for
"lifetime contribution to the field of computing"
1999 recipient of the Stevens Award for
"contribution to the methods of software development"
Software Engineering is dead
Engineering is the discipline, art and profession of acquiring
and applying technical, scientific and mathematical
knowledge to design and implement materials, structures,
machines, devices, systems, and processes that safely
realize a desired objective or inventions.
Engineering a Software
Since NATO Software Engineering Conference in the 1968,
it has continued as a profession and field of study dedicated
to creating software that is of higher quality, more
affordable, maintainable, and quicker to build.
Software Engineering is the application of a systematic,
disciplined, quantifiable approach to the development,
operation, and maintenance of software, and the study of
these approaches; that is, the application of engineering to
Software engineering theories and methodologies are developed for dealing with
complexity and intellectual challenges in large-scale software development.
“Software Engineering Foundations:
A Software Science Perspective”
by Yingxu Wang
Software Engineering has specific characters, such as...
its type (mission critical, of course)
its size (Google scale, naturally)
the audience (millions of daily users, obviously)
and so forth.
“Software engineering is the science and art of
specifying, designing, implementing and evolving – with
economy, timeliness and elegance – programs,
documentation and operating procedures whereby
computers can be made useful to man.”
J.A. McDermid, 1991
Software engineering is a discipline that adopts engineering approaches, such as
established methodologies, processes, measurement, tools, standards, organisation
methods, management methods, quality assurance systems and the like, in the
development of large-scale software seeking to result in high productivity, low cost,
controllable quality, and measurable development schedule.
Yet Another Definition
Professor of Software Engineering
Leader of the High Integrity Systems Engineering Group (HISE)
Department of Computer Science
at the University of York, USA
What DeMarco seems to be saying is that
“Control is ultimately illusory on software development
If you want to move your project forward, the only reliable
way to do that is to cultivate a deep sense of software
craftsmanship and professionalism around it.
People who show up every day eager to improve their craft
will ultimately succeed.
Software project success isn't about doing any one
particular thing right; it's the much more daunting task of
not doing anything wrong. It certainly gives you a new
appreciation for those rare successful software projects.
Most software projects fail!
Control is ultimately illusory
Software Craftsmanship is an DISCIPLINE in software
development that emphasizes the coding skills of the software
developers themselves. It is a response by software developers
to the perceived ills of the mainstream software industry,
including the prioritization of financial concerns over code
Software Craftsmanship Manifesto
Episode 2: Is SE a Profession?
What is a Profession?
The term profession is applied to those persons who have specialized
and technical skill or knowledge which they apply, for a fee, to certain
tasks that ordinary and unqualified people cannot ordinarily undertake.
The term derives from the Latin: "to swear (an oath)". …
The body of people in a learned occupation; an occupation requiring
Software engineering (SE) as a discipline and profession is relatively young,
some even say “immature”.
In 1996, Ford and Gibbs listed designated eight infrastructure components that
can be used to evaluate a mature profession:
– a professional society
– initial professional education
– skills development
– professional development
– a code of ethics
Software Engineering Profession
There is no professional society devoted exclusively to software
engineering, but there are two societies which provide mature
support for the software engineering profession:
– Association for Computing Machinery (ACM) (http://www.acm.org/)
Founded in 1947, ACM has 75, 000 members and has the objective of
advancing the skills of computing professionals and students worldwide.
The ACM has 34 “special interest groups” (SIGS). The Special Interest
Group on Software Engineering (SIGSOFT) focuses on issues relating to all
aspects of software development and maintenance.
– IEEE Computer Society (IEEE-CS) (http://computer.org/)
Founded in 1946, with nearly 100, 000 members, it is the largest of the 36
societies of the Institute of Electrical and Electronics Engineers (IEEE).
The Computer Society's vision is to be the leading provider of technical
information and services to the world's computing professionals
Certification and Licensing
Certification is a voluntary process administered by a profession.
Currently there are many certification programs for various computing
technologies. Many are brand name certifications (e.g. Cisco, Java/Sun,
Microsoft, Novell, etc.) and do not deal with the software engineering
The IEEE-CS offers a certification titled Certified Software
Development Professional (CSDP). The CSDP has the
– At the time of application the candidate holds a baccalaureate
or equivalent university degree and has a minimum of 9,000
hours of software engineering experience within at least six
(6) of the eleven (11) SE knowledge areas (the ten SWEBOK
areas and Professionalism and Engineering Economics).
– Candidates are required to subscribe to the Software
Engineering Code of Ethics and Professional Practice
– Candidates must pass an exam demonstrating mastery of the
Certification and Licensing in US
Licensing is a mandatory process administered by a governmental
In the U.S. licensing is administered at the state level.
Only about 18% of U.S. engineers (civil, electrical, mechanical , etc.)
Texas is currently the only state to license software engineers.
In recent years, no topic has stirred more controversy and debate
than certification and licensing of software engineers.
– This seems to signal that the nature and maturity of software
engineering is not yet stable.
Licensing in Turkey
Türk Mühendis ve Mimar Odaları Birliği (TMMOB)
Elektrik Mühendisleri Odası (EMO)
Bilgisayar Mühendisliği Meslek Dalı Ana Komisyonu
Bilgisayar MEDAK‘ ın amacı, oda içindeki Bilgisayar Mühendisi üyeler arasında mesleki örgütlülüğe ve
dayanışmaya yönelik politikalar geliştirmek ve Oda birimlerindeki alt komisyonlardaki (MDK) çalışmalarda
koordinasyonunun, eşgüdümün sağlanması ve geliştirilmesi olarak tanımlanmaktadır.
Kuzey Kıbrıs Türkiye Cumhuriyeti
Bilgisayar Mühendisleri Odası
1992 yılında kurulan ve Bilgisayar Mühendislerini bünyesinde toplayan BMO, KTMMOB çatısı altında çalışan
14 meslek odasından biridir. Merkezi Lefkoşa'da olan BMO, merkezde yaptığı çalışmaların yanısıra
Üniversitelerimizde gönüllü üyelerimizin oluşturduğu temsilciliklerde de Üniversitedeki üyelerimiz ile
ilişkilerimizi geliştirmek, gerekli gördüğü aktiviteleri düzenlemek ve üye sayısını artırmak için çalışmaktadır.
SE Education & Training
Ford and Gibbs list four elements related to SE education: initial professional
education, skills development, professional development and accreditation.
Initial Professional Education
– Undergraduate degree programs in software engineering
Skills Development and Professional Development
– Publications, conferences, workshop and tutorials.
– The Accreditation Board for Engineering and Technology (ABET) has
established accreditation criteria for software engineering programs.
National Council of Examiners for
Engineering and Surveying (NCEES)
Engineering is considered to be a "profession" rather than an "occupation"
because of several important characteristics:
Professions are based on a large knowledge base requiring extensive training.
Professional skills are important to the well-being of society.
Professions are self-regulating, in that they control the training and evaluation
processes that admit new persons to the field.
Professionals have autonomy in the workplace; they are expected to utilize
their independent judgment in carrying out their professional responsibilities.
Finally, professions are regulated by ethical standards.
Episode 3: What is Code of Ethics?
Professional Ethics Defined
Professional ethics are set of rules, regulations,
and a code of conduct that govern how a
profession deals with each other and others
outside of the profession.
Different from moral code
Different from legal code
Why should we have a Professional
Code of Ethics?
A Professional Code of Ethics serves several
Symbolises the professionalism of the group.
Defines and promotes a standard for external relations
with clients and employers.
Protects the group’s interests.
Codifies members’ rights.
Expresses ideals to aspire to.
Offers guidelines in “gray areas”.
The purpose is to clearly set out an international standard for professional practice in
The components of the standards are:
Ethics of professional practice:
Practitioners must publicly ascribe to the code of ethics published within the standard.
Established body of knowledge:
Practitioners must be aware of and have access to a well-documented current body of knowledge relevant to
the domain of practice.
Education and training:
The minimum level of mastery of the body of knowledge must be at the baccalaureate level.
In addition to a demonstrated mastery of the body of knowledge a minimum of the equivalent of two years
supervised experience is recommended before the practitioner operates unsupervised.
Best practice and proven methodologies:
Practitioners should be familiar with current best practice and relevant proven methodologies.
Maintenance of competence:
Practitioners must be able to provide evidence of their maintenance of competence.
(IFIP) International Federation for Information Processing’s
Harmonization of Professional Standards (1998)
Variance in Ethical Concerns in IT
ACM Computing & Public Policy:
ACM Code of Ethics
Software Engineering Code of Ethics
Software Engineering and Licensing Issues
ACM Copyright Policy
ACM Statement of Non-endorsement
Committee on Computers and Public Policy
Committee on the Status of Women in Computing
Coalition to Diversify Computing
ACM Association-Level Policy Activities on:
Electronic Voting Systems
Intellectual Property / Copyright Protection
Research and Data Access
Reliability of Computers
Advantages of a Code of Ethics
A Code of Ethics enables us to:
Set out the ideals and responsibilities of the profession
Exert a de facto regulatory effect, protecting both clients and
Improve the profile of the profession
Motivate and inspire practitioners, by attempting to define their
raison d'être (reason for being)
Provide guidance on acceptable conduct
Raise awareness and consciousness of issues
Improve quality and consistency
Disadvantages of a Code of Ethics
Standards are obligatory, or are merely an aspiration
Whether such a code is desirable or feasible
Whether ethical values are universal or culturally relativistic
The difficulty of providing universal guidance given the
heterogeneous nature of the profession
Can not cover all aspects of software development.
Who determines violations?
How are the rules interpreted?
What penalties exist for violations?
Episode 4: Ethics in Development?
Why have a Professional Code of
Ethics in Computing?
Software has the potential to do
good or cause harm, or to enable
or influence others to do good or
cause harm. (Dilemma Theory)
We have pride in our work and
want the work that we do to be
given recognition and respect.
We want to protect our livelihood.
Why have a Professional Code of
Ethics in Computing?
Software controls many aspects of our lives.
Cars: ABS and Air Bags
Auto/Air Traffic Control
Banking: Interest Calculations
Tax Filing Software
Just think about every piece of software that effects
you life and who developed it.
ACM Code of Ethics and Professional Conduct.
Bitish Computer Society Code of Conduct
IEEE-CS/ACM Software Engineering Code of Ethics and
Characteristics of a Code of Ethics
They are not simple ethical algorithms that generate
Sometimes elements of the code may be in tension
with each other or other sources.
Requires the software engineer to use ethical judgement to
act in the spirit of the code of ethics.
A good code of ethics will provide fundemental
principles that require thought rather than blind
Joint IEEE-CS/ACM Code of Ethics
and Professional Practice
Built on 8 principles
Client and Employer
The principle of Public Interest is central to the code.
Software engineers shall act consistently with the
Approve software only if they have a well-founded belief that
it is safe, meets standards, passes tests and does not
diminsh quality of life, privacy or harm the environment.
Disclose any actual or potential danger to the user.
Be fair and avoid deception in all statements concerning
Client and Employer
Software engineers shall act in a manner that is in the
best interests of their client and employer, consistent
with the public interest.
Be honest about any limitation of their experience and
Keep private any confidential information consistent with the
public interest and the law.
Not knowingly use software that is obtained or retained either
illegally or unethically.
Software engineers shall ensure that their products
and related modifications meet the highest
professional standards possible.
Strive for high quality, acceptable cost, and a reasonable
schedule, ensuring significant tradeoffs are clear.
Ensure adequate testing, debugging, and review of software
and related documents on which they work.
Treat all forms of software maintenance with the same
professionalism as new development.
Software engineers shall maintain integrity and
independence in their professional judgment.
Not engage in deceptive financial practices.
Disclose to all concerned parties those conflicts of
interest that cannot reasonably be avoided or
Software engineering managers and leaders shall
subscribe to and promote an ethical approach to
the management of software development and
Ensure that software engineers are informed of
standards before being held to them.
Offer fair and just remuneration.
Not punish anyone for expressing ethical concerns
about a project.
Software engineers shall advance the integrity and
reputation of the profession consistent with the public
Promote public knowledge of software engineering.
Be accurate in stating the characteristics of software on
which they work.
Take responsibility for detecting, correcting, and reporting
errors in software and associated documents on which they
Software engineers shall be fair to and supportive of
Credit fully the work of others and refrain from taking undue
Give a fair hearing to the opinions, concerns, or complaints of
In situations outside of their own areas of competence, call
upon the opinions of other professionals who have
competence in that area.
Software engineers shall participate in lifelong
learning regarding the practice of their profession
and shall promote an ethical approach to the
practice of the profession.
Further their knowledge
Improve their ability to create safe, reliable, and
useful quality software
Improve their ability to produce accurate,
informative, and well-written documentation.
Problems with codes of conduct
They don’t cover every case (nor should they).
Can a list of rules define a behaviour that
everyone considers right?
Little penalty for non-compliance
Requires a Personal Code of Ethics that is broadly
in line with the Professional Code.
Ethical Delemma 1:
When is reverse engineering ethical?
Scenario: You are asked to produce software to
read in a file (with an undisclosed proprietary
format) into an application.
Test vectors and analysis?
“Clean room” environment
Ethics and Professional Conduct
Why should we be interested in ethics and professional
Here is one answer:
Today the quality of software produced by software engineers is
critical to society.
The success of many, if not most, human endeavors is dependent on
high-quality software (e.g. applications used in financial, legal, library,
health, personnel, and transportation systems)
Lives depend on the safety and reliability of many software systems
(e.g. control of aircraft, medical devices, and nuclear power stations)
In additional to technical capability, the quality of software
products depend on the ethics and professional conduct of the
engineers that developer develop them.