Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Your Software is Mission Critical

Mike Lehan
November 04, 2022

Your Software is Mission Critical

If an autopilot fails, or a weapon system malfunctions, lives can and will be lost. As a result, significant checks, practices and concepts go into designing the software for such systems. But the code we, as developers in a wide range of jobs and fields, write can be just as critical - a delayed benefits submission because of a server error causes somebody to become homeless; a mistake on an immigration system causes a family to be deported; a misrouting of a delivery driver causes a car crash.

As developers we should explore the culture around what we build - move fast and break things doesn't work if you're dealing with real people's real lives. Are there lessons of software development, design, project management, that we can learn from "mission critical" software production, and apply to our "normal" development projects that can ultimately save frustration, jobs and even lives in the process?

Mike Lehan

November 04, 2022

More Decks by Mike Lehan

Other Decks in Technology


  1. “ People were noticing that there was something about these

    systems that had an impact on their lives. The Age of Algorithmic Anxiety, Kyle Chayka for The New Yorker 6
  2. Move fast and break things. Unless you are breaking stuff,

    you are not moving fast enough. Mark Zuckerberg
  3. 12

  4. Our world is dominated by software Much of our ability

    to operate critical infrastructure depends on technology ▫ Healthcare ▫ Finance ▫ Defence ▫ Transportation 17
  5. Our world is dominated by software So does our ability

    to conduct day to day life… ▫ Interacting with government ▫ Paying our bills ▫ Buying food ▫ Education 18
  6. Our world is dominated by software … and to completely

    ignore it ▫ Cat gifs ▫ Social media ▫ Twenty seven different streaming services 19 ▫ More cat gifs
  7. So, what’s the problem? 21 People Anxiety Loss Stress Development

    Mistakes made in software development Operation Errors in live usage of the software
  8. “ A computer lets you make more mistakes, faster, than

    any invention in human history – with the possible exceptions of handguns and tequila. Mitch Ratcliffe, Technology Review April 1992 22
  9. 23

  10. Some clarifications ▫ How we build software can have unintended

    negative impact ▫ Not about whether the intent of the software is good or bad 24 ▫ Grey area between badly written software, and bad business practices
  11. 27 The “mission critical” way FAA DO-178C (aircraft software certification)

    “processes (and their concrete activities) must have well defined entry and exit criteria, according to DO-178C, and a project must show that it is respecting those criteria as it performs the activities in the process”
  12. 29 Test driven development ▫ Write a test for the

    expected outcome ▫ Write some code to pass the test ▫ Make the code “nicer” whilst ensuring the test still passes (refactoring) What about legacy projects?
  13. 30

  14. 31

  15. 32 Ways to improve coverage ▫ Collecting metrics ▫ PR

    targets (start out using baselines) ▫ Avoid covering brittle features ▫ … a different approach - static analysis
  16. 33 The “mission critical” way Astree - verification of absence

    of runtime error “Astree proved absence of runtime errors in A380 software in 2004, prior to maiden flight in 2005” By verifying all paths of a program, we can guarantee freedom from errors
  17. 35

  18. So, what’s the benefit? 36 People Can rely on software

    that always does the right thing Development Tests ensure code changes don’t break applications Operation Systems build trust by being more resilient
  19. 38 The “mission critical” way (once again) FAA DO-178C (aircraft

    software certification) “Once an activity within a process has been defined, it is generally expected that the project respect that documented activity within its process”
  20. “ To create a supple, knowledge- rich design calls for

    a versatile, shared team language, and a lively experimentation with language that seldom happens on software projects. Domain Driven Design, Eric Evans 42
  21. 44

  22. 45

  23. 46

  24. 47

  25. 49

  26. So, what’s the benefit? 50 People Have their needs met

    by software that understands them Development Good design means we know why we build what we build Operation Well designed software understands the use case
  27. “ A recent study published by the AI Now Institute

    of New York University concluded that a “diversity disaster” has resulted in flawed AI systems that perpetuate gender and racial biases. Why Diversity In AI Is So Important, Maria Klawe for Forbes 53
  28. 54 Factors often beyond our control ▫ Who manages us?

    ▫ Who’s buying it? ▫ How will they react to it? ▫ How can we influence this?
  29. 55

  30. 56 Diverse teams ▫ Complex software is multi-faceted; and teams

    that build it should be as well ▫ Blind spots in development lead to flaws in design & implementation - representative teams address this ▫ The complexity and ingenuity of humans, solving problems for other humans
  31. 58 Developers solve problems ▫ Using code is just one

    way to do it ▫ Apply software principles more broadly: ▫ Is it reproducible? ▫ Does it “work on my machine”? ▫ Have you turned it off and on again?
  32. 61 Our software is mission critical ▫ Testing - prioritise

    doing tests, even if they are imperfect ▫ Design - consider your approach, codify your solutions ▫ Humans - think about the people who use, influence and create your software ▫ Be humble - learn new ways to do things, make good plans, hold them lightly
  33. 62

  34. “ The trouble was the familiar one: too much power,

    too little knowledge. The fault was mine… “Damage” by Wendell Berry 63