University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE1Barry BoehmFall 2021Software Engineering Ethics9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE2Outline•Definitions and context–Power to do public harm or good–ACM/IEEE Software Engineering Code of Ethics•Principles and examples–Rawls’ Theory of Justice–Relation to stakeholder win-win–Case study: Mercy Hospital•Integrating ethics into daily software engineering practices–VBSE/MBASE/Win Win Spiral Model–CS 577 ethics situations9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE3Definition of “Ethics〞〞-Webster, 1993•The discipline dealing with what is good and bad–And with moral duty and obligation•A theory, system, or set of moral principles or values•The principles of conduct governing an individual or group–Professional ethics9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE4Context•Software engineers have increasing power to do public harm or good–Intellectual property, privacy, confidentiality, quality of work, fairness, liability, risk disclosure, conflict of interest, unauthorized access•Professional societies have developed codes of ethics•Hard to integrate value-based ethics into value-neutral software engineering practices•VBSE/MBASE/Win Win Spiral enable ethics integration9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE5Power to Do Public Harm or Good – I•Intellectual Property: use without credit; use copyrighted material•Privacy: credit, health, personal information•Confidentiality: competitive information, political sensitivity•Quality of work: many dimensions; see table9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE6Example: Confidentiality•Government agency hires company to support SW procurement•Provides data under nondisclosure agreement•Employee and company consultant prepare cost estimate•Employee: “ I don’t see how anyone can do all this for $8M〞〞•Consultant provides $8M target cost to some bidders•Government agency angry with company for leak•Whose fault? How could it be avoided?9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE7Quality Concerns Vary by Stakeholders Role Mission - Protection criticaluncrit. Safety ** ** ** Security***** ** ** Privacy** * Robustness Reliability **** **** Availability **** **** Survivability ****** ** Quality of Service Performance ********* Accuracy, Consistency** ******* * Accessibility, ease of use;* ******** * difficulty of misuse Evolvability ************Interoperability ** ***Correctness ** **Cost * **Schedule * ** **Reusability ****AcquirersAdministratorsDevelopers, MaintainersSystem ControllersInformation ConsumersInfo BrokersSystem DependentsInfo SuppliersStakeholder Classes**Critical*Significant0 Insignificant orindirect9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE8Power to Do Public Harm or Good - II•Fairness: equality of opportunity/treatment; fair reward system•Liability: accountability; parity of authority and responsibility•Risk Disclosure: safety tests, COTS capabilities; schedule slips•Conflict of Interest: source selection; personnel or product reviews•Unauthorized Access: reading, copying, modifying; denial of service9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE9Examples: Fairness•Enron software to schedule power outages, raise prices–Suppose you had been asked to develop it?•Urban fire dispatching system–Inefficient old system caused $700M property loss–New-system spec. includes dispatching algorithm to minimize property loss•Any fairness issues?9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE10CS 577 Ethics Accountability•Honoring commitments to CS 577b–Team LCA Life Cycle Plan for 577b should identify 577b continuing team members and roles.–If you signed that you will continue in 577b in the basic 577a questionnaire, we are expecting you to honor your commitment.–If you are considering not honoring your commitment, please meet with me as soon as possible. 9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE11Example: Safety Tests•Your company is delivering a drug prescription fulfillment system–Reusing software from a warehouse inventory system•You are the quality assurance manager–With company responsibility for certifying product safety•The software has passed all the contracted tests–But many off-nominal conditions untested–Some have shown unsafe outcomes–You feel more off-nominal testing if necessary•Company president says if you don’t certify safety by delivery date, company may go out of business–What should you do?9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE12ACM/IEE Software Engineering Code of Ethics-Table of Contents1.Products: achievable goals, realistic estimates, high quality2.Public: safety, respect of diversity, public interest first3.Judgment: objectivity, no bribes or conflicts of interest4.Client and Employer: no employer-adverse interests, surface problems5.Management: fair, ethical work rules, due process for violations6.Profession: support profession and ethics code, don’t misrepresent software7.Colleagues: credit colleagues’ work, give colleagues a fair hearing8.Self: improve your technical and ethical knowledge and practices9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE13Code of Ethics 2. Public2.01 Disclose any software-related dangers2.02 Approve only safe, well tested software2.03 Only sign documents in area of competence2.04 Cooperate on matters of public concern2.05 Produce software that respects diversity2.06 Be fair and truthful in all matters2.07 Always put the public’s interest first2.08 Donate professional skills to good causes2.10 Accept responsibility for your own work 9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE14Code of Ethics 4. Client and Employer4.01 Provide services only where competent4.02 Ensure resources are authentically approved4.03 Only use property as authorized by the owner4.04 Do not use illegally obtained software4.05 Honor confidentiality of information4.06 Raise matters of social concern4.07 Inform when a project becomes problematic4.08 Accept no detrimental outside work4.09 Represent no interests adverse to your employer 9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE15Outline•Definitions and context–Power to do public harm or good–ACM/IEEE Software Engineering Code of Ethics•Principles and examples–Rawls’ Theory of Justice–Relation to stakeholder win-win–Case study: Mercy Hospital•Integrating ethics into daily software engineering practices–VBSE/MBASE/Win Win Spiral Model–CS 577 ethics situations9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE16Rawls’ Theory of Justice (1971)-Following Collins et al., “How Good Is Good Enough?〞〞 Comm.ACM, Jan. 1994•Fair rules of conduct•Principles of justice•Participants and obligations–Provider (developer)–Buyer (acquirer)–User(s)–Penumbra (general public)•Negotiate mutually satisfactory (win-win) agreements9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE17Rawls’ Theory of Justice - II •Fair rules of conduct•Negotiation among interested parties•Veil of ignorance (about what affects whom)•Rationality•Principles•Least Advantaged - don’t increase harm to them•Harm = probability x magnitude (~risk exposure)•Risking harm - don’t risk increasing harm•Don’t use “low-threat〞 software in “high-threat〞 context•Publicity test - defensible with honor before an informed public•Use for difficult cost-benefit tradeoffs9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE18Obligations of the Software Provider9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE19Obligations of the Software Buyer9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE20Obligations of the Software User9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE21Obligations of the Software Penumbra9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE22Case Study: Mercy Hospital Pharmacy System-Collins et al., 1994•Growing hospital–Manual pharmacy information system reaching overload•Spec developed for PC-based information system–Rachel: VP, Records & Automation–George: Chief Pharmacist•System developed by consultants–Hired by George–Rachel: test procedures–Based on mature warehouse inventory system–Budgeted 50% more testing than other bidders•Installation & Training discovers problems–Helen: consultant in charge of installation & training–Ann: skeptical nurse cross-checking computer outputs9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE23Mercy Hospital Pharmacy System: Problems•Dosage problems from data entry errors–10x dosage; wrong patient•Cross-checking incomplete; not trusted by some doctors•Heavier data-entry load–Formalizing automated procedures more info. needed–Pharmacy info > warehouse info•Helen: Should go back to old system during cleanup•George:- Is old system less risky?-How do we ensure cleanup will get it right?-How much will cleanup cost?•Future practice: How to anticipate, avoid similar problems?9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE24Outline•Definitions and context–Power to do public harm or good–ACM/IEEE Software Engineering Code of Ethics•Principles and examples–Rawls’ Theory of Justice–Relation to stakeholder win-win–Case study: Mercy Hospital•Integrating ethics into daily software engineering practices–VBSE/MBASE/Win Win Spiral Model–CS 577 ethics situations9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE25Mercy Hospital : Use of VBSE/MBASE/Win Win Spiral•Results chain–Add patient safety outcome, patient stakeholder representative–Rework-business-workflows initiative, including safety checks; add clerical-staff stakeholder•Stakeholder Win Win–Patient representative: safety criteria; parallel-operation phase-in–Clerical staff: prototype GUI, including safety-check support•Business Case: includes added safety costs and benefits•Risk Management: assess warehouse package safety, effects of workflow changes.9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE26Use of VBSE/MBASE/Win Win Spiral-II•Concurrent Engineering–Concurrently address business workflows, GUI prototypes, COTS alternatives, feature prioritization, cost/schedule/benefits analysis, other risks–Prepare to pass LCO, LCA, CCD, and IOC anchor point milestone reviews•Monitoring and Control: Use Balanced Scorecard to track progress with respect to plans; apply corrective actions as necessary•Change as Opportunity: Look for emerging COTS pharmacy-related fulfillment systems9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE27CS 577 Ethics Situations•Assuming your priorities match those of other stakeholders–Users: GUI; quality factor priorities–Maintainers: programming language, reuse, documentation–Customers/Owners: legacy compatibility, advanced vs. mature technology, full business case•Favoring stakeholders who agree with you–Excessive privacy protection: customers vs. users•Weighting stakeholders equally on each issue–Users on GUI; owners on legacy compatibility: developers on cost/schedule/risk•Promising more than you can deliver•Borrowing from other projects without credit•Suppressing or delaying bad newsQR for LCO Package 9/20/2024�University of Southern CaliforniaCenter for Software Engineering C S E USC© USC-CSSE28Conclusions•Software engineers have increasing power to do public harm or good•Value-based codes of ethics are hard to integrate with value-neutral software engineering practices•Rawls’ Theory of Justice enables constructive approach for integrating ethics into daily software engineering practice–Stakeholder win-win with least-advantaged system dependents as success-critical stakeholders–Win Win Spiral Model/MBASE/VBSE provides daily-practice framework9/20/2024�。