• In 1996, software defects in a Boeing 757 caused a crash that killed 70 people.
• In 2003, a software vulnerability helped cause the largest U.S.power outage in decades.
• In 2004, known software weaknesses let a hacker invade T-Mobile, capturing everything from passwords to Paris Hilton's photos.
• In 2005, 23,900 Toyota Priuses were recalled for software errors that could cause the cars to shut down at highway speeds.
• In 2007, operatives in two nations brazenly exploited software vulnerabilities to cripple the infrastructure and steal trade secrets from other sovereign nations.

Today's software industry is rewarded for carelessness. The pursuit of utility and lack of accountability has enabled unreliable software to become part of the infrastructure of our lives. This excerpt from my new book, Geekonomics: The Real Cost of Insecure Software, looks at society's reliance on poor quality software and provides recommendations for what software companies can do to rectify the problem.

Software and Cement
Cement is everywhere in modern civilization. Mixed with aggregates such as sand and stone, it forms concrete that comprises roadways, bridges, tunnels, building foundations, walls, floors, airports, docks, dams, aqueducts, pipes, and the list goes on. Cement is—quite literally—the foundation of modern civilization, creating the infrastructure that supports billions of lives around the globe. One cannot live in modern civilization without touching, seeing, or relying on cement in one way or another.

Our very lives depend on cement, yet cement has proven so reliable due to strict quality controls that it has to a large extent disappeared from our field of concerns—even though we are surrounded by it. We can live our lives without thinking twice about what is beneath our feet, or more importantly, what may be above our head.

Civilization depends on infrastructure, and infrastructure depends, at least in part, on durable, reliable cement. Due to its versatility, cost-effectiveness, and broad availability, cement has provided options in construction that could not otherwise be attained with stone, wood, or steel alone. But since the 1950s, a new material has been slowly and unrelentingly injected into modern infrastructure, one that is far more versatile, cost-effective, and widely available than cement could ever hope to be. It also just so happens to be invisible and unvisualizable. In fact, it is not a material at all. It is software.

Like cement, software is everywhere in modern civilization. Software is in your mobile phone, on your home computer, in cars, airplanes, hospitals, businesses, public utilities, financial systems, and national defense systems. Software is an increasingly critical component in the operation of infrastructures, cutting across almost every aspect of global, national, social, and economic function. One cannot live in modern civilization without touching, being touched by, or depending on software in one way or another.

The only aspect of software more impressive than software itself is the people that create software. Computer programmers, also known as software developers or software engineers, write the instructions that tell computers what to do. Software developers are in large part a collection of extremely talented and gifted individuals whose capacity to envision and implement algorithms of extraordinary complexity and elegance gives us search engines, operating systems, word processors, instant messaging, mobile networks, satellite navigation, smart cars, advanced medical imaging; the list goes on. As such, software is a human creation, and as a human creation it is subject to the strengths and foibles of humanity. This is where the similarities
of cement and software become most interesting.

Software, like cement before it, is becoming the foundation of civilization. Our very lives are becoming more dependent on and subject to software. As such, the properties of software matter greatly: quality, reliability, security, each by themselves accomplish very little, but their absence faults everything else. Like cement, software can be unreliable if production processes vary even slightly. Whereas variations in kiln temperatures, mixture ratios, or grinding processes can detrimentally affect the strength and durability of cement after it has been poured, there are a host of similar, seemingly trivial variations in producing software that can detrimentally affect its "strength" when "poured" into microchips. It is up to humans to get the production process right.

Continued...

Pages: 1 2 3

-