Slashdot Mirror
Software Approvals For Consumer Markets?
Odkin asks: "Some friends and I are struggling with a hardware project which is stalled due to costly consumer market approvals (which is alright I guess). But it struck me, why are there only market approvals for hardware and not software? The hardware approvals include functionality tests that ensure that the product works as intended in any way the user would handle it (even unsuitable use). Would such approvals for commercial software improve the quality of the products, including minimizing the risk of data loss and heightening the security? In other words, would it facilitate or inhibit the creation of good software?"
make a better product. However it would make it real hard for small software houses to put out software. Plus isnt the EULA's whole point to get around accountability in a product?
"All I can tell the "lesser of two evils" folks is that if they keep voting for evil, they'll keep getting evil."-Lp.org
Or is it both?
Some software goes through rigorous approval and acceptance testing. I'm looking at the software for the space shuttle. It's like civil engineering - due to the huge liabilities inherent in a failure scenario, an incredible amount of effort is put into ensuring that a failure scenario does not happen.
Some software gets cursory testing. I'm looking at my employer. It's like a burger - who cares if you get one pickle slice or two, as long as you get your burger?
And some software is like an analogy that makes no sense, like bridges and burgers. Mmmm, Chief Justice Warren Burger...
Posting anonymously. Hi, boss!
actually making a software product that functions, even when stressed? now that's just crazy talk.
but in reality this is somethign that every product (hardware or software) should go through. It'll just make a better product.
Pretty much becuase Programmers aren't considered profesionals like "Doctors" and "Lawyers" by the govts, as they can teach themselvfes, and hence are exempt from Malpractice.
Also teh EULA especially in UCITA states shields the software company from damages. Go read just about any EULA when it talks about damages if you don't believe me.
It would certainly help usability. If you extend the analogy of unsuitable use of hardware to software, what if I click the wrong button or enter an illegal command. This should all be handled by good software.
But if that process ever became standard, it might help quite a bit with security. Throw in some bogus data and see if anyone can read it or write to it illegally.
Ultimately, this will never happen unless users demand it, and refuse to buy a product unless it passes such a test. And I don't know if that will happen.
Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
If you are trying to get liability insurance, that's another thing - you can spend as much money as you have and it may not help.
So... give us a fer instance on what you're trying to do - your box looks pretty innocuous.
Been there, done that, paid for the T-shirt
and didn't get it
Dear Sir,
Because no one trusts a hardware engineer.
Sincerely,
A Software Engineer
Could you clarify exactly what a 'consumer market approval' is? Is it done in house by the company making the product or by a third party institution? Are there generally accepted standards for the process or does each reviewing group have their own procedure?
This should probably just be added to the beta testing that most programs go through. Rather than doing it inhouse, simply give it to a bunch of average Joe Computerusers and see what they do with it. A few of them are bound to do something stupid with it, and that's when you fix the bugs there. There's your consumer approval. If an average consumer can use it without breaking it, then it's fit for the market.
Wouldn't that make it harder for open applications to get in industry? Who would pay for the validation?
Most small video game makers have to run there final versions by the box makers (Sony and Xbox). They run it through a bastion of tests before they will let it out to the consumer market. It doesn't seem to harm the video game makers ability to create good games. Of course, this doesn't include usability testing.
______________________
here's what I meant to write
It would certainly help usability. If you extend the analogy of unsuitable use of hardware to software, what if I click the wrong button or enter an illegal command. This should all be handled by good software.
The problem is that software producers (we can all think of one we hate) are in a rush to make more product and to release new versions. And that rush goes against the idea of quality. In a sense, the software has to be just good enough to get a user's money.
But if that process ever became standard, it might help quite a bit with security. Throw in some bogus data and see if anyone can read it or write to it illegally.
Ultimately, this will never happen unless users demand it, and refuse to buy a product unless it passes such a test. And I don't know if that will happen.
Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
The FCC/CE wants to make sure that your widget doesn't interfere with the other widgets. UL/CSA wants to make sure your widget doesn't burn the house down.
I know that CE has some EMI susceptablilty stuff that isn't exactly safety, but for the most part, the issue is making a safe, non-interfering widget. The widget could fail in 2 days, as long as it fails safely.
You are posing a question that is pretty much unrelated to hardware approvals.
"Eve of Destruction", it's not just for old hippies anymore...
the only way to ensure the creation of better software is to destroy capitalism, thus taking away the profit motive for the speedy creation of software. once there is no money in it, only smart, skilled, and creative people like Dennis Richie or RMS will actually bother to make software. Only the creation of a Socialist Republic a la Seamus Costello and Malachy McAllister, James Connolly, or Karl Marx will create better software, true freedom, and a peaceful world.
Having been on both the hardware and software side of the business, the reason the hardware side goes through so many certifications and steps is purely financial. Building the board the first time is not just the same amount of logic but also checks for interference, electrocution, MTBF and usability. All this takes additional time and investment. If you produce a bunch and stuff goes wrong, fixing it is costly but you can also hurt people. Even liability insurance is more expensive because an inert CD just can't do much damage, but a loose wire can kill.
Every step of hardware is carefully vetted because mistakes (and even success) are so expensive. That, in my opinion, was the huge benefit of computers: they can adapt to your needs by loading cheap software.
You have never worked in an ISO9000 shop.
Of course that doesn't mean that processes are any good. It does mean that the processes are documented and we stand by them.
There are some good software shops out there that do a good job of vetting their code of bugs: like the guys who make VMWare. Then there are other shops that don't: like the guy who make MS Windows.
Besides it's too late to require government involvement. The accepted industry practice of putting out buggy crap has already been established with the notable exceptions where NASA(proof that one can't catch every bug) and the FDA(proof that one can wade through immense bureaucratic red tape) are concerned.
Microsoft has a Windows Logo program whereby you pay them to see if your product meets the standards to use the "Designed for Microsoft Windows ####" logos. I bet they can sue you for trademark infringement if you say your product is "Designed for Microsoft Windows XP" without getting their approval first.
is strictly regulated by the FDA. Not only is a software company required by law to obtain premarket approval 510(k) from the FDA before marketing certain types of medical software in the US, but it is also required by law to document and follow a very thorough software development and validation process.
Although this kind of software is usually not sold to the general public, it is used every day in hospitals and clinics to do everything from analyzing bacterial infections to robotic surgery to radiation oncology treatment planning.
I have worked for several software companies, developing software that is considered a class II medical device. Not only did we have to completely document everything from requirements to validation testing, but we had to keep the documents themselves under version control! Knowing that your software could mean life or death to someone, really puts the software engineering process into perspective.