Slashdot Mirror
Breathalyzer Source Code Revealed
Nonillion writes "New Jersey attorney Evan M. Levow was finally able to get an order from the Supreme Court of New Jersey forcing the manufacturer of the popular Draeger AlcoTest 7110 to reveal the source code. Levow turned the code over to experts, Base One Technologies, to analyze. Initially, Base One found that, contrary to Draeger's protestations that the code was proprietary, the code consisted mostly of general algorithms: 'That is, the code is not really unique or proprietary.' In other words, the 'trade secrets' claim which manufacturers were hiding behind was completely without merit." Following up an earlier discussion here, the state of Minnesota has (without explanation) missed a deadline to turn over the code for a different breathalyzer.
You don't seem to have read the "article", but then again this is /.
Even in such a simple case there are many things it should be testing. Is the A/D output sane? Does it take 3 quick samples while someone is blowing and average them or just take it once (which could be wrong for some reason)?
According to the article, it doesn't look like it does. It calibrates the wind sensor, but doesn't check that the calibration is sane. It doesn't report errors unless they happen 32 times in a row. It disables the watchdog timer. It disables the interrupt for illegal instructions. It doesn't meet any coding standards. It contains code with things like "this is temporary for now" in it.
There is an obvious reason why they didn't want the code released.
Comment forecast: Bits of genius surrounded by a sea of mediocrity.
- Several sections are marked as "temporary, for now"
- Converters will substitute arbitrary, favorable readings for the measured device if the measurement is out of range
- The software takes an airflow measurement at power-up, and presumes this value is the "zero line" or baseline measurement for subsequent calculations. No quality check or reasonableness test is done on this measurement
- It would fail software standards for the (FAA) and (FDA), as well as commercial standards used in devices for public safety
What is this thing, alpha?1. The Alcotest Software Would Not Pass U.S. Industry Standards for Software Development and Testing
2. Readings are Not Averaged Correctly: When the software takes a series of readings, it first averages the first two readings.
3. Results Limited to Small, Discrete Values: The A/D converters measuring the IR readings and the fuel cell readings can produce values between 0 and 4095.
4. Catastrophic Error Detection Is Disabled: An interrupt that detects that the microprocessor is trying to execute an illegal instruction is disabled
5. Implemented Design Lacks Positive Feedback: The software controls electrical lines, which switch devices on and off, such as an air pump, infrared source, etc. The design does not provide a monitoring sensory line (loop back) for the software to detect that the device state actually changed. This means that the software assumes the change in state is always correct, but it cannot verify the action.
6. Diagnostics Adjust/Substitute Data Readings: The diagnostic routines for the Analog to Digital (A/D) Converters will substitute arbitrary, favorable readings for the measured device if the measurement is out of range, either too high or too low.
7. Flow Measurements Adjusted/Substitute d: The software takes an airflow measurement at power-up, and presumes this value is the "zero line" or baseline measurement for subsequent calculations.
8. Range Limits Are Substituted for Incorrect Average Measurements: In a manner similar to the diagnostics, voltage values are read and averaged into a value.
9. Code Does Not Detect Data Variations
10. Error Detection Logic: The software design detects measurement errors, but ignores these errors unless they occur a consecutive total number of times
11. Timing Problems: The design of the code is to run in timed units of 8.192 milliseconds, by means of an interrupt signal to a handler, which then signals the main program control that it can continue to the next segment.
12. Defects In Three Out Of Five Lines Of Code: A universal tool in the open-source community, called Lint, was used to analyze the source code written in C. This program uncovers a range of problems from minor to serious problems that can halt or cripple the program operation.
Sorry if this is redundant, I didn't see it listed anywhere that I could tell up front. If you note that list is pretty serious. They picked a "top 5" type thing for the other link, but this one is pretty accurate. Note these guys were called in as expert witnesses and their information on their website shows they have extensive experience working with government. If these guys find flaws that is definitely pretty serious.
Consider, for instance, if radar guns reported "91mph" any time they detected too high a value (say, above 200mph). You could be driving by at 75mph, some malfunction could cause the gun to detect 600mph, it would report "91mph", and you'd be screwed. If it reported 600mph and you got pulled over based on it, you'd probably win in court because your car can't do 600mph.