Court Orders Breathalyzer Code Opened, Reveals Mess

Death Metal writes with an excerpt from the website of defense attorney Evan Levow: "After two years of attempting to get the computer based source code for the Alcotest 7110 MKIII-C, defense counsel in State v. Chun were successful in obtaining the code, and had it analyzed by Base One Technologies, Inc. By making itself a party to the litigation after the oral arguments in April, Draeger subjected itself to the Supreme Court's directive that Draeger ultimately provide the source code to the defendants' software analysis house, Base One. ... Draeger reviewed the code, as well, through its software house, SysTest Labs, which agreed with Base One, that the patchwork code that makes up the 7110 is not written well, nor is it written to any defined coding standard. SysTest said, 'The Alcotest NJ3.11 source code appears to have evolved over numerous transitions and versioning, which is responsible for cyclomatic complexity.'" Bruce Schneier comments on the same report and neatly summarizes the take-away lesson: "'You can't look at our code because we don't want you to' simply isn't good enough."

Re:But does it work?

[geekgirlandrea]

Read the article. The code in question, among other things, calculates an arithmetic mean of a sequence of values by successively averaging each value with the mean of all the previous ones, and reduces 12 bits of precision coming from the hardware sensor to 4 for some unspecified but undoubtedly stupid reason.

No.

[SanityInAnarchy]

Just read Schneier's comments. He cites some of the more important things:

Readings are Not Averaged Correctly: When the software takes a series of readings, it first averages the first two readings. Then, it averages the third reading with the average just computed... There is no comment or note detailing a reason for this calculation, which would cause the first reading to have more weight than successive readings.

That alone should be enough -- the readings are not averaged correctly. But it goes on:

The A/D converters measuring the IR readings and the fuel cell readings can produce values between 0 and 4095. However, the software divides the final average(s) by 256, meaning the final result can only have 16 values to represent the five-volt range (or less), or, represent the range of alcohol readings possible. This is a loss of precision in the data; of a possible twelve bits of information, only four bits are used. Further, because of an attribute in the IR calculations, the result value is further divided in half. This means that only 8 values are possible for the IR detection, and this is compared against the 16 values of the fuel cell.

So we know it's buggy and inaccurate, to a moronic degree. If that wasn't enough:

Catastrophic Error Detection Is Disabled: An interrupt that detects that the microprocessor is trying to execute an illegal instruction is disabled, meaning that the Alcotest software could appear to run correctly while executing wild branches or invalid code for a period of time. Other interrupts ignored are the Computer Operating Property (a watchdog timer), and the Software Interrupt.

So, basically, it's designed to always return some value, even if it's wildly inaccurate, and even if the software is executing garbage at the time.

In other words: It appears to be a very low-level equivalent of Visual Basic's "on error resume next".

Whiskey. Tango. Foxtrot.

So to answer your question: No, it does not work. Even if it did somehow work, there's obviously an unacceptably poor level of quality control here.

Re:But does it work?

>> assigning more weight to the first reading than the subsequent ones.

It seems to apply more weight to later readings:

where a1=1, b1=2, c1=3, d1=4
(A1+B1+C1+D1)/4 = 2.5 (the correct average)
    and
(((((A1+B1)/2)+C1)/2)+D1)/2 = 3.125

Re:But does it work?

[digitalunity]

In all 50 states, refusal to take a breathalyzer at the police station will result in a 1 year(minimum) suspension of your drivers license.

In all 50 states, you can refuse to take a roadside breathalyzer as they're inadmissable in a court of law. If you have had even 1 drink, always ask to go to the station for a real breathalyzer. The PBT's, or portable breath testers, are wildly inaccurate and only give the police probable cause to arrest. It will not work in your favor to take it.

But is it broken? HELL YES!!!

[swordgeek]

OK, LOTS of strange posts from people who claim to have read the article but only see that it's bad code, not actually broken.

Read it again. It's broken from a legal liability and trustworthiness standpoint. It's broken from a precision standpoint. It's broken from an algorithm standpoint. It is not trusworthy, precise, accurate, or correct.

"It is clear that, as submitted, the Alcotest software would not pass development standards and testing for the U.S. Government or Military. It would fail software standards for the Federal Aviation Administration (FAA) and Federal Drug Administration (FDA), as well as commercial standards used in devices for public safety. This means the Alcotest would not be considered for military applications such as analyzing breath alcohol for fighter pilots. If the FAA imposed mandatory alcohol testing for all commercial pilots, the Alcotest would be rejected based upon the FAA safety and software standards."

Nobody in the government or military would be allowed to trust this, if it weren't already in use.

"Results Limited to Small, Discrete Values"

Sixteen values is all it displays! It throws away almost all of the precision of the 12-bit ADC, and reduces it to 4 bits! This is NOT precise enough!

"Catastrophic Error Detection Is Disabled"
"Diagnostics Adjust/Substitute Data Readings"
"Range Limits Are Substituted for Incorrect Average Measurements"
"The software design detects measurement errors, but ignores these errors unless they occur a consecutive total number of times."

It's not correct. It's not accurate. It's not good enough. The odds are VERY good that some people over the limit have gotten off lucky, and also that some people below the limit now have criminal records.