[2024]Digital Global Overview Report 2024 Meltwater.pdf
Professional Code of Ethics in Software Engineering
1. Professional Code of Ethics
in Software Engineering
nmap run completed -- 1 IP address (1 host up)
scanneds
% sshnuke 10.2.2.2 -rootpw-"Z1ON0101"
Connecting to 10.2.2.2:ssh ... successful.
Attempting to exploit SSHv1 CRC32 ... successful.
Reseting root password to "Z1ON0101".
System open: Access Level (9)
% ssh 10.2.2.2 -l root
root@10.2.2.2's password:
RTF-CONTROL> disable grid nodes 21 - 48
Warning: Disabling nodes 21-48 will disconnect
sector 11 (27 nodes)
ARE YOU SURE ? (y/n)
Grid Node 21 offline...
Grid Node 22 offline...
Grid Node 23 offline...
Grid Node 24 offline...
Grid Node 25 offline...
Grid Node 26 offline...
Grid Node 27 offline...
Grid Node 28 offline...
Grid Node 29 offline...
Grid Node 30 offline...
Grid Node 31 offline...
Grid Node 32 offline...
Grid Node 33 offline...
Grid Node 34 offline...
Grid Node 35 offline...
Grid Node 36 offline...
Grid Node 37 offline...
Grid Node 38 offline...
If you are not one of us, you are one of them!
This presentation is brought to you by Lemi Orhan Ergin as a craftsman in software development
2. Have you ever heard of
PROFESSIONAL CODE OF ETHICS
IN SOFTWARE ENGINEERING
3. Engineering or Craftmanship?
Code of Ethics?
Ethics in Development?
Profession?
Professional
Professional
Code of Ethics in
Code of Ethics in
Software Engineering
Software Engineering
4. Agenda
● Craftsmanship vs Engineering
● Is Software Engineering a Profession?
● What is Code of Ethics?
● Ethics in Software Engineering
● Special Cases & Discussions
6. Software Engineering is dead
“My early metrics book, Controlling Software Projects: Management,
Measurement, and Estimates [1986], played a role in the way many
budding software engineers quantified work and planned their projects. In
my reflective mood, I'm wondering, was its advice correct at the time, is it
still relevant, and do I still believe that metrics are a must for any
successful software development effort? My answers are no, no, and no.
I'm gradually coming to the conclusion that software engineering is an
idea whose time has come and gone.
Software development is and always will be somewhat experimental. The
actual software construction isn't necessarily experimental, but its
conception is. And this is where our focus ought to be. It's where our focus
always ought to have been. “
Tom DeMarco
IEEE
Developed the world’s first commercial stored program telephone switch
1986 recipient of the Warnier Prize for
"lifetime contribution to the field of computing"
1999 recipient of the Stevens Award for
"contribution to the methods of software development"
7. Engineering a Software
Engineering is the discipline, art and profession of acquiring
and applying technical, scientific and mathematical
knowledge to design and implement materials, structures,
machines, devices, systems, and processes that safely
realize a desired objective or inventions.
Wikipedia
Software Engineering is the application of a systematic,
disciplined, quantifiable approach to the development,
operation, and maintenance of software, and the study of
these approaches; that is, the application of engineering to
software.
Wikipedia
Since NATO Software Engineering Conference in the 1968,
it has continued as a profession and field of study dedicated
to creating software that is of higher quality, more
affordable, maintainable, and quicker to build.
Wikipedia
8. Theorical Foundations
Software engineering theories and methodologies are developed for dealing with
complexity and intellectual challenges in large-scale software development.
“Software Engineering Foundations:
A Software Science Perspective”
by Yingxu Wang
Complexity Threshold
9. Yet Another Definition
“Software engineering is the science and art of
specifying, designing, implementing and evolving – with
economy, timeliness and elegance – programs,
documentation and operating procedures whereby
computers can be made useful to man.”
J.A. McDermid, 1991
Professor of Software Engineering
Leader of the High Integrity Systems Engineering Group (HISE)
Department of Computer Science
at the University of York, USA
Software engineering is a discipline that adopts engineering approaches, such as
established methodologies, processes, measurement, tools, standards, organisation
methods, management methods, quality assurance systems and the like, in the
development of large-scale software seeking to result in high productivity, low cost,
controllable quality, and measurable development schedule.
Software Engineering has specific characters, such as...
● its type (mission critical, of course)
● its size (Google scale, naturally)
● the audience (millions of daily users, obviously)
● and so forth.
10. Control is ultimately illusory
Most software projects fail!
Software project success isn't about doing any one
particular thing right; it's the much more daunting task of
not doing anything wrong. It certainly gives you a new
appreciation for those rare successful software projects.
What DeMarco seems to be saying is that
“Control is ultimately illusory on software development
projects”
If you want to move your project forward, the only reliable
way to do that is to cultivate a deep sense of software
craftsmanship and professionalism around it.
People who show up every day eager to improve their craft
will ultimately succeed.
11. Software Craftsmanship
Software Craftsmanship is an DISCIPLINE in software
development that emphasizes the coding skills of the software
developers themselves. It is a response by software developers
to the perceived ills of the mainstream software industry,
including the prioritization of financial concerns over code
quality.
Wikipedia
http://parlezuml.com/softwarecraftsmanship/
14. What is a Profession?
The body of people in a learned occupation; an occupation requiring
special education.
wordnet.princeton.edu/perl/webwn
The term profession is applied to those persons who have specialized
and technical skill or knowledge which they apply, for a fee, to certain
tasks that ordinary and unqualified people cannot ordinarily undertake.
The term derives from the Latin: "to swear (an oath)". …
en.wikipedia.org/wiki/Profession
15. Software Engineering Profession
●
Software engineering (SE) as a discipline and profession is relatively young,
some even say “immature”.
●
In 1996, Ford and Gibbs listed designated eight infrastructure components that
can be used to evaluate a mature profession:
– a professional society
– initial professional education
– skills development
– professional development
– accreditation
– certification
– licensing
– a code of ethics
15
16. Professional Societies
●
There is no professional society devoted exclusively to software
engineering, but there are two societies which provide mature
support for the software engineering profession:
– Association for Computing Machinery (ACM) (http://www.acm.org/)
●
Founded in 1947, ACM has 75, 000 members and has the objective of
advancing the skills of computing professionals and students worldwide.
●
The ACM has 34 “special interest groups” (SIGS). The Special Interest
Group on Software Engineering (SIGSOFT) focuses on issues relating to all
aspects of software development and maintenance.
– IEEE Computer Society (IEEE-CS) (http://computer.org/)
●
Founded in 1946, with nearly 100, 000 members, it is the largest of the 36
societies of the Institute of Electrical and Electronics Engineers (IEEE).
●
The Computer Society's vision is to be the leading provider of technical
information and services to the world's computing professionals
16
17. Certification and Licensing
●
Certification is a voluntary process administered by a profession.
●
Currently there are many certification programs for various computing
technologies. Many are brand name certifications (e.g. Cisco, Java/Sun,
Microsoft, Novell, etc.) and do not deal with the software engineering
profession directly.
● The IEEE-CS offers a certification titled Certified Software
Development Professional (CSDP). The CSDP has the
following components:
– At the time of application the candidate holds a baccalaureate
or equivalent university degree and has a minimum of 9,000
hours of software engineering experience within at least six
(6) of the eleven (11) SE knowledge areas (the ten SWEBOK
areas and Professionalism and Engineering Economics).
– Candidates are required to subscribe to the Software
Engineering Code of Ethics and Professional Practice
– Candidates must pass an exam demonstrating mastery of the
knowledge areas
17
18. Certification and Licensing in US
●
Licensing is a mandatory process administered by a governmental
authority.
●
In the U.S. licensing is administered at the state level.
●
Only about 18% of U.S. engineers (civil, electrical, mechanical , etc.)
are registered.
●
Texas is currently the only state to license software engineers.
●
In recent years, no topic has stirred more controversy and debate
than certification and licensing of software engineers.
– This seems to signal that the nature and maturity of software
engineering is not yet stable.
18
19. Licensing in Turkey
Türkiye Cumhuriyeti
Türk Mühendis ve Mimar Odaları Birliği (TMMOB)
Elektrik Mühendisleri Odası (EMO)
Bilgisayar Mühendisliği Meslek Dalı Ana Komisyonu
http://www.emo.org.tr/komisyonlar/index.php?
kod=536
Bilgisayar MEDAK‘ ın amacı, oda içindeki Bilgisayar Mühendisi üyeler arasında mesleki örgütlülüğe ve
dayanışmaya yönelik politikalar geliştirmek ve Oda birimlerindeki alt komisyonlardaki (MDK) çalışmalarda
koordinasyonunun, eşgüdümün sağlanması ve geliştirilmesi olarak tanımlanmaktadır.
Kuzey Kıbrıs Türkiye Cumhuriyeti
Bilgisayar Mühendisleri Odası
http://www.ktbmo.org
1992 yılında kurulan ve Bilgisayar Mühendislerini bünyesinde toplayan BMO, KTMMOB çatısı altında çalışan
14 meslek odasından biridir. Merkezi Lefkoşa'da olan BMO, merkezde yaptığı çalışmaların yanısıra
Üniversitelerimizde gönüllü üyelerimizin oluşturduğu temsilciliklerde de Üniversitedeki üyelerimiz ile
ilişkilerimizi geliştirmek, gerekli gördüğü aktiviteleri düzenlemek ve üye sayısını artırmak için çalışmaktadır.
19
20. SE Education & Training
●
Ford and Gibbs list four elements related to SE education: initial professional
education, skills development, professional development and accreditation.
●
Initial Professional Education
– Undergraduate degree programs in software engineering
●
Skills Development and Professional Development
– Publications, conferences, workshop and tutorials.
●
Accreditation
– The Accreditation Board for Engineering and Technology (ABET) has
established accreditation criteria for software engineering programs.
20
21. National Council of Examiners for
Engineering and Surveying (NCEES)
Engineering is considered to be a "profession" rather than an "occupation"
because of several important characteristics:
special knowledge,
special privileges,
special responsibilities.
Professions are based on a large knowledge base requiring extensive training.
Professional skills are important to the well-being of society.
Professions are self-regulating, in that they control the training and evaluation
processes that admit new persons to the field.
Professionals have autonomy in the workplace; they are expected to utilize
their independent judgment in carrying out their professional responsibilities.
Finally, professions are regulated by ethical standards.
22. Episode 3: What is Code of Ethics?
Agreement
What is
ethical?
23. Professional Ethics Defined
●
Professional ethics are set of rules, regulations,
and a code of conduct that govern how a
profession deals with each other and others
outside of the profession.
●
Different from moral code
●
Different from legal code
24. Why should we have a Professional
Code of Ethics?
●
A Professional Code of Ethics serves several
functions:
Symbolises the professionalism of the group.
Defines and promotes a standard for external relations
with clients and employers.
Protects the group’s interests.
Codifies members’ rights.
Expresses ideals to aspire to.
Offers guidelines in “gray areas”.
25. (IFIP) International Federation for Information Processing’s
Harmonization of Professional Standards (1998)
The purpose is to clearly set out an international standard for professional practice in
information technology.
The components of the standards are:
Ethics of professional practice:
Practitioners must publicly ascribe to the code of ethics published within the standard.
Established body of knowledge:
Practitioners must be aware of and have access to a well-documented current body of knowledge relevant to
the domain of practice.
Education and training:
The minimum level of mastery of the body of knowledge must be at the baccalaureate level.
Professional experience:
In addition to a demonstrated mastery of the body of knowledge a minimum of the equivalent of two years
supervised experience is recommended before the practitioner operates unsupervised.
Best practice and proven methodologies:
Practitioners should be familiar with current best practice and relevant proven methodologies.
Maintenance of competence:
Practitioners must be able to provide evidence of their maintenance of competence.
26. Variance in Ethical Concerns in IT
ACM Computing & Public Policy:
● ACM Code of Ethics
● Software Engineering Code of Ethics
● Software Engineering and Licensing Issues
● ACM Privacy Policy
● ACM Copyright Policy
● ACM Statement of Non-endorsement
● Committee on Computers and Public Policy
● Committee on the Status of Women in Computing
● Coalition to Diversify Computing
● RISKS Forum
ACM Association-Level Policy Activities on:
● Electronic Voting Systems
● Intellectual Property / Copyright Protection
● Privacy
● Research and Data Access
● Reliability of Computers
27. Advantages of a Code of Ethics
A Code of Ethics enables us to:
● Set out the ideals and responsibilities of the profession
● Exert a de facto regulatory effect, protecting both clients and
professionals
● Improve the profile of the profession
● Motivate and inspire practitioners, by attempting to define their
raison d'être (reason for being)
● Provide guidance on acceptable conduct
● Raise awareness and consciousness of issues
● Improve quality and consistency
28. Disadvantages of a Code of Ethics
Standards are obligatory, or are merely an aspiration
●
Whether such a code is desirable or feasible
●
Whether ethical values are universal or culturally relativistic
●
●The difficulty of providing universal guidance given the
heterogeneous nature of the profession
Can not cover all aspects of software development.
●
Who determines violations?
●
How are the rules interpreted?
●
What penalties exist for violations?
●
30. Why have a Professional Code of
Ethics in Computing?
●
Software has the potential to do
good or cause harm, or to enable
or influence others to do good or
cause harm. (Dilemma Theory)
●
We have pride in our work and
want the work that we do to be
given recognition and respect.
●
We want to protect our livelihood.
31. Why have a Professional Code of
Ethics in Computing?
●
Software controls many aspects of our lives.
●
Safety
Cars: ABS and Air Bags
Auto/Air Traffic Control
●
Financial
Banking: Interest Calculations
Tax Filing Software
●
Just think about every piece of software that effects
you life and who developed it.
32. Some Examples
●
ACM Code of Ethics and Professional Conduct.
– http://www.acm.org/constitution/code.html
●
Bitish Computer Society Code of Conduct
– http://www1.bcs.org.uk/DocsRepository/03200/3224/default.htm
●
IEEE-CS/ACM Software Engineering Code of Ethics and
Professional Practice
– http://www.computer.org/tab/seprof/code.htm
33. Characteristics of a Code of Ethics
●
They are not simple ethical algorithms that generate
ethical decisions.
●
Sometimes elements of the code may be in tension
with each other or other sources.
Requires the software engineer to use ethical judgement to
act in the spirit of the code of ethics.
●
A good code of ethics will provide fundemental
principles that require thought rather than blind
allegiance.
34. Joint IEEE-CS/ACM Code of Ethics
and Professional Practice
●
Built on 8 principles
Public Interest
Client and Employer
Product
Judgement
Management
Profession
Colleagues
Self
●
The principle of Public Interest is central to the code.
35. Public Interest
●
Software engineers shall act consistently with the
public interest.
Approve software only if they have a well-founded belief that
it is safe, meets standards, passes tests and does not
diminsh quality of life, privacy or harm the environment.
Disclose any actual or potential danger to the user.
Be fair and avoid deception in all statements concerning
software.
36. Client and Employer
●
Software engineers shall act in a manner that is in the
best interests of their client and employer, consistent
with the public interest.
Be honest about any limitation of their experience and
education.
Keep private any confidential information consistent with the
public interest and the law.
Not knowingly use software that is obtained or retained either
illegally or unethically.
37. Product
●
Software engineers shall ensure that their products
and related modifications meet the highest
professional standards possible.
Strive for high quality, acceptable cost, and a reasonable
schedule, ensuring significant tradeoffs are clear.
Ensure adequate testing, debugging, and review of software
and related documents on which they work.
Treat all forms of software maintenance with the same
professionalism as new development.
38. Judgement
●
Software engineers shall maintain integrity and
independence in their professional judgment.
Not engage in deceptive financial practices.
Disclose to all concerned parties those conflicts of
interest that cannot reasonably be avoided or
escaped.
39. Management
●
Software engineering managers and leaders shall
subscribe to and promote an ethical approach to
the management of software development and
maintenance.
Ensure that software engineers are informed of
standards before being held to them.
Offer fair and just remuneration.
Not punish anyone for expressing ethical concerns
about a project.
40. Profession
●
Software engineers shall advance the integrity and
reputation of the profession consistent with the public
interest.
Promote public knowledge of software engineering.
Be accurate in stating the characteristics of software on
which they work.
Take responsibility for detecting, correcting, and reporting
errors in software and associated documents on which they
work.
41. Colleagues
●
Software engineers shall be fair to and supportive of
their colleagues.
Credit fully the work of others and refrain from taking undue
credit.
Give a fair hearing to the opinions, concerns, or complaints of
a colleague.
In situations outside of their own areas of competence, call
upon the opinions of other professionals who have
competence in that area.
42. Self
●
Software engineers shall participate in lifelong
learning regarding the practice of their profession
and shall promote an ethical approach to the
practice of the profession.
Further their knowledge
Improve their ability to create safe, reliable, and
useful quality software
Improve their ability to produce accurate,
informative, and well-written documentation.
43. Problems with codes of conduct
●
They don’t cover every case (nor should they).
●
Can a list of rules define a behaviour that
everyone considers right?
●
Little penalty for non-compliance
Requires a Personal Code of Ethics that is broadly
in line with the Professional Code.
44. Ethical Delemma 1:
Reverse Engineering
●
When is reverse engineering ethical?
●
Scenario: You are asked to produce software to
read in a file (with an undisclosed proprietary
format) into an application.
Test vectors and analysis?
Decompilation?
“Clean room” environment
45. Ethics and Professional Conduct
●
Why should we be interested in ethics and professional
conduct?
●
Here is one answer:
Today the quality of software produced by software engineers is
critical to society.
The success of many, if not most, human endeavors is dependent on
high-quality software (e.g. applications used in financial, legal, library,
health, personnel, and transportation systems)
Lives depend on the safety and reliability of many software systems
(e.g. control of aircraft, medical devices, and nuclear power stations)
In additional to technical capability, the quality of software
products depend on the ethics and professional conduct of the
engineers that developer develop them.
45