VW software puts all IT under suspicion

Volkswagen has done the whole IT profession a disservice. The software in their cars has recently been found to give false results when authorities tested the car for emissions. The software changed the engine tuning when there was a test going on. There are cries demanding that the proprietary software be inspected (apparently this is already required of elevator software). The public has now learned that software is not to be trusted.

There are no moving parts that the public can see to be sure that the software in their car will work correctly. Software is like that. It tends to be seen as a black box that everyone has to trust will work as they have been told it will. Banks have worked hard to convince the public that they are watching the computers and the software will not drop a digit and lose their money. Consumers are just learning to trust their cars to park themselves. Now they’ve seen that software code can have devious plans built into it.

At a 2015 Black Hat conference, a lawyer looked at the future 20 years out and described the “black box society” and predicted software liability and the end of the internet dream.  Because nobody could be sure what the software would do. Suddenly that future is now.

Actually, this has become true as IT builds more and more complex systems. We have struggled to ensure the business rules are reflected correctly in the code. I’m sure many other IT workers have made the same kind of search that I have, where you follow dollar fields through the code of various programs checking what gets added in or taken out to determine what the number actually includes that got printed out. In one case we had had a series of early retirement programs and most of the folks that knew how the programs worked had left the company. We finally tracked down a piece of code that had been commented out with a note- it even had a date!- that said something like “Sally instructed she no longer wanted to include the tax in this total”. So the mystery of why we had conflicting opinions about the field was solved.

We have to find a way to ensure there are no mysteries. It should always be clear what the software does and does not do. The recent security problems for many android applications is another example where the people reusing the framework code assumed that framework had good security. And were burned for their assumption.

The CIPS ethics statements include one about “Upholding Responsibility to the IT Profession.”.  The IT industry will only be trusted if all the professionals take care to make code transparent.  Allow others to inspect it.  And refuse to implement code that is meant to mislead people or put them at risk!

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Donna Lindskog
Donna Lindskoghttp://www.cips.ca
Donna Lindskog is an Information Systems Professional (retired) and has her Masters degree in Computer Science from the University of Regina. She has worked in the IT industry since 1978. Most of those years were at SaskTel where she progressed from Programmer, to Business Analyst, to Manager. At one point she had over 48 IT positions reporting to her and she has experience outside of IT managing Engineers. As a Relationship Manager, Donna worked with executive to define the IT Principles so departmental roles were defined. As the Resource Manager in the Corporate Program/Project Management Office, she introduced processes to get resources for corporate priorities. In 2003 she was given the YWCA Woman of Distinction Award in Technology.

Featured Download

IT World Canada in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Latest Blogs

Senior Contributor Spotlight