Sunday, March 24, 2013

How many are taking the Software Engineering exam this April?

As regular readers are aware I've been chronicling events related to the new Software Engineering Exam, that some states are starting to offer as part of a Professional Engineer title.

I contacted the National Council of Examiners for Engineering and Surveying (NCEES) and asked them how many people had signed up for the new test, to be given for the first time this coming April. Sadly I was told that information was confidential. Answers like that always invoke thoughts of conspiracy theories in my mind, as to what is being hidden? More than likely it is simply a mater of confidentiality. The data probably could be gotten from each states licensing board if you were motivated enough to ask, I'm not right now.

I did pick up a couple of other tidbits of information. The new Software Engineering exam is considered a Group-2 exam, meaning that it has very small numbers of takers each time it is given. Hence this exam is only given once a year. Group-2 exams are required to have a sponsoring society, which for this exam is the IEEE. Do you think interest in this exam will increase with time (Without government mandates)?

The Electrical and Computer Exam, that has been around since 2009, is a Group-1 exam meaning that it is one of the larger exams that has been given frequently, as such requires no sponsor.

There has been concern that so few schools have the required accreditation for taking the Software Engineering exam. As each state board must approve a candidate before they are allowed to take the exam. They are the final decision maker on who is eligible and who is not.

At this point now we wait. We are waiting for the next software disaster that kills people due to our collectively buggy software rushed out the door to meet trade show deadlines and market pressures, rather than properly engineering the software in the first place. That will lead to the draconian government regulations. The framework for the regulations are now in place. As an industry are we going to clean up our act now or complain greatly when it is to late, when regulations are forced upon us?

By the way, what do you tell the Middle School Student that asks "Um, I'm in middle school... Are jobs actually like this?". I've given my answer in the past.

Software Engineering, License to write software, Firmware

Safer Embedded Software

Something new I'm trying here in the blog is to open it up to an occasional Guest Blogger. If you have an idea for something that fits in with the general theme of the site, get in contact with me.

Today's Guest Blogger is Rajstennaj Barrabas, whom may be contacted at: RB (at) OkianWarrior (dot) com . If you have comments for RB use that address or leave comments below. I'll turn it over to RB now:

Examining past software failures gives us insight into how failures arise, so we can anticipate and avoid failures in the future.

One such failure is the Therac-25, a radiation therapy machine that killed several patients due to buggy software.

Very briefly, the Therac has a high-power mode which is used once a metal shield drops into place to protect the patient. A particular keyboard sequence entered by the operator (double-pressing the "return" key at just the right moment) caused a cascade of failures where the software eventually jumped into the middle of a function. The system engaged high-power mode without first lowering the shield, killing the patient.

To my mind, this was the first fatal accident caused by a software problem; or at least, the first well-known one. People suddenly realized that software could hurt people, and that perhaps special care should be taken.

(The link has a more detailed summary, with pointers to more in-depth reports.)

Analysis at the time noted that the high-power function did not check that the protective shield was in place. Lowering the shield was done prior to the call, and the function assumed that this had happened.

The conclusion was that software should always check its assumptions, and this became a set of "best practices" for safety-certified systems.

In safe software, every function should began with ASSERTs that check the arguments for validity, and these should be active in the released code. The execution time is negligible in most cases, and ASSERTs do a good job of ensuring proper behaviour.

As calculation proceeds, more ASSERTs should check the intermediate results; for example, to ensure nothing overflows, or that values are in range.

The Therac function could have ASSERTed that the shields were in place.

Most embedded programs don't use 100% of the CPU time. The spare capacity can be used to check up on the program and further ensure that everything is going well.

Each module can supply a function "xxxBIT" (where "BIT" stands for "Built In Test") which checks the module variables for consistency. As the program runs, it can call these functions during idle moments.

For example, the serial driver (SerialBIT) can check that the buffer pointers still point within the buffer, that the hardware registers haven't changed, and so on.

On bootup, the memory manager (MemoryBIT) knows the last-used static address for the program (ie - the end of .data), and should fill unused memory with a pattern. In it's spare time it checks to make sure the unused memory still has the pattern. This finds all sorts of "thrown pointer" errors. (Checking all of memory can take too long, so MemoryBIT can be coded to check a small portion each call.)

The stack pointer can be checked - put a pattern at the end of the stack, and if it changes you knew something went recursive or used too much stack (StackBIT).

The EPROM can be checksummed periodically.

Every module should have a BIT function which checks every imaginable error, to be called in the processor's spare time - over and over continuously.

The Therac could have continually tested its calculations to check for cascade failures.

The overall effect is a very "stiff" program - one that will either work completely or won't work at all. There is no intermediate behavior, no flexibility of action. Cascade failures are caught early, terminating the operation before things get out of hand.

A "stiff" program doesn't give erroneous or misleading results - it either works as intended or fails completely. Showing a blank screen is better than showing bad information, or even a frozen screen.

(Of course, this is situation specific. A blank screen is OK for aircraft - where the flight crew can take appropriate action - but perhaps not medical. You can still detect errors, log the problem, and alert the user.)

Some functions are time sensitive and can't afford the time spent error checking (interrupt handlers, for instance), but these can be identified and removed on a case-by-case basis.

Conventional wisdom says to use checking during development, and remove it on released code.

Done right, error checking has negligible impact on code speed but returns great gains in safety.


Sunday, March 17, 2013

Government raises your taxes with new CPI calculations

I have written in the past, Why is the cost of my Bill of Material (BOM) so much higher than last week? The Orwellian doublespeak answer: Quantitative Easing, about how the government is manipulating the money supply, and how it has real world effects on our designs. Dollar Stretcher Guest Blogger Rick Kahler has written about how the government is now inflating the money supply, as my past columns predicted they would, by manipulating how the Consumer Price Index (CPI) is calculated. They have manipulated this number many times in the past such as by adding in the Military Personnel, removing real world items like food, gas and fuel. So do check out Rick's The Ultimate Stealth Tax: Inflation. Also you can get real inflation numbers (1980 and 1990 based) from John Williams ShadowfStats.

"...The chained CPI is a tax increase for much the same reason. Many income tax brackets and deductions are indexed to inflation. Smaller annual adjustments to the brackets because of the lower CPI will push more people into higher tax brackets..."

1980 Based Inflation Chart

1990 Based Inflation Chart

One of the significant causes, of which there were many, of the Great Depression was when the Federal Reserve contracted the money supply. Even Warren Buffett has stated that he is concerned what will happen once the Federal Reserve Bank starts selling its holdings. Interestingly Governor Ben S. Bernanke has commented on this in the past: Money, Gold, and the Great Depression -- Remarks by Governor Ben S. Bernanke, At the H. Parker Willis Lecture in Economic Policy, Washington and Lee University, Lexington, Virginia, March 2,2004.

Many are saying that we should return to the Gold Standard. That is each 'dollar' is exchangeable for real tangible gold, in theory. Places like the World Gold Council are, of course, all for this. Many banks are already starting to dump US Dollars to stock up on Gold. Hence the same people that are creating the mess we are about to face will be the same people controlling the Gold. Do you see this as an improvement? I do not.

"Central banks have begun to reduce reserve portfolio allocations to US dollars and euros in favor of alternative reserve assets. A portfolio optimization analysis concludes that gold, with its lack of credit risk and deep and liquid market, is one of the most attractive alternatives in this diversification process. Accordingly, building gold reserves in tandem with new alternatives is an optimal strategy as these markets need time to develop and allocations to gold remain largely below optimal levels." -- Central bank diversification strategies: Rebalancing from the dollar and euro. [Registration is required to download the report.]

My past ramblings on the issue of 'Money' and Inflation:

Even the main stream press is catching up to what I was talking about in 2010:

The Treasury sells bounds, sheets of paper with no intrinsic value, to the Federal Reserve for things that politicians do not have the honesty to come out and say directly that they need to raise our taxes to support. The Fed buys these bonds with 'money' that it created from nothing. This created 'money' is put into circulation, making your money worth less each time it happens. This inflation is the most insidious hidden tax that you and I pay. Few figure this system out because it is usually hidden behind the Orwellian doublespeak of economics such as Quantitative Easing.

Will you be ready for the Greater Depression?


Saturday, March 2, 2013

Are You Licensed Yet? Will Engineering Software Become Illegal Unless You Have a License?

This week the Northeast Ohio Chapter (NEOACM) of the Association for Computing Machinery is going to hold a round-table discussion on government mandated licensing of Software Engineers.
I have been chronicling the developments of what the various states are doing or have planed for licensing of software professionals over the last year, so I have been invited to be one of the panelists. If you are going to be in the Youngstown Ohio area this coming Thursday [2013/Mar/7th] stop by the Youngstown Business Incubator at 6:00 PM.
Are You Licensed Yet? Will Engineering Software Become Illegal Unless You Have a License?
Sponsored by NEOACM on:
March 7th
6:00 - 8:00 PM
Youngstown Business Incubator
241 West Federal Street
Youngstown Ohio, 44503
In chronological order these are my past entries on mandatory licensing of Software Engineers:
  1. Do you have your license to write firmware?
  2. Government Responses on Software License Questions
  3. More Government Responses on Software License Questions
  4. Yet More Government Responses on Software License Questions and Study Guide
  5. A Principles and Practices Exam Specification to Support Software Engineering Licensure in the United States of America
Add to those documents from NEOACM that you should review when considering mandatory licensing of Software Engineers:
There are a few items that are important to understand, before you can take the Software Engineering Exam: NCEES Principles and Practice of Engineering Examination Software Engineering Exam Specifications
First you must have a four year degree (The state of Maryland has an exception that I need to look in to), and the degree must be accredited by the Accreditation Board for Engineering and Technology (ABET). ABET lists only twenty-two Software Engineering programs. Software Engineer Insider summarizes a few of them. The closest to the NEOACM chapter are Penn State Behrend and Gannon University, both in Eire PA.
Next you must take, the completely unrelated to Software Engineering, the eight hour long exam that covers Chemical, Civil, Electrical, Environmental, Industrial, Mechanical, Other Engineering Disciplines, before you can even take the Software Engineering exam. Perhaps this is why Software Engineer Insider states "Other software engineers may want to take the licensing exam as a badge of accomplishment.". I'm sorry but I find that distressing. Egos have no place in the areas of safety that this Software Engineer license claims to be about. Read some of the background links above and you find Ego makes more than one appearance. Pathetic.
You must also have experience in Software Engineering, four to twelve years as it varies by state, before you can take the Software Engineering (SE hereafter, not to be confused with Structural Engineering that is a more common NCESS exam right now) exam. Seems like a classic bootstrap problem, can't get the license until you have experience, and you are not allowed to practice without a license? This is where Mentoring enters the picture, however there are no state licensed Software Engineers yet to be Mentors.
It is important to understand the difference of the various computer/software degrees that are relevant to licensing. David Janzen, Associate Professor California Polytechnic State University Computer Science Department, explains the difference between Computer Engineering, Computer Science, Software Engineering, which I summarize below, see his page for the whole text:
  1. "Computer Science covers the core concepts and technologies involved with how to make a computer do something. Learning to program a computer by writing software is essential, and computer programming is used in most computer science courses..."
  2. "Computer Engineering teaches you how to design systems that include both computer hardware and software. You will take classes on how computer hardware works and how to build a computer..."
  3. "Software Engineering focuses on how to design and build software in teams. You will take many of the same courses as you would in computer science, but you will take additional courses that teach you about topics like requirements engineering, software architecture, software testing, and software deployment. You will learn about working with people (communication, management, working with non-technical customers), processes for developing software, and how to measure and analyze the software product and the software process..."
So Software Engineering knowledge that is being tested for is more about project management than anything else. As I've said for years "Most causes of system faults are created before the first line of code is written, or first schematic is drawn. The errors are caused by not understanding the requirements of the system", so in this one regard these new exam requirements may be a Good Thing. However good requirements doesn't directly address real world problems like the number one cause of most crashes and security breaches being buffer overflows.
Some Safety Myths:
Just make it reliable Just use redundancy
Just do a lot of testing Just make the software "safe"
Just do it all in software Its always the operator's fault


What is on the exam and who brought us to this point (besides our collectively buggy software)? The organizations that I know have been have been involved in the preparation of the exam are IEEE-USA, assisted by the IEEE Computer Society, the National Society of Professional Engineers, and the Texas Board of Professional Engineers. Do you know of others?
Exam contents:
Requirements 17.5%
Design 13.75%
Construction 11.25%
Testing 12.5%
Maintenance 7.5%
Configuration Management 7.5%
Engineering Processes 7.5%
Quality Assurance 7.5%
Safety, Security, and Privacy 15%
I have said all along this is more about selling training material than safety. Sadly I felt I should purchase the Principle and Practice Exam Sample Questions and Solutions Book to be participate in the round-table discussion. Not being a IEEE member the 50 page document cost me $49.99. Three of the pages are the ones from Exam contents that I just listed above, eleven pages are blank or not relevant to the exam like the copyright notice. I showed the document to a couple of other people and they felt the question/answer contents was okay, but that the limited volume of information supplied was a complete rip-off for $50. One person even asked "Why can't they just put this on a web site?". If this is about safety then why isn't it free? Also only Internet Explore worked to buy the document, Opera and Chrome did not. IEEE is pushing for better software and their own software based web site doesn't work...
The most valuable section of the document is the list of fifteen reference books from which the exam question pool is based. The exam is 80 questions, however I have not found how many questions are in the actual question pool anyplace. Reproducing the list here would be certain to have the copyright police show up. So I'm only going to mention three that I know are safe from the copyright police. First is professor Phillip A. Laplante's Requirements Engineering for Software and Systems (Applied Software Engineering Series) that supports my conjecture this is about selling training material not safety. Second Steve McConnell's Code Complete: A Practical Handbook of Software Construction, Second Edition that is on any software design reading list, as it should be. If you have read this book before, then read the new rewritten second edition. Finlay Linda Westfall's The Certified Software Quality Engineer Handbook , as I was already familiar with it, so felt safe to list it.
For full disclosure if you buy those books by the above links I do get a small pittance from Amazon's Affiliate Program, so I too am making a profit related to safety.
I'll give a few representative questions. Note these are not the actuall qustions rather my paraphrasing and simplification of them. Some of them are constructed like story problems that made you groan when you where in math class:
  1. Given a small key space (a few bits) calculate the Diffie-Hellman secret key value. I taken this as representation of the silly concept that such a exam as this is useful. I am not a cryptographer and I have no idea how to calculate a DH key by hand. I base my designs on people that are experts in the relevant fields and rely on their expertise and software to calculate such keys. A better question might be why DH is used verse the One Time Pad (one of the other questions). Knowing how keys are exchanged is what is important, not how they are calculated.
  2. Given a flow graph, typical of Dot from Graphviz, calculate the flow path.
  3. Given a similar flow graph as above, calculate McCabe's Cyclomatic Complexity value. Myself I use C and C++ Code Counter to do such things.
  4. Given a set of statistics calculate the probability of software failure on demand; they use the incorrect acronym 'POFOD'. Are they are saying it is impossible to have perfect software?
  5. What software keeps an aircraft stable in flight? Their answer is overly simplistic.
  6. What is the difference between Real Time and Non-Real Time modeling languages?
  7. Incoming tasks must be serviced in a given time to meet requirements. How many processes does it take to guarantee requirements are meet? Myself I'd use Erlang, but that is not one of the answers.
  8. What is the best way to keep a project on schedule?
In closing there are two items I came across while doing research on this licensing issue today. First according to the U.S. Bureau of Labor and Statistics Computer Software Engineer stopped being a viable profession in 2009, or at least it is the last year they list Software Engineering in the Occupational Employment Statistics database. After 2009 things move to Software Development. Makes me wonder what to expect from code.org?:
Occupational Employment and Wages, May 2009
15-1031 Computer Software Engineers, Applications
Develop, create, and modify general computer applications software or specialized utility programs. Analyze user needs and develop software solutions. Design software or customize software for client use with the aim of optimizing operational efficiency. May analyze and design databases within an application area, working individually or coordinating database development as part of a team. Exclude "Computer Hardware Engineers" (17-2061).
Occupational Employment and Wages, May 2009
15-1032 Computer Software Engineers, Systems Software
Research, design, develop, and test operating systems-level software, compilers, and network distribution software for medical, industrial, military, communications, aerospace, business, scientific, and general computing applications. Set operational specifications and formulate and analyze software requirements. Apply principles and techniques of computer science, engineering, and mathematical analysis.
Occupational Employment and Wages, May 2011
15-1132 Software Developers, Applications
Develop, create, and modify general computer applications software or specialized utility programs. Analyze user needs and develop software solutions. Design software or customize software for client use with the aim of optimizing operational efficiency. May analyze and design databases within an application area, working individually or coordinating database development as part of a team. May supervise computer programmers.
Secondly, returning to ABET, they describe the difference between a two year technology degree and a four year BS degree. From all the job ads I see in the Embedded Space the work that companies want done fall into the area of ABET's two year degrees, yet most all of the jobs demand that you have a four year degree to make it past the HR gatekeepers. Anyone care to explain that? Fortunately most new opportunities are found via networking bypassing these impediments to your career.