Skip to main content

Safe and effective software

Someone recently asked me why I was working on the particular topics that I was interested in. I am afraid that in the heat of the moment I had a reasonable but ultimately lame answer (something about reducing friction in the marketplace).

In fact, the true answer is simpler and much more powerful. I want to be part of a 'professional' industry, and I believe that we are not really there yet. It is a constant source of amazement to me that there have not been any class action lawsuits against certain high profile software companies.

I like the phrase safe and effective, which describes the basic requirements for medicines of course, but should be equally applicable to software.

What would the benefits of being able to label a system safe and effective? Primarily it means that someone using the system has some assurance that the software will do what it is supposed to do, and that it wont lead you into trouble.

Of course, if you take too many aspirin, or if you misuse a software system, it can hardly fail to cause you grief: so in the end safety and effectiveness is never absolute. But we, as an industry, can do a lot better than we do today.

In the case of services, what does it take to be safe and effective?

I have written before that SOA is about action at a distance. We want to be able to use the Internet to achieve our objectives, to perform tasks. This is fundamental difference between SOA and the Web architecture (for example).

For services to be widely used it will be necessary to be able to show that they are safe and effective too.

Since it of the essence that service is about crossing ownership boundaries, about you using my system, a key piece of figuring out Safety and Effectiveness in relation to services is in being able to answer some simple questions:

  1. What is the effect of using the service? (Will it cure my disease?)

  2. Do the participants in the service have the appropriate rights in using and delivering the service? (Is the patient an appropriate target for the medicine?)

  3. What are the potential side effects of using/offering the service? (What are the complications?)



That is the heart of the problem it seems to me. And, I firmly believe that when we can reliably answer these issues in a systematic way then we will be entitled to call ourselves a profession.

Popular posts from this blog

Comments Should be Meaningless

This is something of a counterintuitive idea: Comments should be meaningless What, I hear you ask, are you talking about? Comments should communicate to the reader! At least that is the received conventional wisdom handed does over the last few centuries (decades at least). Well, certainly, if you are programming in Assembler, or C, then yes, comments should convey meaning because the programming language cannot So, conversely, as a comment on the programming language itself, anytime the programmer feels the imperative to write a meaningful comment it is because the language is not able to convey the intent of the programmer. I have already noticed that I write far fewer comments in my Java programs than in my C programs.  That is because Java is able to capture more of my meaning and comments would be superfluous. So, if a language were able to capture all of my intentions, I would never need to write a comment. Hence the title of this blog.

Action at a distance

We are currently writing our first draft of the SOA Reference Architecture. Everyone is very busy doing their bit. My current section is on the Real World Effect of using a service. The RA is really an abstract architecture: we are not focusing on things like SOAP, or any of the other 60+ Web service specifications out there. We are trying to get at the essence of makes SOA special and how it can be made to work. It is a pretty basic aspect of services that we are trying to get something to happen: buy a book, get the weather forecast whatever. In other words: its action at a distance. I am communicating with you in the hope that we can get some mutual benefit. This already distinguishes SOA from the Web, whose basic abstraction is to acquire a representation of a resource will be rendered locally for human consumption. Actions are not inherently about representations, they are about changing the world - one book at a time. Action itself is a very difficult concept to get hold of. It ...

Organizing principles for services

One of the questions that comes up from time to time is how to define your services. This has come up for me in two independent fora: within the OASIS Service Oriented Architecture work and in the context of human provided services, for example at Genietown . In the work on the SOA Reference Model we decided that "services are the mechanism by which needs and capabilities are brought together"; i.e., its about needs and capabilities to satisfy those needs, and the access mechanism. However, this still begs the question somewhat. In the domain of human services, where the services are things like "building a home", "walking the dog", "taking care of my elderly parents"; it gets even fuzzier. Sometimes a service seems to organized around the person offering the service, for example, an architect, or a doctor. Sometimes the service is organized around a particular kind of product, such as doors or skylights. At other times, the service is organize...