[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Can a machine test itself? + other issues

A colleague used to define "software release" as the point beyond which
all further bugs will be discovered in production use of the system.

I also once used a system that would deteriorate under use until nothing
worked.  It was then reloaded and the process of deterioration would
start over again.  This happened about monthly.

Stan Klein

On Mon, 2004-12-06 at 22:11, SAVIOCvs@aol.com wrote:
> In a message dated 12/2/2004 8:35:38 PM Eastern Standard Time,
> sklein@CPCUG.ORG writes:
>         On Tue, 2004-11-30 at 15:34, Deutsch, Herb wrote:
>         > If this is on central count equipment or any central site
>         software or
>         > equipment, it is not covered in our scope.  It would have to
>         be part
>         > of the polling place unit to be considered.  In that case,
>         since I
>         > believe you take an image of the entire system including the
>         OS, how
>         > would you treat that today?
>         >
> That comment about "an image of the entire system including the OS"
> intrigues me.  Since the machine itself must be used (I presume) to
> generate an image of the entire system, couldn't malicious software in
> the OS or BIOS present a false image of what is there?  (I have been
> inquiring about a foolproof way to verify a BIOS.  I'm not sure that
> one exists.)
> In the reliability discussions, shouldn't there be a distinction
> between (1) failures that lose votes or generate erroneous totals, and
> (2) failures that merely stop a machine's operation?  The latter
> failure is particularly mild if the machine is easily restarted or
> replaced without loss of data.
> Regarding software bugs:  software doesn't "wear out"; new bugs appear
> only under some combination of circumstances not previously tested. 
> The more complex the software, the more possible combinations of
> circumstances exist.  It is no great feat to make software pass some
> well-defined, repeatable test.  A realistic test is to have many
> ordinary people use the system.  The amount of testing required should
> be in some way proportional to the possible combinations of
> circumstances.
> Malicious software is entirely different from buggy software.  To my
> mind, there are two steps required to block malicious software: 
> (1) make the software completely public, so anyone can check it, and
> (2) have a mechanism to assure that that very software is what is in
> the machine on election day.  My SAVIOC system can meet both those
> criteria (except for the BIOS); as far as I know, no other system can.