[SystemSafety] 1. View of Computer Reliability in the Law (English and US) and 2. Argumentation
Phil Koopman
koopman.cmu at gmail.com
Sat Jul 3 00:35:10 CEST 2021
On 7/2/2021 5:53 PM, Les Chambers wrote:
> What does she mean by ‘needed to be closely examined … adversarial examination of code’ ?
> Do you mean rerun the entire V&V program Susan? That is assuming you could find the correct
> versions of all the design documents and (choke) a complete, correct and unambiguous statement
> of software requirements. Who has that kind of money?
Les,
I understand your concern about the practicality of independent V&V of
software like this, but that's not quite the point that is being made.
My understanding of the argument is that if the notional "accuser" is a
piece of software, someone accused should have the opportunity to
"question" whether the "accuser" is making credible claims. That
"questioning" might be expensive, but they should nonetheless have the
opportunity if they have resources to pursue it.
An adversarial examination need not re-run the entire V&V program, since
an adversary would not need to prove the code is fit for purpose.
Rather, a defendant would seek evidence that the code is NOT fit for
purpose. One big defect found (failure to do what the prosecution says
it does), a systemic lack of quality, lack of an acceptable V&V paper
trail, defective configuration management, or other deficiencies in
development and application of the software might suffice to establish
reasonable doubt, especially for criminal cases.
As to money, that is what the US Class Action system and other
collective litigation approaches are for. If you have enough
high-stakes cases on the table and/or a deep-pockets benefactor
foundation, the pooled resources can indeed take on analysis of a large
complex piece of code with enough potential for success to make it worth
doing.
I'm not saying the legal system is perfect, but if a judge were to
permit examining source code, over the long term it could well make a
practical difference.
(BTW I'm not a lawyer and not giving legal advice.)
-- Phil
--
Prof. Phil Koopman koopman at cmu.edu
(he/him) https://users.ece.cmu.edu/~koopman/
More information about the systemsafety
mailing list