Last night when I was waiting for my daughter to finish orchestra rehearsal (she is a violin player in the Greater Twin Cities Youth Symphony) I was reading an article in the latest issue of Communications of the ACM with the title "Is Software Engineering Engineering?". The article covered topics are near and dear to me both as an engineer working in a company that produces software and as a producer of software that attempts to address some of the issues raised in the article. The article presents a list of six things software engineers don't do well:
- Predictable outcomes (principle of least surprise).
- Design metrics, including design to tolerances.
- Failure tolerance.
- Separation of design from implementation.
- Reconciliation of conflicting forces and constraints.
- Adapting to changing environments.
All of these are interesting topics to discuss. One that comes up often as we talk to users about verification concepts for embedded software is failure tolerance. Fellow blogger Joe Hupcey is always trying to find examples where software failures turned out to be very costly and use them to communicate the message that just because a device can be rebooted without much effort there is a real cost associated with finding bugs and fixing them, even though software is "soft" and can be easily patched. It always seems like a challenge to identify the cost of failure for embedded software in all but the most safety critical applications. In contrast, the cost of a chip respin seems to be obvious to everybody. The article implies there should be metrics computed for risk management that would help make decisions about how important software quality is. I have never tried to study such risk calculations, but it sounds like an interesting way to better analyze the need for verification compared to just saying "bugs are bad, they cost money" while debating somebody saying "bugs are OK, patching software is easy". Today, I was meeting with somebody whose smart phone started ringing, but nobody was calling. After a strange look, he just popped out the battery and left it sit on the table while we kept talking. There is probably a risk metric that can be calculated for this failure, and a set of calculations that can be done to weigh this risk against the extra time required to better test the device and ensure users will never need to pull out the battery when a ghost ring occurs.
Separation of design from implementation is also interesting. My Cadence title is actually Architect, but the reality is that I do more than that. I may architect a solution, do the design, and also write the code and test it. This is four different functions all done by one person, and if I don't know what I'm doing I can make a big mess pretty quickly. In hardware verification there has long been the concept of a Verification Engineer that is just as important as a Design Engineer. This separation of concerns has served hardware verification well, but has not been extended very well to software.The comparison to blueprints is also interesting. On the construction site there is a clear separation between the architect passing blueprints to the construction crew. I don't ever recall seeing anything as detailed as a blueprint in a software project. Sure, there are specifications for software, but it just doesn't seem the same.
There are lots of things to think about here. Please feel free to share opinions about how you see the world of software engineering, is it really engineering?
What should I say when I go to the dentist and they ask me "what's your occupation?" Maybe I should just say architect, engineer, and programmer. Since I have Electrical Engineering degrees I usually just say engineer, but maybe I should think more carefully before I answer.