Australian Computer Society response to Global Conference ... · Australian Government agencies are increasingly using social media (or Web 2.0) tools to communicate and interact.

ACS | Australian Computer Society response to Global Conference on Computing Ethics 2012 Guidelines for Country

Speakers questionnaire, August 2012 31 August 2012

Page 1

Australian Computer Society response to Global Conference on Computing Ethics 2012 Guidelines for Country Speakers questionnaire, August 2012 Australian Computer Society



Page 2

In August 2012 the Australian Computer Society was invited to provide a brief overview of ethical issues in ICT in Australia for a Malaysian Conference in Computer Ethics. The following document describes some of the ethical issues ICT professionals and broader society are currently wrestling with. As a discussion paper for the conference, the ACS also provided a list of incidents where bad software coding tragically caused fatalities around the world. This is included as an Appendix. The ACS is the guardian of ethics in the Australian ICT industry, our code of ethics can be accessed here.

COMPUTING ETHICAL ISSUES IN COUNTRY: AUSTRALIA Reported by Anthony Wong, Immediate Past President Australian Computer Society Disclaimer: This is not a surveyed response but the viewpoint of the authors from personal knowledge and their environment scan.

1. What are the top 10 (if not top 5) ethical issues or concerns related to computing or Information Communication Technology (ICT) in your country?

From the point of view of ICT professionals

1. Recognition and Professionalism of ICT Professionals 2. Cyber Security 3. Internet regulation and cybercrime - pros and cons of more regulation 4. Data and Information Privacy 5. Ownership and Integrity of data and information 6. Treatment and ownership of Intellectual Property Rights and the digital economy 7. Convergence issues and the regulation of media including print, digital, on the internet

and tradition broadcasting The Australian Computer Society (ACS) is the recognised association for Information and Communications Technology (ICT) professionals, attracting a large and active membership from all levels of the Australian ICT industry. A member of the Australian Council of Professions and an active member of the International Federation for Information Processing (IFIP) under the auspices of UNESCO, the ACS is the public voice of the Australian ICT profession and the guardian of professional ethics and standards in the ICT industry, with a commitment to the wider community to ensure the beneficial development and use of ICT. The ACS accredits Australian ICT University courses and is the relevant assessing authority for ICT skills assessments for the Australian Department of Immigration and Citizenship. Through the ACS strategic relationships with the Australian Council of Deans of ICT, the Council of

http://www.acs.org.au/__data/assets/pdf_file/0005/7835/Code-of-Ethics_Final_12.6.12.pdf

http://www.acs.org.au/__data/assets/pdf_file/0005/7835/Code-of-Ethics_Final_12.6.12.pdf



Page 3

Australian Directors of ICT, our Academic Boards, Committees and Special Interest Groups, our partnership with the ICT sector, and the scholarship work of the ACS Foundation, the ACS is uniquely placed to provide comment on ICT matters. In fulfilling our role, the ACS is active on a range of policy fronts and among ICT stakeholders to improve ICT skills, education and training capability and quality in Australia and to promote the responsible and professional use of ICT as it affects almost every aspect of daily life. The ACS supports the development of Australian ICT and works with key stakeholders to provide annual ICT reporting as well as to explore ways to further improve the measurement of ICT’s contribution to the economy, community and the environment. The Australian Computer Society sponsored research with the Australian Research Council that involved the first industry-wide survey of ICT ethics in Australia. Amongst the many things arising from the research was the finding that there is a mismatch between ethics taught at university to prepare new professionals for the workplace, and the types of ethical issues which they consequently confront in the workplace. That is, there is a need to discover and better document the types of ethical situations that professionals actually confront, and then to communicate those effectively to the tertiary sector, so that future ICT graduates can be better prepared to handle the types of situations that they will confront. The rapidly evolving nature of IT in the cloud, the rise of social media, and the prevalence of Bring Your Own Device (BYOD) in the workplace present difficult challenges for ICT professionals on questions of privacy and security which often cross over into legal and employee relations frameworks. If an employee on their lunch break uses their private mobile device to post a defamatory message regarding a fellow employee on Facebook, for example, does this constitute a breach of the enterprise employee code of conduct? If the employee used the enterprise WIFI network to access Facebook in this way with their own mobile device, did the enterprise facilitate the defamation of the employee? In Australia some of the major banks (Commonwealth Bank and ANZ) now have formal programs of BYOD and market Facebook access in the workplace to new graduates as part of their talent acquisition programs. From the point of view of the government

1. Cyber Security 2. Internet regulation and cybercrime - pros and cons of more regulation 3. Online Identity and Identity Management 4. Data and Information Privacy 5. Treatment and ownership of Intellectual Property Rights and the digital economy 6. Convergence issues and the regulation of media including print, digital, on the internet

and traditional broadcasting 7. Ownership and Integrity of data and information

The Australian Government is rolling out more and more of its services online. With the exponential increases in the volume of online business transactions and the rapid uptake of the Internet by Australians, the major challenges for government have been Cyber Security, Internet regulation and cybercrime, Online Identity and Identity Management, Data and



Page 4

Information Privacy, and finding the right balance between citizens’ rights and the need to regulate or limit the potential for social harm. The Attorney-General's Department recently issued a discussion paper Equipping Australia against emerging and evolving threats. The paper outlines proposals for telecommunications interception reform, telecommunications sector security reform and Australian intelligence community legislation reform. It has also been proposed that ISPs would be required to capture and store activities of its users for up to 2 years. The Australian Government in 2009 proposed an Internet Filter to limit types of online content available to Australians and in 2010 proposed a framework for Internet Service Providers to block access to certain material determined as offensive. The Filtering proposal met with vociferous opposition regarding citizens freedoms and the ACS argued at the time that aside from ethical issues, Internet Filtering was impossible to enforce and technically unfeasible. As a case in point, in July 2012 a racist Facebook site depicting “aboriginal memes” was highlighted in the media with both the government and opposition arguing for stronger “takedown” regulation. Although the offensive page was ultimately removed by Facebook, within hours copycat pages had arisen across Facebook and other social media sites. Increasingly the Australian government is concerned about cyber-bullying. This focus has hitherto been focused on creating educative programs directed at young people in schools. The ACS has encouraged government to consider cyber-bullying in broader contexts: among coworkers and professionals, among organisations and within Australia’s democratic processes. Is, for example, a crowd sourced activist site that uses social media to create polls which influence government industry policy a form of cyber bullying or simply a new channel for democracy? The Australian Crime Commission Board has recently warned that organised criminal groups are targeting the savings of Australians through investment frauds. Many Australians, including experienced investors who undertake research, have lost their entire retirement savings to these investment frauds. Law enforcement advises that the criminals offering these investment opportunities use persuasive cold-calling tactics, sophisticated websites and legitimate-looking brochures. Australia Post is partnering with the Australian Crime Commission, the Australian Securities & Investments Commission and every state and territory police force in the country to further raise awareness of these investment frauds and provide information on how to prevent becoming a victim. Australian Government agencies are increasingly using social media (or Web 2.0) tools to communicate and interact. The use of third-party social media sites raises questions in relation to the ownership of the content, as records of value may be created by the use of the social media tools. Information residing or stored on third-party sites may not be regarded legally as Commonwealth property and consequently may not be Commonwealth record. From the point of view of the media and public



Page 5

1. Data and Information Privacy 2. Freedom of speech and freedom of the press 3. Internet regulation and cybercrime - pros and cons of more regulation 4. Security and Cyber Security 5. Convergence issues and the regulation of media including print, digital, on the internet

and traditional broadcasting 6. Ownership and Integrity of data and information 7. Treatment and ownership of Intellectual Property in the digital age

The media and public similarly are concerned about privacy. It is ironic that some six million plus Australians regularly use Facebook providing extensive personal information to the world, but when the government proposes providing authorities with greater access to citizen’s data – such as cross referencing of tax identifiers or a universal ID card – civil libertarians would perceive the proposal as impeaching on citizen rights. There are increasing public concern regarding the collection and use of private data by corporations like Google and Facebook. In recent times, Google and Facebook have made changes to their privacy settings – thus making it difficult for users to put limits on how far the information they upload is shared. Google has also admitted to the collection of wireless connection data while compiling images for its Street View service. The French Data Protection Authority (“CNIL”) has recently launch an investigation on behalf of all European data protection authorities on the new Google policy for aggregating information across its services, such as Gmail, Picassa, GoogleMaps and YouTube. CNIL preliminary analysis suggests that Google's new policy does not meet the requirements of the European Directive on Data Protection (95 /46/CE). The Australian Privacy Commissioner, Timothy Pilgrim had also recently written to Google on behalf of the Technology Working Group (TWG) of the Asia Pacific Privacy Authorities expressing concern that combining personal information from across different services has the potential to significantly impact on the privacy of individuals. Beyond privacy issues, the Australian media is becoming more sophisticated in its concerns about the ethical use of ICT. For example, the advent of High Frequency Trading, or algorithmic trading, which allows privileged access to stock market data for those with access to highly sophisticated technologies is now the subject of a regulator inquiry and receiving much media interest over both a concern for equitable and transparent trading rules and potential market distortion. High Frequency Trading accounts for at least 30 per cent of stock market activity in Australia.

2. What are the impacts of some of these ethical issues to business, country or the computing field?

On 21 August 2012, the Australian Magistrates' Court sentenced an Australian man to a four-month jail term for using Facebook to rate women's sexual performance and for using a carriage service to offend and publish objectionable material online. The magistrate said he hoped to send a strong message to the public about what was acceptable behaviour online.



Page 6

While Australian courts have banned some citizens from access to Facebook, legislation is still trying to understand and articulate what good internet citizenship actually means. The examples provided in this paper have illustrated some of the impacts of ethical issues or concerns related to computing or Information Communication Technology (ICT). For further examples, refer to Appendix A attached.

3. What were the reactions of the business, professionals, media and public to the ethical issues stated?

Given the complexity of these and other ethical issues in ICT, Australian stakeholders are looking for leadership from government and Industry Associations. Government, industry and the community are struggling to understand and respond to issues around the ethical issues identified in this paper. Professional and Industry associations including ACS, IFIP and SEARCC have a role to play in providing guidance and to bring expertise to these discussions. Some legislators around the world are highlighting a need for technology specific language to tackle privacy concerns. For example, the Members of the European Union had until 25 May 2011 to implement a European Directive which requires organisations to seek consent for using cookies and similar technologies. The grace period for UK organisations to implement the cookies regulation expire in May 2012. On 27 April 2011, the Australian Privacy Commissioner commenced an investigation under the Privacy Act 1988 (Cth) when personal information of approximately 77 million customers of the Sony PlayStation Network/Qriocity were comprised, including customers in Australia. The personal information compromised by the incident includes credit card details. The Privacy Commissioner sought information from Sony Computer Entertainment Australia Pty Ltd (SONY Australia) who provided information on behalf of SONY Australia and other related companies. SONY Australia is a subsidiary of Sony Computer Entertainment Europe Limited (SCE Europe). Sony Network Entertainment Europe Limited (SNEE), a wholly owned subsidiary of SCE Europe, operates the PlayStation Network and Qriocity services (the Network Platform) for individuals in Australia. When an individual creates an account to access the Network Platform they provide various personal data to SNEE which is not an Australian company. At the time of the incident this data was stored in a data centre in San Diego, California. SONY Australia does not play any role in the provision of the Network Platform and does not hold the personal data provided by consumers when they create their accounts. The Privacy Commissioner concluded that SONY Australia had not breached the Privacy Act, as it held no personal information relating to the incident. During the course of the investigation the Privacy Commissioner obtained information on the interrelationship of the various Sony entities involved in the matter. The interrelationship of the various Sony entities demonstrated the potential challenges for government when large global companies undertake different functions relating to the provision of services and



Page 7

products, including the collection of personal information, while operating out of different countries.

4. How does your country monitor or handle ethical infringements? Is it through a governing body in the form of a government, semi-government or an independent body? If not, how do you handle it?

The ACS Professional Standards Scheme provides legal recognition of ICT as a profession for the first time. This is a step forward for the ICT profession as it embraces ICT practitioners within the professional ranks of lawyers, engineers, and accountants. The ACS Professional Standards Scheme has been approved by the Professional Standards Councils as a Cover of Excellence® scheme. These schemes are a part of Australian Federal and State legislation and protect members by limiting liability. For applicable ACS members, liability in respect of claims for damages for economic loss and property damage can be limited to $1.5 million. ACS Certified Professionals (CPs) who meet the criteria and hold the requisite insurances are entitled to this new protection. The Scheme benefits consumers, principally through improved standards of services by professionals, and would benefit professionals by creating conditions for a reduction in indemnity insurance premiums. The Scheme requires members to comply with higher standards of quality assurance, risk management practices and disciplinary procedures, as well as required levels of professional development. This means participants are high quality, ethical and competent individuals. Under the Scheme the ACS is required to adopt a complaint and discipline system that is consistent with the Model Code, which is fair, accountable and accessible, and provides for appropriate and fair dispute resolution, which maintains the integrity of the association and protects consumers, collects data on complaints and discipline measures, and provides for continuously improvements. The ACS has a Disciplinary Committee which is constituted under Rule 6 of the Society. When a breach of the ACS Code of Ethics and Code of Professional Conduct is brought to the attention of the Disciplinary Committee, they may initiate disciplinary procedures against the ACS member(s) involved. However, a member can resign from the ACS, and then continue to practice as they please, without being bound by the Code of Ethics and Code of Professional Conduct. Unlike professions including lawyers and doctors, ICT practitioners in Australia do not have to be registered or required to hold a practicing certificate to practice. In contrast, an Australian lawyer must be admitted as a legal practitioner and required to have a current practicing certificate to practice in Australia. However, it is no longer a mandatory requirement to be a member of the Law Society in order to practice as a lawyer in New South Wales. Failure to adhere to the Code of Ethics and Professional Conduct by a lawyer or a doctor may result in the suspension of his or her practicing certificate. Compared to the other professions, ICT is a relatively young profession and has yet to be fully recognized by governments and the



Page 8

community. However, change may be imminent when business, community and government encounter large scale ICT critical infrastructure system failures leading to injury, death and monetary loss resulting from such failures. In 2012, the media reported that intimate photographs of a prominent Australian Olympian having sex with his wife were stolen by staff at a Sydney computer shop after the Olympian brought his machine in for repair. Interestingly, it was reported by the media that the practice itself did not constitute anything illegal. The Australian Computer Society President made the following comment on the issue: “Customers should rightly ask their computer repair merchant and IT practitioners if they are a member of a professional organisation and what code of ethics and code of conduct they adhere to because a Code of Ethics and a Code of Conduct are essential parts of professionalism in any industry. ACS members must adhere to a code of ethics and code of conduct as part of membership of their professional society.” It is interesting to note that in recent times, we have witnessed, the steady reduction in the disciplinary regulatory roles of law societies and bar associations as professional bodies, in favour of a board constituted under statute and comprised partly of lay membership. This should be reviewed against the backdrop of public and governmental doubt regarding professional associations' inclination or ability to properly address complaints, and discipline their members.

5. Does your country have a code of conduct for computing or Information Communication Technology professionals? If yes, through which institution? If yes, how are people in your country educated about it and encouraged to follow it? How is a failure to follow the Code addressed by the institution?

An essential characteristic of a profession is the need for its members to abide by a code of ethics. For the ACS, this Code of Ethics is enshrined in the Society's National Regulations. This Code of Ethics identifies six core ethical values and the associated requirements for professional conduct. The Society requires its members to abide by these values, and act with responsibility and integrity in all of their professional dealings:

The Primacy of the Public Interest: You will place the interests of the public above those of personal, business or sectional interests.

The Enhancement of Quality of Life: You will strive to enhance the quality of life of those affected by your work.

Honesty: You will be honest in your representation of skills, knowledge, services and products.

Competence: You will work competently and diligently for your stakeholders.

Professional Development: You will enhance your own professional development, and that of your colleagues and staff.

Professionalism: You will enhance the integrity of the Society and the respect of its members for each other.



Page 9

Complementary to the Code of Ethics is the ACS Code of Professional Conduct (Code) , which is intended as a set of guidelines for acceptable methods of practice within the ICT industry. It is supported by advisory material for specific areas such as project management, software engineering, ICT education, network management, and for addressing the environmental consequences of using ICT. The ACS Code has evolved over the last few decades to embrace technological developments and changes in the ICT Industry. The latest revision was undertaken in 2010. Relevance To Law This Code has relevance to professional standards legislation. Failure to abide with the Code could be used as grounds for a claim of professional negligence. The Code may be quoted by an expert witness giving an assessment of professional conduct. Failure to observe the Code could also lead to disciplinary action by the ACS. The ACS has a Disciplinary Committee which is constituted under Rule 6 of the Society. The Disciplinary Committee must consist of at least 8 members each of whom must be a Fellow, Senior Member or Member and with at least 1 member from each Branch. The Disciplinary Committee appoints the Disciplinary Panel which comprises the members of the Disciplinary Committee together with at least 3 lay people. A Disciplinary Hearing Panel constituted by the chairman of the Disciplinary Committee and 2 members of the Disciplinary Panel, one of whom is a lay person investigates the complaint against ACS members and makes disciplinary determinations. The ACS insists that ethics is a compulsory aspect of all computing education at the university level in Australia.

6. Can you provide some cultural or religious values that relate to ethics in your country that have relevance to computing or ICT? Some cultures have idioms, sayings, pantun and haiku to express these values. Please provide a few examples of these values in your own native language along with its English translation.

Australia is a multi-cultural country. The Australian Government has published an official set of Australian values. These values are based on democratic principles of equality, freedom and community: “To maintain a stable, peaceful and prosperous community, Australians of all backgrounds are expected to uphold the shared principles and values that underpin Australian society. These values provide the basis for Australia’s free and democratic society. They include:

• respect for the equal worth, dignity and freedom of the individual • freedom of speech • freedom of religion and secular government • freedom of association • support for parliamentary democracy and the rule of law



Page 10

• equality under the law • equality of men and women • equality of opportunity • peacefulness • a spirit of egalitarianism that embraces tolerance, mutual respect and compassion

for those in need.

7. How do you inculcate, encourage and reward these cultural values in your country?

As part of the application process, an applicant for a visa to live in Australia either permanently or on a temporary basis must confirm that they will respect Australian values and obey the laws of Australia. Recognition of professionalism in information and communications technology (ICT) in Australia requires that members of the ACS to adhere to a Code of Ethics. The ACS has an Ethics Committee and provides workshops for members and the public on the ethical use of technology as part of member’s ongoing professional development. The ACS is currently developing a series of Vodcasts and social media programs around ethics in technology. The ACS one-pager Code of Professional Conduct identifies six core ethical values, which encourages individual members, corporate members, and other businesses and their ICT departments, to display prominently in their workplaces. The ACS continues to publish easy to read articles for the ICT practitioner, in addition to formal papers on the ethics. The ACS publishes the longest continuously running peer reviewed academic journal for ICT in the world and regularly publishes related articles six times a year in the Information Age magazine which is the highest circulated ICT magazine in Australia.

8. Do you have any interesting issues related to computing or ICT ethics that you want to inform the conference and you think is unique to your country?

Refer to the examples provided in this paper. Further examples may be provided during the course of the presentation to the conference.

9. Do you have any suggestions or views on how to promote global computing ethics?

The ACS has close links with IFIP. The 50th birthday IFIP World Computer Congress 2010 was hosted by the ACS in Brisbane and the next World Computer Congress 2012 has a 3 Day programme on Professionalism. ACS members have held key IFIP positions. IFIP represents over 50 member ICT societies, including the ACS, BCS, IEEE-CS and the ACM. The ACS promotes global computing through its collaboration with IFIP and its representation on IFIP committees.



Page 11

Currently ACS holds the chair of the IFIP International Professional Practice Partnership (IP3) and is actively seeking to spread the message of professionalism throughout the world, with particular emphasis on the Asian region. Membership of IP3 by professional societies would ensure that their members also were bound by a code of ethics and professional conduct if not initially then as they become accredited by IFIP IP3. More needs to be undertaken globally and regionally through international bodies such as United Nations, ITU, IFIP, UNESCO, APEC and ASEAN.

10. Do you have any other concerns, comments or suggestion? The following paragraphs from Dal Pont on Professional Responsibility illustrate the difficulties with the concept of “Ethics”. “It has been, and continues to be, the practice to refer to issues of professional responsibility as ‘ethics’. Yet the term "ethics" has many and varied connotations and no precise and unequivocal meaning. "Ethics" means different things to different people. In its common usage, many people equate ethics with morality. Yet morality, perhaps even more than ethics, is a difficult concept to define. In an age when many people do not ascribe to homogenous principles governing issues of morality, morality has become a matter strictly for the individual. Moreover, many so-called rules of legal ethics make little effort to define or explore the moral dimensions of legal practice. They may even prescribe conduct immoral by community standards. For instance, the duty of confidentiality to a client may dictate non-disclosure of information in circumstances where the public would perceive the morally correct behaviour would be to disclose. Some see ethics as somewhere in between law and morality, while others equate ethics with a sense of honesty and integrity and so consider that persons who display ‘greater’ honesty and integrity exhibit a ‘higher’ standard of ethics than those who display lesser doses of these desirable attributes. Yet to speak of degrees of honesty or integrity is to devalue the absoluteness of those very concepts, for a person who is partially honest or of variable integrity can equally be said to be dishonest or lacking integrity. Some commentators resort to moral philosophy, adopting the concepts of teleological and deontological ethics. The best known teleological theory is utilitarianism, the adherents to which contend that the consequences or results of a particular action dictate its "rightness" and should, therefore, govern the outcome of an ethical dilemma.”



Page 12

APPENDIX – REPORTED INCIDENTS OF BAD CODING/BAD PROGRAMING

Date Event Lives lost Reference

1992 AMBULANCE SYSTEM FAILS After a whole slew of issues, including a project cancellation and re-design, a software system for London Ambulance service was deployed the morning of October 26, 1992. Just a few hours later, however, problems began to arise. The AVLS was unable to keep track of the ambulances and their statuses in the system. It began sending multiple units to some locations and no units to other locations. The efficiency with which it assigned vehicles to call locations was substandard. The system began to generate such a great quantity of exception messages on the dispatchers' terminals that calls got lost. At the time the system went live, there were 81 known issues with the software and no load-tests had been run. No provisions for a backup system had been made. While the gap of 10 months between the time dispatchers were first trained to use the software and when it was deployed played its role in the disaster, the software had three primary flaws that immediately caused the failure:

Estimated 46 fatalities

http://erichmusick.com/writings/06/las_failure.html

1994. HELICIOPTER CRASH On Friday 2 June 1994 a Chinook helicopter ZD576 crashed on the Mull of Kintyre killing 29 people. Lords Committee reports: The Lords committee's verdict. "We have considered the justification for the air marshals' finding of negligence against the pilots of ZD576 against the applicable standard of proof, which required 'absolutely no doubt whatsoever'. In the light of all evidence before us and having regard to that standard, we unanimously conclude that the reviewing officers were not justified in finding that negligence on the part of the pilots caused the aircraft

29 fatalities http://www.ccsr.cse.dmu.ac.uk/resources/general/ethicol/Ecv12no2.html



http://www.ccsr.cse.dmu.ac.uk/resources/general/ethicol/Ecv12no2.html





Page 13

to crash." Software problems. "It is clear that at the time of the crash there were still unresolved problems in relation to the Fadec system of Chinook MK2s."

2000 RADIATION MACHINE OVERDOSES At the National Cancer Institute at Panama improper miscalculation of dosage of radiation for patients undergoing radiation therapy. The software written by Multidata Systems International had a loop hole where doctors could make minor modifications to input values assuming the software could work ideally even under those modifications. What they didn't realize is that the software gave different answers depending on certain parameters leading to double the recommended dose of radiation. Further, there was also a human aspect of error where the physicians who were required to manually double check the software's calculations failed to do so leading to them being indicted for murder.

21 fatalities, with a

further 20 patients

significantly impacted

http://it.toolbox.com/blogs/programming-life/when-software-kill-21905

1985-87 RADIATION MACHINE OVERDOSES The Therac-25 medical accelerator. A radiation therapy device malfunctions and delivers lethal radiation doses at several medical facilities. Based upon a previous design, the Therac-25 was an "improved" therapy system that could deliver two different kinds of radiation: either a low-power electron beam (beta particles) or X-rays. The Therac-25's X-rays were generated by smashing high-power electrons into a metal target positioned between the electron gun and the patient. A second "improvement" was the replacement of the older Therac-20's electromechanical safety interlocks with software control, a decision made because software was perceived to be more reliable. What engineers didn't know was that both the 20 and the 25 were built upon an operating system that had been kludged together by a programmer with no formal training. Because of a subtle bug called a "race condition," a quick-fingered typist could accidentally configure the Therac-25 so the electron beam would fire in high-power mode but with the metal X-ray target out of position. At least five patients die; others are seriously injured.

5 known fatalities

with others seriously injured

http://www.wired.com/software/coolapps/news/2005/11/69355








Page 14

1996 ROCKET DESTRUCTION A rocket that had cost $7bn in development costs experienced catastrophic software failure on its maiden launch. The rocket self-destructed 37 seconds after launch. Working code for the Ariane 4 rocket was reused in the Ariane 5, but the Ariane 5's faster engines triggered a bug in an arithmetic routine inside the rocket's flight computer. The error was in the code that converts a 64-bit floating-point number to a 16-bit signed integer. The faster engines caused the 64-bit numbers to be larger in the Ariane 5 than in the Ariane 4, triggering an overflow condition that results in the flight computer crashing. Software is mentioned 58 times in the final report of the inquiry board.

Nil fatalities. A $500m

loss.

http://www.ima.umn.edu/~arnold/disasters/ariane5rep.html

2007, 2009

EPLILEPSY HACKING – various US agencies “The breach triggered severe migraines and near-seizure reactions in some site visitors who viewed the images. People with photosensitive epilepsy can get seizures when they're exposed to flickering images, a response also caused by some video games and cartoons.” Multiple news reports and sources from 2006 to 2009 show that government epilepsy help pages were a regular target of malicious hackers with reported injuries.

Unknown, multiple

casualties

http://www.cbsnews.com/2100-205_162-4079730.html

1982 SOVIET GAS PIPELINE EXPLOSION Stuxnet type trojan in management system of transiberian gas pipeline during cold war resulted in largest non-nuclear explosion ever recorded. The explosion was registered by NORAD defence satellites and the US nuclear response status was temporarily uplifted in a ‘Dr Strangelove” escalation scenario.

Unknown. http://en.wikipedia.org/wiki/Siberian_pipeline_sabotage

1994 CHINA AIRLINES CRASH NAGOYA AIRPORT China Airlines completed the modifications to the Flight Control Computers to introduce a

264 fatalities, 7

injured

http://www.sozogaku.com/fkd/en/cfen/CA1000621.html





http://en.wikipedia.org/wiki/Siberian_pipeline_sabotage

http://en.wikipedia.org/wiki/Siberian_pipeline_sabotage





Page 15

function that allows disengaging the Autopilots (manual controls input overrides the Autopilots) during any flight phase by September 7, 1994.

1980 AIR NEW ZEALAND FLIGHT 901 MT EREBUS Plane crashes into Mt Erebus due to flight computer inconsistencies. “The airline’s navigation section believed it was making a minor adjustment to the flight’s longstanding destination point, but a typing error some 14 months earlier meant it had actually shifted this point some 27 nautical miles to the east.”

257 fatalities http://www.nzhistory.net.nz/culture/erebus-disaster/crash-of-flight-901

1991 ANTI MISSILE DEFENCE BUG Software flaw compounds real time tracking flaws but patched one day after incident. Bad code sends anti-missiles in wrong direction. Scud hits target.

28 Fatalities, 98 wounded

http://www.ima.umn.edu/~arnold/455.f96/disasters.html

1996+ Trust me, I’m a nuclear reactor and my software fails 50% of the time Safety systems implemented in mid-90’s reactors may or may not have been updated. “100,000 lines of computer code that have the critical job of shutting down Sizewell B should its temperature suddenly begin to climb or should other conditions pose a danger. If the PPS were to fail during such an emergency, one of Europe’s most densely populated regions would be at heightened risk of a nuclear meltdown. Not surprisingly, then, Nuclear Electric, the operator of the plant, had put the PPS software through a battery of tests. The results were not comforting: the software failed almost half of them. “

unknown http://discovermagazine.com/1996/may/trustmeimyoursof764

http://www.nzhistory.net.nz/culture/erebus-disaster/crash-of-flight-901





http://discovermagazine.com/1996/may/trustmeimyoursof764

http://discovermagazine.com/1996/may/trustmeimyoursof764

Australian Computer Society response to Global Conference ... · Australian Government agencies are increasingly using social media (or Web 2.0) tools to communicate and interact.

Documents