1 “Star Wars” Revisited A Case Study In Ethics and Safety-Critical Software Professor Kevin Bowyer University of Notre Dame Copyright, Kevin W. Bowyer,

Slides:

Advertisements

Similar presentations

National Missile Defense System Bruce Lei. Outline History of the National Missile Defense System How the National Missile Defense System will work Career.

Advertisements

EECE499 Computers and Nuclear Energy Electrical and Computer Eng Howard University Dr. Charles Kim Fall 2013 Webpage:

Tamper Resistant Software An Implementation By David Aucsmith, IAL “This paper describes a technology for the construction of tamper resistant software.”

Challenge of Nuclear Weapons

Reagan vs. Communism. Background Since the beginning of the Cold War the U.S. had maintained one common policy – What was it? (Hint: Korean War, Vietnam.

Discursive Choices: Boycotting Star Wars Between Science and Politics Rebecca Slayton Science, Technology, and Society Program Stanford University Science.

The Byzantine Generals Problem Boon Thau Loo CS294-4.

COLD WAR RECAP. INSTRUCTIONS Using your notes, unless otherwise noted, you will have 3 minutes per concept to answer as much as you can with your group.

Copyright © 1994 Carnegie Mellon University Disciplined Software Engineering - Lecture 1 1 Disciplined Software Engineering Lecture #7 Software Engineering.

CLEANROOM SOFTWARE ENGINEERING

Complexity, Coupling, and Missile Defense Phil Varner Chapter 3 in Normal Accidents by Charles Perrow Software Aspects of Strategic Defense Systems.

CS575 - Software Design SDI: A Violation of Professional Responsibility A presentation by: Rong Gu Cincy Francis Amitkumar Dhameja.

1 “Star Wars” Revisited A Case Study In Ethics and Safety-Critical Software Professor Kevin W. Bowyer University of Notre Dame Copyright, Kevin W. Bowyer,

Strategic Defense Initiative  Team G  Shane Murray  Leah Matthews  Shaun Mahoney  Bill Price  Patrick Quast.

Preserving the ABM Treaty Written By: Sidney D. Drell; Philip J. Farley; David Holloway International Security, Vol. 9, No. 2. (Autumn, 1984), pp

SDI: A Violation of Professional Responsibility David Parnas Presented by Andres Ramirez.

Architecture and Real Time Systems Lab University of Massachusetts, Amherst An Application Driven Reliability Measures and Evaluation Tool for Fault Tolerant.

Presented by: Hatem Halaoui

7.2 System Development Life Cycle (SDLC)

Instructor: Tasneem Darwish1 University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department Software Systems.

Gorbachev v. Reagan. Came to power in 1983 More moderate leader, wanted to end Cold War tensions Against forcing Eastern Bloc nations to be in the Warsaw.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

Software Process and Product Metrics

What Causes Software Vulnerabilities? _____________________ ___________ ____________ _______________   flaws in developers own code   flaws resulting.

Requirements Engineering

Use of Multimedia in Engineering. Mechatronics engineering is based on the combination from three basic engineering field that is mechaninal, electronics.

International Conference «Missile defense Factor in Establishing New Security Environment» VIEWS OF THE MINISTRY OF DEFENSE OF THE RUSSIAN FEDERATION ON.

Assessment of BMD Global capabilities Missile Defence as a Factor in Establishing a New Security Environment International Conference Moscow, 3-4 May 2012.

S/W Project Management

Team Launch Introduction. Real projects are large and complex, and most software is created by teams Merely throwing people together does not result in.

What is Software Engineering? the application of a systematic, disciplined, quantifiable approach to the development, operation, and maintenance of software”

Evaluation of Safety Critical Software -- David L. Parnas, -- A. John van Schouwen, -- Shu Po Kwan -- June 1990 Presented By Zhuojing Li.

CLEANROOM SOFTWARE ENGINEERING.

You be the Judge! BPA Texas Teachers Provide Academics.

A Lightweight Platform for Integration of Resource Limited Devices into Pervasive Grids Stavros Isaiadis and Vladimir Getov University of Westminster

Verification and Validation Overview References: Shach, Object Oriented and Classical Software Engineering Pressman, Software Engineering: a Practitioner’s.

The End of the Cold War. How did Reagan view communism? Reagan believed that the Soviet Union meant to take over the world As a result, he put A LOT of.

Interacting with IT Systems Fundamentals of Information Technology Session 5.

REUSE-Re-Engineering The Software Process By Venkat Praveen Medikonda.

Copyright John C. Knight SOFTWARE ENGINEERING FOR DEPENDABLE SYSTEMS John C. Knight Department of Computer Science University of Virginia.

 Architecture and Description Of Module Architecture and Description Of Module  KNOWLEDGE BASE KNOWLEDGE BASE  PRODUCTION RULES PRODUCTION RULES 

Chapter 1. Introduction.

Question 21 “A system is a set of parts coordinated to accomplish a set of goals” West Churchman. Give three main characteristics of a system. What are.

SOFTWARE METRICS. Software Process Revisited The Software Process has a common process framework containing: u framework activities - for all software.

Create your futurewww.utdallas.edu Office of Communications create your futurewww.utdallas.edu Patriot Missile Failure, Gulf War Benji Boban SYSM 6309:

By Jeremy Sandoval. The Start of (SDI) The Strategic Defense Initiative (SDI) was a proposal by U.S. President Ronald Reagan on March 23,1983 to use ground.

CPSR-MIT Debate Michael Dertouzos, moderator David Parnas, against SDI (Joseph Weizenbaum, against) Charles Seitz, for SDI (Danny Cohen, for)

MAY 2010 WALES, Ltd. AirBorne EO Sensor for BMD - 1/17 UNCLASSIFIED Approved for Public Release - 10-MDA-5450 (04 MAY 10) AIRBORNE ELECTRO-OPTICAL SENSORS.

1 Overheads from Parnas’ Presentation The next slides are transcribed versions of (most of) the transparencies in Parnas’ presentation.

CHAPTER 9 CONSTRUCTING ARGUMENTS. ARGUMENTS A form of thinking in which certain reasons are offered to support conclusion Arguments are Inferences - Decide.

Security Codesign Steve Dawson and Victoria Stavridou Bruno Dutertre, Josh Levy, Bob Riemenschneider, Hassen Saidi, Tomas Uribe System Design Laboratory.

National Missile Defense Some Thoughts. Star Wars Revisited? Star Wars introduced by Reagan in the 80’s –Shield versus Mutual Assured Destruction Technical.

Star Wars Missile Defense Van Borgquist. What is the Star Wars Missile Defense The Star Wars Missile Defense was a satellite defense system proposed by.

Chapter 8: Maintenance and Software Evolution Ronald J. Leach Copyright Ronald J. Leach, 1997, 2009, 2014,

Unit 4 Section 1 Part 6 ATOMIC ANXIETY. A. THE HYDROGEN BOMB 1950s, a new weapon being studied: the Hydrogen Bomb Fused atoms together (like the sun and.

Udaya Shyama Pallathadka Ganapathi Bhat CSCE 548 Student Presentation

Missile Defense and the SDI

J. Michael, M. Shing M. Miklaski, J. Babbitt Naval Postgraduate School

Software Aspects of Strategic Defense Systems

Learning objective – to be able to explain the change in the relationship between America and the Soviet Union in the mid 1980s. I can describe the change.

The Cold War Thaws.

Contact Norton Antivirus | Norton Antivirus Support UK

The Cold War Thaws.

SDI: A Violation of Professional Responsibility

Learning objective – to be able to explain the change in the relationship between America and the Soviet Union in the mid 1980s. I can describe the change.

Software testing and configuration : Embedded software testing

Measurement What is it and why do it? 2/23/2019

Bernadette Stadler Scoville Fellow

Terminal High Altitude Area Defense

The Arms and Space Race Unit 9: Cold War.

Presentation transcript:

1 “Star Wars” Revisited A Case Study In Ethics and Safety-Critical Software Professor Kevin Bowyer University of Notre Dame Copyright, Kevin W. Bowyer, 2000,2001. All Rights Reserved. (Rev. 7/3/01)

2 Ballistic Missile Defense A defensive system – to counter enemy offensive weapons. Ballistic missiles follow a predictable trajectory.

3 Ballistic Missile Defense The U.S. has a long history of BMD research and systems. For example, the “Safeguard” system (1960s-70s) was meant to protect U.S. launch sites from pre-emptive attack.

4 Ballistic Missile Defense The most important software elements of a BMD system are command and control. Software development begins with analysis leading to requirements and specifications.

5 Software Life Cycle System Engineering Analysis Design Coding Testing Maintenance

6 Software Life Cycle System engineering – Analyze the overall system, Specify system requirements, Decide on elements of system to implement in software.

7 Software Life Cycle Software requirements – Specify required functionality, performance, and interfaces for the software elements.

8 President Reagan’s SDI In March 1983, President Reagan called for a “Strategic Defense Initiative” (SDI). The SDI program came to be popularly called “Star Wars.”

9 President Reagan’s SDI

10 Pause for Analysis What overall requirements can you derive for the SDI system from Reagan’s speech?

11 President Reagan’s SDI “I call upon the scientific community … to give us the means of rendering these nuclear weapons impotent and obsolete.”

12 President Reagan’s SDI “I am directing … to define a long-term R&D program to begin to … eliminate the threat posed by strategic nuclear missiles.”

13 SDI Computing Task The software must make the sensors, weapons, control, and communications elements of the system work together to satisfy requirements.

14 SDI Computing Panel A panel of experts studied the SDI computing problem (at $1,000 / day consulting!). David Parnas resigned from the panel and declared the software to be impossible.

CPSR-MIT Debate The Computing Professionals for Social Responsibility (CPSR) sponsored a debate at MIT, featuring members of the SDI computing panel.

CPSR-MIT Debate Michael Dertouzos, moderator David Parnas, against SDI (Joseph Weizenbaum, against) Charles Seitz, for SDI (Danny Cohen, for)

17 Michael Dertouzos, moderator

18 Pause for Analysis Based on Dertouzos’ overview, what more can be said about the computing requirements for SDI?

19 Michael Dertouzos “Star Wars” – Can the computing requirements be met? Assume that the sensors and weapons can be developed and put in space, are affordable, …

20 Michael Dertouzos Parameters of the problem – watch 50 million km 2 area, track up to 3,000 missiles, up to 30,000 warheads up to 300,000 decoys, It all happens in minutes.

21 Michael Dertouzos Elements of the task – Form target tracks. Consistent, distributed data. Allocate weapons to tracks. Communicate with humans. Withstand attack.

CPSR-MIT Debate Michael Dertouzos, moderator David Parnas, against SDI (Joseph Weizenbaum, against) Charles Seitz, for SDI (Danny Cohen, for)

23 David Parnas, arguing against

24 Pause for Analysis Sketch Parnas’ argument in premise-conclusion style: Since Premise, and Premise, … Therefore Conclusion. (Hint: identify conclusion first.)

25 Parnas’ Conclusion Which is proper conclusion of his technical argument? U.S. should not pursue SDI. SDI will make U.S. weaker. It is not possible to build trustworthy SDI software.

26 Parnas’ Conclusion It is not possible to build trustworthy SDI software. “trustworthy” = reliability similar to that of your car starting in the morning.

27 Parnas’ Premises Since: Specifications cannot be known in advance, (because enemy controls factors such as target / decoy features, attack load and structure, …)

28 Parnas’ Premises Since: Specifications not known in advance, Realistic testing is essentially impossible, (because, for example, link / node failures under attack are not known in advance)

29 Parnas’ Premises Since: Specifications not known in advance, Realistic testing is not possible, Hard real-time deadlines do not allow repair during use (attack is over in minutes)

30 Parnas’ Premises Since: Specifications not known in advance, Realistic testing is not possible, No chance to fix software during use, No foreseeable advance in software tech changes this (not language, methodology, …)

31 Parnas’ Argument Since: Specifications not known in advance, Realistic testing is not possible, No chance to fix software during use, No foreseeable technology changes this, Therefore – It is not possible to construct SDI software that you could trust to work.