3-Mar-87 20:44:24-PST,17722;000000000000 Mail-From: NEUMANN created at 3-Mar-87 20:43:03 Date: Tue 3 Mar 87 20:43:03-PST From: RISKS FORUM (Peter G. Neumann -- Coordinator) Subject: RISKS DIGEST 4.55 Sender: NEUMANN@CSL.SRI.COM To: RISKS-LIST@CSL.SRI.COM RISKS-LIST: RISKS-FORUM Digest Tuesday, 3 March 1987 Volume 4 : Issue 55 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Air Cargo system in chaos (Lindsay F. Marshall) ATM Cards Devoured (again!); Royal Shakedowne for Tickets (Robert Stroud) Re: Risks in the NSC computer archives (Carlton Hommel) Re: A Scary Tale--Sperry Avionics ... (Kevin Driscoll) Re: Altitude encoders: $1500 for Mode C? No, $750. (Jordan Brown) One more on fly/steer-by-wire (Jonathan Clark) Steer-by-wire cars (Doug Rudoff) Software Safety in ACM Computing Surveys (Daniel S. Conde) Computerized `people meters' for TV audience ratings (Niall Mansfield) More on Dallas Phone outage (Mark Linnig) Soliciting suggestions for 1988 CSC panel on liability (Gene Spofford) Conference on computing and society in Seattle -- REMINDER (Jon Jacky) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM) (Back issues Vol i Issue j available in CSL.SRI.COM:RISKS-i.j. MAXj: Summary Contents Vol 1: RISKS-1.46; Vol 2: RISKS-2.57; Vol 3: RISKS-3.92.) ---------------------------------------------------------------------- From: "Lindsay F. Marshall" Date: Tue, 3 Mar 87 16:31:57 GMT To: risks@csl.sri.com Subject: Air Cargo system in chaos (from The Times) A computer system, installed at airports to help to speed cargo deliveries, has been withdrawn from service after it collapsed as soon as it was switched on (Our Air Correspondent writes). Now cargo agents are considering taking the airlines which own the computer to court because, they claim, they have lost up to 5million pounds as a result of the failure. The computer was installed by travicom, a company jointly owned by British Airways and British Caledonian. After a meeting of more than 100 freight forwarding agents yesterday Mr. Chris Quintin of the cargo company LEP said: "The system was simply unable to cope with the requirements we put on it. As a result cargo and freight was held up all over the country, diverted from one airport to another and couldn't clear Customs because they were plugged into it too." Travicom has offered 500,000 pounds. ------------------------------ From: Robert Stroud Date: Tue, 3 Mar 87 17:18:24 GMT To: Neumann@csl.sri.com Subject: ATM Cards Devoured (again!); Royal Shakedowne for Tickets ReSent-To: RISKS@CSL.SRI.COM (1) Yesterday (2nd March) the bank machine swallowed my card when I asked for some money, claiming that it had expired. Not having checked the date beforehand I didn't know if this was true or not, but I hadn't received a replacement card in the post in advance which usually happens. When I cashed a cheque today in my branch and complained about this, I was told that I was not alone. All the cards for customers of the branch which were due to expire in June had expired in February instead although the computer wasn't planning to send out the replacements until June. I assume that there was a discrepancy between what was printed on the front of the card and what was encoded in the magnetic strip on the back. (I got the impression from the cashier that all the cards issued by the branch expired on the same date {June} so that the problem was actually quite serious. However, there didn't seem to be many irate customers about, and people were using the machine outside {although possibly with cards issued by different branches}, so maybe I was mistaken in this impression.) (2) Every year the Royal Shakespeare Company brings their current productions to Newcastle before taking them to London. This year the Theatre Royal has acquired a nice new computerised booking system that prints your name on the ticket and lets you choose where you want to sit on the screen. [I hate sitting on screens. The electrostatic effect is annoying. PGN] When I went in about a week ago to try and get some tickets for one of the productions, I was told that although there were plenty of seats available, I couldn't buy any tickets because the computer was down. (However, I was able to get a couple of returns for Midsummer Night's Dream the old fashioned manual way). Apparently the machine was still broken several days later so they can't have been able to sell any tickets in the meantime - it is perhaps just as well that the Shakespeare productions are usually sold out months in advance. Robert Stroud, Computing Laboratory, University of Newcastle upon Tyne. ARPA robert%cheviot.newcastle@ucl-cs.ARPA UUCP ...!ukc!cheviot!robert [They won't be sold out months in advance if that keeps up! PGN] ------------------------------ From: rutgers!masscomp!carlton@harvard Date: 2-Mar-1987 09:16-EST (Monday) To: clyde!mod-risks@harvard From: carlton@masscomp.UUCP (Carlton Hommel) Subject: Re: Risks in the NSC computer archives The columnists Evans & Novak were interviewing Gen. Brent Scowcroft on their CNN show Sunday. They asked him if the information retrieved from the NSC computer archives provided data that was not found anywhere else. He replied no -- they would have been able to track it down from other sources. However, it was instrumental in showing that North was not working in a vacuum -- there were on-line copies of memos that he wrote to higher-ups, keeping them informed of his activities. Carl Hommel {allegra, bellcore, cbosgd, decvax, gatech, seismo, tektronix}!masscomp!carlton ------------------------------ Date: Tue, 3 Mar 87 02:15:13 CST From: ames!rutgers!mmm!SRCSIP!kevin@cad.Berkeley.EDU (Kevin Driscoll) To: mmm!CSL.SRI.COM!RISKS, mmm!ICSD.UCI.EDU!nancy Subject: Re: A Scary Tale--Sperry Avionics ... You know that I am not a fan of N-version programming. However, I must say that the tale is not as scary as might have been implied by the "man at the FAA". Sperry Avionics was recently purchased by Honeywell and I have been working with the people who are advocating this N-version approach. The following is my own opinion and not that of my employer ... etc. What Sperry wants to do is use N-version software in place of "white box" (structural) tests. The "black box" (functional) tests would be still be performed. Specifically, Sperry has asked the FAA for concurrence on using the N-version techniques described in Larry Yount's 1984 AIAA paper 84-2603 and Level 2 software V&V {referring to RTCA/DO-178A, which uses 3 levels of software (depending on criticality): Level 1 (Critical), Level 2 (Essential), Level 3 (Non-Essential)}. In its letter to Sperry, the FAA says that this method "appears to be satisfactory" with the following constraints: a. Level 1 must used for paragraphs 6.2.2 (Requirements Development and Verification) and 6.2.3 (Design). b. Formal configuration control must used and, if common errors are found, structural testing may be required for some or all of the modules. c. Formal review and comparison of source code must be used to verify dissimilarity. Where this is not feasible, Level 1 structural test and analysis must be used. d. Functional tests of the system must be performed. It must be shown that the system will not have false alarms. It seems to me that c. is the same as doing structural analysis. Therefore, this method is not any less rigorous than "full" DO-178A Level 1. However, how one complies with c. and d. I do not know. Kevin R. Driscoll, Senior Research Scientist (612) 782-7263 Honeywell, 3660 Technology Drive, M/S MN65-2500, Mpls, MN 55418 UUCP: {ihnp4,philabs,umn-cs,mmm}!srcsip!kevin ------------------------------ From: Usenet To: mod-risks@seismo.CSS.GOV From: jbrown@jplpub1.uucp (Jordan Brown) Subject: Re: Altitude encoders: $1500 for Mode C? No, $750. Date: 3 Mar 87 06:10:40 GMT Sender: news@elroy.Jpl.Nasa.Gov We just had an altitude encoder installed in our airplane for $750... I strongly recommend that any A/C owners out there get one. ------------------------------ To: risks@sri-csl.arpa Subject: One more on fly/steer-by-wire Reply-To: mtune!jhc@harvard (Jonathan Clark) Organization: AT&T ISL Middletown NJ USA Date: 2 Mar 87 22:58:55 EST (Mon) From: rutgers!jhc@mtune.ATT.COM I think that it is relevant to point out that pilots of military jets have a very good record of steering a broken plane so that it crashes in a safe area, sometimes at the cost of their own lives. How many of us would do the same in a car? Also, all the rear-wheel steer-by-wire systems which I have heard about have been designed to be fail-safe, by locking the rear wheels in the straight-ahead position, which makes them the same as current-day cars. Should they fail in a locked-over position then the driver would feel some steering drag, but nothing uncontrollable. Some show vehicles have had full steer-by-wire, but this is at no more than the experimental stage. Jonathan Clark jhc@mtune.att.com ------------------------------ From: wiley!doug@seismo.CSS.GOV Date: 4 Mar 87 00:56:14 GMT To: mod-risks@seismo.CSS.GOV From: doug@wiley.UUCP (Doug Rudoff) Subject: Steer-by-wire cars (Re: RISKS DIGEST 4.53) Date: 4 Mar 87 00:56:12 GMT Concerning steer-by-wire cars, why would you want one in the first place ? I can understand the use on a large airplane where it would be almost impossible to fly without some sort of power system. But with a car, where it seems that it easy to have direct mechanical linkage for steering as well as a power system, why bother ? It's also probably safer that way too. Mechanical linkage steering does not have a very high incidence of failure. Doug Rudoff TRW Inc., Redondo Beach, CA !{trwrb,cit-vax}!wiley!doug ------------------------------ To: RISKS@csl.sri.com Subject: Software Safety in ACM Computing Surveys, June 1986 Date: Tue, 03 Mar 87 16:19:25 -0800 From: Daniel S. Conde The June 1986 (that's right, 1986) issue of the ACM Computing Surveys just came out, and has an article by Nancy Leveson titled "Software Safety: Why, What, and How". It should be of interest to all RISKS readers. Dan Conde ------------------------------ Date: Tue 3 Mar 87 11:54:57 N To: risks@csl.sri.com From: Niall Mansfield Organisation: European Molecular Biology Laboratory Postal-address: Meyerhofstrasse 1, 6900 Heidelberg, W. Germany Phone: (06221) 387-0 [switchboard] (06221) 387-247 [direct] Subject: Computerized `people meters' for TV audience ratings As far as my sketchy knowledge goes, the audience ratings here in Germany are collected (or soon will be) by true 'people meters'. A box with phone line access is hardwired into the TV, and it detects and records what channel is being viewed when. The central data collection office dials up each viewers' meter overnight, and the data are sucked up for processing. The one thing the box can't do is know who is actually looking at the TV; for this a hand-held thingummy (rather like a TV remote control) is supplied, which has a button for each member of the family (and and extra one for visitors - isn't that very hospitable of them!). People are supposed to 'clock in' and out their personal viewing with the buttons. Personally I wouldn't be caught dead with such a thing. Big Brother would have to do almost nothing to monitor an awful lot of your life, almost in real time. ------------------------------ Date: Tue, 3 Mar 87 08:55 CDT From: Mike Linnig To: risks@CSL.SRI.COM Subject: More on Dallas phone outage (Ft. Worth Star Telegram -- STARTEXT (c) 26-feb-87) AT&T computer failure stalls area 214 calls DALLAS (AP) -- Long distance telephone service was back to normal Thursday in Dallas and across a vast area of North Texas after thousands of calls were blocked for hours because of a computer problem, an AT&T spokesman says. "Our number four electronic switching system, which is essentially a large computer that switches long-distance clals into and out of the 214 Area Code, failed," Diane Schwilling, media relations manager for AT&T, said Wednesday. "The machine handles between 500,000 and 600,000 in its busiest hours. It's capable of handling more than that," she said. The problem began about 9 a.m. Wednesday and by 2 p.m. the company had begun processing calls through the switch again. "From about 3 to about 4 it was handling calls real well," Ms. Schwilling said. Then, there were more problems. At 6 p.m., she said service was near normal and that no other work on the computer was planned for Wednesday night. The malfunction affected long-distance calls primarily into and out of the 214 area, so anyone calling into or out of the area could have been affected, she said. "Other parts of Texas may have gotten more busy signals than normal simply because during the busy hours of the days, the Dallas switch acts as a backup and would pick up overflow traffic from other parts of the state," Ms. Schwilling said. ------------------------------ From: Gene Spafford To: mod-risks%gatech.csnet@RELAY.CS.NET Subject: Soliciting suggestions for 1988 CSC panel on liability Date: 2 Mar 87 13:59:41 GMT For the program committee for the 1988 ACM CSC to be held in Atlanta, I'm organizing a panel session on liability issues in software. The intent is to have the panel address issues more related to the legal aspects rather than methods of software engineering methods or ethical considerations of using computers, although those also may be fair game. I'd appreciate suggestions from Risks readers as to people you'd like to see on the panel. Please include some reasons why you think the people you are nominating would be interesting, and provide me with a contact address, if possible. You can nominate yourself if you believe you have something to contribute. I already have some ideas of people to invite, but I'd like to get more input before issuing formal invitations. Thanks. Gene Spafford Software Engineering Research Center (SERC), Georgia Tech, Atlanta GA 30332 CSNet: Spaf @ GATech ARPA: Spaf@gatech.EDU uucp: ...!{akgua,decvax,hplabs,ihnp4,linus,seismo,ulysses}!gatech!spaf [Aha! RELIABILITY must be when you have LIABILITY and so you do it AGAIN. PGN] ------------------------------ From: jon@june.cs.washington.edu (Jon Jacky) To: risks@sri-csl.arpa, [...] Subject: Conference on computing and society in Seattle, preceding AAAI Date: Tue, 03 Mar 87 08:59:31 PST (Excerpts from call for papers in RISKS-4.28. Due date 4/1 is approaching.) DIRECTIONS AND IMPLICATIONS OF ADVANCED COMPUTING Seattle, Washington July 12, 1987 The adoption of current computing technology, and of technologies that seem likely to emerge in the near future, will have a significant impact on the military, on financial affairs, on privacy and civil liberty, on the medical and educational professions, and on commerce and business. The aim of the symposium is to consider these influences in a social and political context as well as a technical one. The social implications of current computing technology, particularly in artificial intelligence, are such that attempts to separate science and policy are unrealistic. We therefore solicit papers that directly address the wide range of ethical and moral questions that lie at the junction of science and policy. [Submit papers to be refereed on ] RESEARCH FUNDING, DEFENSE APPLICATIONS, COMPUTING IN A DEMOCRATIC SOCIETY, COMPUTERS IN THE PUBLIC INTEREST, other relevant topics. The program committee includes Andrew Black (U. WA), Alan Borning (U. WA), Jonathan Jacky (U. WA), Nancy Leveson (UCI), Abbe Mowshowitz (CCNY), Herb Simon (CMU) and Terry Winograd (Stanford). Complete papers, not exceeding 6000 words, should include an abstract, and a heading indicating to which topic it relates. Papers related to AI and/or in-progress work will be favored. Submissions will be judged on clarity, insight, significance, and originality. Papers (3 copies) are due by April 1, 1987. Notices of acceptance or rejection will be mailed by May 1, 1987. Camera ready copy will be due by June 1, 1987. Proceedings will be distributed at the Symposium, and will be on sale during the 1987 AAAI conference. For further information contact Jonathan Jacky (206-548-4117) or Doug Schuler (206-783-0145). Sponsored by Computer Professionals for Social Responsibility, P.O. Box 85481, Seattle, WA 98105. ------------------------------ End of RISKS-FORUM Digest ************************ -------