Welcome to Orcmid's Lair, the playground for family connections, pastimes, and scholarly vocation -- the collected professional and recreational work of Dennis E. Hamilton
Ignaz Semmelweis and the State of Software Reliability
Sir Tony Hoare has been delivering powerful exhortations to computer scientists and theoreticians at this week’s sessions of the 2006 Federated Logic Conference (FLoC) in Seattle, Washington. When Hoare spoke of the importance of forwarding theory, experiments, and scientific tools as collegial specializations, it struck me that the status of the software industry today has some uncanny parallels to the state of medical practice as recently as 1850.
In the 1840s and earlier, young mothers feared delivering their babies in hospitals because of the pronounced incident of deaths in childbirth. Deaths by infection after injuries and surgeries was so commonplace as to be feared as inevitable. The Hungarian-Austrian physician Ignaz Semmelweis determined that there was a correlation between the incidence of death by sepsis in otherwise healthy women and the lack of antiseptic procedures by physicians in the hospital. Semmelweis could not explain why there was a correlation, because microbes and the micro-organism theory of transmittable diseases was not yet established. He had the experiments and the tools, but not the theory. The medical establishment of the time ridiculed and rejected the findings of Semmelweis, some of whose efforts to be heard were self-defeating. In hindsight we know that the infections were carried to the women from the doctors’ unprotected contact with infected patients and even corpses. Many more women would die in childbirth before the clinical practice of medicine was altered to include the stringent antiseptic procedures that we now know as commonplace and routine.
It seems to me that today’s software developers are very much pre-scientific software clinicians. Our software exhibits the ravages of disease. Our programmed offspring are often still-born or suffer infant death. Yet we resist the application of even the simplest prophylactic methods for production of healthier software. We behave as though disease is inevitable and has nothing to do with us. Software developers are resigned to the existence of defects and and the public has become jaded in a world where it is commonplace to have to shutdown and restart even the most mundane electronic devices in order to recover from software-injected defects.
I take this medical-science and disease-treatment analogy as good news. As Thomas Ball remarked to me as we were breaking for lunch today, we have before us the possibility that a century from now software engineers will be amazed to look back to the state of the art as it is practiced today. They may shake their heads over the crude conceptions and ill-conceived approaches that were dogmatically applied in the early history of software development. Bugs and mistakes may never be eliminated (we do not control disease by stamping out all bacteria and viruses of the biological kind), but we can imagine the benefits of prevention (and healthy software lifestyles) in place of post-trauma palliatives for the fortunate survivors of software disease.
Progress will take more than my flip suggestion that programmers wash their hands before picking up their mouse. There is certainly much to stop and consider before hacking out one more program, no more reliable than the previous one. We have no idea what will happen that makes it possible and practical for bug-free software to be produced outright. But the future will be grateful for the importunings of Dijkstra, Hoare, and others who insisted that we never give up on the ideal of demonstrably-correct software. In Tony’s words before a panel on Grand Challenges for Software Verification earlier this week, “We should all look forward to the day when software is accepted as the most reliable component of the system that contains it.”
I originally named “Linneaus” during the session when remarking on this analogy to the primitiveness of medicine in the recent historical past. It took my search for a citation that had me realize that I was thinking of Semmelweis. I can’t imagine what had this occur to me other than having read a historical novel based on the life of Semmelweis over 40 years ago. I also see that Tony Hoare came here after providing related exhortations at a Summer School in Germany.
[update:2006-09-12 corrected spelling of “Dijkstra.”]
Dennis, thanks for this generative post. Having just moved half-way cross the country and establishing new computer and phone services I can say the "reliability" is not a concept I associate with computer-based systems.
I would love to see "the day when software is accepted as the most reliable component of the system that contains it.” But I'm not sanguine that I will live to see it in my lifetime. This disappoints me, but c'est la vie.
|You are navigating Orcmid's Lair.|