Software Engineering Code of Ethics and Professional Practice
Posted by Admin on May 25, 2008
Read the document located at http://www.acm.org/about/se-code and then read the following case ethics_case and post your answer on the weblog. Remember to sign your post with your identity (First name, Id number, section number).
Closing date (Due date): Friday 25-5-1429 at 12 noon
Your reply is moderated, which means that you will not see it until the closing date.
Note: This is an optional bonus exercise.
You may post your answer in Arabic if you wish (Classic-Fusha- Arabic only).
Sara said
hi Dr.Maha .. shall we post here as a comment ?????
??
Admin said
Yes, please. Post your answer as a comment, and don’t forget to sign it with your Real first name, student-ID, and section number so I can assign marks accordingly.
mad angel said
Asalam Alikom,,
dr, should we explain our answer?
Hawra Al.Rabaan said
Name : Hawra Al.Rabaan
ID# 425202755
Sec#10244
There are several 0pti0ns she c0uld c0nsider:
1. Trying to convince them by adding another supportive opinion 0f an expert.
2. Creating a draft version of the software & showing them exactly how things could go wrong and the consequences of those mistakes. Visualization of the software might very much change their point of view.
3. If she’s acting upon the ethics of software engineers “i.e. promote an ethical approach to SW management” & if she’s willing to compromise, she can offer to lower the expenses by whatever deals she can make. It may cause her a low rate of income (or even loss). But it will help her in the long run, because generally clients appreciate loyal employees & it will most likely make them consider working with her again in the future. Also, it will help her reputation for sure “which is very important in the business field, especially when the company’s just in the beginning of its career life”.
4. Refusing to work on this case, it might seem a bit drastic, but it may help her avoid future problems (i.e. client complaints which may cause her reputation to be damaged), but in my opinion it may not be the best choice considering the early age of her company.
5. They can compromise the situation by settling to her opinion but with the same budget they planned for, and if the SW turns out to be 100% successful they should pay her the rest.
6. 0r she can avoid all that by signing an agreement of being not liable for future consequences, by that her reputation won’t be harmed & the rest can do what they find suitable, EVERY ONE’S HAPPY.
Bashaer ALkhwaiter said
What do you think Nora should do?
In starting, to be able to develop appropriate security protections, Noura must be able to convince CEO that information security is now required as proper due diligence for organizations. And to make them aware of the importance of information security, she need to be able to convince them that crimes against information are now so serious that businesses may fail and executives may be banned from their industries for inadequate attention to crime control.
I think Noura should translate information protection into management terms also she should talk in the CEO’s language to discuss these several points:
1st: Display the scenario of what will be happen if the required level of security does not applied.
2 ed: Illustrate the effects of each scenario and calculate the risk by showing how much a security blip will cost an organization.
3rd: Do technical study shows the expected costs that the company will incur if any scenario happen.
4th: Comparing the expected cost of the occurrence of any scenario including offset the cost to fill this gap with the require payment of apply the appropriate level of security.
5th: Clarifying the importance of adhering to local laws and international treaty.
6th: Develop a senior to face CEO to the risks, through the questions, for example:
-Do you satisfy any one knows the staff information or your personal information then use it?
-Is company’s reputation will be affected in case of any leakage of information from the system?
-What does law in the event of an employee complaint against your company where you did not keep his personal information so that impact him on other things?
And so on…
If those strategies do not convince the CEO of required level of security, then I personally think Noura should reject this project, because the injury will reach her business as well.
………………………………………………………
Bashaer ALKhwaiter, ID# 425202048, Section# 10242
Nouf said
id:425200612
if i were her..
1-i’ll show them a template of a similar project that have been done and failed because of the low security..
2-try my best in explaining the risks and give them a live example for each 1 as a proof
3-tell them that i’ll Accept full responsibility for my ideas if they accept it
4-wait for their judgment
5-if they refuse..i think that i’ll refuse the work for 2 reasons:
1- my company reputation is more important than money..
2- if i accept that work and failed they well think that i intend to destroy their db because i disagreed with them in the first place..
nouf ali alajmi said
answer of ethics-case
I think Nora must convince them to do at least the medium security .Because her responsibility to produce a good and secure sw, also a sw that match standard. My suggest way to Convince the:
1. She can explain if they obscure with money in the secure, they will pay may be more than the double they Obscure it
2. She can give them example about company that having Lifting case
From its employee because their information is discover by others
3. She can support herself by Stats and studies about how security is important and the effects of low secure
nouf ali alajmi
425200325
10238
نجد الموح said
Norah has to respect the public interest since it is compulsory to pay a large amount of money in order to have a more secure system. I think this is what the public interest require. In fact, having a highly secure system keep the information as secret from employees. This system has to meet the requirements of Nora and her colleaques. They should maintain the reputaion of their profession and promote for the ethical approach . They also have to cooperate to increase the performance of their profession. Therefore, paying more than what they plan to pay is necessary for the public interest.
—————————————————————-
Najd abdul aziz almouh
424201216
10242
Admin said
Yes, please explain your answer.
Bashaer said
H! Dr.Maha, how do we know that the answer is arrived?…thanx:)
Nouf said
id:425200612
if i were her..
1-i’ll show them a template of a similar project that have been done and failed because of the low security..
2-try my best in explaining the risks and give them a live example for each 1 as a proof
3-tell them that i’ll Accept full responsibility for my ideas if they accept it
4-wait for their judgment
5-if they refuse..i think that i’ll refuse the work for 2 reasons:
1- my company reputation is more important than money..
2- if i accept that work and failed they well think that i intend to destroy their db because i disagreed with them in the first place..
Nouf said
hi doctor..i’m trying to post my answer but a strange message appeared
“Your comment is awaiting moderation”
nouf said
dr i post comment in the morning of 24-5 but i did not see it should i posted again??
Razan AL-Mazroo-425201972-Sat 8-10 ,wed 8-9 said
As following the role of Software Engineering Code of Ethics and Professional Practice I found from principle 1 that talks about public interest that from this cases:
1.03. Approve software only if they have a well-founded belief that it is safe, meets specifications, passes appropriate tests, and does not diminish quality of life, diminish privacy or harm the environment. The ultimate effect of the work should be to the public good.
1.04. Disclose to appropriate persons or authorities any actual or potential danger to the user, the public, or the environment, that they reasonably believe to be associated with software or related documents.
Applying the above cases,Nora should not approve for this sw because it’s not safe and will diminish privacy and harm the environment.
And according to priniple 2 of client and employer interest:
2.06. Identify, document, collect evidence and report to the client or the employer promptly if, in their opinion, a project is likely to fail,
Mona should tell the client that the project is likely to fail because of it less secure .
And according for Product principle that ensures that the product meets the higher standard
3.12. Work to develop software and related documents that respect the privacy of those who will be affected by that software.
Mona should ensure the ultimite privacy of the produced sw.
And according to the SELF principle
8.02. Improve their ability to create safe, reliable, and useful quality software at reasonable cost and within a reasonable time.
Nora should only deliver safe project.
Bedour said
————————
Norah has 2 options:
A. Leave it (I’ll explain why)
B. Take it (with conditions)
But I’ve founded that the reasonable choice is A (it’s what I’d do) . and because I have more reasons for leaving it and I have to submit only one answer , so am putting my reasons here for choosing not to take the project:
• As Engineers can’t approve software only if they have a well-founded belief that it is safe ,and thy can’t authorities any actual or potential danger to the user , Norah will not be able to sleep at night if she thinks that someone could be hurt or bothered because of her.
• Engineers have to Ensure proper and achievable goals and objectives for any project on which they work or propose , having a week project is no one goal, normal people prefer no program than a week one because they look for perfectness ..And Norah should take the best for her; a week project won’t help her as beginner.
• Beside… The profit peace be upon him said ان الله يحب أذا عمل احدكم عملا ان يتقنه”” . As Norah told them that it won’t be good, she won’t be comfortable and she won’t be able to make it good.
• software engineers should know the employer’s policies and procedures for protecting passwords, files and information that is confidential to the employer or confidential to others, knowing it without doing it won’t be good(ethical).
• Professional engineers take responsibility for detecting, correcting, and reporting errors in software and associated documents on which they work, that’s what Norah did =)
————————
BEDOUR ABOUAMMOH
ID: 42520 15 36
SECTION: 10242
———————— thanx =)
HAJAR said
HAJAR
425202360
10240
===============
She don’t do this project to
1\ keep her reputation
2\ the CEO know size of risks and dangers
and explain why in the documentation .
=============
Reem said
I think Nora should choose strong security for system. Because Software engineers shall:
Approve software only if they have a well-founded belief that it is safe
Moderate the interests of the software engineer, the employer, the client and the users with the public good
Ensure good management for any project on which they work, including effective procedures for promotion of quality and reduction of risk
Ensure that software engineers know the employer’s policies and procedures for protecting passwords, files and information that is confidential to the employer or confidential to others.
First name: Reem
ID: 424202871
Section#:10244
Nada Mohammed said
من الأفضل أن نور تعمل النظام بدرجة حماية تناسب البيانات بغض النظر عن متطلبات المدير
لان لو عملته بما يوافق المدير فهذا يخالف أخلاق المبرمج المفروض أن يتحلى بها
CLIENT AND EMPLOYER – Software engineers shall act in a manner that is in the best interests of their client and employer consistent with the public interest.
PROFESSION – Software engineers shall advance the integrity and reputation of the profession consistent with the public interest
ندى السحيم
425202115
10244
sarah said
Nora should use more security system (strong)
Because Software engineers shall act in a manner that is in the best interests of their client and employer, consistent with the public interest and ensure that their products meet the highest professional standards possible
First name: Sara
ID: 424207208
Section#:10244
nouf said
Name:Nouf ID:425203660 section:10244
من المفروض إن تختار الأمن يكون عالي، من اجل الحفاظ على السلامة وسمعة المحل ويجب أن يتفق مع المصلحة العامة.
وإذا تمت الموافقة على هذا العمل مع الرفض أن يكون الأمن عالي فمن المفروض أنها تنسحب وعدم تقديم مصالحها من اجل المادة وان مصلحه العامة فوق كل شيء.
أما إذا تمت الموافقة على العمل مع جعل الأمن عالي فمن الممكن أن توافق وتواصل العمل معهم.
* ومن أخلاقيات الموظف أن يبين للزبون مخاطر هذا العمل على البيانات.
Mada AL-Haidary said
Based on Software Engineering Code of Ethics and Professional Practice , Nora should reject design this database management system because if she design with less security it will not meet best interests of their client and employer consistent with the public interest.
And may decrease degree of Professional which effecting on Nora company reputation
Name :Mada AL-Haidary ID :425202309
section:10242
Sara Al-Bakr said
Sara Al-Bakr
ID: 425202100
Section: 10242
Nora can make several things. One of them that she can store all sensitive information in one folder and prevent Everyone group from access this folder, and allow just the Administrators group to access this folder.
Arwa said
ARWA MOHAMMED AL-ZABIN
424204791
10244
from 11-12
———————-
Nora must work the following:
1- Identify, document, collect evidence and report to the client and CEO , Includes full and accurate description of the significant problems to project fail because it less security and the public interest is more important and they bear full responsibility.
2-If they agreed with Nora , she must complete the work but if they refuse she must refuse to participate for reasons:
1- Public Interest it’s a base in this work
2- Not submit her own interest at the expense of the profession
3- Integrity and reputation Also must be submitted
sarah alasaker said
يجب ان تتصرف نورا وفق المصلحه العامه،وتقبل المسؤليه الكامله للعمل وان تستطيع
المحافظه على بيانات الزبون وسريتهاحتى لو طال عليها الزمن وكما يجب ان تقدم تقرير للزبون
توضح له انه من الممكن فشل المشروع اما لانه غالي الثمن اولم يحقق الامان المطلوب لان هذا بعتبرشرطا من شروط
اخلاقيه عملهم و وكما يبجب ان يتضمن المشاكل التي ظهرت وحلولها وايضا وصف دقيق وكامل
واذا اصرو على اكمال العمل باقل امن يجب عليهم عدم اكمال العمل
ساره بن عساكر
425202719
محاضره السبت من8-10
omnia said
First, Nora should understand and ensure that those risks are satisfied and could possibly happen and if that is true then she has to do the following steps, according to the ethics code Nora, CEO, director of computing and personnel should cooperate with each other for the interest of the client, so they should follow the code of ethics by identifying the risks that will be caused by making the system less secure due to hacking or other things and they must be honest with their client and let him recognize the case. If they don’t commit to the code of ethics she has to try to convince them with information and evidences she is completely sure about, if this doesn’t work she could try calling upon the opinions of the others and count the number of supporters, if this either doesn’t work she must then avoid them IF possible, refuse to participate with them and hold them the responsibility of errors happening to the system or if discussions are totally impossible she could report their violation of the code to appropriate authorities when real proofs exist.
omniah, ID:425202344, section#10238
sarah alasaker said
يجب ان تتصرف نورا وفق المصلحه العامه،وتقبل المسؤليه الكامله للعمل وان تستطيع
المحافظه على بيانات الزبون وسريتهاحتى لو طال عليها الزمن وكما يجب ان تقدم تقرير للزبون
توضح له انه من الممكن فشل المشروع اما لانه غالي الثمن اولم يحقق الامان المطلوب لان هذا بعتبرشرطا من شروط
اخلاقيه عملهم و وكما يبجب ان يتضمن المشاكل التي ظهرت وحلولها وايضا وصف دقيق وكامل للعمل
ويجب ان يكونوا وفق القوانين ومبادىءالبرامج الأخلاقيه مالم يكن هناك ظروف استثنائيه مثل انه لايتفق مع المصلحه العامه او انه
يسبب الاذى للاخرين ويأثر عليهم”مثل الامان قليل بحيث يتمكن اي شخص من الاطلاع على البيانات السريه
وهذا مخالف للمطلوب”
واذا اصرو على اكمال العمل باقل امن يجب عليهم عدم اكمال العمل
ساره بن عساكر
425202719
محاضره من 8-10
السبت والاربعاء
lamya said
Lamya al-jasser…section:sat from 8-10..ID:425203811
about nora…when i be nora and some one tels me to make any SW or DB..if the customer need any level of security and the security is less then the level what spose to be..
if the risk is not to mutch and if we do the system no thing to much happen first i explain the risk for the clint and i tell them that security is less to the SW if thay dont worry i do it.
but if the risk is so less and the SW be hakerd or the info of the SW must be more secure in this case I explain the risk if thay dont worry hear i reject the SW and never do it..
thanks.
lamia said
السلام عليكم دكتوره ارسلت الbunse
على ايميل استاذه لطيفه لانه موراضي ينزل هنا وايميلك ما اعرفه
maha al mufadda said
id#425202078 sec#10238
in the Software Engineering Code of Ethics and Professional Practice PRINCIPLE 1.03 it says “Approve software only if they have a well-founded belief that it is safe, meets specifications, passes appropriate tests, and does not diminish quality of life, diminish privacy or harm the environment”
& in this case the privacy is violated. plus in the principle number 3 “PRODUCT – Software engineers shall ensure that their products and related modifications meet the highest professional standards possible.” the highest standard here is security!!
I guess nora has done what she could.. she tried 2 explain the risks of doing so… & the company refused 2 listen.. i guess she should check her contract 2 c f there is any thing regarding 2 this case (honer) f she found it she should do what it says… f she didn’t … i guess it’s up 2 her 2 choose between her conscious (regarding the privacy of others) or 2 continue her job!!
ساره المسهر said
Hello Dr.Maha I hope I’m not late. My opinion on this case is that Nora should definitly stop and not make any plans about the security plan. She should ask the company if they want to buy the software as it is without the security and they can go somewhere else to make the security plan, if they refuse buying the software then thats okay Norah should keep it with her even though she wasted time and effort and money on building this software, because the loss will just be a tiny little loss compared to the loss of her reputation as a developer if she did the security plan and gave the organization the software with the security embedded because in this case her reputation as a develepor will be damaged and spread in the market that Norah’s company cannot or doesnt make good software, and when a person loses their reputation it can not be bought back even with all the gold in the world. And the reason for losing her reputation as a good developer is that once she makes the software with its ill security plan and that once the medium-sized company starts using this software and the customers information starts to leak out,their reputation as a insurance company will get ruined and when that happens they wont blame themselves for asking to make the security low,no they will only blame her and maybe even sew her.
ساره المسهر said
sorry i made a mistake what i meant is sew=sue
mad angel said
i know i was late.. but i hope u’ll excuse me & f u wanna know my reasons ill explain ::$
about the last sentence i wrote “2 choose between her conscious (regarding the privacy of others) or 2 continue her job!!”, what i meant either she respects her principles & have her conscious clean & leave the job.. or she just ignores that & continue working n that company
ramah said
Based on the principles of the code of ethics, software engineers should act consistently with the public interests. At the same time, they should be acting in a manner that is in the best interests of their client.
So I think Nora should not go with this system since it doesn’t meet the requirements and specifications of it. This weak security doesn’t provide a high quality product, and will affect the client, users and Nora’s own business in case those risks did happen in the future, even though the client decided to go with the less secure system.
Ramah
ID#424200300
Section#10242
ghada said
Nora should be make the system more secure although it’s cost more than they planned
Because of their roles in developing software systems, software engineers have significant opportunities to do good or cause harm, to enable others to do good or cause harm, or to influence others to do good or cause harm.
ايمان العوبثاني said
425202671
10244
يجب ان تتصرف بما يتوافق مع المصلحه العامة.بقدر مايكون مناسب -1
عليها ان تقترح طرق اخرى لحل المشكله تكون اقل تكلفه بقدر الامكان واكثر امان-2
تكشف لجميع الاطراف المعنية على التضارب في المصالح التي لا يمكن تفاديها -3
4-ترفض القيام باداء هذا البرنامج بهذا الضعف الامني لانه من اخلاقيات مهندس البرمجيات اداء المشروع بما يكفل المصلحه العامه
لاتقدم مصلحتها الخاصه على اخلاقيات المهنه-5
6-اطاعة جميع القوانين التي تحكم عملها ، ما لم يكن ، في ظروف استثناءيه ، مثل هذا الالتزام لا يتفق مع المصلحه العامة.
7-الاعتراف بأن الانتهاكات من هذا القانون لا تتفق مع كونها مهندسه برمجيات
يجب ان تخبر الجهات المختصه بهذه المحاوله في الخرق الامني
may-algaith said
may algaith
ID : 424203414
section number :10242
2.09. Promote no interest adverse to their employer or client, unless a higher ethical concern is being compromised; in that case, inform the employer or another appropriate authority of the ethical concern.
3.0 Ensure realistic quantitative estimates of cost, scheduling, personnel, quality and outcomes on any project on which they work or propose to work and provide an uncertainty assessment of these estimates.
8.02. Improve their ability to create safe, reliable, and useful quality software at reasonable cost and within a reasonable time.
1- بما أن الأمن ضعيف فيجب أن لا تسلمه لهم , لان هذا يضر العامه
2- وتحاول أن تعطيهم حلول , بكلفه اقل وامن أكثر
Hend Al-Mutairy 425204962 10283 said
من الأفضل أنها تحاول أن تقنع صاحب الشركة بأهمية الأمن لبرنامجه بأكثر من طريقة .. فإن لم تستطيع اقناعه تحاول أن تنفذ له البرنامج بأقل تكلفه بحيث تكون مقبولة للطرفين .. فإن لم يجدي ذلك فليس لها الا أحدالحلين ..
وهو أن تنفذ البرنامج كما طلب الزبون بمستوى منخفض من الأمن أو أنها تنفذ له البرنامج بحيث تتوفر فيه الأمن والسريه الكافيتين بدون مقابل ..وأنا أرجح الحل الثاني فهذا سيكون فيه ارضاء لأمانتها في العمل لأن تنفيذ البرنامج بدون أن يحقق الأمن مطلوب قد يخل بهدف أساسي من أهداف البرنامج وهي الأمن والسرية كما أن يقلل من كفاءة وجودة البرنامج .. وقد تكتسب بسلوكها هذا ثقة الزبائن ورضاهم .. كما أنها تكتسب الخبرة والمعرفة من ذلك ..
hadeel said
Hi i need Chapter slide of book titled:
Profissional issueses in software enfinerring
by : frank bott et al
ASAP
thanks
hadeel said
Hi i need Chapter slide of book titled:
Profissional issueses in software enfinerring
by : frank bott et al
ASAP
thanks