Fixing programmers

Posted Mar 18, 2019 11:43 UTC (Mon) by farnz (subscriber, #17727)
In reply to: Fixing programmers by pizza
Parent article: Cook: security things in Linux v5.0

That's not sufficient - maritime transport is regulated in the same way as aviation, and yet is as generally disasterous as programming. In particular, maritime accidents can be blamed on human error and the captain or their crew prosecuted in a way that does not happen in aviation - see the Costa Concordia disaster for example, where no lessons are being learnt by the industry because they can push the blame onto the captain.

Fixing programmers

Posted Mar 18, 2019 12:46 UTC (Mon) by pizza (subscriber, #46) [Link] (5 responses)

I'm not sure that the Costa Concordia is a good example here, as the company was based in Italy, the ship flew an Italian flag, and the accident happened in Italian waters -- it's rare for two to be true, much less the trifecta! -- and its Captain demonstrated astonishing (not to mention criminal) levels of gross incompetence.

That said, the cruise industry as a whole also made changes (notably requiring safety drills prior to leaving port instead of "within 24 hours" as the governing treaties require) and much stricter rules about non-essential personnel on the bridge -- eg if you're going to sneak your mistress on board without a ticket, at least keep her off the bridge during offshore manoeuvres.

I might postulate that the "maritime industry" is learning the lesson that poor safety practices will severely hurt them in the market -- both in lower passenger booking and drastically higher insurance premiums. (Indeed, insurance company requirements probably do more to effect industry-wide changes than governments ever do..)

Fixing programmers

Posted Mar 18, 2019 13:20 UTC (Mon) by farnz (subscriber, #17727) [Link] (4 responses)

The Costa Concordia is a good example, because it had a near-miss doing a similar manoevure at company request under the same captain a few months earlier, but no formal investigation happened - it was just one of those things - and even now, the effort is to claim that the captain was at fault.

In an aviation equivalent, the setup would allow any bridge officer to override the captain on a risky manoevure like this; it simply wouldn't be just the captain's fault as the Concordia was suggested to be.

Plus, there are plenty of design issues with the cruise ships in general, which are being completely ignored in favour of minor tweaks to the way they operate - despite knowing that the requirement for active stability assist to stay upright is part of what caused the Concordia to crash.

Fixing programmers

Posted Mar 18, 2019 15:56 UTC (Mon) by pizza (subscriber, #46) [Link] (3 responses)

> In an aviation equivalent, the setup would allow any bridge officer to override the captain on a risky manoeuvre like this; it simply wouldn't be just the captain's fault as the Concordia was suggested to be.

(FYI, under maritime law, "overriding the captain" is called mutiny, something that tends to go quite badly for all involved..)

Meanwhile, the book wasn't thrown at the captain (and his senior staff) for merely running aground. Instead, it was for grossly mismanaging what happened next. To top it all off, the captain *abandoned his post* well before evacuation was complete.

Fixing programmers

Posted Mar 18, 2019 16:50 UTC (Mon) by farnz (subscriber, #17727) [Link] (2 responses)

Exactly my point - there are two things that matter and are different in aviation as opposed to maritime regulation:

Overriding the captain when they are making a mistake is expected in aviation, and praised; it is punished in maritime regulation.
The questions being asked of the captain are not "what could we have changed to stop this from happening", but "why did you not do the right things".

It's that blame culture that prevents maritime rules from moving on - we have a scapegoat for the incident, we don't need to consider anything other than Captain Schettino's bad behaviour. In the aviation world, there would be more significant changes expected; why does Captain Schettino claim he was asked to do a sail-past salute? Why can't a more junior officer order preparations to abandon ship? Why couldn't Captain De Falco hand command of the ship over to Mr Bosio when Captain Schettino refused to return onboard? Why is it possible for the alarm system to be off on captain's orders alone?

And I'm not a professional investigator - those are just four things raised by the public record on the disaster that should be understood and should lead to changes to the way ships are run, if it's managed the way aviation is. Human error happens, and the rates at which it happens are well understood, so why do we accept that the disaster was Captain Schettino's fault, and leave it at that, when we should be trying to ensure that the next Captain Schettino cannot make the same set of mistakes?

Fixing programmers

Posted Mar 18, 2019 17:20 UTC (Mon) by pizza (subscriber, #46) [Link] (1 responses)

Unfortunately, many of the answers to your questions are "because maritime law."

BTW, here is the 181-page official investigation report:

http://3kbo302xo3lg2i1rj8450xje-wpengine.netdna-ssl.com/w...

Fixing programmers

Posted Mar 18, 2019 19:09 UTC (Mon) by farnz (subscriber, #17727) [Link]

I don't disagree that a lot of the issues are down to maritime law - but that's precisely the sort of thing that needs to be fixed if maritime is to catch up on aviation w.r.t. safety errors. And (to circle back round) both aviation law and maritime law are government regulations on the way their respective industries are run, complete with liability control; however, one has a strong record of ratcheting up safety over time, and the other continues to blame individuals rather than address the many ways in which changes to the law would result in better safety for all.

Hence my belief that regulation, in itself, is not sufficient to improve software - it needs to be good regulation like aviation, where the emphasis is on changing the regulation to prevent repeats, not like maritime law where flag administrators are slow to change regulations in response to known deficiencies.