HSE seeks legal sanction against careless coders

News

HSE seeks legal sanction against careless coders

Bill Goodwin
IT professionals could face criminal prosecution if they make mistakes when building software used in safety-critical applications, under new laws being considered by the Health & Safety Executive.

HSE officials are concerned that existing civil laws do not deter poor programming and testing practices when software is used in hazardous situations.

But the proposals have angered the Computing Services Software Association (CSSA), which claimed that they could dramatically increase the cost of development in the UK.

In a discussion document obtained by Computer Weekly the HSE accused suppliers of delivering software with Y2K errors, despite knowing it could be used in safety-critical applications.

Civil laws can only be used after any software failure, but a criminal law would enable inspectors to take preventive action, and would act as a deterrent to poor practice.

"HSE believes that there is a gap in existing supply-side law which means that, should an accident occur, the HSE would not be able to take action against the person who created the risk," the document said.

It called for manufacturers, developers and suppliers to be placed under a duty, backed by criminal sanctions, to supply software that is safe, so far as reasonably practicable.

The CSSA said it would be almost impossible for suppliers to guarantee the safety of middleware, which can be used in a huge range of software environments from a range of suppliers.

Les Hatton, professor of software reliability at the University of Kent, said the current proposals would lead to miscarriages of justice or, more probably, to companies declining to offer safety-related software.

"Defining the legal framework for software liability needs much more thought than this," he said.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy