Tuesday, September 20, 2005

Anderson, Thomas and ID cards

I had reason to re-visit today the wonderful testimony, regarding ID cards, of Professors Ross Anderson and Martyn Thomas to the Select Committee on Home Affairs (June 2004).

It is hugely informative and at times very entertaining. At one point Prof Thomas, in answer to question 373, "do you see the public procurement difficulties as insuperable?" says:

"Yes, I do. I would like to tell you something that you will not believe but which I think it is important that you hear, and that is that almost every IT supplier in the world today is incompetent. I have worked in the IT industry almost all my working life for large and small organisations, and I know of what I speak. For example, the typical rate of delivered faults after full user acceptance testing from the maker suppliers in the industry over many years has been steady at around 20 faults per thousand lines of code. We know how to deliver software with a fault rate that is down around 0.1 faults per thousand lines of code and the industry does not adopt these techniques. We are as an industry very much in the early stages. The industry is only 50 years old. If you compare that with civil engineering, which is several thousand years old, we are tackling some of the most complex engineering designs and building some of the most complex engineering systems that the world has ever seen, essentially using craft technology. If you looked at the methods that are employed in most companies you would come to the conclusion that actually IT system development is a fashion business, not an engineering business, because they jump from one methodology to another year after year so long as it has a whizzy name, "Agile this" or "Intensive that". The underlying engineering disciplines that every mature engineering discipline has learnt it needs to use in order to be able to show that the system it is building has the required properties have not yet been employed in software and systems engineering, and that is at the heart of why these things do not work."

Spot on!

No comments: