NASA Teams With Private Sector to Improve Software

Computerworld - Washington—NASA's mission system software is considered to be among the best-engineered in the world. But in the aftermath of the 1999 Mars Polar Lander crash, which was caused by a software bug, NASA officials acknowledged that a long-term fix was needed in order to build systems that don't fail. And the agency's subsequent efforts may ultimately help all IT managers.

NASA played a leading role in the creation last year of the Sustainable Computing Consortium (SCC), which includes companies such as FedEx Corp., Pfizer Inc., Microsoft Corp. and Oracle Corp.

The goal of the SCC, which is based at Carnegie Mellon University in Pittsburgh, is the Holy Grail of software design: creating software that does what it's supposed to do, no matter what. It's called "high dependability" and refers to systems that tolerate hardware faults well, maintain a high level of security during attacks and are always available.

For an anlogy, think of the field of structural engineering, in which there are extensive building codes and precise measures for determining stress and loads. Right now, there no similar measures for quantifying the reliability of software, particularly in interconnected systems. "Imagine if there is no building code, where would you start? That's where we are with software," said SCC head William Guttman, a professor of economics and technology at Carnegie Mellon.

The Feb. 1 crash of the space shuttle Columbia brought renewed attention to the highly complex computer systems and software used by the space agency. While the cause of that disaster has yet to be determined, there's no doubt that a software bug caused the Mars Polar Lander to crash. For NASA, that crash was "an important watershed event" that prompted the agency to broaden outreach efforts to improve software design, saidHenry McDonald, who headed NASA's Ames Research Center in Moffett Field, Calif., until last November.

Among systems that can't be allowed to fail are those that MasterCard International Inc. uses for its smart-card systems. Software code for those systems is inspected line by line and tested in a process that can take up half of the card development effort, particularly because of the need for high security, said Terry Stanley, the company's vice president of smart-card platform architecture.

But if vendors built better products, costs would be reduced, Stanley said. There are agreed-upon tests for chips, but that's not the case with software applications, he said. The IT industry is recognizing that application standards are needed "not only to cut down the cost of security testing, but to also reduce the time frame," he said.

MasterCard worked with SCC member Cigital Inc., a Dulles, Va.-based software engineering firm, to analyze and test its systems. One huge problem engineers face in checking systems, said Jeffery Payne, president and CEO of Cigital, is the ability to determine mathematically the reliability of an assembled system.