Risk Factor iconRisk Factor

Another Big Data Loss

I thought we'd be able to ring the bell, but only the records of 650,000 J. C. Penney (and up to 100 other retailers') customer records were lost when a computer tape went missing. In a Chicago Tribune story, GE Money which handles the the credit card operations for Penney's and the others said btoh customer credit card and social security records were on the missing tape.

GE Money says that it will be paying for 12 months of credit-monitoring services for those on the missing tape.

The tape went missing last October, so I guess this loss wouldn't have counted towards the first million record data loss in the US of 2008 anyway.

UK Chinooks: $150 million for Hope over Experience Software?

Chinook.gif While Boeing may be having troubles with the Dreamliner, according to a story in the UK Computing it is to receive a £90m contract to rectify software and avionics problems for eight brand-new Chinook helicopters that have been sitting in hangers at RAF Odiham for the past nine years.

This has been one strange defense program from the beginning, which goes back some 13 years. Below are excerpts from the 2005 UK Select Committee on Public Accounts report that gives some background to the story:

"In July 1995, the Department [UK Ministry of Defence] decided to upgrade eight of the 14 Chinook Mk2 helicopters it was procuring as part of its requirement for a Medium Support Helicopter. The upgrade to an enhanced Mk3 standard would include improvements in range, night vision, and navigation capabilities. The project was scheduled to cost more than £250 million and the forecast in­service date was November 1998. A subsequent change to the requirement led to an avionics upgrade programme being put to contract in 1997, which entailed a hybrid solution, incorporating elements of the existing analogue cockpit and new digital systems and displays. The need to test the airworthiness of the aircraft together with some programme slippage led to the setting of a new In-Service Date of January 2002. When the aircraft were accepted from the contractor in December 2001, the Department found that it was unable to demonstrate that the flight instruments met United Kingdom Defence Standards, as this requirement had not been specified in the contract. Consequently, the aircraft could not be used other than for limited flight trials."

"The Department said that there were three main reasons why the helicopters remained grounded and were unfit for their operational task. First, without access to the source software codes held by the United States, the safety parameters of the aircraft could not be tested in its current configuration. One of the main contractors has now indicated that it would allow access to some software data. The process of analysis is, however, time consuming and expensive and there is no guarantee of success because the legacy software is not amenable to the techniques required to confirm the robustness of the software design. Secondly, the specialist role envisaged for the aircraft had changed since they were acquired. Finally, the aircraft needed to be fitted with Health and Usage Monitoring Systems, a range of systems that seek to monitor the progressive wear of engines, and better Defensive Aids Suites."

"Despite the fact that all the aircraft accepted from the contractor met, and in some cases exceeded, the contract, the Department accepted that the taxpayer had not been well served by the procurement of the Chinook Mk3."

According to Computing, the Chinooks should be ready by 2009, 11 years late. I guess that is a bit longer than the Australian Super Seasprite avionics upgrade program. At least the Chinook program hasn't been a continuous cock up like the Seasprite, though.

Boeing Delays 787 Dreamliner Again

Boeing.gif

Just a month after delaying the first-flight of the 787 Dreamliner and promising that things were on track, Boeing once again delayed first flight by at least three months. First customer delivery subsequently slipped from the end of this year into early next.

Boeing admitted that it had underestimated the amount of time needed to complete the work done by suppliers of key 787 components. During the analyst conference call yesterday, Boeing management was asked, "Supply chain aside, you have a slip here in first flight of three months, and how much of that and the delay in power on is related to problems in getting systems to play to one another? We still hear rumors of problems with the flight control computer, the common core, etc." Boeing management gave a long-winded, roundabout answer to the question without really answering it, so one suspects that there may be more computer issues than it is letting on to or the FAA is asking about.

One analyst says that "Boeing's credibility is shot." Some customers like Qantas, Nippon Airways and Japan Airlines are thinking of pressing for compensation as well. Boeing's credibility may not be shot, but it is pretty thin.

If Boeing has to slip again, things could start to get very, very interesting.

Microsoft Wants to Patent Spying on You

Spymaster.gif

In today's London Times, there is a story about Microsoft developing "Big Brother-style software capable of remotely monitoring a workerâ''s productivity, physical wellbeing and competence."

The story goes on, "The Times has seen a patent application filed by the company for a computer system that links workers to their computers via wireless sensors that measure their metabolism. The system would allow managers to monitor employeesâ'' performance by measuring their heart rate, body temperature, movement, facial expression and blood pressure."

"Microsoft submitted a patent application in the US for a 'unique monitoring system' that could link workers to their computers. Wireless sensors could read â''heart rate, galvanic skin response, EMG, brain signals, respiration rate, body temperature, movement facial movements, facial expressions and blood pressure', the application states."

"The system could also 'automatically detect frustration or stress in the user' and 'offer and provide assistance accordingly'."

This last part made me laugh pretty hard. Let's see, my Windows XP machine had to reboot twice yesterday because of Windows errors, and my frustration level got fairly high. What could it do to "provide assistance accordingly?" The best Microsoft could do was to offer to send an error message to its gnomes. A better solution would have been to offer to buy me a new ultra-thin Mac laptop.

If Microsoft's "monitoring software" works as well as Windows, Vista, or whatever else is in their future labs, no one has anything to worry about, except maybe the continuous mis-reading your state of well-being.

And I do wonder what will be so unique about such a system when NASA has been monitoring its astronauts since the early 1960s. I would like to see the patent section on prior art and why their software is so "unique."

Now Where Did I Leave That Sponge?

bunny.gif

A short time ago, the Chicago Tribune ran a very interesting story on the use of bar codes as well as Radio Frequency (RF) detection as a means to keep track of surgical sponges during operations. Sponges are left in about 1,500 people a year during their operations in the US. In a 2003 study published by the New England Journal of Medicine, leaving sponges and other surgical instruments in patients happens most often during emergency surgery or because of some unexpected change in the surgical procedure.

One system by SurgiCount uses a bar-coding approach. "Essentially, the system works much like a grocery store check-out counter â'' every laparotomy and gauze sponge is pre-labeled with an individual and unique bar code and a scanning SurgiCounter is used to read the labels.

"When using the system, staff concurrently scan sponges during their manual counts or can scan the items before or after the manual count. The SurgiCounters can be held by the circulator, or can be placed on a holster on an IV pole in a hands-free mode. By scanning in the unique labels, the system builds a database of items used in that particular procedure. At the end of the procedure when the circulator is counting out the sponges, the circulator will again swipe the sponge under the SurgiCounter, this time in order to 'count' the sponge out of the database. Because each sponge has a unique bar code, the system automatically alerts the staff in case they have accidentally tried to count the same sponge twice. This assists the staff in validating that they have an accurate count in case the there was a manual counting error."

Another approach is that developed by Medline called RF-Detect. Here, "a sterile radio frequency chip, (the size of a grain of rice) is embedded in the surgical disposables. With the RF Detect system, a Blair-Port wand is waved over the patient accurately alerting the user when an RF-tagged surgical disposable remains in the patient before surgical closing procedures."

Of course, it isn't only surgical sponges, towels or surgical gauze that is left in patients. A 2003 story involving the New England Journal of Medicine study that I mentioned above in the New York Times describes a patient who had a six inch metal clamp left in him. This was left as a result of a previous operation to remove a previously lost metal clamp. Talk about being unlucky.

In a BBC story from 2005, a man left the hospital with a two inch scalpel blade in him after heart by-pass surgery, which wasn't found until months later by an x-ray for a different condition.

Hospitals are working harder to ensure that these types of medical "never events" don't occur, not only because of the patient's health and the cost of lawsuits, but both Medicare and insurance companies like Aetna and Wellpoint are now refusing to pay for fixing these problems.

Legacy Computer Models & Decision Making

Wood-Model.gif My post from yesterday about the false warning to prepare to evacuate based on an outdated computer model/data that a dam was in danger of bursting made me wonder about the flip side: how many outdated computer models are being used to make decisions that are too optimistic?

Recently, there was a story in the Washington Post on an Environmental Protection Agency (EPA) review that "found that a computer model of the Chesapeake, used by the EPA's Chesapeake Bay Program to gauge improvements in the estuary's health, tended to inflate the impact of some cleanup measures."

"Tom Simpson, a University of Maryland professor who led the review requested by the bay program, said there was no evidence that the EPA had been purposefully deceitful."

The Post story goes on:

"Simpson and other researchers were asked by the bay program to review some of the calculations plugged into its computer model. These equations described the impact of certain save-the-bay tactics: plant X amount of cover crops to hold fertilizer on farm fields, thus achieving a decline of Y in fertilizer-polluted runoff."

"But Simpson said his review found that many of the equations were based on small-scale experiments that might not predict what would happen on a large farm. Others were based on the educated guesses of experts."

"Fifteen assumptions were found to be accurate, and three were found to underestimate the benefit to the bay, according to the bay program"

This story reinforces the notions that essentially, all models are wrong, but some are useful, as George Box said (there is a nice paper here by John Sterman, Director, System Dynamics Group at MIT on the usefulness of models that is worth reading). However, I think we may need to update Box's saying to something along the lines of:

All models are wrong but old models that aren't reviewed are more wrong; make decision based on them at your own risk.

Run! The Dam is Breaking! Oh, Never mind

The National Weather Service issued a flash flood warning last Tuesday morning stating that failure of the Norway Dam on the Tippecanoe River north of Monticello, Indiana "is becoming more likely."

But it really wasn't.

According to the Louisville Courier-Journal, "Michael Lewis, the warning coordination meteorologist with the National Weather Service's Northern Indiana bureau, said the erroneous warning was based on bad information that may have been entered into the agency's computer system up to two decades ago."

Two hours after it issued the alarm, the Weather Service rescinded it.

Lewis went on to say, "The problem is being fixed and the office's entire warning system will be reviewed."

DHS REAL ID - Real Fight Begins May 2008

DHS.gif

The new REAL ID requirements have not molified those opposed to a de facto national identity card. To them, the new requirements are effectively the same as the old ones in this regard.

In addition, the new rules seem to have set up a mano a mano situation between the 17 states (Arkansas, Colorado, Georgia, Hawaii, Idaho, Illinois, Maine, Missouri, Montana, Nebraska, Nevada, New Hampshire, North Dakota, Oklahoma, South Carolina, Tennessee and Washington) that have rejected or oppose complying with REAL ID and the Department of Homeland Security (DHS) for May.

If these states don't ask for a waiver by May, then residents of that state will have to use a passport or certain types of federal border-crossing cards if they want to avoid secondary screening by the Transportation Security Administration (TSA). DHS is obviously counting on passenger outcry to force the states to change their minds. It may be wise to avoid airports in those states in May - think of the mess at Atlanta Hartsfield-Jackson, Chicago O'Hare, and DIA.

In addition, I am still not convinced that the cost of REAL ID will be reduced because those over fifty won't be required to get a new drivers license until 2017 as DHS claims. I mean, a state that implements REAL ID isn't going to run the equivalent of two computer systems - one for those under 50 and one for those over fifty.

For instance, I'm over fifty, and I expect when my license expires next, my state will likely have implemented REAL ID. I cannot fathom why my state won't ask me to come in and get a new REAL ID license if for no other reason that it will have been over a decade since it last updated my photo and checked my vision.

The longer time now given to get a REAL ID will help, obviously, to avoid a surge of applications, but going getting a new license will be a painful, long process for those over or under 50, as even DHS admits.

And I still think the cost savings claimed will turn out to be a mirage.

DIA - The Final End of the Automated Baggage System

DIA.gif

The Rocky Mountain News had an article today on Denver International Airport's (DIA) final agreement with two companies to demolish and cart away the remnants of its infamous automated baggage system. The cost for its removal is not known exactly, but it will be in the millions.

A fitting comment on was made by Denver City Council President Michael Hancock, "This thing never dies."

An interesting point in the story is that there may be a final, accurate accounting of the costs for the automated baggage system, something that has never been fully determined.

The article also said that a new baggage system will be in place soon.

LAUSD Payroll System "Fixed"

Bus-1.gif

The LA Daily News reported yesterday that the Los Angles Unified School District (LAUSD) is claiming that the payroll crisis is now nearing an end. According to the paper, "Errors due to defects in the system were below 1 percent based on Thursday's payroll numbers, meaning 99.2 percent of the district's employees were paid accurately."

Dave Holmquist, LAUSD's interim chief operating officer said, "We're under 1 percent ... which was one of the goals we had ... and we're hoping to improve upon this. The goal was three consecutive, improving, reliable payrolls, and we believe we've reached a place of stability in our payroll.

"We're nearing an end to our crisis."

Not everyone is happy, however, as the LA Daily Breeze reported last week that, "Two Los Angeles Unified high school employees filed a lawsuit seeking class-action status Tuesday, claiming they have been underpaid, a violation of labor laws, as a result of the district's troubled payroll system."

The two teachers claim in their lawsuit that they have been "repeatedly underpaid, meaning they have been earning less than minimum wage." Their lawsuit seeks unspecified damages, including unpaid wages and general and punitive damages.

Finally, the LAUSD is trying to convince its payroll contractor to make good for the tens of millions in cost overruns, instead of having to resort to a lawsuit. It better hope that the contractor comes through soon because the LAUSD is facing at least a $40 million cut between now and July - and then a hefty $500 million cut next year - in state funding due to the severe budget crunch California is facing.

Advertisement

Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Contributor
Willie D. Jones
 
Load More