Agents of responsibility in software vulnerability processes

, , &
Ethics and Information Technology 6 (2):93-110 (2004)
  Copy   BIBTEX

Abstract

Modern software is infested with flaws having information security aspects. Pervasive computing has made us and our society vulnerable. However, software developers do not fully comprehend what is at stake when faulty software is produced and flaws causing security vulnerabilites are discovered. To address this problem, the main actors involved with software vulnerability processes and the relevant roles inside these groups are identified. This categorisation is illustrated through a fictional case study, which is scrutinised in the light of ethical codes of professional software engineers and common principles of responsibility attribution. The focus of our analysis is on the acute handling of discovered vulnerabilities in software, including reporting, correcting and disclosing these vulnerabilities. We recognise a need for guidelines and mechanisms to facilitate further improvement in resolving processes leading to and in handling software vulnerabilities. In the spirit of disclosive ethics we call for further studies of the complex issues involved.

Categories

Keywords

Reprint years

DOI

10.1007/s10676-004-1266-3

Other Versions

No versions found

Links

PhilArchive



    Upload a copy of this work     Papers currently archived: 100,676

External links

Setup an account with your affiliations in order to access resources via your University's proxy server

Through your library

My notes

Similar books and articles

Software vulnerability due to practical drift.Christian V. Lundestad & Anique Hommels - 2007 - Ethics and Information Technology 9 (2):89-100.
Economies of disclosure.Jeff Bollinger - 2004 - Acm Sigcas Computers and Society 34 (3):1-1.
A comparative study of neural network architectures for software vulnerability forecasting.Ovidiu Cosma, Petrică C. Pop & Laura Cosma - forthcoming - Logic Journal of the IGPL.
Search-Based SQL Injection Attacks Testing Using Genetic Programming.Benjamin Aziz, Mohamed Bader & Cerana Hippolyte - 2016 - Lecture Notes in Computer Science 9594 (March):183–198.
Influences on and incentives for increasing software reliability.F. S. Grodzinsky, K. Miller & M. J. Wolf - 2006 - Journal of Information, Communication and Ethics in Society 4 (2):103-113.
Professional Ethics of Software Engineers: An Ethical Framework.Yotam Lurie & Shlomo Mark - 2016 - Science and Engineering Ethics 22 (2):417-434.
The moral responsibility of software developers-3 levels of professional software engineering.Donald Gotterbarn - 1995 - Journal of Information Ethics 4 (1):54-64.
The ethics of software project management.Simon Rogerson & Donald Gotterbarn - 1998 - In Göran Collste (ed.), Ethics and Information Technology. Delhi: New Academic Publishers. pp. 137-154.
Software Engineering Ethics.Daniela Marcu, Dan Laurenţiu Milici & Mirela Danubianu - 2020 - Postmodern Openings 11 (4):248-261.
Ethics in the Software Development Process: from Codes of Conduct to Ethical Deliberation.Jan Gogoll, Niina Zuber, Severin Kacianka, Timo Greger, Alexander Pretschner & Julian Nida-Rümelin - 2021 - Philosophy and Technology 34 (4):1085-1108.

Analytics

Added to PP
2009-01-28

Downloads
60 (#353,864)

6 months
21 (#138,875)

Historical graph of downloads
How can I increase my downloads?

Citations of this work

Defining Information Security.Lundgren Björn & Möller Niklas - 2019 - Science and Engineering Ethics 25 (2):419-441.
Software vulnerability due to practical drift.Christian V. Lundestad & Anique Hommels - 2007 - Ethics and Information Technology 9 (2):89-100.
Ethical EU eJustice: elusive or illusionary?Juliet Lodge - 2006 - Journal of Information, Communication and Ethics in Society 4 (3):131-144.

Add more citations

References found in this work

What is computer ethics?James H. Moor - 1985 - Metaphilosophy 16 (4):266-275.

Add more references