Tricentis Software Fail Watch Report, 5th EditionDownload
No matter how technology advances, software testing will always be non-negotiable. Every week new stories emerge of software failing across a myriad of industries; sparking chaos, halting business, or even costing lives. Every year, Tricentis collects news stories from around the world, culminating in the Tricentis Software Fail Watch, an analysis of software bugs found in a year’s worth of English language news articles. These include software engineering failures of all sorts--security, usability, performance, and so on.
The Software Fail Watch is a sobering reminder of the scope of impact that software and therefore - software development and testing - has on our day to day lives. As the examples of recent software failures below reveal, a major software failure can result in situations far worse than a buggy app or inconvenient service outage.
Medicine infusion pumps recalled for deadly flaw
CareFusion is a medical equipment manufacturer that has experienced several emergency recalls in recent years. In 2015, CareFusion’s Alaris Pump was recalled over a software error that caused the pump, designed to automatically deliver medicine and fluids to hospital patients, to delay an infusion. The consequences, which can range anywhere from medicine being withheld at critical points or accidental over-dosing, can be deadly. Just four days later CareFusion issued a Class I recall over a separate line of ventilators, citing a software flaw that could cause the patient to suffocate.
This spring a serious software glitch in the F-35 Joint Strike Fighter air crafts garnered wide public attention. The plane engineers identified a software bug that causes the planes, when flying in formation, to incorrectly detect targets. As each of the planes within the formation detect a target from varying angles, the software is reportedly unable to decipher whether there is just one or multiple targets. As one news agency put it, the F-35’s are “seeing double”.
This story comes in two parts: one software bug related, one not. The first part to hit the news in mid-March detailed how a group of hacker-thieves hijacked the Bangladesh Bank system to steal funds. The group successfully transferred $81 million in four transactions, before making a spelling error that tipped off the bank, causing another $870 million in transfers to be canceled.
The software bug comes in with the $81 million the thieves did successfully steal. According to Bangladesh Bank authorities, a printer is set up to automatically print read-outs of transactions made. The glitch in the system (whether coincidental or created by the thieves), interrupted the automatic printing process, so that is was only several days later that the transfer receipts were even discovered – giving the thieves plenty of time to cover their tracks.
SolarCity Corp retained an investment bank to assist in the sale of the company to Tesla Motors Inc. After the $2.6 billion dollar agreement had been signed however, the investment bank, Lazard Ltd., discovered that they had under-valued SolarCity Corp by roughly $400 million. Whoops. Unfortunately the error was discovered too late for SolarCity’s shareholders, but Tesla did offer to make up some of the difference in stock.
It’s not often you hear of a software bug resulting in divorce, but we are living in exceptional times. A common Uber app bug revealed a man’s affair to his wife, leading to a divorce and a lawsuit landing in Uber’s lap. The bug causes Uber notifications to be pushed to a device, even after logging out of your account on that device. In this case, the “cheating Frenchman”, who had once called an Uber from his wife’s phone, was exposed when she received notifications of using Uber to visit his mistress. The angry ex-husband is now suing Uber for up to $45 million in damages.
Equifax, one of the United States’ largest credit reporting agencies, announced that up to 143 million of their consumer records were stolen by hackers. Names, Social Security numbers, birth dates, and credit card numbers were all amongst the data stolen. Given that the population of the United States clocks in at 321 million, that means that approximately 50% of Americans could now find themselves in danger of identity theft or worse. Though the hack took place in May 2017, Equifax hid the story until early September, further outraging the public. As details of the hack have emerged, it quickly became clear that much of the damage done was a result of vast negligence on Equifax’s part.
In January 2018, the citizens of Hawaii were notified to take immediate cover in the face of an inbound ballistic missile strike. It turned out to be a false alarm, although it took over 30 minutes (and, presumably, several thousand heart attacks) before the alert was retracted. Investigations found that while the problem was largely due to human error, there were “troubling” design flaws in the Hawaii Emergency Management Agency’s alert origination software.
More Software Failures
For a historical perspective on software failures, see: