Bugs, Bugs, Bugs

It’s a familiar scenario. You need to print something in a hurry, but the printer isn’t working – and neither is the ticket machine. And the train is has come to a halt somewhere along the tracks, probably due to a software bug. Unfortunately, we still haven’t found a way to get rid of these critters once and for all. In 1977, Caspers Jones estimated that for every 1,000 lines of code, one can expect a specific number of bugs that cause incorrect results or unexpected behaviors in computer programs. So from a compliance point of view, bugs are always to be expected. What does this mean?

Jones’s calculations are less than ideal. For larger programs, one can expect between 4 and 100 errors per KLOC. The Boeing 787 Dreamliner (Mark Wagner, Guy Norris) has around 6,500 KLOC, giving a total of 26,000 to 650,000 errors. It’s surprising that we don’t encounter more software problems. One reason why is that not all bugs occur with equal frequency. Systems that have been used heavily for a long time typically contain fewer frequently occurring bugs than new systems. The fact remains, however, that even in legacy systems, bugs cannot generally be ruled out. From a compliance point of view, one shouldn’t think of something as being “bug-free”, but rather take a risk-based approach in order to reduce the frequency and impact of the bugs.