The Design of Software (CLOSED)

A public forum for discussing the design of software, from the user interface to the code architecture. Now closed.

The "Design of Software" discussion group has been merged with the main Joel on Software discussion group.

The archives will remain online indefinitely.

Deadly Interface

This Times article discusses how the user interface of the new police dispatch system in San Jose is not just unacceptable but is endangering the lives of police officers:

http://www.nytimes.com/2004/11/11/technology/circuits/11cops.html
Dennis Atkins
Thursday, November 11, 2004
 
 
Neat.

This should go along with the bomb-targeting device used in Afghanistan.  The solder on the ground set the GPS coordinates for the bomb drop.  Then he noticed the battery was low.  So he swapped out the battery, then pressed the 'Fire' button.

Unfortunately, the device reset itself when he swapped the battery.  It reset itself to its current position, *not* the offset position he had entered.

The soldier and 4 others died in the bomb drop.
True story -- see Software Development, November 2004.
AllanL5
Thursday, November 11, 2004
 
 
Cool. Didn't Don Norman write about one such system? Something about an airplane and some pedals you had to push, but couldn't under certain circumstances or something.
www.MarkTAW.com Send private email
Thursday, November 11, 2004
 
 
"The soldier and 4 others died in the bomb drop.
True story -- see Software Development, November 2004."


I always wondered:

If they died, how does anyone know what caused the problem (i.e., that they changed the batteries)?
Mr. Analogy {Shrinkwrap ISV owner} Send private email
Thursday, November 11, 2004
 
 
"If they died, how does anyone know what caused the problem (i.e., that they changed the batteries)?"

I guess... someone try to figure out why they will shot themselve? Then make this assumption?
Carfield Yim Send private email
Friday, November 12, 2004
 
 
I flew into Heathrow once in the cockpit of an Airbus 320 (in the days when you do things like that) a few years after one of them had flown into terrain on approach. The 320 was one of the first electronic display cockpits, and it turned out that the user interface had been at least partly responsible for the crash. The pilots were very happy to talk about it.

The problem had been with the setting of a rate of descent on the autopilot. The pilots thought they were setting a descent angle of 3.00 degrees, but in fact they set a descent rate of 300 fpm (feet per minute), resulting in a much steeper descent. The display said "300" in both cases (give or take a hard-to-see decimal, I presume).

The problem was solved as I remember, mainly by procedures - one pilot would set the descent rate and the other would read back what they saw it set to. The user interface for the plane went to extreme measures to prevent confusion - knobs close to each other were given distinctive textures, so that you could tell by feel if you had put your hand on the wrong one.
David Clayworth
Friday, November 12, 2004
 
 
This is a very interesting article...however you have to read between the lines to see what is actually happening.

At the very bottom of the article you find out that the San Diego police department has been using the same system for 6 years and is reasonably happy with it.

I suggest that the basic problem here is not the software itself but a lot of other intangibles that have led to "user base hysteria".  The wrong people mechanics have been used in deploying the system leading to the complaints of a few malcontents (e.g. the 60 year old guy who's never used a PC) cascading to a general revolt of the user base.  Such a situation is very hard to turn around.

This is the like scenario from here:  the San Jose PD will throw out this system and replace it with an inferior system and the user base will insist it is happy.
Bob Rundle Send private email
Friday, November 12, 2004
 
 
Mark - you're thinking of the Airbus crash in Brooklyn right after 9/11.

Bob - I'm not so sure. This caught my eye:
"Officers also say they were not consulted about the design of the user interface"

Then a major part of the rest of the article talks about how they've been reworking the interface to make the users happier.

I suspect this package is consultantware, like Remedy - so even though the product has the same name, the interface is a function of implementation. And since I've seen a Remedy implementer talk to users for two days, leave for eight weeks, and show up with a finished product (then fail to understand people's unhappiness with it), I can see the same thing happening here.

There should have been a lot more JAD going on.

Philo
Philo [MSFT] Send private email
Saturday, November 13, 2004
 
 
"The problem had been with the setting of a rate of descent on the autopilot. The pilots thought they were setting a descent angle of 3.00 degrees, but in fact they set a descent rate of 300 fpm (feet per minute), resulting in a much steeper descent. The display said "300" in both cases (give or take a hard-to-see decimal, I presume)."

Perhaps there's some poetic licence here but at a speed of 250mph (let's assume this is the sort of speed that an aeroplane in a phase of flight that's close enough to the ground to worry about it will be flying at) a 3 degree glide angle is equivalent to 1152fpm. Which is a much steeper descent than 300fpm. Perhaps these numbers were the other way around. I think modern air traffic is more likely to work off of glide angles rather than fpm (fpm is only useful when combined with groundspeed. A glide slope is much more useful)
gwyn Send private email
Sunday, November 14, 2004
 
 
You're right. I quoted these figures for years without working out the math. I may have them the wrong way round (though for the reasons you give setting glideslope is more likely) or it's possible that the fpm was 3000.
David Clayworth
Monday, November 15, 2004
 
 
This is the accident you're thinking of:

http://aviation-safety.net/database/1992/920120-0.htm

"While trying to program the angle of descent, "-3.3", into the Flight Control Unit (FCU) the crew did not notice that it was in HDG/V/S (heading/vertical speed) mode. In vertical speed mode "-3.3" means a descent rate of 3300 feet/min. In TRK/FPA (track/flight path angle) mode this would have meant a (correct) -3.3deg descent angle. A -3.3deg descent angle corresponds with an 800 feet/min rate of descent. The Vosges mountains near Strasbourg were in clouds above 2000 feet, with tops of the layer reaching about 6400 feet when flight 148 started descending from ANDLO. At about 3nm from ANDLO the aircraft struck trees and impacted a 2710 feet high ridge at the 2620 feet level near Mt. Saint-Odile. Because the aircraft was not GPWS-equipped, the crew were not warned."

GPWS == Ground Proximity Warning System (nowdays is standard equipment on all pax aircraft)
Nate Silva Send private email
Monday, November 15, 2004
 
 
That's exactly the accident I'm thinking of. Thanks for finding it.
David Clayworth
Tuesday, November 16, 2004
 
 

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics
 
Powered by FogBugz