Question Home |
Position:Home>Philosophy> Would this be excellent advice for computerization efforts ?Question:What would the motive be for a "rogue staff member" to endanger the lives of people? Banking software is a bit of a different proposition: the motive in that case is that if you can inject a trojan into the software you can potentially make millions of dollars. The same kind of incentive isn't there in your case. Code reviews can help, to a point. But the kinds of code reviews you're talking about would impair productivity by a factor of 10x or 20x, and there's STILL no guarantee that you're going to get a working system when you're done. Logging really doesn't do much. If you're going to fudge the results, you're going to fudge the logs too. There's no way I can think of to effectively protect log files any more than there is to protect the data. The only real use of log files that I can think of is that they allow mistakes to be retroactively corrected. (e.g. incorrectly executed bank deposits over a period of months). Best Answer - Chosen by Asker: What would the motive be for a "rogue staff member" to endanger the lives of people? Banking software is a bit of a different proposition: the motive in that case is that if you can inject a trojan into the software you can potentially make millions of dollars. The same kind of incentive isn't there in your case. Code reviews can help, to a point. But the kinds of code reviews you're talking about would impair productivity by a factor of 10x or 20x, and there's STILL no guarantee that you're going to get a working system when you're done. Logging really doesn't do much. If you're going to fudge the results, you're going to fudge the logs too. There's no way I can think of to effectively protect log files any more than there is to protect the data. The only real use of log files that I can think of is that they allow mistakes to be retroactively corrected. (e.g. incorrectly executed bank deposits over a period of months). . Sounds good to me. |