The authors review four significant software failures and examine these cases for lessons that can be transferred to the development of forensics software.
All four case studies have been well examined and causes described. No one factor is common to all four case studies. The studies are the MIT Kerberos security software, the Mars Climate Orbiter (MCO), the Therac-25 radiation therapy machine, and the Boeing 737 MAX MCAS software. In order to increase the relevance to forensic DNA analysis using probabilistic genotyping (PG), the authors discuss the post-production faults they have found in PG software, including STRmix. Empirical testing is the primary method for detecting software faults. Of the four cases discussed, the authors think that testing could only have benefited the MCO and the MIT Kerberos software cases. The faults found in PG by the authors or STRmix users have all been found by testing or in use. Documentation is useful, but an overreliance on documentation is seriously detrimental. The environment in which the software will be used is important. Redundancy is always beneficial. The authors consider that a key to successful data development and maintenance is a healthy culture of transparency and openness between developer and users. The authors also consider vital, maybe primary, a quality culture in development, verification, and validation, as well as an avoidance of unreasonable goals and timelines. (Publisher abstract provided)