Subject: RISKS DIGEST 12.64

Subject: RISKS DIGEST 12.64
REPLY-TO: [email protected]

RISKS-LIST: RISKS-FORUM Digest Friday 15 November 1991 Volume 12 : Issue 64

FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Contents:
MCI's Response for RISKS (Sally McCaffrey)
Computer-assisted trading (Brendan Kehoe)
Risks of truncation in the stock market (Frank G Kienast)
gray vs gorman (Fred Gilham)
ACM SIGSOFT'91: SOFTWARE FOR CRITICAL SYSTEMS (Peter G. Neumann)
5th Refinement Workshop: Theory and Practice of Formal Software Development
(Cliff B Jones)

The RISKS Forum is moderated. Contributions should be relevant, sound, in
good taste, objective, coherent, concise, and nonrepetitious. Diversity is
welcome. CONTRIBUTIONS to [email protected], with relevant, substantive
"Subject:" line. Others may be ignored! Contributions will not be ACKed.
The load is too great. REQUESTS please to [email protected]. For
vol i issue j, type "FTP CRVAX.SRI.COM<CR>login anonymous<CR>AnyNonNullPW<CR>
CD RISKS:<CR>GET RISKS-i.j<CR>" (where i=1 to 12, j always TWO digits). Vol i
summaries in j=00; "dir risks-*.*<CR>" gives directory; "bye<CR>" logs out.
The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1".
<CR>=CarriageReturn; FTPs may differ; UNIX prompts for username, password.
ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.

----------------------------------------------------------------------

Date: Thu, 14 Nov 91 22:20 GMT
From: SALLY McCAFFREY <[email protected]>
Subject: MCI's Response for RISKS

MCI Telecommunications Corporation
Consumer Relations
Consumer Markets
1200 South Hayes Street
Arlington, Virginia 22202
(703) 425-6000

November 13, 1991

In response to the piece posted by Brian R. Krause on your [inter]national
bulletin board, RISKS Forum, titled "MCI Friends & Family & anyone else with a
touch-tone phone" on October 23, 1991, MCI wishes to post the following
information.

MCI is aware and sensitive to privacy concerns of its Friends & Family
customers.

Additionally, MCI is aware of the isolated incident where its Friends & Family
voice response unit (VRU) Update Line was abused. MCI has made -- effective
November 7 -- the access more private by altering the VRU access procedures.

In order to acquire information about a Friends & Family Calling Circle,
customers have two options depending on the information they want.

Option 1: Enter the last three digits of your MCI account number to
receive the status of all Calling Circle members.

Option 2: Enter an individual Circle member's 10-digit phone number
to learn the status of that individual.

We hope this explanation addresses any concerns that may have arisen as a
result of the "RISKS" posting.

Karen Heyison, Manager, Consumer Relations

------------------------------

Date: Sat, 16 Nov 1991 12:49:28 -0500
From: Brendan Kehoe <[email protected]>
Subject: computer-assisted trading

Yesterday's sudden fall in the stock market brought to light a serious
Achilles heel in the way our country's economy is growing. As panic hit more
and more traders, the faint clatter of computer keyboards added to the fray --
virtual stocks were being virtually sold at an amazing pace.

It was less of a concern in the 1989 crash, but now we should be even more
aware of the effect computer-assisted trading can have on the market. Inside
of ten minutes, millions of shares can be unloaded very quietly.

The securities industry can only grow faster in the coming years; if it
doesn't build some cushions to avoid massive "anonymous" selling, it may be in
for an even more serious down-turn.

Brendan Kehoe, Sun Network Manager, Widener University, Chester, PA

------------------------------

Date: 14 Nov 91 01:50:26 GMT
From: [email protected] (Frank G Kienast)
Subject: Risks of truncation in the stock market

In their stock statistics sections, Prodigy has a 14-character maximum
length for the company name. Apparently, they just chop off any remaining
characters. This morning, I was surprised to see the following stock among
the ten listed under yesterdays "NYSE Biggest Percent Gainers":

STOCK LAST CHANGE PCT CHG
ELECTRONIC ASS 2 3/8 + 1/4 11.76

(I think this is supposed to be Electronic Associates, ticker EA).

Well: [email protected] CIS: 73327,3073 V-mail: 804-980-3733

------------------------------

Date: Fri, 15 Nov 91 06:39:40 -0800
From: Fred Gilham <[email protected]>
Subject: gray vs. gorman (RISKS-12.61-63)

I've completely lost track of what's going on with the gray vs. gorman
"discussion". I hope you'll put something in the next Risks saying that
further communications on the issue will be conducted through the lawyers of
the parties involved or something to that effect, something that leaves RISKS
out of it!

P.S. I'm sure this is an example of the risk of computer communication -- most
people would post things they wouldn't say to another person standing next to
them.

------------------------------

Date: Sat, 16 Nov 91 14:14:26 PDT
From: Peter G. Neumann <[email protected]>
Subject: gray vs. gorman (RISKS-12.61-63)

I greatly appreciated all the supporting mail I received on this topic. I try
very hard to keep RISKS consistent with the self-imposed standards of being
OBJECTIVE, INTERESTING, PROVOCATIVE, THOUGHTFUL, in GOOD TASTE, and, above all,
INFORMATIVE. I certainly learned something from both antagonists, and about
them. Whether or not that was RISKS-RELEVANT or not, I believe that once
something unfortunate has slipped through, it becomes necessary to set the
record straight. But in keeping with the current efforts to raise the
standards (again) in the continuing epicyclicity of RISKS, there are likely to
be fewer mundanities for a while. Thanks again to all of you for your
continuing contributions, including those that do NOT get included. Sorry, I
cannot respond to everything. So, if you think I missed a GOOD ONE, PLEASE
poke me; I probably did miss it, especially if the Subject: line was
nonspecific. PGN]

------------------------------

Date: Sat, 16 Nov 91 14:12:16 PDT
From: Peter G. Neumann <[email protected]>
Subject: ACM SIGSOFT'91: SOFTWARE FOR CRITICAL SYSTEMS

[I will have very limited net access for the next few weeks, and would like
to post one more reminder for SIGSOFT '91 before it happens. Registration
is coming along very nicely, and hotel space is starting to fill up, so
those of you wishing to register might want to do so soon. Please contact
Judith Burgess for further details:
Registration and Coordination: Judith Burgess, SRI International
[email protected] phone: (415) 859-5924, FAX (415) 859-2844
Thanks. PGN]

4-6 December 1991
Fairmont Hotel, New Orleans

WEDNESDAY, 4 DECEMBER 1991

Welcome and Introduction: 8:45am - 9:00
Mark Moriconi, SIGSOFT '91 Chair (SRI International)
Peter G. Neumann, Program Co-chair (SRI International)

Session 1: 9:00 - 10:15, Carl Landwehr, Chair

Formal Verification of Algorithms for Critical Systems
John Rushby (SRI International), Friedrich von Henke (University of Ulm)

State-Based Model Checking of Event-Driven System Requirements
Joanne M. Atlee and John Gannon (University of Maryland)

Open Discussion

Session 2: 10:45 - 12:30, Dines Bj/orner, Chair

Rigorous Development Using RAISE
Bent Dandanell (CRI, Birker/od, Denmark)

Specifying and Verifying Requirements of Real-Time Systems
K.M. Hansen, A.P. Ravn, and Hans Rischel (Tech. University of Denmark)

A Systematic Kernel Development
J.F. S/ogaard-Andersen, C.O. Rump and H.H. Lovengreen (Tech. Univ. Denmark)

Open Discussion

Session 3: 2:00 - 3:45, John Rushby, Chair

The Infeasibility of Experimental Quantification of Life-Critical
Software Reliability
Ricky Butler and George Finelli (NASA Langley Research Center)

PANEL: The Limits of Probabilistic Risk Assessment

Bev Littlewood (City University, London)
David Parnas (McMaster University)
Martyn Thomas (Praxis, Ltd)
Ricky Butler (NASA Langley Research Center)
John Musa (AT&T Bell Labs, Whippany, NJ)

The Butler/Finelli paper argues that ultra-high reliability cannot be
validated directly from testing, nor can be it demonstrated by appeals
to software fault-tolerance. What progress might we reasonably expect
to make toward numerical risk assessment of life-critical software?

Session 4: 4:15 - 5:30, Martyn Thomas, Chair

PANEL: The Confused World of Standards for Critical Software

Martyn Thomas (Praxis, Ltd)
Peter Neumann (SRI International)
Mike DeWalt (FAA)

This session will explain and assess current government regulation such as
British MoD DEFence STANdard 00-55/56 and various security criteria (e.g.,
U.S. TCSEC, European ITSEC, Canadian CTCPEC). What role should such
standards play? What should be mandated?

THURSDAY, 5 DECEMBER 1991

Session 5: 9:00am - 10:30

Comparing Fault Detecting Ability of Testing Methods
P.G. Frankl (Polytechnic University), E.J. Weyuker (NYU Courant Institute)

An Exception Handling Model For Parallel Programming and its Verification
Valerie Issarny (IRISA/INRIA)

Open Discussion

Session 6: 11:00 - 12:30

INVITED TALK: Human Error in Design
Henry Petroski (Duke University)
Author of the widely-acclaimed books ``To Engineer is Human: The
Role of Failure in Successful Design'' and ``Pencil''

Session 7: 2:00 - 3:30, Victoria Stavridou, Chair

A Real-Time Transition Model for Analyzing Behavioral Compatibility of
Telecommunications Services
E.J. Cameron and Y-J Lin (Bellcore)

Programming and Verifying Critical Systems by Means of the Synchronous
Data-Flow Language LUSTRE
C. Ratel (Merlin-Gerin), N. Halbwachs and P. Raymond (IMAG/LGI)

Open Discussion

Session 8: 3:45 - 5:30, Mark Moriconi, Chair

Invited Presentations on Practical Experiences:

Validation of Critical Flight Controls
Jim McWha (Chief Engineer in charge of 777 Flight Controls, Boeing)

Reliable Software for the 4 ESS Switch
Michael Meyers (AT&T Bell Labs)

A Case Study of the THERAC-25 Accidents
Nancy Leveson (U.C. Irvine)

Session 9: 8:00pm - 9:30pm, Evening Poster Session

FRIDAY, 6 DECEMBER 1991

Session 10: 8:30am - 10:30, Hermann Kopetz, Chair

Stepwise Design of Real-Time Systems
Reino Kurki-Suonio (University of Technology, Tampere)

On Satisfying Timing Constraints in Hard-Real-Time Systems
Jia Xu (York University) and David Parnas (McMaster University)

Automated Analysis of Bounded Response Time for Two NASA Expert Systems
C-K Wang, R-H Wang, D-C Tsou, J.C. Browne, and A.K. Mok (University
of Texas, Austin)

Open Discussion

Session 11: 11:00 - 12:30

PANEL: Future Directions, Nancy Leveson, Chair

Adjournment at 12:30

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

AIR TRANSPORTATION. Delta Airlines is offering 40% off RT Coach fares within
the U.S., 35% Canada, 5% off already discounted fares. Call 1-800-221-1212,
ask for Special Meeting Network, refer to file ref no. V18006. Valid for
travel from Nov. 30 to Dec. 10. 7-day advance purchase required.

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

ADVANCE REGISTRATION FORM
SIGSOFT '91 -- Software for Critical Systems
Fairmont Hotel, New Orleans, Dec. 4 -- 6, 1991

Name _________________________________________________________
Affiliation __________________________________________________
Address ______________________________________________________
City, State and Zip __________________________________________
Phone (and FAX) ______________________________________________
Email address ________________________________________________
ACM or SIGSOFT Membership No. ________________________________

Registration Fees

Category
--------------------------------
ACM or SIGSOFT Member $330
Non-Member $380
Full-time Student $230

To pay by credit card, circle one: AMEX VISA MC
Name on card __________________________________________________
Card number ___________________________Exp. date ______________
Signature _____________________________________________________

Make checks payable to SIGSOFT '91 in U.S. dollars. Fees include 3 continental
breakfasts, 2 lunches, and the Proceedings.

Dietary requests: Vegetarian ______ Kosher ________

SEND THIS FORM WITH FULL PAYMENT TO:
Judith Burgess / EL266, SRI International, 333 Ravenswood Ave.,
Menlo Park, CA 94025, USA

For further information, contact Judith Burgess,
telephone: (415) 859-5924, FAX (415) 859-2844, EMail [email protected]

NOTE: REGISTRATION BY EMAIL OR FAX IS ALSO PERMITTED (ONLY WITH CREDIT CARD).

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

FAIRMONT HOTEL RESERVATION FORM
SIGSOFT '91 -- Software for Critical Systems
New Orleans, Dec. 4 -- 6, 1991

Name _________________________________________________________
Affiliation __________________________________________________
Address ______________________________________________________
City, State and Zip __________________________________________
Phone (and FAX) ______________________________________________
Date/Time of Arrival _________________________________________
Date/Time of Departure _______________________________________

Room Rates (subject to taxes):

Circle one: Single $99 Double/Twin $119

RESERVATIONS: 1-800-527-4727 or 1-504-529-7111

To guarantee your reservation by credit card:

Circle one: AMEX MC Visa Carte Blanche Diners Club

Name on card _________________________________________________
Card number ___________________ Exp. date ____________________
Signature ____________________________________________________

These rates apply from Nov. 29 through Dec. 8, subject to availability.
Reservations should be received 30 days in advance to ensure availability, but
later reservations will be accepted as possible. A deposit for the first night
must accompany your reservation to guarantee it for arrival after 6:00pm.
Cancellations must be made 24 hours in advance.

SEND THIS FORM TO:
The Fairmont Hotel, University Place, New Orleans, LA 70140, USA
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

General Chair: Mark Moriconi, SRI International
Program Co-Chairs: Peter Neumann, SRI International
Nancy Leveson, Univ. of California, Irvine
Travel Arrangements: Johnette Hassell, Tulane University
Registration and Coordination: Judith Burgess, SRI International
[email protected] phone: (415) 859-5924, FAX (415) 859-2844

Program Committee:
David Barstow (Schlumberger)
Dines Bj/orner (Technical University of Denmark)
Marie-Claude Gaudel (Universite de Paris - Sud)
Jim Horning (DEC Systems Research Center, Palo Alto)
Bill Howden (University of California, San Diego)
Hermann Kopetz (Technical University of Vienna)
Carl Landwehr (Naval Research Laboratory)
Bev Littlewood (City University, London)
Leon Osterweil (University of California, Irvine)
David Parnas (McMaster University, Canada)
Fred Schneider (Cornell University)
Vicky Stavridou (University of London)
Martyn Thomas (Praxis, Inc.)
Walter Tichy (University of Karlsruhe)
Elaine Weyuker (NYU Courant Institute)

------------------------------

Date: Fri, 15 Nov 91 16:35:15 GMT
From: Cliff B Jones <[email protected]>
Subject: 5th Refinement Wkshp: Theory and Practice of Formal Software Develpmnt

BCS FACS
Fifth Refinement Workshop
Theory and Practice of Formal Software Development
8 - 10th January 1992
LONDON, UK

Sponsored by Lloyd's Register, Program Validation Ltd and the DTI

The workshop theme is Refinement: the systematic decomposition of formal
specifications into designs which are functionally correct or implement
important properties such as safety or information security.

VENUE: Lloyd's Register of Shipping, 71, Fenchurch Street, London EC3

INVITED SPEAKERS: Roger Jones ICL
Prof. Robin Milner FRS University of Edinburgh
Dr Jose Oliveira University of Minho
Dr Jim Woodcock University of Oxford

Registration fees include lunchs, intermission refreshments, workshop handouts,
full Proceedings published by Springer-Verlag (to be dispatched after the
workshop), and a social evening event.

Accommodation costs are not included in the registration fee, but rooms can be
booked in student accommodation at the City University which is a short
Underground ride or a two mile walk from the Workshop venue. The cost of
accommodation and breakfast at the City University is 17 pounds inclusive of
VAT.

A limited number of assisted places are available at 60 pounds for bona fide
research students. To apply for this please use the registration form and do
not enclose the fee yet.

A 10 pound premium is charged for registration not accompanied by a fee, except
for those initially applying for an assisted place.

A Tools Exhibition will be held. Potential exhibitors please contact the
Publicity Officer.

ORGANISING and TECHNICAL COMMITTEE: Prof. Bernard Carre (Chairman), Prof.
Cliff Jones nslation(Technical Programme), Roger Shaw (Local Arrangements), Paul Smith
(Publicity), Dr. John Cooke, Tim Denvir, Jeremy Jacob.

CHAIRMAN: Prof Bernard Carre PUBLICITY: Paul Smith
Program Validation Limited Secure Information Systems Ltd
26 Queen's Terrace Sentinel House
Southampton Harvest Crescent
SO1 1BQ Ancells Park
Tel: +44 (0)703 330001 Fleet
Fax: +44 (0)703 230805 Hampshire
GU13 8UZ
Tel: +44 (0)252 811818
Fax: +44 (0)252 811435

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

BCS FACS
Fifth Refinement Workshop
Theory and Practice of Formal Software Development
8 - 10th January 1992
LONDON, UK

Sponsored by Lloyd's Register, Program Validation Ltd and the DTI

REGISTRATION FORM:

RETURN TO: Roger Shaw
Performance Technology
Lloyds Register
Lloyd's Register House
29 Wellesley Road
Croydon
CRO 2AJ
Tel: +44 (0)81 681 4848
Fax: +44 (0)81 681
Email: [email protected]

Name: ..............................................................

Address: ..............................................................

Registration Fee: Enclosed / Please Invoice / Assisted place requested*

Encircle applicable figure:
FACS Members Speakers Others
Fee Enclosed 125 pounds 125 pounds 140 pounds
Please Invoice 135 pounds 135 pounds 150 pounds

These prices include VAT. Cheques should be made payable to BCS FACS.

Special dietary requirements ...........................................

Tick if accommodation at City University is required: ..................

If so circle required dates: 7 8 9 January 1992

(unless otherwise specified, one single room will be reserved)

Tick if you would like a list of local hotels: .........................

Any other information you think you will need:..........................

------------------------------

End of RISKS-FORUM Digest 12.64
************************