Embedded Systems Engineering Standards Column vol 13.3 May 2005 In Search of Stupidity By Chris Hills

 

have to give the usual disclaimer that that these are my own personal views and not those of the ESE Editor and publisher. They are also those of my employer. I am currently working for myself! I have had an eventful four months and need to put it all into perspective before I comment on it here. This is the extended version of the column on www.phaedsys.com

 

Over the last six months I have been told some amazing stories about the pitfalls of dealing with India and China. The latest was absolutely amazing but… I have been sworn to secrecy! This is a major problem. There is a lot happening in the Far East that really needs to be exposed but for reasons of embarrassment, politics and money (but no sex so far…) it is all being hidden under the carpet

 

Much to my surprise was an article in the IEEE Spectrum Magazine that named names! (FRANK 2005) The Americans seem to rush to law a little faster than this side of the pond. Once it goes legal it goes public. It told of a case involving California software entrepreneur Sandeep Jolly and alleged the loss of his IP. He discovered that a member of staff at the development facility he used in Mumbai India , had sent key files and source code a Yahoo e-mail account. This, it is believed, was an account she owned. In any event they had grounds to believe the information was sent off site.

 

When the employee was confronted she went home, saying she was ill, and promptly disappeared. The local Police were immediately contacted. Fortunately the police had established a “Cybercrime” unit to deal precisely with this sort of thing but….. Apparently the police refused to investigate the “crime”. The police say that they found no evidence of theft. Now, how you prove the theft of something that is still on your hard drive is an interesting question. Also the items “removed” were not things she should not have seen in fact they would have been things she generated.

 

In theory she could have gone home and “created” new documents from memory after leaving the employment. The Indian police then apparently they turned the case on its head and claimed that Sandeep Jolly did not have adequate security systems in place! I am not sure what they were expecting but it seems to suggest that we should go back to no external email or web connections to the development teams. There are some secure developments like this, usually defence or smart cards but I can’t see most development teams being happy with that.

 

Jolly has also suggested that he got no support from the Indian National Association of Software and Service Companies based in New Delhi. This is the group that promotes India's outsourcing capabilities. So take care. Jolly told the trade Web site IT World,com (http://www.itworld.com>"We were told that there are patent, copyright, and IP protection laws in India: They failed to mention that the laws are impossible to enforce". This seems to be a common problem. Yes, the laws are there but…

 

The same article mentions an apparent Russian clone of Texas based Alibre Inc’s Design 3D package. When they investigated it seemed emanate from a former Russian employee who had gone home to Russia after being fired.It is virtually impossible to stop developers taking copies of, or re-creating, their work and if, as in this case, they move to somewhere with more relaxed laws, or quite simply laws that are not enforced.

 

The best bet for out sourcing seems to be to use Eastern Europe, especially countries that are in or are trying to get into the EU. The best advice has been to divide-up your software and hardware into modules. Then make sure no one team or, more accurately, no single company has access to more than one module. This of course does have hidden benefits. You will have to tie down your spec, do some decent design documentation and define your interfaces.

 

This will mean fuller more accurately specified designs. More thought in the initial stages. It will also require a higher level of project management. This is likely to be required anyway when outsourcing abroad. Given the problems and the amount of effort required safeguarding your IP as well as the costs in traveling to the distant land for additional project meetings it can whittle down the savings to make the advantaged rather slim.If you are doing all the specification and documentation properly it could even end up faster to do it in the UK anyway.

 

The other problem with theft of IP is, of course, that the developers actually write the documentation and code. The items moved in both cases were not ones the developers should not have seen in fact they would have been things they generated. In theory they could have gone home and “created” new documents from memory after leaving the employment as the Russian suggested. There is a simple solution to all this….

 

No! Not more tighter contracts and better security. Look after your developers! Treat them like human beings. The IP they have in their heads is your life blood. In all cases where disgrunteled employees have left with IP in their heads it costs the company they left. Either as in the case of Alibre a clone of one of their products at one end to the other end where, as has happend to a company I am currently taking to, the emoloyee managed to "clear up" too well. All they have left of the development is the marketing flyers, user manuals an example PCb and the binary of the software that they had to get back from the PCB production plant....

 

When I retire I shall have to re-write these columns as a book filling in all the blanks in the items I have alluded to here over the years. Though by that time it will all be irrelevant given the speed this industry moves. Though history tends to repeat itself….

 

One book I have read recently was “In search of Stupidity” (Chapman 2003)which highlights many of the mistakes that have been made, repeatedly, in the software industry over the last four decades. Whilst this is mainly desktop software it makes a fascinating read. It will also help your business not to make the same mistakes. It is a good book for summer reading whilst on holiday. It also explains why Microsoft is where it is today. I can recommend the book and the web site. www.insearchofstupidity.com

 

One of the themes that has been emerging recently is that, something we all knew anyway, debuggers not prevent bugs!Really, they don’t! Debuggers, ICE, software analysis tools etc detect bugs.So what prevents bugs? A good process does. The first step of that is getting a good Requirements Capture. Getting the Specification right saves the most money. This is why the “mainstream” software industry uses things like Agile and Extreme programming methods along with “RAD”.They show people prototypes.The customer then says what they don’t like about it. They may not know what they like but they sure as hell know what they don’t want!

 

Once you have a good specification it is easier to build what the customer wants. Note: “wants” not “needs”. So you have to demonstrate to the customer what he wants and show him what he needs. Some sort of prototype is a damn good, not to say essential, idea . I am working on a small project at the moment where a visualisation of the system has been put together to run on windows using Delphi to show the principal. The final device will be on an 8 bit system.

 

The problem is that to the management it looks like a waste of time to build prototypes. All that time spent to build a demo when they have accurately told you what the want already. However, it is far more expensive to build the wrong thing and then try to rectify this when it hits customer acceptance testing. However if you are thinking of out-sourcing (see above) then you are going to need a good specification anyway.  

 

Out-sourcing abroad with a poor or incomplete specification is asking for disaster and expense.

One of my other long running threads is professionalism and licensing. Well I have some correspondence on the subject of certification for programmers other than the C.Eng and MIEE/MBCS. If anyone else is interested in this please email me

 

With the range of contacts I have in the various institutes it may actually be possible to do something. If I can work out what sort of thing people want. Something based on C&G level has been suggested. Let me know.

 

 

Chapman, M. R. (2003). In Search of Stupidity: Over 20 Years of High-Tech Marketing Disasters, Apress. FRANK, S. J. (2005). SOURCE OUT, RISK IN Offshoring software development can put intellectual property at risk. IEEE Spectrum. 42: 51-52.

 

Author Details and contact

 

Eur Ing Chris Hills BSc CEng MIET MBCS MIEEE  FRGS   FRSA is a Technical Specialist and can be reached at This Contact

 

Copyright Chris A Hills  2003 -2008
The right of Chris A Hills to be identified as the author of this work has been asserted by him in accordance with the Copyright, Designs and Patents Act 1988