The Licensing of Software Engineers

Licensing Background

[JSpaith comment: This is supposed to come after Jack's paper in the order, which explains first few sentenecs below]

On old saying tells us that “It is the poor craftsman who blames his tools.” There are clearly many promising software development languages and tools to aide in writing more secure programs. But any technological breakthrough in this area will be for naught if the software engineer is incompetent. Thoughtful Roman engineers, using crude tools and processes by modern standards, created structures that have lasted for over two thousand years. Will people two thousand years from now wax poetic about their robust software, still in use, created by thoughtful American engineers? What can the government, standards bodies, and industry do to raise engineering practices so that software created today is more reliable and more secure today? One area of particular interest is whether software engineers should be licensed, as they are in other fields of engineering.

The words certification and licensing are often (wrongly) interchanged. Certification is “an occupational designation issued by an organization that provides confirmation of an individual's qualifications in a specified profession or occupational specialty .” Software vendors, such as Microsoft and Sun, offer certifications for their products. Professional associations such as the IEEE Computer Society also grant certifications which focus on the discipline of software engineering as a whole. Licensing is much stricter than certification. While certification is voluntary, “Under licensure laws, it is illegal for a person to practice a profession without first meeting state standards.” Furthermore, licensed engineers in other professions may be legally liable if their work causes harm.

Software engineering is a relatively new field and software engineers often must invent everything as they go along. Should governments require licensing for software engineers, however, other fields of engineering that already require licensing would provide valuable models.

Engineering Licensing

An engineer outside the software industry – such as a civil engineer - who wishes to receive a professional license must undertake a grueling process. As a prerequisite, he must have an engineering degree from a program accredited by EAC/ABET. When he is a senior in college typically, he will take a Fundamentals of Engineering (FE) exam. This exam covers basic engineering, science, and mathematics that all engineering disciplines must be familiar with. After at least four years of professional engineering practice - typically working under the guidance of a professional engineer (PE) – the aspiring engineer may take the Principles and Practice examination. This test focuses on his discipline of engineering in more depth. It takes three days to complete and is comparable in length and breadth to the bar exam that lawyers take. After the engineer successfully passes the test, he is licensed and can now officially be called a professional engineer (PE). After completing the final test, he must take additional courses to stay current in his field. The entire licensing process is managed by state governments, not by a company or professional society.

The non-licensed engineer may work as an engineer, even if they never seek licensing. However, the scope and authority that he has without a license is limited. Among other limitations, the non-licensed engineer cannot be a consultant in private practice, sign off on projects, or act as witnesses in a court of law. Being able to sign off on the work of other engineers is of particular importance. The engineer who is not licensed has his ability to attain technical leadership drastically reduced.

An integral component to the licensing program is training and testing in ethics. Engineering a bridge or fire escape is, after all, a matter of life or death. Yet the PE must operate in a market based economy where frequently non-technical managers may want to take short-cuts. The ethical standards bodies of professional engineering societies not only provide guidelines for dealing with various moral dilemmas the engineer may face, but also have the authority to censure him and even revoke his license should he behave unethically. Furthermore, a licensed engineer may be held legally liable for faulty work done under his direction. Should the concern for his fellow man not provide the engineer sufficient motivation, the risk of being publicly held accountable for his actions may.

Arguments for Licensing Software Engineers

Software engineering author Steve McConnell begins his book After the Gold Rush with the story of a 1937 boiler explosion that killed 300 school children. After this the state of Texas began requiring licensing for engineers. McConnell ominously points out that this boiler is controlled by software today. Software is everywhere - embedded in factory robots, aiding air traffic controllers, and running stock exchanges being just a few examples. After the Gold Rush was published in 1999, when the greatest threat was likely incompetence on the part of an individual programmer. Today a more dangerous and malicious threat lurks in the form of individuals, criminal organizations, and hostile foreign governments that are just a buffer overflow away from wreaking havoc on society.

How would licensing software engineers help mitigate security threats? To understand this, it is first necessary to understand what the software engineering licensing would be like. The implementation, as envisioned by McConnell at least, would be similar to traditional engineering licensing today. The software engineer would have to graduate from an accredited four year university with a specialization in software engineering. The focus of this program would be engineering of software, not the more theoretical aspects of computer science that most colleges focus on today. In his senior year, the aspiring software engineer would take a Fundamentals of Engineering exam. It is not clear whether or not this would be the same FE exam that other engineers take, as the current FE covers topics such as thermodynamics that are not studied in most computer curriculum.

The engineer would then work for a few years in industry before being allowed to take a Principles and Practice examination that was specific to software engineering. The IEEE currently has a software engineering certification (not a license) that could serve as a model for this exam. After completing the Principles and Practice examination, the licensed engineer [JR insert "would"?] take continuing learning courses and also be bound by the ethical considerations of his profession. Most software engineers would not be licensed. McConnell estimates the number to be between five and ten percent. But these five to ten percent would form the core of technical leadership for the profession.

The arguments in favor of requiring some engineering of software engineers are compelling. Just [JR insert "as"] a licensed civil engineer is required (legally and morally) to understand all threats to the bridge he signs off on, so a professional software engineer would understand all threats to the program running that he writes. This would most certainly entail detailed knowledge of hacker’s methods and processes to protect against them. Just as whether a bridge is safe or not is not left to the whims of an MBA, so to could software security be placed into more reliable hands.

There have been great strides in software engineering practice in the last thirty years. Countless books and papers have been written to advance the state of the art in the fields of productivity, reliability, and security. Yet many best practices are not widely disseminated, frequently because engineers do not keep pace with the changes. Educating an elite corps of software engineers with new, safer development models, could help bring the state of the art into common practice.

The software industry often evokes the image of two guys working in a garage, inventing “the next big thing”. Licensing would radically change the field, making it much more rigid and professional. With the stakes so high and the malicious users so numerous, proponents of licensing claim that this change is much needed.

Arguments Against Licensing Software Engineers

Software engineers are not in general in favor of being licensed. Many reasons are given, many of which are emotional. Software engineers typically enjoy the freedom that their profession affords them to be creative. Governments and professional societies forcing formal engineering processes on software engineers are seen as ending the “good times.” More reactionary arguments against licensing are based on worries of abuse by the certification board that could de-certify engineers who did not fit into a certain mold, just as the New York law board in the 1960’s decertified lawyers opposed to the Vietnam War.

None of these emotional arguments should be taken too seriously. Society frankly does not care whether civil engineers are happy being licensed or not, nor should it care about the feelings of software engineers. And the potential for abuse exists in any organization, a software licensing foundation being no exception. If, however, a licensing program is ever forced upon software engineers by a government body, these responses must be anticipated. An educational program would be essential.

There are more reasonable arguments against licensing that should be considered. Some of the best are literally in front of our eyes. This paper was written with Microsoft Word, a technological marvel that is taken for granted. Though earlier versions of Word were unreliable, thanks to technological progress and market pressure Microsoft has (finally) produced an extremely reliable program.

The security of software - and Microsoft products in particular - is another question. Still, great progress is being made without government intervention. With viruses widely reported in the media and understood by the public, companies understand that they must react to market demands. Microsoft spent about one hundred million dollars retraining its engineers to write more secure code . The effort seems to have paid off. Iain Mulholland, manager of Microsoft’s security response center, said that, “There were only nine critical or important vulnerabilities in Windows Server 2003 within the first 292 days of release, compared to 38 vulnerabilities discovered in Windows 2000 in the same time period.”

The opponent of licensing could argue that Microsoft and others are headed in the right direction already and that licensing is an unnecessary burden at best. Microsoft, with its enormous financial resources, can absorb the costs involved in the professional licensing of its engineers. The more worrisome element is what happens to everyone else?

As the technology industry rapidly innovates, so do the techniques available to hackers. A class of attack that has recently made news is the integer overflow attack. Microsoft engineers (all of whom had security training) on the core Windows CE Networking team spent two weeks fixing potential integer overflow issues in their code in October, 2004. Almost all of this code has been shipping for years. Even had all of the engineers been licensed, had the threat of integer overflows been unknown at the time of their training then their licensing would have been useless.

The model of the two guys in the garage inventing the “next big thing” may not be something we should be too quick to move away from. Despite the tremendous progress they have made in the last decades, computing is still in its infancy. Unimaginable advances lie in the future, both in theoretical aspects of computer science and in best practices of developing software. Formal bodies such as licensing boards, however well intentioned, will likely slow the pace of innovation. Perhaps the next big invention being invented in a garage will make computing infinitely more reliable and secure, which is ultimately the goal that licensing seeks to achieve as well.

Conclusions on Licensing

The impact that software engineering has on the world is tremendous. Allowing the field to continue as it is – with a haphazard, get to market, two guys in the garage mentality – could be courting disaster. That more professionalism and responsibility is needed at all levels of the profession to ensure more secure software is clear. Whether licensing engineers is the best way to do this is not. Licensing may help the systems of today be more secure. But aren’t market forces already causing this? And how licensing could be applied to a rapidly changing field such as software engineering is far from clear.

Perhaps a hybrid approach is best, where mission critical software such as that embedded inside boilers should require professional engineering practices and licensed software engineers. Requiring a wider array of software projects to use licensed engineers involves a careful consideration between the public’s short-term convenience and safety and the long-term good that comes with increased innovation.

Works Cited

[JSpaith:] I'll get endnotes fixed up before 12/3 draft submission.

McConnell, Steve. After the Gold Rush. Microsoft Press, November, 1999. Redmond, WA

"CSDP: Is Certification for You?" IEEE Computer Society, 2004. <http://www.computer.org/certification/cert_for_you.htm>

Tom DeMarco. "On Certification: Letter to the Editor". Cutter IT Journal, 1998. Arlington, MA. <http://www.systemsguild.com/GuildSite/TDM/certification.html>

LeClaire, Jennifer. "Microsoft and the New Science of Security Flaws". E-Commerce Times, September 26, 2004. <http://www.ecommercetimes.com/story/19514.html>

Chapman, Siobhan. "AusCERT: Microsoft’s security journey". itNews Australia, May 26, 2004. <http://www.itnews.com.au/msoft_storycontent.asp?ID=9&Art_ID=19766>

American Society of Civil Engineers. "Guidance for Civil Engineering Students on Licensing and Ethical Responsibilities". September 2001. <http://www.asce.org/pdf/ethics_student_guide.pdf>