1 Legal Aspects of Software Development MVV59K Software Law 26th October 2011, Brno 2 Lecturer Jaromír Šavelka Department of Law and Technology Faculty of Law Masaryk University Room no. s61 (office hours Mon 12:00 – 13:30) Email: jaromir.savelka@law.muni.cz Telephone: +420 549 495 377 3 Lecture Overview Software Development Reverse Engineering Works Contract (Software Development Contract) Service Level Agreement 4 Lecture Overview References: Ráček, Strukturovaná analýza systémů (2006) Ráček, Analýza a návrh systémů course materials (2009) Otevřel, Jansa, Softwarové právo (2011) Pressman, Software Engineering (2010) The Service Level Agreement SLA Guide 5 Software Development Legal Aspects of Software Development 6 Software Development Software Development Key Elements Developed within a process of engineering activities (is not manufactured) It does not wear off It is almost always custom made 7 Software Development Mass Marketed Products - Independent systems produced by a developer and “sold” at the market to wide variety of customers who can “buy” the product. - Specification is an internal process of a developer. Custom-Made Products - System development ordered by a specific customer/client. It is developed by contractually binded developer. - Specification of the product is an important part of the contract between a client and a developer. Any changes must be agreed upon and price updated. 8 Software Development Software Development Key Elements Developed within a process of engineering activities (is not manufactured) It does not wear off It is almost always custom made 9 Software Development Software Crysis The end of 60s of 20th century - 28 % of software deployed successfully - 49 % serious problems - 23 % failures A need for systematic analysis and design 10 Software Development Software Crysis USA government funded software projects (6,8 billion USD): - 3,2 billion: was not paid, never delivered - 2,0 billion: was paid but never delivered - 1,3 billion: vast changes requested, never deployed - 0,2 billion: deployed after some major changes - 0,1 billion: deployed as was delivered 11 Software Development Additional Key Elements Difficult Maintenance Software tends to be rather expensive Productivity of the programmers Programming Language not very important Expensive debugging 12 Software Development Linear Process Flow Pressman, Software Engineering (2010) 13 Software Development Evolutionary Process Flow Pressman, Software Engineering (2010) 14 Software Development Parallel Process Flow Pressman, Software Engineering (2010) 15 Software Development Well Deployed Software Maintainability Reliability Effectiveness Usability 16 Software Development Other Key Elements Complexity Scale Communication Time Management Intangibility 17 Software Development Developing Smaller Scale Products (web pages, simple applications) Established techniques Top-down, structured coding, step-wise refinement Logical framework and code inspection Tools – compilers, debuggers 18 Software Development Developing Larger Scale Products (web pages, simple applications) Planning Mechanisms – work distribution, schedule, resources Well documented specification Structured team Formalized sets of tests, trial scenarios Formalized inspection 19 Software Development During the software development User's needs are transformed to … Software specification that is transformed to … Software design that is implemented as … Software code which is tested, documented and deployed for operation. 20 Software Development Specification – defining of SW functioning and deployment limitations. Development – necessary to develop software in accordance with the specification. Validation – software must be validated to demonstrate that it is a solution to user's needs Evolution – software must be further developed to be able to adapt for changing needs of a client. 21 Software Development Observables “Artifacts” - software output - documentation - data - source codes Processes - work processes - established rules (rules-of-thumb) - interaction among team members 22 Software Development Development Characteristics Understandability Observability Reliability Acceptability Robustness Maintanability Duration 23 Software Development Water-fall Lifecycle Pressman, Software Engineering (2010) 24 Software Development Problems of the Water-fall Lifecycle In reality it is difficult to carry out individual steps in the precise order. At the beginning client is not capable of defining the needs. Client must be patient. Late discovery of defects may jeopardize the whole project. Preferred by the managers. 25 Software Development Prototyping Lifecycle Pressman, Software Engineering (2010) 26 Software Development Managing Defects The later a defect is discovered the more it costs to be fixed. A lot of defects remain hidden and is discovered withint the consequent phase. User requirements usually contain a lot of defects (facts, controversions, ambiguities). Can be detected. 27 Software Development Hardware Pressman, Software Engineering (2010) 28 Software Development Software Pressman, Software Engineering (2010) 29 Software Development Lehman's Principles Permanent change Increasing complexity Software evolution Invariant progress Limited increment 30 Software Development Common Myths – management myths We already have a book that’s full of standards and procedures for building software. Won’t that provide my people with everything they need to know? If we get behind schedule, we can add more programmers and catch up (sometimes called the “Mongolian horde” concept). If I decide to outsource the software project to a third party, I can just relax and let that firm build it. 31 Software Development Common Myths – customer myths A general statement of objectives is sufficient to begin writing programs—we can fill in the details later. Software requirements continually change, but change can be easily accommodated because software is flexible. 32 Software Development Common Myths – practitioner myths Once we write the program and get it to work, our job is done. Until I get the program “running” I have no way of assessing its quality. The only deliverable work product for a successful project is the working program. Software engineering will make us create voluminous and unnecessary documentation and will invariably slow us down. 33 Software Reverse Engineering Legal Aspects of Software Development 34 Software Reverse Engineering “the process of developing a set of specifications for a complex hardware system by an orderly examination of specimens of that system” (Rekoff, 1985) 35 Chikofsky, E.J. & Cross, J.H., 1990. Reverse Engineering and Design Recovery: A Taxonomy. IEEE Software. 36 Application Security audit Security SW DevelCryptography Viruses, trojan horses, spyware DRM Quality assessment Competing SW Interoperability Exceptional Elements “Defenders”“Attackers” Weakness Exploatation Recovery Risk Assessment 37 Works Contract Software Development Contract Legal Aspects of Software Development 38 Software Development Contract Software Development (and Deployment / Implementation) Contract Specific regulation does not exist => Works contract as a basis Framework Contract 39 Software Development Contract The Purpose and Aims of the Contract Often missing (usually signals high quality of the contract) Can be used as interpretative framework for the whole contract Current status of the client (customer) Desired status of the client (customer) 40 Software Development Contract The Object of the Contract The actual description of the software solution key element, often missing (referrence to an external document), often vague Sometimes advisable to use negative definitions Time and place of the delivery Possible to specify during the actual development, Sometimes necessary to change 41 Software Development Contract Involvement of Third Parties Hardware supply ● Developer ● Client ● Third Party Software supply ● Developer ● Client ● Third Party 42 Software Development Contract The Project Management Project team Documentation policy Internal communivation Rights, obligations and repsonsibilities within the project team 43 Software Development Contract Change Management Substantial changes Accessory changes 44 Software Development Contract Training and Documentation Vital in case of more complicated software Training sessions for the employees of the client that are expected to use the software or provide support High quality documentation, tutorials 45 Software Development Contract Software Delivery Acceptance based on pre-defined tests (formal requirements) Delaye delivery (default) Developer in default Client in default 46 Software Development Contract Software Delivery II Source codes delivered escrow 47 Software Development Contract Cooperation of the Client Extremely important Not-fulfillment may jeopardize the whole project Serious legal consequences 48 Software Development Contract Rights to the Software Transfer of Rights License Contract The client entitled to use the software in such a way to fulfill the purpose of the contract. 49 Software Development Contract Price Fixed or budget Changes – raise, reductions (additional work) 50 Software Development Contract Defects Liability for Defects What can be considered a defect? Hidden defects, trial operation Delivery inspection 51 Software Development Contract Defects Actual and legal defects Claims Warranty Agreed properties of the software 52 Software Development Contract Damages Liability for damages Disclaimers Limitations 53 Software Development Contract Contract Termination Fulfillment Substantial Breach of Contract Withdrawal 54 Service Level Agreement Legal Aspects of Software Development 55 Software Level Agreement Definition Written agreement between a service provider and Customers), that documents agreed Service Levels for a Service (SLA) 56 Software Development Contract SLA Structures Sevice Based SLA Customer Based SLA Multi-level SLA Corporate level Customer level Service level 57 Software Development Contract Designing the Contents of SLA Service hours Availability targets Reliability Support arrangements Transaction response times Disaster recovery Reporting requirements Incentives and penalties 58 Other Important Documents Legal Aspects of Software Development 59 Other Important Documents Service Catalogue Underpinning Contracts Operational Level Agreement Service Level Requirements 60 Thank you for your attention! (jaromir.savelka@law.muni.cz)