Secure Coding mailing list archives
"Checklist Manifesto" applicability to software security
From: brian at fortify.com (Brian Chess)
Date: Thu, 07 Jan 2010 07:49:33 -0800
I think it's a great analogy. If you'd like to read more without ordering the book, here's an article Gawande wrote for the New Yorker in 2007: http://www.newyorker.com/reporting/2007/12/10/071210fa_fact_gawande Brian On 1/7/10 7:11 AM, "Jeremy Epstein" <jeremy.j.epstein at gmail.com> wrote:
Greetings, I was listening yesterday to an interview [1] on NPR with Dr. Atul Gawande, author of "Checklist Manifesto" [2]. He describes the problem that medical procedures (e.g., surgery) tend to have lots of mistakes, mostly caused because of leaving out important steps. He claims that 2/3 of medical - or maybe surgical - errors can be avoided by use of checklists. Checklists aren't very popular among doctors, because they don't like to see themselves as factory workers following a procedure, because the human body is extremely complex, and because every patient is unique. So as I was listening, I was thinking that many of the same things could be said about software developers and problems with software security - every piece of software is unique, any non-trivial piece of software is amazingly complex, developers tend to consider themselves as artists creating unique works, etc. Has anyone looked into the parallelisms before? If so, I'd be interested in chatting (probably offlist) about your thoughts. --Jeremy [1] Listen to the interview at http://wamu.org/programs/dr/10/01/06.php#29280 [2] "The Checklist Manifesto: How to Get Things Right", Atul Gawande, Metropolitan Books. _______________________________________________ Secure Coding mailing list (SC-L) SC-L at securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
Current thread:
- "Checklist Manifesto" applicability to software security Jeremy Epstein (Jan 07)
- "Checklist Manifesto" applicability to software security Brian Chess (Jan 07)
- "Checklist Manifesto" applicability to software security Benjamin Tomhave (Jan 07)
- "Checklist Manifesto" applicability to software security John Wilander (Jan 07)
- "Checklist Manifesto" applicability to software security Andy Steingruebl (Jan 07)
- "Checklist Manifesto" applicability to software security Gary McGraw (Jan 07)