BBC News reports that 3200 US prisoners were released early over a 13 year period due to a software bug. It’s hard to fathom how this could have been released in the first place, how it remained undetected for so long, and finally why it’s taken so long to fix.
The bug miscalculated the sentence reductions prisoners in Washington state had received for good behaviour. It was introduced in 2002 as part of an update that followed a court ruling about applying good behaviour credits.
Ok, we know that there’s always room for mis-interpretation of requirements when developing software, and every program needs some period of user acceptance testing.
The Washington Department of Corrections (DoC) added that it was made aware of the problem in 2012 when the family of one victim found out that the offender was getting out too early.
Huh? It took ten years for someone to notice? The average mis-calculation was 49 days and a maximum of 600 days – and it wasn’t noticed? What sort of testing did they do – surely some worked examples were provided?
Despite this, the faulty software was not corrected until a new IT boss for the DoC was appointed, who realised how serious the problem had become.
This is the crux of the matter – if you’re writing mission-critical software, you have to test accordingly. Here, prisoners released early may have committed further crimes – that’s a hefty penalty that could have been avoided by professional software practices: code reviews, test coverage analysis, user acceptance testing. Surely some regression data tests existed when they were releasing the upgrade – someone must have signed off that all these differences were fine “because the rules have changed”. Yes, but not by that much!
Mr Inslee said he had ordered the DoC to fix the software as quickly as possible. An update that applies the correct formula for calculating sentence cuts is due to be in place by 7 January.
Let’s hope they’ve thoroughly reviewed their test coverage now and that the release goes smoothly. Also, they should review any other software developed by the same team in that 2002 period, it’s unlikely to be an isolated mistake.