RISKS@SRI-CSL.ARPA (RISKS FORUM, Peter G. Neumann, Coordinator) (02/12/86)
RISKS-LIST: RISKS-FORUM Digest, Wednesday, 12 Feb 1986 Volume 2 : Issue 10
FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
Computerized aircraft collision avoidance (Peter G. Neumann)
Computerized Feedback and the Stock Market (Eric Nickell)
Analyst Changes City Treasurer's Computer Code (Mike McLaughlin)
Plutonium on the Space Shuttle (Tom Slone)
Request to RISKS Readers from COMPASS 86 (COMPuter ASSurance) (Al Friend)
The RISKS Forum is moderated. Contributions should be relevant, sound, in good
taste, objective, coherent, concise, nonrepetitious. Diversity is welcome.
(Contributions to RISKS@SRI-CSL.ARPA, Requests to RISKS-Request@SRI-CSL.ARPA.)
(Back issues Vol i Issue j stored in SRI-CSL:<RISKS>RISKS-i.j. Vol 1: MAXj=45)
----------------------------------------------------------------------
Date: Wed 12 Feb 86 10:46:35-PST
From: Peter G. Neumann <Neumann@SRI-CSL.ARPA>
Subject: Computerized aircraft collision avoidance
To: RISKS@SRI-CSL.ARPA
As noted on various previous occasions, it is always nice to report
computer-related successes in avoiding risks, but they seem to get scant
notice. Perhaps some of you can keep your eyes open.
I had a phone report last night of a TV news item in Washington DC, relating
to a computerized aircraft collision-avoidance system that succeeded in
preventing what otherwise would have been a midair collision yesterday. Can
anyone provide details?
Peter
------------------------------
Date: Mon, 10 Feb 86 08:31:17 PST
From: Nickell.pasa@Xerox.COM
Subject: Computerized Feedback and the Stock Market
To: RISKS FORUM (Peter G. Neumann, Coordinator) <RISKS@SRI-CSL.ARPA>
Martin Minow's note about the effect that computerized stock traders can
have on the market brings up an interesting general situation.
Any self-correcting system which has a delay in the feedback loop (as
opposed to something like a spring, where the feedback is instantaneous)
can fail to correct itself if it is pushed too hard during a single
feedback period. Further, if the forces acting on the system are
themselves made a function of the system, there is the possibility of
increasingly amplified oscillation until the system breaks down at some
point.
The stock market is a case in point. Stock prices drift according to
the buying and selling of the stock. But in the case Martin Minow
cites, I am guessing that the computers were able to deluge the system
with sell orders before the price could adjust itself.
The delay in price adjustment was not a problem until we had computers
capable of swamping it with orders. Thus we may be introducing
computers into environments where slowness provides some degree of
stability to a process. Speed itself has its dangers.
Eric Nickell Nickell.pasa@Xerox.xcom
------------------------------
Date: Mon, 10 Feb 86 10:14:01 est
From: mikemcl@nrl-csr (Mike McLaughlin)
To: risks@sri-csl.ARPA
Subject: Analyst Changes City Treasurer's Computer Code
Cc: mikemcl@nrl-csr
D.C. FINANCE ANALYST LOCKED OUT OF OFFICE, GIVEN NEW DUTIES
Deputy Mayor's Employe Changed Computer
by Peter Perl, Washington Post Staff Writer
<excerpted from the Washington Post, Sunday, 9 February 1986>
<indicates a comment>, (indicates a bridge or clarification)
A controversial D.C. government financial analyst who publicly accused his
bosses of wrongdoing and recently changed a city treasurer's secret com-
puter code to deny them access to files has been locked out of his office
and assigned other duties...
... was removed from his job (7 Feb) because he changed the password to the
treasurer's office computer and refused to tell his superiors the code.
Frost confirmed yesterday that he had altered the computer code, saying he did
so to prevent documents from being destroyed or altered, which he said has
happened before. He charged that his transfer was a retaliation... for
criticisms of District financial managers. ...
(Deputy Mayor) Hill, who is under investigation by a federal grand jury ...
called Frost "a nerd and an imbecile."... "He was insubordinate and he had
no right to change the master code," Hill said...
Frost... manages <managed?> a $300 million cash investment portfolio, drew the
ire of his superiors last year with his charges of incompetence and possible
fraud in the cash management system."
... Frost's testimony put his superiors in hot water after disclosure that
they had used the computer system to backdate a key memorandum. ...
Frost said he decided to change the secret manager's computer code because
he believed that another employe used to code to obtain a copy of (Frost's
letter accusing superiors of incompetence or corruption) written in the
treasurer's computer system - and leak it to the Washington Times.
Williams realized (6 Mar) he could not get access to the manager's computer
account and asked Frost ... Frost acknowledged that he had, but refused to
restore the original code or tell Williams the new one...
"(Frost) will be given a key to his new office," Hill said. "... He has a
phone, a desk. He can continue to work. But he is not in there where the
computer is."
------------------------------
Date: Tue, 11 Feb 86 09:49:49 pst
From: michael%ucbiris@BERKELEY.EDU (Tom Slone [(415)486-5954])
To: risks@sri-csl.arpa
Subject: Plutonium on the Space Shuttle
Recent Freedom Of Information Act (FOIA) information has revealed that NASA
officials considered the possibility of a Space Shuttle exploding to be so
remote that the dangers of carrying tens of pounds of Plutonium aboard was
not given much thought. Plans are apparently still in the works to launch
these Plutonium driven space probes starting in May of this year. The
manufacturer of these probes has claimed that the Plutonium element would
have survived the Challenger explosion as material of similar strength was
recovered from the debris.
------------------------------
Date: Tue, 11 Feb 86 10:41:50 est
From: friend@nrl-csr (Al Friend)
To: risks@sri-csl
Subject: Request to RISKS Readers from COMPASS 86 (COMPuter ASSurance)
WE NEED YOUR HELP
-----------------
TO: The readers of the RISKS FORUM
FROM: Program Committee COMPASS 86
1. We need an estimate of attendees and authors at a conference we are
planning. Also, we need input in terms of ideas and events for it.
2. The conference is COMPASS 86, which stands for COMPuter ASSurance.
This conference is all about the things we are discussing in this forum.
The security and safety of processes rather than data banks, or
communication links. We have in mind not only weapons and defense type
systems, but medical systems, tranportation systems, and the multitude of
computer controlled systems that touch our everyday lives.
Dave Parnas will be the keynote speaker.
There will be a series of panel discussions, which will address everything
from SDI to the application of AI.
Papers will be reviewed by computer and software scientists working in the
areas of safety and security from the University of California, SRI,
and the Naval Research Laboratory.
The idea is to encourage new ideas, new applications of neglected ideas
and promote useful interactions.
3. The conference specifics are:
DATE: 7-11 July 1986
PLACE: The George Washington University, Wash., DC
HONORARY CHAIRMAN (prospective): Ruth Davis, former Assistant to
Deputy Undersecretary of Defense
for Research and Advanced Technology
GENERAL CHAIRMAN (prospective): H.O. LUBBES, Space and Naval Warfare
Systems Command (lubbes@nrl-csr)
SPONSOR: IEEE Washington Section
4. It would help us if the readers of this forum could give us some feedback
on the number of people likely to attend and the number of people likely
to submit papers. Also, we would like to incorporate any special events
that people would like to see into it. The important dates are:
March 31 --- Abstracts Due
April 30 --- Authors Notified
May 30 --- Camera Ready Manuscripts Due
The call for papers is in the February issue of IEEE Computer. Also, a
version of it ran a little while back in this forum.
[I won't comment on the risks of running the first conference of
its kind! Good luck. PGN]
------------------------------
End of RISKS-FORUM Digest
************************
-------