We require someone with a professional engineering designation from an accredited engineering body to sign off and approve before a building can be built. If it is found to have structural issues later, that person can be directly liable and can lose their license to operate. Why this is not the case with health software I cannot explain. Every time I propose this the only argument I recieve against it is people who are mad that their field might dare to apply the same regulation every other field has.
Oh man, I have gone off on rants about software "engineering" here in the past.
My first office job was as an AutoCAD/network admin at a large Civil and Structural engineering firm. I saw how seriously real engineering is taken.
When I brought up your argument to my FAANG employed sibling, he said "well, what would it take to be a real software engineer in your mind!??"
My response was, and always will be: "When there is a path to a software Professional Engineer stamp, with the engineer's name on it, which carries legal liability for gross negligence, then I will call them Software Engineers."
People like to make this point, but traditional engineering has the opposite problem: insanely overwrought processes and box-checking that exists for no reason and slows everything down to a snail's pace. Yes there are safety-critical parts, but they surrounded by a ton of bullshit.
It's also absurd to think that there is no company which does genuine software "engineering". If you break ads at Google/Meta, streaming at Netflix, etc there are massive consequences. They are heavily incentivized to properly engineer their systems.
The main thing that governs whether time is spent to well-engineer something is if there is incentive to do it. In traditional engineering that incentive is the law (Getting council approval, not getting sued, etc). In software engineering that incentive is revenue.
That's quite the take. Throughout human history there were lots of instances of vibe-engineering and vibe-architecting, in the physical world.
Since the failings of not doing proper engineering is far more evident, the reasons for the "insanely overwrought processes and box-checking that exists for no reason and slows everything down to a snail's pace" go back to the earliest written law, AKA the Code of Hammurabi, circa 1754 BC! These rules are part of the core of our functional civilization.
Examples:
- Law 229 (Death of Owner): If a house collapses and kills the owner, the builder is put to death.
- Law 230 (Death of Owner’s Son): If the collapse kills the owner's son, the builder's son is put to death.
- Law 232 (Property Damage): The builder must replace any destroyed property and rebuild the collapsed house at their own expense.
- Law 233 (Structural Defects): If a wall "shifts" or is not built properly before completion, the builder must strengthen or repair it using their own silver/means.
Totally agree - not just medical software either. See replies to my other comment threads. Software engineers really don’t like the idea that they might have to show they can perform at a certain standard to be able to work as a software engineer.
Typically arguments come up:
“that’s gatekeeping” - yes, for good reason!
“Laws already exist” - yeah, and that’s not the same as professional accreditation, standards and codes of practice! Different thing, different purpose. Also the laws are a mishmash and not fit for purpose in most sectors.