141 Flashcards

(57 cards)

1
Q

Define a system:

A

a collection of interrelated parts that form a whole and has some purpose, a change in any part can lead to a change in other part(s)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the system development lifestyle?

A

planning - plan, feasibility assessment + goal
analysis - problem + requirements analysis
design - arch. + interface (system spec.)
implementation - system construction, installation, support plan, maintenance + testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the system development lifestyle models?

A

waterfall dev. - one stage at a time so inflexible but easy

rapid application dev. (e.g agile dev.) - feature oriented rather than activity, deliver in each iteration so can make changes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the diff. types of requirements?

A
  • business
  • user
  • functional (software)
  • non-functional (system qualities)
  • system (system implementation)

(non-functional can be split into product, organisational, external, quality, process, + constraints requirements)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is requirements elicitation?

A

articulating + understanding users’ needs as well as any constraints + processes that need to be followed

often inc. questionnaires, interviews, brainstorming, observations, think aloud, workshops/focus groups + prototyping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the stages involving requirements?

A

requirements elicitation, analysis, documentation and verification + validation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does user-centred design concern?

A
  • interaction design - good UI
  • HCI
  • user experience (UX) design - enhancing satisfaction + ease of use
  • requirements engineering

need to consider physiological, cognitive + affective (emotional) aspects
best to use scenarios to imagine these aspects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is usability?

A

the extent to which a product can be specified to achieve goals with effectiveness, efficiency + satisfaction in a specified context of use

Nielsen’s usability characteristics:
- learnability
- efficiency
- memorability
- errors - low error rate
- satisfaction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How to evaluate usability?

A
  • analytic approaches (guideline/heuristic assessment)
  • empirical approaches (user eval.)
  • inspection methods (expert evaluation): inc. heuristic evaluation, walkthroughs + guideline checklist
  • inquiry methods (observations, focus groups, questionnaires, etc.)
  • testing methods (user evaluation)

can use system usability scale to get quantitative feedback
finally may perform usability testing to see how user interacts in real time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a dark pattern?

A

deceptive UI design features to mislead users into making choices not in their best interest by exploiting human weakness

e.g. Zuckering - using jargon to deceive users
roach motel - user enters diff. to leave situation
forced continuity - auto. billed after free trial w/o notice
bait + switch - undesirable result occurs when user does an action

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is design ethnography + participatory design?

A

design ethnography = observe how users interact w/ the prototype in real settings/natural environment
- earliest dev. step

participatory design = actively involve users in refining design, using their insights to minimise risks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Give some system failure case studies:

A

titanic - very complex socio-technical system + management structures, involved latest data communications + engineering technologies and complex political + organisational context

post office - Post Office - didn’t listen to staff complaints about new software → over 700 PO branch managers received criminal convictions for faulty accounting + theft (2004-14) due to false suggested cash shortfalls from Horizon

Boeing 737 MAX - tried to use software solution to fix hardware issue (engine size + plane design), little open communication around system risks + pilots concerns were ignored - whole plane died in a crash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the types of system failures?

A
  • regulatory failures - lack of info
  • managerial failures - safety climate, lines of command + responsibility, quality control, etc.
  • hardware failures - design/req./implementation failure,
  • software failures - req./spec failure
  • human failures - human error
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Discuss a system failure model:

A

swiss cheese model = holes from failures + latent conditions (start as hazard → losses)
successive layers of defences

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Explain Laprie’s dependability model:

A

impairments =
failure - system doesn’t deliver the service users expect
error - system behaviour doesn’t conform to its spec
fault - incorrect system state not expected by designers

means =
fault avoidance - preventing fault occurrence
fault tolerance - delivering correct service though faults present
fault removal - reducing no./severity of faults
fault forecasting - estimating no. of faults, future occurrences + consequences

attributes =
availability - ability of system to deliver services when requested
reliability - ability of the system to deliver services as specified
safety - ability of the system to operate w/o catastrophic failure
security - ability of the system to protect itself against intrusion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are some security case studies?

A

Jan 2024: 2nd biggest Spanish mobile carrier had major outage due to weak password
May 2017: hacker exploited windows vulnerability (EternalBlue) in a cyber attack against NHS - 48 hospitals affected

undermined trust leads to downtime, data loss + safety risks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are the CIA Triad foundations of security?

A

confidentiality - computing resources, data + info should be accessible only to authorised users
- privacy - gives owner control over what data is collected, how it’s stored + how it’s used
- ensure w/ encryption, access control + authentication

integrity - resources should only be modified/removed by authorised users
- data integrity - ensures data isn’t tampered w/ (maliciously/accidentally)
- system integrity - system should function as intended, free of unauthorised modifications
- ensure w/ checksums, hashing, digital signatures + version control

availability - resources need to be accessible when needed by authorised users
- performance - slow/overloaded systems hurt vulnerability
- single point of failure - avoid designs where failing components take down entire system

security fails if any pillars are compromised

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are some environmental impacts of computing?

A
  • carbon emissions (usage, manufacturing, transport + end-of-life)
    ICT sector is est. to be 2.1% to 3.9% of global carbon emissions - NOT inc. blockchain, IoT or AI
  • water usage (cool data centres, generating energy, manufacturing + mining for resources)
    Google data centres + offices consumed 24 billion litres (2023)
  • waste (disposing devices)
    Bitcoin produces 30.7 metric kilotons annually (est.)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are the impacts of e-waste?

A
  • e-waste can contaminate soil + water
  • recycling is not simple + uses energy itself, causing emissions

e-waste becoming a greater issue given - devices may become outdated fast in competitive industries + some specialised devices may not be reusable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is Jevon’s Paradox?

A

the more efficient a technology becomes, the more likely it is to become more affordable, accessible or faster

so instead of the expected savings on resources, efficiency leads to inc. demand + consequently more consumption of resources and therefore, more carbon emissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What impacts do LLM/NLP/AI have on the environment?

A
  • training an LLM emits 284 tonnes CO2e in 2020 (where at this time training made most emissions)
  • now w/ generative AI applications, most emissions come from interference given wide usage
    • ChatGPT emissions are est. 25x bigger
      than training the GPT-3
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

How do we reduce the environmental impact of computing?

A
  • raise awareness
  • ask questions/reflect
  • improve transparency
  • don’t be paralysed by uncertainty
  • consider rebound effects (Jevon’s Paradox)
  • green computing (reducing use of resources in computation e.g. using renewable energy, using only part of the model, optimisation, etc.) - not enough alone given rebound!
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is property?

A

intellectual = any unique product of human intellect that has commercial value

distinction between property + intellectual property - what does it mean to “own” intellectual property - theft !taking the intellectual property but taking the revenue derived from it

natural right: the right to own property

24
Q

What are intellectual property rights?

A

protects creative works, inventions + intangible assets of a business
inc. copyright, patents, confidence, design right + trademark
cannot apply to things made by AI (only humans)

Copyright, Design + Patents Act 1988 (CDPA)
- can only protect expression of an idea (!idea alone)
patents = gives owner exclusive rights to an invention for up to 20 yrs - protects against independent development of something based on the same idea

law of confidence = useful supplement to copyright + patents (protects ideas before they become copyrighted/patented) has wider scope

25
What is piracy?
the act of unfairly trading a person’s creation during 00s where 43-70% of internet traffic was piracy can combat w/ - - Digital Rights Management (DRM) - access control mechanisms to restrict medium usage - Digital Economy Act 2017 - increases max jail term for internet piracy to 10 yrs (modifies CDPA 1988)
26
What are the opponents to software protection?
free software movement: - freedom to run program for any purpose - freedom to study how the program works + adapt it - freedom to redistribute to help others - freedom to improve the program + release these open source idea: - programmers develop software in return for credit → enhance reputation to make grants easier to acquire shareware: - people will pay because they need it to continue to be supported for their own purposes so no need for SP - programs can be freely obtained - may pay the developer a small reward if you like it
27
What is the CDPA?
cover software, preparatory design materials + databases (original + recorded) restricted acts important to software: - to copy the work - to issue copies of the work to the public - to make an adaption of the work copyright is infringed where these acts are performed without permission of the copyright owner owner of copyright = author of work (unless by an employee in the course of employment) author of computer-generated work = “the person by whom the arrangements necessary for the creation of the works are undertaken”
28
How do we limit liability under intellectual property?
Consumer Protection Act 1987 - imposes liability on the producer of a defective product (only hardware) Supply of Goods + Services Act 1982 - applies to software sold with some form of contract, binds the software supplier to provide a service w/ reasonable care - if fails may be liable for damages negligence (personal liability) - imposes liability on a person who has acted carelessly under common law can be significant in software dev in health-system failures, security-system malfunctions + e-commerce system security loopholes ACM states system developers have a responsibility to be a good steward - establish policies for fair system access - monitoring the level of integration of a system + how society uses it
29
What is W5H?
helps design w/ accessibility in mind - Who: Who is using your product? - What: What are they doing? - Where: Where are they doing it? - When: When are they doing it? - Why: Why are they doing it? - How: How are they doing it?
30
What is the social vs medical model in accessibility?
social looks at social barriers, organisation of society + developing inclusivity to boost independence, choice + control medical looks at impairment/difference, tries to fix what is wrong not give what is needed, creates low expectations
31
What is digital accessibility concerned w/?
ensuring everyone can interact w/ a system in a meaningful + equivalent way
32
What disabilities affect web access?
auditory, visual, cognitive, physical + speech web accessibility can be ensured by following WCAG (Web Content Accessibility Guidelines)
33
What is value sensitive design?
integrate ethical + social values (e.g autonomy) into design to align with broader success criteria balance profit + values e.g. humble AI concept
34
What is the humble AI concept?
ensuring trustworthy people are not unfairly distrusted - promoting fair, merit-based opportunities principle of scepticism = seek additional data esp. for cases near decision threshold to reduce errors principle of curiosity = use safe exploration to randomly grant opportunities to people close to the threshold + observe outcome to help refine for future
35
What are the diff. generations relationship w/ tech.?
- digital natives = born into digital world (gen z + millennials) - digital immigrants = adopted tech later in life (gen x + boomers) - digital pioneers = early adopters of internet + computing (older millennials + gen x) - gen alpha = first fully AI-native gen
36
What are the web accessibility principles?
perceivable, operable, understandable + robust
37
What is the diff. between digital exclusion + digital divide?
digital exclusion - focuses on why individuals may not participate fully = inequality VS digital divide - focuses on which groups/regions are left behind and how these disparities manifest = injustice
38
What is the access doctrine?
belief that providing basic tech access is enough to pull individuals out of poverty/marginalisation → normalises abandonment of those who still face structural barriers, making inequality appear acceptable
39
How do we help remove digital divide within AI?
- local-first or edge AI - reduces reliance on high-speed internet - federated learning - models can train on decentralised data sets → improving diversity - bias detection + mitigation - measure + reduce algorithmic bias - low-resource language support - transfer learning/domain adaptation to handle languages w/ limited data
40
What is data justice?
ways in which big data systems can discriminate, discipline + control - use of data for governance to support power asymmetries - impact of dataveillance practice on the work of social justice orgs. - way data tech can provide greater distributive justice through making the poor visible algorithmic social justice - addresses how AI-driven systems reinforce, mitigate, or reshape social inequalities
41
What is fairness metrics?
measures fairness across: - statistical parity difference = if positive outcomes assigned to the 2 groups at equal rates then fair - equal opportunity difference = if true positive outcomes assigned to the 2 groups at equal rates then fair need to understand the specifics of the context + the factors that affect discrimination before deciding the metric
42
How does AI relate to culture + society?
embodies societal values, economic structures, ideological conditions of its time + historical trajectories can influence + is influenced by the society in which it is embedded
43
What are the security design principles?
economy of mechanism (simple design = less error) fail-safe defaults (deny by default) complete mediation (authorisation) open design separation of privilege (divide power) least privilege least common mechanism (minimise sharing) psychological acceptability (user-friendly)
44
What is the privacy paradox?
“When people disclose personal info in ways that are inconsistent with the high value they claim to place on privacy” because... - rational ignorance - transparency paradox - overload of complicated details - control paradox - like idea of control - disincentivised to protect privacy - trade convenience for data
45
What are some privacy preserving tech?
- federated learning - decentralised machine learning (w/o transferring raw data to a central server) - differential privacy - making it impossible to trace data back to a specific individual - encryption
46
What are some privacy tips?
- strong, unique passwords, MFA - review app permissions/settings - limit oversharing online - use HTTPS (!public wifi) - tools (VPNs, secure messaging apps)
47
What is surveillance?
systematic observation/data collection concerning people often w/ the aim of influencing/managing their behaviour key concepts = power, consent + data
48
What are the types of surveillance?
covert (discrete) vs overt (visible) mass (e.g. NSA requesting data from tech companies on user comms.), state, corporate, personal, big data, self, sousveillance
49
What is censorship?
blocking + controlling media can be state actor, corporate actor or algorithmic moderator may be network-level, platform-level, self or algorithmic censorship
50
What are the types of malware?
virus, worms, trojans, ransomware, zombie + botnets which can gain access via phishing, vulnerabilities, social engineering, malicious ads/sites, infected software
51
What is threat modelling?
security lifecycle to analyse a system’s security + privacy concerns key phases = asset identification, threat analysis, vulnerability analysis, risk assessment + risk communication e.g. STRIDE, DREAD
52
What are some technical mechanisms of censorship?
- firewalls + DPI (packet inspection) - AI moderators - IoT/smart devices restricting functionality - search engine filtering (algorithm prioritises search results) - social media echo chamber (algorithm amplifying CERTAIN content - suppresses others)
53
How does legislation link to surveillance?
- USA Patriot Act 2001 - allows searching of email + telephone records w/o a warrant - Anti Terrorism, Crime + Security Act 2001 - enabled retention of comm. data voluntarily - Communication Data Bill 2012 - requires all ISPs to store user data for 1 year - Investigatory Data Bill 2016 - enables bulk data collection + bypassing encryption
54
Why does system security matter?
highly dependent on systems in daily life attacks cost time, money and reputation undermined trust leads to downtime, data loss + security risks
55
What are the immutable laws of security?
pub. by Microsoft to create common-sense truths in security republished in 2023 to reflect evolution e.g. cybersec. is a team sport, encryption alone isn't a solution, your network isn't as trustworthy as you think
56
Discuss human error:
performance = skills-based (routine/automatic), rules-based (following est. rules) or knowledge-based (knowledge to address unfamiliar) human errors = slips (skills - action not performed correctly), lapses (skills - forgot action) or mistakes (rule/knowledge) comes from GEMS model - helps learn how to minimise, detect, correct, + tolerate HE but doesn't address deliberate errors
57
How to plan for error?
- transparent system - inc. errors in testing - user-centred interface - error tolerant (reversible actions + easy recovery)