I said last week that software is everywhere as an essential public service but has yet to be managed like a utility.
Sometimes the social cost of a software failure can be catastrophic.
On the morning of January 11, 2018, the entire vital rail link between the eastern New Territories and Kowloon was suspended from about 9.30 am for more than two hours.
A software error in the train control system was to blame for two-hour MTR service stoppage that left tens of thousands commuters stranded.
Another saw the Hong Kong Monetary Authority forced to apologize on October 17, 2021, after the Faster Payment System crashed for more than five hours on Sunday morning during a system relocation and software upgrade.
There are now more than 10 million users of the FPS, which allows customers to transfer money online between different banks by entering a phone number or an email address.
The above examples provide illustrations in terms of the societal costs in lost productivity and in withdrawal of services due to software failures.
And yet software failures have the potential to damage companies' service or data breaches, causing further reputational risk.
Many companies still don't understand what a data breach is, or even more so, the reputational cost of a data breach.
According to IBM and the Ponemon Institute, the average data breach cost in 2021 was US$4.24 million (HK$33.07 million) - 10 percent more than the 2019 average, which was US$3.86 million.
Software failures are already a significant cost for our global economy.
Both the risks of software failures and potential impact of software failures on continuity and quality of business services are increasing.
This week I want to count the true costs of software failures.
When a failure incident occurs, there is a consequential loss of profits and amassing of costs.
First, users, be they individuals or organizations, bear the immediate cost of failure through the service disruption or wrong information.
The effect of a software failure can spread across many users, such as smart cities, for example, which are highly interconnected.
This makes it difficult to model the cause and effect of software failures, or to measure the social and economic impact due to them.
Software failure may have widespread and long-lasting consequences in terms of lost business and reputation, plus stress on and loss of staff.
Therefore the cost of failure includes lost profits, cost of the repairs, fixed and variable operating costs wasted during the downtime and a myriad of consequential costs.
These are all paid for by the organization and seen as poor financial performance in the first place.
Next, software suppliers bear the costs of fixing the causes of failure and may have associated reputation costs. They have little reason to count the cost to the users.
The software failures of digital systems are a cost to the economy and society that will only increase as software becomes even more of a utility, is in a wider range and more vulnerable to failure.
Software is different and has unpredictable qualities. Major shocks from software system failure and digital system breaches are almost inevitable - only the locations and times are unknown.
The true cost of software failures should not be the elephant in the room, unfortunately it is.
Dr Jolly Wong is a policy fellow at the Centre for Science and Policy, University of Cambridge
