A survey of 280 software engineers conducted in October reported that over half (53%) suspected bugs were found in the workplace.
Among the specific areas of misconduct mentioned are breach of professional standards, negligence, bribery, fraud, criminal activity, disorderly conduct, health and safety risks, damage to the environment or breach of legal obligations, including discrimination – or deliberately concealing such matters.
The survey found that of the 116 who reported wrongdoing to their employers, 75% said they faced retaliation, such as being denied a promotion or raise, harassment/bullying, being treated differently or being fired.
Computer scientist Junade Ali, who produced the report, said: “There is a lack of psychological safety. People do not feel they are able to speak up. This underlines the need for permanent oversight and control systems.”
This, he said, avoids companies relying on people needing to speak up, where there is a culture that means it is rare to do so. Ali describes this as the “bystander effect,” where the software engineers accept that something is wrong but stand back and let the wrongdoing go unreported.
Next to what matters most to software engineers, the survey found that software engineers were most likely to say that what mattered “a lot” about their job was being able to provide for them/their families (52%) and deliver work that is highly reliable (51%) and keeps data secure (47%).
But the survey found that 71% agree that software reliability in the workplace concerns them. A previous poll in June 2021 found that the percentage of software engineers concerned about software reliability in the workplace was 57%, illustrating a worsening situation over the past two years. The software engineers surveyed were the least likely to say that “delivering work quickly” (33%) was among their top priorities.
Google’s DevOps Research and Assessment (Dora) is often used as a way for managers to measure the performance of individual software engineers on a team. According to Ali, although it may find some correlation with competence, these metrics do not measure what the public thinks is most important when it comes to computer systems, or what software engineers, in their professional judgment, believe is most important. The study noted that Dora does not adequately take into account the changing tolerance of the risk-reward balance in different industries or particular environments.
IN The dark side of software development report, which is based on the survey results, Ali said that over-optimizing against these metrics, especially when it comes at the expense of what matters to society or where the professional judgment of software engineers governs, can cause significant harm. He recommended that the use of Dora’s “four key metrics” as an overall measure of software delivery performance should be discontinued. Instead, Ali encouraged software team leaders and managers to use metrics that measure and risk indicators that are appropriate for the risk/reward appetite of a given environment.
From his own experience with software teams, Ali has worked on developer burnout research and has seen cases where certain members of a software engineering team are far more risk tolerant than the rest of the team. He said: “This obviously puts pressure on the rest of the team who have to deal with cases where things have potentially moved too quickly.”