Breathalyzer Source Code Revealed

Nonillion writes "New Jersey attorney Evan M. Levow was finally able to get an order from the Supreme Court of New Jersey forcing the manufacturer of the popular Draeger AlcoTest 7110 to reveal the source code. Levow turned the code over to experts, Base One Technologies, to analyze. Initially, Base One found that, contrary to Draeger's protestations that the code was proprietary, the code consisted mostly of general algorithms: 'That is, the code is not really unique or proprietary.' In other words, the 'trade secrets' claim which manufacturers were hiding behind was completely without merit." Following up an earlier discussion here, the state of Minnesota has (without explanation) missed a deadline to turn over the code for a different breathalyzer.

Re:"code" is probably in the hardware

[MBCook]

You don't seem to have read the "article", but then again this is /.

Even in such a simple case there are many things it should be testing. Is the A/D output sane? Does it take 3 quick samples while someone is blowing and average them or just take it once (which could be wrong for some reason)?

According to the article, it doesn't look like it does. It calibrates the wind sensor, but doesn't check that the calibration is sane. It doesn't report errors unless they happen 32 times in a row. It disables the watchdog timer. It disables the interrupt for illegal instructions. It doesn't meet any coding standards. It contains code with things like "this is temporary for now" in it.

There is an obvious reason why they didn't want the code released.

Re:"code" is probably in the hardware

[Nos.]

Well, looks like its a bit more than that (FTA):

• Several sections are marked as "temporary, for now"
• Converters will substitute arbitrary, favorable readings for the measured device if the measurement is out of range
• The software takes an airflow measurement at power-up, and presumes this value is the "zero line" or baseline measurement for subsequent calculations. No quality check or reasonableness test is done on this measurement
• It would fail software standards for the (FAA) and (FDA), as well as commercial standards used in devices for public safety

What is this thing, alpha?

Re:"code" is probably in the hardware

[MenTaLguY]

Well, it's not as if the article was Slashdotted at the time. :) I think it's fair to gripe about hand-waving dismissals if their rebuttal is already in the very article being dismissed.

Re:How do you know this IS the code?

[poetmatt]

The article states that the opposite is what occurs.
from http://www.duiblog.com/2007/09/04/secret-breathaly zer-software-finally-revealed/ [duiblog.com] - 10. Error Detection Logic: The software design detects measurement errors, but ignores these errors unless they occur a consecutive total number of times. For example, in the airflow measuring logic, if a flow measurement is above the prescribed maximum value, it is called an error, but this error must occur 32 consecutive times for the error to be handled and displayed. This means that the error could occur 31 times, then appear within range once, then appear 31 times, etc., and never be reported... . So yes, they did look over the source code, they had a judge approved expert witness (aka someone who works with this stuff as their job)

The entire 12 problems

[poetmatt]

Please read here at http://www.sandiegodrunkdrivingattorney.net/2007/0 8/successful-dui-breath-test-machine.html [sandiegodr...torney.net] where they have all the information on the flaws. I will post the summary line of each result from Base one (link to their homepage) [base-one.com] as follows:

1. The Alcotest Software Would Not Pass U.S. Industry Standards for Software Development and Testing
2. Readings are Not Averaged Correctly: When the software takes a series of readings, it first averages the first two readings.
3. Results Limited to Small, Discrete Values: The A/D converters measuring the IR readings and the fuel cell readings can produce values between 0 and 4095.
4. Catastrophic Error Detection Is Disabled: An interrupt that detects that the microprocessor is trying to execute an illegal instruction is disabled
5. Implemented Design Lacks Positive Feedback: The software controls electrical lines, which switch devices on and off, such as an air pump, infrared source, etc. The design does not provide a monitoring sensory line (loop back) for the software to detect that the device state actually changed. This means that the software assumes the change in state is always correct, but it cannot verify the action.
6. Diagnostics Adjust/Substitute Data Readings: The diagnostic routines for the Analog to Digital (A/D) Converters will substitute arbitrary, favorable readings for the measured device if the measurement is out of range, either too high or too low.
7. Flow Measurements Adjusted/Substitute d: The software takes an airflow measurement at power-up, and presumes this value is the "zero line" or baseline measurement for subsequent calculations.
8. Range Limits Are Substituted for Incorrect Average Measurements: In a manner similar to the diagnostics, voltage values are read and averaged into a value.
9. Code Does Not Detect Data Variations
10. Error Detection Logic: The software design detects measurement errors, but ignores these errors unless they occur a consecutive total number of times
11. Timing Problems: The design of the code is to run in timed units of 8.192 milliseconds, by means of an interrupt signal to a handler, which then signals the main program control that it can continue to the next segment.
12. Defects In Three Out Of Five Lines Of Code: A universal tool in the open-source community, called Lint, was used to analyze the source code written in C. This program uncovers a range of problems from minor to serious problems that can halt or cripple the program operation.

Sorry if this is redundant, I didn't see it listed anywhere that I could tell up front. If you note that list is pretty serious. They picked a "top 5" type thing for the other link, but this one is pretty accurate. Note these guys were called in as expert witnesses and their information on their website shows they have extensive experience working with government. If these guys find flaws that is definitely pretty serious.

Re:"code" is probably in the hardware

[Marxist Hacker 42]

It's even worse than that. The A/D converter is hooked up to a chamber, which at one time held a known amount of air. An infrared light source is at one end of the chamber, a photovoltaic cell at the other. The A/D converter reads the photovoltaic, they multiply it by the magic 2100 number (which is truly a magic number- it's based on an average and can really range from 1300 to 3000) and spit out the answer.

This is why it's always vitally important to get a true blood test, and to preserve a sample for your attorney.

Re:My problem with the 12 problems...

[Myrv]

Please read more carefully before you make incorrect phrases.

Perhaps you should take your own advice to heart because as the previous poster noted, you are wrong.

The last reading has the least weight, as the first one determines the average

Nope, given the description you have so nicely put in bold the first reading is the least signficant.

Take 3 readings, say 1 2 3 for the sake of argument. The text says the first two are averaged, so:

(1+2)/2 = 1.5

Now this average is averaged with the third reading

(1.5+3)/2 = 2.25

or in full

((1 + 2) /2 + 3) /2 = 1/4 + 2/4 + 3/2

Note the 3rd point is weighted twice that of the first 2 (i.e, its divided by 2, the first two points are divided by 4).

The real average should be:

(1+2+3) / 3 = 2

but the last point is being weighted more in the incorrect version so the average was given as 2.25

If the first point was weighted more you would expect the average to be less than 2.

It's basically using a mean instead of an average.

mean and average are the same thing.

What this means is each reading could increase or decrease the score, as opposed to being consistant. If you take 3-4 tests each one could show you as "more drunk" when you might have started at .06 and ended at .30 (as an extreme example) or started at .15 and ended at .03.

No, it's not. Each subsequent reading is basically being averaged into previous value with double the weight. There are cases where you would want to do this, i.e. damp out the history, but the code comments suggest this wasn't the case (of course the code may have been changed on purpose and somebody forgot to change the comments)

Damn lies and statistics.

[FatSean]

'alcohol related accidents' include events when a non-drunk crosses the double-yellow and crashes head-on into a drunk driver. I'm skeptical.

Re:"code" is probably in the hardware

[el americano]

This is why it's always vitally important to get a true blood test, and to preserve a sample for your attorney.

On the contrary, insist on the breathalyzer and contest the results if you fail. If you fail the blood test, you're screwed.

This is important

[sjames]

Without measures like this, police brethalyser selection is distorted by powerful confirmation biases.

Given an honest belief that suspects that are given the brethalyser test are intoxicated, the natural selection bias is towards machines that read positive more often. Even without a single thought of "we need a machine that convicts regardless of guilt", that's what they will tend to get.

Allowing the defense to face the actual witness (the brethalyser) so to speak provides the needed negative feedback to drive selection back towards accurate impartial instruments even if only to make DUI charges stick in court.

More to the point, it can drive machine selection towards those that meet the beyond a reasonable doubt standard. If trials are going to favor the readout on a brethalyser, the machine should (for example) always round towards a lower reading when measuring or computing. For example, if there is any noise in a reading, the lowers is beyond reasonable doubt, the average is vaguely justifiable (though it is probably closer to a preponderance than it is beyond reasonable doubt) and the highest is just plain trying to get convictions regardless of merit. Otherwise it has the potential to accuse someone of DUI (to the extent that a machine can accuse) even if in fact componant tolerances may mean the difference between just over the limit vs. just under. After all, the machine is not suceptable to a jury judging if it seems unsure or knew it was close to the edge based on testimony.

A surprising number of measurement devices meant for scientific and medical purposes (as well as law enforcement) do NOT correctly handle significant digits, error bars, or rounding. Many programmers do not understand the importance of different rounding rules, and even think that add .5 then truncate is always correct.

Re:"code" is probably in the hardware

[cayenne8]

"On the contrary, insist on the breathalyzer and contest the results if you fail. If you fail the blood test, you're screwed."

I've posted this type info before...on other stories, but, depending on the state you are in, if you know you're gonna blow over the limit....refuse ALL tests...don't blow anything, don't give blood....and for God's sake...don't get out and try the field sobriety tests. All those do, is let the cops collect evidence to be used against you. According to my atty....he said you know you're going to jail no matter what...don't help them gather evidence from you. Just don't say anything, and put your hands out for the cuffs. And call the lawyer immediately....

I know if varies from state to state...but, in many (maybe most) you probably will lose your license automatically for a year, but, can often get a hardship license for getting to work, food, etc. You may get a reckless driving...but, at least it isn't a DWI. That can hurt your credit, and job possibilities in this day of the MADD witchhunt. The new ridiculously low BAC forced by the feds (0.08) can get you nailed even if you are fine to drive.

Anyway, if you like to have a drink out at all...you should know the laws of your state...and be prepared...

Re:Sorry, you can't hide behind a "trade secret".

[Graff]

Then what DOES make something a trade secret?

According to the Uniform Trade Secrets Act [upenn.edu]:

(4) "Trade secret" means information, including a formula, pattern, compilation, program, device, method, technique, or process, that:
(i) derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable by proper means by, other persons who can obtain economic value from its disclosure or use, and
(ii) is the subject of efforts that are reasonable under the circumstances to maintain its secrecy.

Now in this case the algorithms in the breathalyzer code are generally known to the rest of the industry so the likelihood that the code contains trade secrets is pretty low. If the breathalyzer used a revolutionary, and probably patentable, method to measure the blood alcohol level then the code would be covered under the Uniform Trade Secrets Act and other relevant civil law.

It's very likely that the breathalyzer manufacturer is just using the concept of a trade secret in order to obstruct any potential court cases from using the code to nullify the breath tests. In the case of this code it seems that it is deeply flawed and the results will very likely be thrown out of court.

Re:My problem with the 12 problems...

[Chapter80]

Sorry, Poetmatt, I think your math is wrong. I read the whole paragraph and thought EXACTLY as the parent thought - that they have it backwards - the LAST reading has the most weight - a full 50% of the weight. The second last has 25%, the third last has 12.5% weight, and the rest combined make up the other 12.5%.

Of course it really makes a difference what they mean when they say that successive readings are averaged in. For example, if they averaged the first 2, and stored the result, and then averaged the 3rd with 2 times the stored result, then this would be correct averaging. And if they took the average of the first 29 readings, and multiplied it by 29 and then averaged in the 30th one, all would be fine as well.

Sort of makes you want to SEE THE SOURCE CODE TO MOUNT A DEFENSE!

Re:The reason MN doesn't have the code

[Attila Dimedici]

In Pa, and NJ you can refuse the breathalyzer and submit to a blood test (I am pretty sure that this is still true of Va as well). I am pretty sure that this is true in most states, but I only know this for sure of these two (and that it used to be true of Va). Also, in Pa I am pretty sure that only applies when you are driving not when, for example, you are the passenger in a car.
There are two things that bother me about the discussion of what percentage of accidents are alcohol related. The first has been alluded to by an earlier poster; if you have had one drink and are parked in a legal parking space alongside the road and someone stone cold sober plows into you, it is considered an alcohol related accident. The second is that when you examine the statistics about serious accidents that genuinely involve someone with too much to drink being in a serious accident, you discover that the overwhelming majority of those accidents are caused by people who were blind stinking drunk (0.12 or higher BAC).

Re:"code" is probably in the hardware

[russotto]

Converters will substitute arbitrary, favorable readings for the measured device if the measurement is out of range

that's more reasonable than reporting you have enough alcohol in you to kill two bull African elephants and a wildebeest.

No, it isn't. If it, due to some error, detects enough alcohol in you to kill an elephant, it's obviously malfunctioning and should not report any value. Reporting the absurd value is second-best, because it allows you (or your attorney) to challenge the value. Reporting a reasonable-sounding value is manufacturing of evidence.

Consider, for instance, if radar guns reported "91mph" any time they detected too high a value (say, above 200mph). You could be driving by at 75mph, some malfunction could cause the gun to detect 600mph, it would report "91mph", and you'd be screwed. If it reported 600mph and you got pulled over based on it, you'd probably win in court because your car can't do 600mph.

Actually...

[Sj0]

Actually, the breathalyzer is a painfully simple device, none of it is a trade secret. It's basically a pair of heated-wire anerometers in parallel, where both have a gas sample travelling at the same velocity, at the same temperature run through an anerometer.

A heated-wire anerometer works by running a current through a wire and measuring the voltage drop through the wire. The resistance will change with the speed and specific heat of the substance you're passing across the wire, because the substance will cool the heated wire based on a number of factors. A breathalyzer simply eliminates the speed measurement, and the other measurements, and what remains is the specific heat of the substance passing through the device. They simply run a reference gas in the opposite anerometer, and take the differential, and the alcohol will give a certain value.

Not a trade secret, unless something being common knowledge for all instrument engineers taught in the past 40 years is a trade secret.

Re:Sorry, you can't hide behind a "trade secret".

[jbengt]

"derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable by proper means . . . "
The way I read that, it's protectable as a trade secret, because they can make more money selling the thing if they keep the crappy code a secret - if it gets leaked, they could lose a lot of sales if anyone cares about quality.

Re:Let's whiteboard this people

[Sj0]

I see what the article was talking about. This is TERRIBLE code. Who uses GOTO? Not even BASIC programmers [freebasic.net] use it anymore!

Re:The entire 12 problems

[Anonymous Coward]

You should have read that report. The code takes the 12-bit output and does a >>8 for no reason other than to get a nice number. Are 16 levels accurate enough for you? Then they point out that when the IR calculations are factored in it does a further >>1, giving 3 bits of accuracy. That leaves the reported accuracy (in tenths) smaller than the measured accuracy (in eighths).

I've done enough device bios coding to know you hoard those bits from a DAC like they were diamonds until the last possible calculation. This isn't sloppy, it's horrific.

Re:"code" is probably in the hardware

[Fulcrum of Evil]

Actually, it's probably fine. .08 (the limit most places) is only a minor impairment - you have to get to .12 before you're seriously impaired. Fact is, drinking and then driving is just fine, done properly. 1 or 2 beers or glasses of wine won't make you loopy, so no big deal.

Re:drunk logic

[Fulcrum of Evil]

It's pretty funny, actually. All this witch-hunting, when all you really need is to stick a few cops at the local bars right after last call.

All the MADD BS distracts from the actual dangerous drunks - you know, the ones with multiple DUIs for .15 and no license. Toss them in jail and be done with it.

Personally, I always walk to the bar, because I know full well I'm going to be utterly illegal to drive when I walk out.

So they can pop you for drunk in public, whee. Cops are out of control - going after safe targets that make money and ignoring the dangerous stuff that actually needs attention.

Makes me wonder why we don't just...you know....do them?

Because that's not the idea. The idea is to make it impossible to drink at all.

Re:"code" is probably in the hardware

[double07]

The new ridiculously low BAC forced by the feds (0.08) can get you nailed even if you are fine to drive.

It's .05 in Australia, which basically equates to 2 drinks. consider yourselves lucky.

Re:"code" is probably in the hardware

[Kreigaffe]

That's the most ridiculously heavy-handed bullshit I've ever heard in my life. almost.

If you're talking about city-traffic, 25-35mph block-by-block stoplights, you have a point.. and stopping behind the line is pretty important when there'll be hoards of people rushing across without really paying attention to you as soon as you stop.

That's not the only driving that's done in this world. Yellow lights are exceedingly brief. You're going 65mph, BAM YELLOW LIGHT! CAN YOU STOP IN TIME? IF YOU SLOW DOWN YOU WON'T MAKE IT THROUGH BEFORE IT'S RED -- BUT CAN YOU KNOW! SLAM ON THE BRAKES OR KEEP GOING YOU DECIDE, NOW NOW NOW GO GO GO aww you stopped, but exceeded the stop line by 2 feet. Should've never slowed down, you woulda made it!

Yeah.. no, you're pretty much wrong, and those automated ticketers are pretty much a bad idea. Hell, cops were getting yellow light duration shortened BEFORE those fucking idiot cameras were ever even a glimmer in some schemer's eye

Re:My problem with the 12 problems...

[Jtheletter]

I retract and apologize for misunderstanding. However, a mean is not an average.

While I applaud you for admitting your error, as most on /. never will when called out, you're being overly pedantic about the mean-average relationship. The arithmetic mean is a type of average, so technically, yes, the mean is an average. There are different kinds of averages: mean, median, and mode specifically. But it is incorrect to say the mean is not an average, just as it is incorrect to say that a square is not a rectangle, it is merely a specific type of rectangle.

Re:"code" is probably in the hardware

[fishbowl]

>Does the friggin' device work?

Of course, by the time they actually bring out the breathalyzer, they've probably already decided to arrest you based on the Nystagmus test. Most of the procedure is just misdirection to keep the suspect calm, thinking he still has a chance to avoid arrest, even though it's already a foregone conclusion. It gives the DUI suspect a chance to dig a deeper grave for himself... The breathalyzer result is more valuable for getting confessions in the field, rather than for evidence in court. They don't actually *need* mechanical sobriety tests, since HGN, one-leg-stand, walk-and-turn tests and the like, stand up just fine in court.

Re:The reason MN doesn't have the code

[karmatic]

Really, you don't have to take a blood test either. They can't force it.

That's not the case in Arizona.

Prior to implementing the DPS phlebotomy program, the department used hospital phlebotomists to draw blood if consent was given, when a breath screening device such as an Intoxylizer was not immediately available, or after the officer obtained a search warrant to secure blood evidence from a DWI suspect. But some civilian phlebotomists were hesitant to draw blood on uncooperative DWI suspects or after a search warrant had been secured, due to unfounded legal concerns.
The Arizona DWI law allows physicians, nurses, or "other qualified persons" to draw blood during DWI investigations. It is important that the blood is drawn in a professional and expedient manner in every DWI investigation. ...
When a suspect refuses to provide the requested test, the DPS officer applies for a search warrant from a judicial officer for obtaining samples of the suspect's blood. The warrant may be requested in person, via phone, or via facsimile; this process takes about 30 minutes. ... Those who physically resist are restrained while their blood is drawn.

Re:The Fifth Ammendment

[justcauseisjustthat]

They actually have laws now that force you to consent or lose your license.

Re:"code" is probably in the hardware

[Sandbags]

um, if you did the walking test flawlessly, why did the cop even ask you to do a breathalyser? The process for using one has to be documented, there are costs involved in replacing the breathing tube used, and more. For a 0.085, it's so close it's almost not worth it, and in most cases, by the time you got to the station and did another breathalyser, normally the number would go down not up. Cops know this, and also know that if they drag you in and you pass, there's typically hell to pay.

That said, some people can ping 0.080 after only 1 drink, about 40 minutes after finishing that drink. If you had just finished your 3rd beverage, got in the car and then got pulled, after 3 drinks you could easily have been 0.08+. That fact that a second Breathalyzer confirmed this means you were guilty. Also, start counting the 3 hours from a point about 15 minutes after finishing the first drink, not from the time you got to the place to start drinking... You might see a different picture entirely there.

If you have even a half-assed lawyer, and you bothered to get the ID numbers of both breathalyser used, and both had not been calibrated withing their required term (or failed calibration testing) then you would be let go without a fuss. My guess, at least one of the 2 units was within normal parameters or would pass calibration anyway, and thus be admissible in court.

Fact is, at 0.08, you're impaired enough for it to be easily detectable in visual and reaction simulators. In fact, many states are arguing, based on scientific evidence, that this should be lowered to 0.06 as there is noticeable impairment at even that level. 0.06 means if you have 1 drink, 90 minutes later you could still fail.

As for NHTSA recommendations on field testing, that's it, they're recommendations. Officers are expected to use their own best judgment on how to test a person. The NHTSA is more concerned with the type of test and teaching officers how to recognize signs of intoxication. On the other hand saying "Are we done yet?" probably just pissed him off...

If you have 1 drink, you're probably OK, more than 1, you're at serious risk for DUI. Also remember, Corona is slightly stronger than say Bud Light. A Guiness is nearly twice as potent. A glass of wine is supposed to be 4 ounces, and is measured at 10% abv, but find me a restaurant that doesn't pour at least 6 oz glasses with 11-15% wine...

Some foods can accelerate or slow the absorption as well. The first drink probably went right through you, but if you were eating food during the second and third rounds, both of them may have entered your system concurrently through digestion.

Lessons learned here: 1, don't drive with a cracked tail light (and always use turn signals). 2, accept the field test, but decline the breathalyser. If you did bad enough on the field test, you'll go to jail anyway for a breathalyser or blood test, but if you're clean, you're OK, unless you piss off the cop or have a bad day. At the station, refuse a breathalyser and respectfully request a blood test on the grounds that it is more accurate. (if you failed a street sobriety test already, this might buy you a night in jail while you wait for results, but again, if you're clean, there's no worry) 3, never say "are we done yet" to a cop. Be polite, never act like you're in a rush. (and know his rank! This goes a long way!!!) 4, don't drink and drive... (drink at home, it's cheaper!) 5, if the calibration sticker is out of date, refuse the test and demand to have a supervisor come to the roadside site (it's your right to do so, though he may choose to bring you to the supervisor instead. this also goes for speeding tickets if the radar was not calibrated immediately before you were clocked with a tuning fork displaying a matching serial number to the radar). The more you know about the requirements the officer must display in the courtroom, the less likely you are to get a ticket. 6, have all your paperwork (registration, insurance, etc) neatly file