Incident: Xetra Trading Platform Outage Caused by Recurring Software Glitch

Published Date: 2020-07-01

Postmortem Analysis
Timeline 1. The software failure incident on Germany's electronic trading platform Xetra happened on Wednesday, as reported in Article 101642.
System 1. Xetra electronic trading platform [101642]
Responsible Organization 1. Third-party software was responsible for causing the software failure incident on Germany's electronic trading platform Xetra [101642].
Impacted Organization 1. Stock exchanges in Frankfurt, Vienna, Ljubljana, Prague, Budapest, Zagreb, Malta, and Sofia as they use the Xetra T7 system were impacted by the software failure incident [101642].
Software Causes 1. The software glitch that reappeared in April was the primary cause of the nearly three-hour outage on Germany's electronic trading platform Xetra [101642]. 2. The issue was attributed to a problem with third-party software, which was subsequently fixed by Deutsche Boerse [101642].
Non-software Causes 1. The reappearance of a software glitch that was first seen in April was a non-software cause of the failure incident on Germany's electronic trading platform Xetra [101642]. 2. The issue resulted from a problem with third-party software, which was another non-software cause of the failure incident on Xetra [101642].
Impacts 1. The software failure incident led to a nearly three-hour outage on Germany's electronic trading platform Xetra, affecting stock exchanges in Frankfurt, Vienna, Ljubljana, Prague, Budapest, Zagreb, Malta, and Sofia [101642]. 2. The interruption in the fully-electronic cash market trading system impacted the German stock exchange's cash markets, which generated a turnover of 159.8 billion euros in May [101642]. 3. European bond and stocks futures were also affected by the Xetra issue, but some have since resumed trading [101642].
Preventions 1. Implementing more rigorous testing procedures for third-party software integration to catch glitches before they impact the live system [101642]. 2. Conducting regular audits and monitoring of the third-party software to identify and address any potential issues proactively [101642]. 3. Enhancing redundancy and failover mechanisms within the trading platform to minimize the impact of software glitches on the overall system [101642].
Fixes 1. Fixing the problem with the third-party software that caused the glitch [101642].
References 1. Deutsche Boerse (as the exchange operator) [101642] 2. Chief Executive Theodor Weimer [101642]

Software Taxonomy of Faults

Category Option Rationale
Recurring one_organization (a) The software failure incident happened again at one_organization: The article [101642] reports that the reappearance of a software glitch that was first seen in April was behind the nearly three-hour outage on Germany's electronic trading platform Xetra. This indicates that the software failure incident occurred again within the same organization, Deutsche Boerse. (b) The software failure incident happened again at multiple_organization: The article [101642] does not mention any other organizations experiencing a similar incident. Therefore, there is no information provided about the software failure incident happening again at multiple organizations.
Phase (Design/Operation) design (a) The software failure incident on Germany's electronic trading platform Xetra was attributed to a reappearance of a software glitch that was first seen in April. This glitch was caused by a problem with third-party software, indicating a failure related to the design phase, where contributing factors introduced during system development or updates led to the issue [101642]. Additionally, Chief Executive Theodor Weimer mentioned that precautions had been taken after a previous outage in April to prevent such breakdowns in the future, further highlighting the importance of addressing design-related factors to avoid system failures [101642]. (b) The articles do not provide specific information about the software failure incident being directly caused by factors related to the operation phase or misuse of the system.
Boundary (Internal/External) within_system (a) within_system: The software failure incident on Germany's electronic trading platform Xetra was attributed to a reappearance of a software glitch that was first seen in April. Deutsche Boerse mentioned that the issue resulted from a problem with third-party software but has since been fixed [101642]. This indicates that the failure was within the system, specifically related to the software and its components.
Nature (Human/Non-human) non-human_actions (a) The software failure incident on Germany's electronic trading platform Xetra was attributed to a reappearance of a software glitch that was first seen in April. This glitch was identified as a problem with third-party software, indicating a non-human action as the contributing factor to the failure [101642]. (b) The article does not provide specific information about the software failure incident being caused by human actions.
Dimension (Hardware/Software) software (a) The software failure incident on Germany's electronic trading platform Xetra was attributed to a reappearance of a software glitch that was first seen in April. This glitch was caused by a problem with third-party software [101642]. (b) The software failure incident was specifically related to a software glitch that resurfaced, indicating that the contributing factors originated in the software itself rather than hardware issues [101642].
Objective (Malicious/Non-malicious) non-malicious (a) The software failure incident reported in Article 101642 was non-malicious. The outage on Germany's electronic trading platform Xetra was attributed to a reappearance of a software glitch that was first seen in April. Deutsche Boerse, the exchange operator, mentioned that the issue resulted from a problem with third-party software and has been fixed. Additionally, Chief Executive Theodor Weimer stated that precautions had been taken to avoid such breakdowns in the future after a previous outage in April [101642].
Intent (Poor/Accidental Decisions) poor_decisions (a) The software failure incident on Germany's electronic trading platform Xetra was attributed to the reappearance of a software glitch that was first seen in April. This indicates that poor decisions might have been made in the past regarding the handling or resolution of the initial glitch, leading to its recurrence and causing the nearly three-hour outage on the platform [101642]. Additionally, the article mentions that after a previous outage in April, the Chief Executive of the exchange operator stated that precautions had been taken to prevent such breakdowns in the future, suggesting that there may have been shortcomings in the decisions or actions taken to address the root cause of the initial failure [101642].
Capability (Incompetence/Accidental) development_incompetence (a) The software failure incident on Germany's electronic trading platform Xetra was attributed to the reappearance of a software glitch that was first seen in April. This indicates a potential issue related to development incompetence, as the glitch resurfaced despite previous efforts to address it. The glitch was identified as stemming from a problem with third-party software, suggesting a lack of thorough testing or oversight in ensuring the stability of the system [101642]. (b) The incident was not explicitly mentioned as being accidental in nature in the provided article.
Duration temporary The software failure incident on Germany's electronic trading platform Xetra was temporary, lasting nearly three hours. The outage was caused by a reappearance of a software glitch that was first seen in April, attributed to a problem with third-party software. Deutsche Boerse confirmed that the issue has been fixed, and the system is now running stably [Article 101642].
Behaviour crash, omission, timing, other (a) crash: The software failure incident on Germany's electronic trading platform Xetra resulted in a nearly three-hour outage, indicating a crash where the system lost its state and did not perform its intended functions [Article 101642]. (b) omission: The outage on Xetra was caused by a reappearance of a software glitch that was first seen in April, suggesting an omission in the system's performance of its intended functions at that instance [Article 101642]. (c) timing: The interruption in the fully-electronic cash market trading system affected various stock exchanges, but they came back online around 0930 GMT, indicating a timing issue where the system performed its intended functions but too late [Article 101642]. (d) value: The article does not provide specific information indicating a failure due to the system performing its intended functions incorrectly. (e) byzantine: The article does not mention any inconsistent responses or interactions by the system, indicating that the failure was not due to a byzantine behavior. (f) other: The software failure incident on Xetra was attributed to a problem with third-party software, which could be categorized as an "external dependency" issue, leading to the failure [Article 101642].

IoT System Layer

Layer Option Rationale
Perception None None
Communication None None
Application None None

Other Details

Category Option Rationale
Consequence delay (a) death: People lost their lives due to the software failure (b) harm: People were physically harmed due to the software failure (c) basic: People's access to food or shelter was impacted because of the software failure (d) property: People's material goods, money, or data was impacted due to the software failure (e) delay: People had to postpone an activity due to the software failure (f) non-human: Non-human entities were impacted due to the software failure (g) no_consequence: There were no real observed consequences of the software failure (h) theoretical_consequence: There were potential consequences discussed of the software failure that did not occur (i) other: Was there consequence(s) of the software failure not described in the (a to h) options? What is the other consequence(s)? The articles do not mention any consequences related to death, harm, basic needs, property loss, or non-human entities due to the software failure incident on Germany's electronic trading platform Xetra [101642]. The main consequence mentioned is the interruption in trading activities, leading to a delay in stock exchanges in various countries.
Domain finance The software failure incident reported in Article 101642 was related to the finance industry. The incident occurred on Germany's electronic trading platform Xetra, which is a key platform for stock exchanges in Frankfurt and other European cities. The outage impacted cash market trading systems and affected stock exchanges in various cities, including Frankfurt, Vienna, Ljubljana, Prague, Budapest, Zagreb, Malta, and Sofia, which are all part of the finance industry [101642]. The German stock exchange's cash markets had a significant turnover, highlighting the financial importance of the system that experienced the software glitch [101642]. Additionally, the article mentions that European bond and stocks futures were affected by the Xetra issue, further emphasizing the financial nature of the system [101642].

Sources

Back to List