Related Case Study. .

 •The Therac-25 was a software-controlled radiation-therapy machine used to treat people with cancer.
–Overdoses of radiation

•Normal dosage is 100–200 rads.

•It is estimated that 13,000 and 25,000 rads were given to six people.

•Three of the six people died.

•Therac-25 Radiation Overdose

–Multiple Causes:

•Poor safety design.

•Insufficient testing and debugging.

•Software errors.

•Lack of safety interlocks.

•Overconfidence.

•Inadequate reporting and investigation of accidents. 

•Therac-25 Radiation Overdose–Design Flaws. 

•The Therac-25, developed in the late 1970s, followed earlier machines called the Therac-6 and Therac-20. 

•It was designed to be fully computer controlled. The older machines had hardware safety interlock mechanisms. 

•Many of these hardware safety features were eliminated in the design of the Therac-25. 

•Some software from the Therac-20 and Therac-6 was reused in the Therac-25. 

•The Therac-20 software had bugs, but the hardware safety mechanisms were doing their job.

•Therac-25 Radiation Overdose 

–Poor User Interface: 

•The Therac-25 malfunctioned frequently. 

•Operators became used to error messages appearing often, with no indication that there might be safety hazards. 

•The error messages that appeared on the display were simply error numbers or obscure messages (“Malfunction 54” or “H-tilt”). 

•The operator’s manual for the Therac-25, however, did not include any explanation of the error messages. Even the maintenance manual did not explain them. 

•Therac-25 Radiation Overdose 

–Bugs: 

•The Set-Up Test procedure could be run several hundred times while setting up for one treatment. A flag variable was used to indicate whether a specific device on the machine was positioned correctly. A zero value means the device was ready. 

•Each time the Set-Up Test procedure ran, it incremented the variable to make it nonzero. The problem was that the flag variable was stored in one byte. When the routine was called the 256th time, the flag overflowed and showed a value of zero. 

•This bug allowed the electron beam to be turned on when the turntable was positioned for use of the light beam, and there was no protective device in place to attenuate the beam.

•Therac-25 Radiation Overdose

–Overconfidence:

•The most obvious and critical indication of overconfidence in the software was the decision to eliminate the hardware safety mechanisms.

•They did not expect significant problems from software errors

 –Observations and Perspective: 

•From design decisions all the way to responding to the overdose accidents, the manufacturer of the Therac-25 did a poor job. 

•The number and pattern of problems in this case, and the way they were handled, suggest serious irresponsibility. 

•They suggest, however, that individual and management responsibility, good training, and accountability are factors more important than whether or not a computer is used.

 

 

 

 

 

Can We Trust the Computers?

 What Can Go Wrong?

Q: How do we distinguish between tolerable or unavoidable errors in software versus careless software development?

•Facts About Computer Errors

•Error-free software is not possible.

•Most computer applications, from consumer software to systems that control airplanes and telephone networks, are so complex that it is virtually impossible to produce a program with no errors.

•Are computer-controlled medical devices, factory automation systems, and airplanes too unsafe to use?

•Errors are often caused by more than one factor.

•Errors can be reduced by following good procedures and professional practices.

•The Roles of People in Computer-related Problems:

–Computer User

•At home or work, users should understand the limitations of computers and the need for proper training and responsible use.

–Computer Professional

•Understanding the source and consequences of computer failures is valuable when buying, developing, or managing a complex system.

–Educated Member of Society

•Personal decisions and political, social, and ethical decisions depend on understanding computer risks.

Q: Describe a computer error or failure that has affected you.

•Problems for Individuals

–Billing Errors

•Lack of tests for inconsistencies and inappropriate amounts.

–Database Accuracy Problems

•Incorrect information resulting in wrongful treatment or acts.

–Causes:

•Large population.

•Human common sense not part of automated processing.

•Overconfidence in the accuracy of data from a computer.

•Errors in data entry.

•Information not updated or corrected.

•Lack of accountability for errors.