Software Failures Ron Gilmore, CMC Edmonton April 2006.

Slides:



Advertisements
Similar presentations
ES050 – Introductory Engineering Design and Innovation Studio Prof. Ken McIsaac One last word…
Advertisements

CSCI 5230: Project Management Software Reuse Disasters: Therac-25 and Ariane 5 Flight 501 David Sumpter 12/4/2001.
“An Investigation of the Therac-25 Accidents” by Nancy G. Leveson and Clark S. Turner Catherine Schell CSC 508 October 13, 2004.
The Therac-25: A Software Fatal Failure
Background Increasing use of automated systems Hardware and software technology are improving rapidly User interface technology is lagging Critical bottleneck.
An Investigation of the Therac-25 Accidents Nancy G. Leveson Clark S. Turner IEEE, 1993 Presented by Jack Kustanowitz April 26, 2005 University of Maryland.
1. Software in our lives, then and now  Medical (processing and analysis, Computer Aided Surgery, other various equipment)  Financial and business (banking,
Therac-25 Lawsuit for Victims Against the AECL
+ THE THERAC-25 - A SOFTWARE FATAL FAILURE Kpea, Aagbara Saturday SYSM 6309 Spring ’12 UT-Dallas.
Week 5 - Wednesday.  What did we talk about last time?  Attacks on hash functions.
Motivation Why study Software Engineering ?. What is Engineering ? 2 Engineering (Webster) – The application of scientific and mathematical principles.
Software Engineering Module 1 -Components Teaching unit 3 – Advanced development Ernesto Damiani University of Bozen- Bolzano Lesson 4 – Software Testing.
A Gift of Fire Third edition Sara Baase
COMS W3156: Software Engineering, Fall 2001 Lecture #2: The Open Class Janak J Parekh
SWE Introduction to Software Engineering
Jacky: “Safety-Critical Computing …” ► Therac-25 illustrated that comp controlled equipment could be less safe. ► Why use computers at all, if satisfactory.
Copyright by Scott GrissomCh 1 Software Development Slide 1 Software Development The process of developing large software projects Different Approaches.
Chapter#7.  Part 1: Quality Management ◦ ƒ Understand the definition of quality and the different methodologies to provide quality ◦ ƒ Know quality management.
Capability Maturity Model
Toward A Reasonable Programmer Standard Responsibility and Negligence in Software Design.
Lecture 7, part 2: Software Reliability
Dr Andy Brooks1 Lecture 4 Therac-25, computer controlled radiation therapy machine, that killed people. FOR0383 Software Quality Assurance.
DJ Wattam, Han Junyi, C Mongin1 COMP60611 Directed Reading 1: Therac-25 Background – Therac-25 was a new design dual mode machine developed from previous.
Software Engineering II Lecture 1 Fakhar Lodhi. Software Engineering - IEEE 1.The application of a systematic, disciplined, quantifiable approach to the.
Therac-25 : Summary Malfunction Complacency Race condition (turntable / energy mismatch) Data overflow (turntable not positioned) time‘85‘86‘88 ‘87 Micro-switch.
Chapter 2 The process Process, Methods, and Tools
(Using Clip Art to Help Argue That) Certifying Software Professionals (is the Wave of the Future) Brian Demers February 24, 2000 CS 99 Prof. Kotz.
Therac-25 Final Presentation
Therac 25 Nancy Leveson: Medical Devices: The Therac-25 (updated version of IEEE Computer article)
Course: Software Engineering © Alessandra RussoUnit 1 - Introduction, slide Number 1 Unit 1: Introduction Course: C525 Software Engineering Lecturer: Alessandra.
Software Software is omnipresent in the lives of billions of human beings. Software is an important component of the emerging knowledge based service.
Ganssle 1 MAPLD 2005/S110 Learning from Jack Ganssle Disaster.
2.2 Software Myths 2.2 Software Myths Myth 1. The cost of computers is lower than that of analog or electromechanical devices. –Hardware is cheap compared.
B. Todd AB/CO/MI 30 th January 2008 Safety in Mind…
Security and Reliability THERAC CASE STUDY TEXTBOOK: BRINKMAN’S ETHICS IN A COMPUTING CULTURE READING: CHAPTER 5, PAGES
Therac-25 Case Family vs. Programmer. People Suffered From Different Type of Bad Programming Database accuracy problems. Many people could not vote in.
Dimitrios Christias Robert Lyon Andreas Petrou Dimitrios Christias Robert Lyon Andreas Petrou.
© 2008 Wayne Wolf Overheads for Computers as Components 2nd ed. System design techniques Quality assurance. 1.
From Quality Control to Quality Assurance…and Beyond Alan Page Microsoft.
Writing Systems Software in a Functional Language An Experience Report Iavor Diatchki, Thomas Hallgren, Mark Jones, Rebekah Leslie, Andrew Tolmach.
Computing is Socio-Technical or: Why Stakeholder Listing is Inadequate for Thoughtful Ethical Analysis Chuck Huff St. Olaf College For NSF Computer Ethics.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 9 Slide 1 Critical Systems Specification 1.
Therac-25 CS4001 Kristin Marsicano. Therac-25 Overview  What was the Therac-25?  How did it relate to previous models? In what ways was it similar/different?
Software Engineering. Acknowledgement Charles Moen Sharon White Bun Yue.
SOFTWARE ENGINEERING MCS-2 LECTURE # 2. ATTRIBUTES OF GOOD S/W  Maintainability;  S/w should be written in such a way that it may evolve to meet the.
Dr. Rob Hasker. Classic Quality Assurance  Ensure follow process Solid, reviewed requirements Reviewed design Reviewed, passing tests  Why doesn’t “we.
Environment and Engineering Intro to Mechanical Engineering EML 3004C-01 Dr. Namas Chandra The effects of the environment on engineering design.
CSCI 3428: Software Engineering Tami Meredith Chapter 7 Writing the Programs.
Dr. Rob Hasker. Classic Quality Assurance  Ensure follow process Solid, reviewed requirements Reviewed design Reviewed, passing tests  Why doesn’t “we.
Directed Reading 1 Girish Ramesh – Andres Martin-Lopez – Bamdad Dashtban –
Randy Modowski Adam Reimel Max Varner COSC 380 May 23, 2011 Accountability.
CHAPTER 9: PROFESSIONAL ETHICS AND RESPONSIBILITIES BY: MATT JENNINGS SHANE CRAKER KYLER RHOADES.
1 Advanced Computer Programming Project Management: Basics Copyright © Texas Education Agency, 2013.
Software Quality and Testing (CSC 4133)
Why study Software Design/Engineering ?
Introduction to Assurance
EE 585 : FAULT TOLERANT COMPUTING SYSTEMS B.RAM MOHAN
COMP60611 Directed Reading 1: Therac-25
Software Quality Assurance Lecture 1
Therac-25 Accidents What was Therac-25? Who developed it?
Standards.
Reliability and Safety
Therac-25.
System design techniques
CSE403 Software Engineering Autumn 2000 Requirements
Week 13: Errors, Failures, and Risks
Capability Maturity Model
Capability Maturity Model
Computer in Safety-Critical Systems
A Gift of Fire Third edition Sara Baase
Presentation transcript:

Software Failures Ron Gilmore, CMC Edmonton April 2006

Software Failures Santayana The software sector Observations Case Study:Therac 25 Lessons Engineering Comparisons Challenges

Santayana ( ) Philosopher, essayist, poet, novelist The Life of Reason (1905) "Those who cannot remember the past are condemned to repeat it“ Lots of other great quotes Egypt, March 2006

Software Sector Young – less than a century Amateurs Change, churn and failures Compare to roads, houses, bridges Professions evolving Standards evolving Best practices evolving Societal awareness evolving

Case Study: Therac 25 Radiation therapy machines Atomic Energy of Canada 1985 to 1987 Six known “incidents” Massive radiation overdoses to patients Order of tens of thousands of rads At least five deaths!

Therac 25 Root Causes Institutional causes: –No independent code review –Software not included in reliability design –Documentation “lean” on error codes –AECL did not initially believe complaints

Therac 25 Root Causes Design Issues: –No preventative hardware interlocks –AECL re-used software from older models which had hardware interlocks –No way for software to verify sensors were working –Arithmetic overflow - safety checks bypassed –Software written in assembly language

Therac 25 Lessons? Professions? Standards? Best practices? Societal awareness?

Engineering Comparisons More mature sector Certification, legislation, compliance Curriculum: Tacoma Narrows Bridge Still: London Pedestrian bridge Still: Confusion re mandate, coverage Still: budget & schedule - oilsands

Challenges Education – technical, business Sensitivity – bad software can kill! Lots more examples: –Chinook helicopter –Missile detection systems

Constructive Notions Awareness efforts Consequences Core competencies Systems classifications: –A = Life threatening –B = Business threatening –C = Other

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.