Presentation is loading. Please wait.

Presentation is loading. Please wait.

COMP60611 Directed Reading 1: Therac-25

Published byKerrie Pitts Modified over 6 years ago

Similar presentations

Presentation on theme: "COMP60611 Directed Reading 1: Therac-25"— Presentation transcript:

1 COMP60611 Directed Reading 1: Therac-25
Introduction: Therac-25 is a medical linear accelerator, used for destroying tumours with electron beams: Shallow tissue treated directly by low energy electron beams (~ 5 – 15 MeV) Deeper tissue treated with X-rays, which are generated by firing high energy electron beam (~ 25 MeV) at a target. Between June 1985 and January 1987, six people were massively overdosed: Due to 25 MeV beam setting being used in direct irradiation mode. Unlike earlier machines (i.e. Therac-6, Therac-20), Therac-25 had no hardwired interlock to prevent high-energy beam from being used when patient/turntable setup for direct irradiation: Therac-25 relied on software for safety checks One of the software faults that led to overdosing was a concurrency bug. A. Michelis, L. Wang, C. Goddard 2nd October 2011

2 COMP60611 Directed Reading 1: Therac-25
Tyler software bug: Operator edits mode/energy input field on console and returns to command line. Software calls “magnet” subroutine, which sets magnet positions (takes ~ 8 seconds). If operator edits mode/energy input field on console during this 8 seconds, change is not recognised by system, though displayed on console. Therefore, machine could operate in “electron” mode with 25 MeV beam. Yakima software bug: “Class3” shared variable is incremented every time “Set Up Test” is executed (i.e. several hundred times) As Class3 is a single byte variable, maximum value is 255. Every 256th pass through Set Up Test, Class3 overflows and has zero value: Collimator position checking subroutine is skipped A. Michelis, L. Wang, C. Goddard 2nd October 2011

3 COMP60611 Directed Reading 1: Therac-25
Main mistakes: Reuse of the Therac-20 software for the Therac-25 The circumstances were different as they removed the hardware safeties for the Therac-25 Too much confidence given to the software No safety analysis of the software at first Bad engineering process Design too complex, poor testing, bad error detection & reporting Poor investigations led by AECL/poor reactions after they were alerted of the incidents They learned about a first lawsuit but did not act consequently, when they were aware of a bug they just fixed the "symptom" and not the root cause (the whole design should have been changed) A. Michelis, L. Wang, C. Goddard 2nd October 2011

Download ppt "COMP60611 Directed Reading 1: Therac-25"

Similar presentations

ES050 – Introductory Engineering Design and Innovation Studio Prof. Ken McIsaac One last word…

ES050 – Introductory Engineering Design and Innovation Studio Prof. Ken McIsaac One last word…
ENGG1100 Introduction to Engineering Design Omni-wheel Car Additional Documentation.

ENGG1100 Introduction to Engineering Design Omni-wheel Car Additional Documentation.
CSCI 5230: Project Management Software Reuse Disasters: Therac-25 and Ariane 5 Flight 501 David Sumpter 12/4/2001.

CSCI 5230: Project Management Software Reuse Disasters: Therac-25 and Ariane 5 Flight 501 David Sumpter 12/4/2001.
“An Investigation of the Therac-25 Accidents” by Nancy G. Leveson and Clark S. Turner Catherine Schell CSC 508 October 13, 2004.

“An Investigation of the Therac-25 Accidents” by Nancy G. Leveson and Clark S. Turner Catherine Schell CSC 508 October 13, 2004.
The Therac-25: A Software Fatal Failure

The Therac-25: A Software Fatal Failure
Background Increasing use of automated systems Hardware and software technology are improving rapidly User interface technology is lagging Critical bottleneck.

Background Increasing use of automated systems Hardware and software technology are improving rapidly User interface technology is lagging Critical bottleneck.
An Investigation of the Therac-25 Accidents Nancy G. Leveson Clark S. Turner IEEE, 1993 Presented by Jack Kustanowitz April 26, 2005 University of Maryland.

An Investigation of the Therac-25 Accidents Nancy G. Leveson Clark S. Turner IEEE, 1993 Presented by Jack Kustanowitz April 26, 2005 University of Maryland.
Can We Trust the Computer? Case Study: The Therac-25 Based on Article in IEEE-Computer, July 1993.

Can We Trust the Computer? Case Study: The Therac-25 Based on Article in IEEE-Computer, July 1993.
Therac-25 Lawsuit for Victims Against the AECL

Therac-25 Lawsuit for Victims Against the AECL
+ THE THERAC-25 - A SOFTWARE FATAL FAILURE Kpea, Aagbara Saturday SYSM 6309 Spring ’12 UT-Dallas.

+ THE THERAC-25 - A SOFTWARE FATAL FAILURE Kpea, Aagbara Saturday SYSM 6309 Spring ’12 UT-Dallas.
Computingcases.org Safeware

Computingcases.org Safeware
Week 5 - Wednesday.  What did we talk about last time?  Attacks on hash functions.

Week 5 - Wednesday.  What did we talk about last time?  Attacks on hash functions.
Accelerators. Electron Beam  An electron beam can be accelerated by an electric field. Monitors Mass spectrometers  Any charged particle can be accelerated.

Accelerators. Electron Beam  An electron beam can be accelerated by an electric field. Monitors Mass spectrometers  Any charged particle can be accelerated.
Motivation Why study Software Engineering ?. What is Engineering ? 2 Engineering (Webster) – The application of scientific and mathematical principles.

Motivation Why study Software Engineering ?. What is Engineering ? 2 Engineering (Webster) – The application of scientific and mathematical principles.
SWE Introduction to Software Engineering

SWE Introduction to Software Engineering
Jacky: “Safety-Critical Computing …” ► Therac-25 illustrated that comp controlled equipment could be less safe. ► Why use computers at all, if satisfactory.

Jacky: “Safety-Critical Computing …” ► Therac-25 illustrated that comp controlled equipment could be less safe. ► Why use computers at all, if satisfactory.
©Ian Sommerville 2004Software Engineering, 7th edition. Insulin Pump Slide 1 The portable insulin pump Developing a dependability specification for the.

©Ian Sommerville 2004Software Engineering, 7th edition. Insulin Pump Slide 1 The portable insulin pump Developing a dependability specification for the.
Software Failures Ron Gilmore, CMC Edmonton April 2006.

Software Failures Ron Gilmore, CMC Edmonton April 2006.
Lecture 7, part 2: Software Reliability

Lecture 7, part 2: Software Reliability
25.8.2015Dr Andy Brooks1 Lecture 4 Therac-25, computer controlled radiation therapy machine, that killed people. FOR0383 Software Quality Assurance.

Dr Andy Brooks1 Lecture 4 Therac-25, computer controlled radiation therapy machine, that killed people. FOR0383 Software Quality Assurance.

Similar presentations

Ads by Google