Enter the maze

Deadly Bugs

Circuit board bug: www.istock.com 000018594258

It's rare for software problems in medical devices to harm people, but it has happened. Writing programs can be fun but it's serious too. Back in the 1980s a new radiation therapy machine called Therac-25 was released. It was an improvement on an earlier machine. They were designed to zap cancer with a beam of radiation. Radiation is dangerous, which makes that risky business. But, with the right dose, it can cure cancer!

Therapy machines include safety systems to ensure patients aren't accidentally given an overdose. The earlier Therac-20 had a mechanical system that made it physically impossible for a high-powered beam to be directed at the patient. For the new model the physical system was replaced by software - ironically because it was thought to be safer and more advanced. It could produce a low energy beam of electrons, but also a high energy beam of x-rays by firing high-powered electrons at a metal plate.

Unfortunately, because of a bug - a programming mistake - it was sometimes possible for the complex software to get the timing off and do things in the wrong order - this is known as a 'race condition'. They are really hard bugs to find. It meant that the high powered beam could be fired without the protective metal guard being in place and the patient could be given an overdose. It turned out that the operating system software used by the machines had been created by a programmer without proper training. It should never have been used in a device where safety mattered.

At least some good has come from it. It showed that safety critical software has to be designed to be more than just safe. It has to be designed so you can check that it really is safe. Therac-25 also highlighted how important it is that all programmers writing software used in systems that could harm people are trained in safety-critical code development, understand safety and use appropriate methods to write and check code.