Mostly medical machines used in hospitals work well and help patients. But in 1985, a machine called the Therac-25 started zapping cancer patients with huge doses of radiation. Instead of treating them, it made them sicker.
Radiotherapy uses beams of energy to kill cancer. For it to be safe, a metal plate is used to spread out a powerful electron beam. Another device targets the beam at the patient’s tumour.
If the person operating the Therac-25 pressed a sequence of keys too quickly (within eight seconds) it triggered a bug in the software. The beam could turn on without the protective plate in place.
The computer would turn off the beam and display an error message. But the message was just the word ‘MALFUNCTION’ followed by a number—it didn’t actually say what was wrong. The manual (instruction book) didn’t mention malfunctions at all! So operators ignored the warning and carried on, giving the patient an overdose of radiation. This happened at least six times, and three of the patients died.
Safety expert Nancy Leveson investigated. She found that:
- The software had not been tested properly, and it hadn’t even been tested with the equipment (hardware) until the machine was put together at the hospital.
- The software hadn’t been checked, or reviewed, by someone who hadn’t worked on it at all.
- Error messages were so common, and the operators had no way of telling which meant that the patients were in danger.
To stop a disaster… check your code carefully