The Therac-25 was a computerised medical technology radiation therapy machine produced by Atomic Energy of Canada Limited (AECL) in 1982.

 

Between 1985 and 1987, it was involved in at least six patients deaths due to incorrect radiation doses because of computer software related failure.

 

When the error was first seen, it was thought to be a hardware problem with the microswitches.

After further inspection and deeper technical analysis; the problem was due to a software bug where a Race-Condition – which is an undesirable situation that occurs when a device or system attempts to perform two or more operations at the same time but the operations must be done in the proper sequence to be done correctly. (TechTarget, n.d.) – occurred (Nancy Leveson and Clark Turner, 1993), causing the collimator jaw to not shut at the required moment. The result of this was that high current electron beams were fired directly at the patient with nothing to absorb the fatal radiation beam.

The main reason that this happened was because of a one-byte counter that was situated in a testing routine that often overflowed. If the operator inputted a manual override at the exact moment that this counter overflowed, then the interlock would fail, leaving the high current electron beam pointed at the patient at approximately 100 times the intended dose of radiation.

 

The root causes where:

  • The design was not correctly laid out when designing the software
  • The code was never independently reviewed
  • The testing was never extensively performed on the actual machines
  • A warning message was flashed up when this fatal issue occurred stating “Warning” with a number from 1 to 64; which manual operators were instructed to override by simply pressing the letter “P” on their consoles.
  • The software did not provide any ways for the sensors to be safely checked

 

The ethical responsibilities by the individuals and the organisations that were involved were acted upon too slowly and because of the direct impact that it could and did have, they should have:

  1. Been more on top of things
  2. Had a more rigorous design and testing process
  3. Acted quicker when they were first contacted about potential issues
  4. Had additional safety checks in place in case of any failures

 

The Therac-25 will never be forgotten and will also remain as one of the biggest software failures that directly impacted human lives and the loss thereof.

 

References

 

Nancy Leveson and Clark Turner (1993) The Therac 25 – A case study in safety failure [Online] CS.JHU.edu, Available from: http://www.cs.jhu.edu/~cis/cista/445/Lectures/Therac.pdf (Accessed on 26th August 2017)

 

ComputingCases.org. (n.d.) A history of the introduction and shut down of Therac-25 [Online] ComputingCases.org, Available from: http://www.computingcases.org/case_materials/therac/case_history/Case%20History.html (Accessed: 08 January 2015)

 

Wikidot (n.d.) Radiation Accident – Therac25 [Online] Radonc.Wikidot.com, Available from: http://radonc.wikidot.com/radiation-accident-therac25 (Accessed: 08 January 2015)

 

TechTarget (n.d.) Race Condition [Online] TechTarget.com, Available from: http://searchstorage.techtarget.com/definition/race-condition (Accessed: 08 January 2015)