Two of history’s worst software bugs reported to be in medical software

Wired magazine’s History’s Worst Software Bugs article shows two of them were created by the medical software community. Getting on this top 10 list is not exactly a badge of honor, but we can certainly learn from the failings of the past.

Wired says the first one occured between 1985 and 1987:

Therac-25 medical accelerator. A radiation therapy device malfunctions and delivers lethal radiation doses at several medical facilities. Based upon a previous design, the Therac-25 was an “improved” therapy system that could deliver two different kinds of radiation: either a low-power electron beam (beta particles) or X-rays. The Therac-25’s X-rays were generated by smashing high-power electrons into a metal target positioned between the electron gun and the patient. A second “improvement” was the replacement of the older Therac-20’s electromechanical safety interlocks with software control, a decision made because software was perceived to be more reliable.

What engineers didn’t know was that both the 20 and the 25 were built upon an operating system that had been kludged together by a programmer with no formal training. Because of a subtle bug called a “race condition,” a quick-fingered typist could accidentally configure the Therac-25 so the electron beam would fire in high-power mode but with the metal X-ray target out of position. At least five patients die; others are seriously injured.

Wired says the second one occured just five years ago:

National Cancer Institute, Panama City. In a series of accidents, therapy planning software created by Multidata Systems International, a U.S. firm, miscalculates the proper dosage of radiation for patients undergoing radiation therapy.

Multidata’s software allows a radiation therapist to draw on a computer screen the placement of metal shields called “blocks” designed to protect healthy tissue from the radiation. But the software will only allow technicians to use four shielding blocks, and the Panamanian doctors wish to use five.

The doctors discover that they can trick the software by drawing all five blocks as a single large block with a hole in the middle. What the doctors don’t realize is that the Multidata software gives different answers in this configuration depending on how the hole is drawn: draw it in one direction and the correct dose is calculated, draw in another direction and the software recommends twice the necessary exposure.

At least eight patients die, while another 20 receive overdoses likely to cause significant health problems. The physicians, who were legally required to double-check the computer’s calculations by hand, are indicted for murder.

Don’t think these bugs rank in the top 10? Got others that might be worse? Send me an email about it.