

‘Known Software Bug’ Disrupts Brain-Tumor Zapping - RK
http://www.wired.com/threatlevel/2009/10/gamma/

======
jrockway
Do all medical devices have faulty software, or just ones that shoot radiation
at the patient?

But anyway, I wonder what programming techniques are in use for these devices.
They sound like they are very expensive but don't need much computational
power, which is a good case for using a very high-level language. It may run
slowly, but it's easier to get right. (The Therac-25 was controlled by a
complicated application written in a very low-level language. A simple
programming oversight which the language made very easy killed several people.
Using a higher-level language would have prevented this bug.)

~~~
pavel_lishin
Seems to me that medical devices should be programmed in the same style as the
computers guiding the space shuttle. It's not exciting, but it works and keeps
people alive.

~~~
jrockway
I don't think that this is necessary. A medical devices just needs to shutdown
if it is about to enter a potentially unsafe state. A space shuttle can't just
shut down; it has to keep functioning no matter what. That's a much harder
problem to solve, and would create unnecessary development expense. (Though
some techniques are applicable; have a safety mechanism that shields the
radiation-producer if the two CPUs disagree about a computation. If the two
CPUs are running two different programs to calculate the 'next step', then
this should prevent many random accidents.)

------
davidw
Early on in my career I read about some medical device software and decided
that this was not something I wanted to be involved with. The idea of worrying
that something I wrote could potentially kill people is not a pleasant one.

~~~
psyklic
Well you could potentially help people too ... :-)

~~~
yellowbkpk
I write medical software every day that is very close to patients. When I see
our software (or maybe software I know the intricate workings of) helping
doctors save patients, I am happy.

When stuff like what's in this article happens, it is quite disappointing.
Luckily none of the projects I've worked on have come close to endangering
patients.

------
jacquesm
Wow.

Why would a bug like that not lead to an instant communication to halt all use
of the devices until a patch could be distributed ?

Good thing the couch wasn't driven by a worm-wheel or there would have been no
way to pull that person out.

An emergency switch should be independent of software anyway, that's the norm
in machining tools, the 'e-stop' circuitry has to be set up according to very
specific rules to be approved, you'd expect more stringent controls on
hospital equipment.

~~~
jrockway
_An emergency switch should be independent of software anyway_

Good advice. Essential for things that cut you or shoot radiation at you.

It would also be nice if consumer electronics devices did this. I remember
badly reflashing my iPod once; the reflash locked up and the iPod was stuck
displaying a message without the backlight on. There was no way to reboot it
without waiting for the battery to drain itself (or to open the device up).
This took a few days, but I did get it working again.

A simple hardware reset switch would have saved me a lot of time. I don't buy
Apple products anymore.

~~~
joechung
<http://support.apple.com/kb/HT1320>

~~~
jrockway
This apparently does not work when a firmware flash has gone south. I tried
the various combinations a million times while waiting for the battery to go
flat :)

------
radu_floricica
I'd like to know the software company's side of the story. If the bug is rare
enough (half a million people treated successfully so far) and the bug's
outcome is not serious, then an emergency upgrade may not have been necessary.
What we're missing here are the consequences for the patient in a worst case
scenario. What we do know is that this particular patient apparently wasn't
harmed (in any way?).

