THERAC 25 - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

THERAC 25

Description:

3 June 1985 patient at Marietta GA received overdose ... 3 JUNE 1985 MARIETTA GA. not recognised as overdose until after tyler incident ... – PowerPoint PPT presentation

Number of Views:338
Avg rating:3.0/5.0
Slides: 13
Provided by: ideaEn
Category:
Tags: therac | marietta

less

Transcript and Presenter's Notes

Title: THERAC 25


1
THERAC 25
  • RAM MOHAN BOPPUDI
  • EE 585 FAULT TOLERANT
  • COMPUTING

2
BACKGROUND
  • The most serious computer related accidents to
    date.
  • Therac 25 was a medical linear accelerator , a
    linac developed by Atomic Energy Of Canada
    Ltd(AECL).
  • Therac 25 was a radio therapy machine used to
    destroy tumors using high energy beams.
  • 11 Therac 25s were installed
  • - 5 in US , 6 in Canada.

3
Background ( contd)
  • Therac 25 was derived from its previous version
    Therac 6 and Therac 20.
  • Differences from Therac 20
  • - Uses double pass technique which is absent
    in previous versions
  • - Software is responsible for safety
  • - Hardware safety interlocks removed
  • - Less space and economic

4
(No Transcript)
5
Therac-25 Turntable
Field Light Mirror
Counterweight
Beam Flattener (X-ray Mode)
Turntable
Scan Magnet (Electron Mode)
6
Accidents
  • 3 June 1985 patient at Marietta GA
    received overdose
  • 26 July 1985 Hamilton ONT patient
    severely burned , died November 1985
  • December 1985 patient in Yakima Wa
    receives overdose
  • 21 March 1986 - Tyler TX accident
  • 11 April 1986 2nd Tyler TX accident
  • 17 January 1987 - Second Yakima WA Accident

7
RESPONSES
  • 3 JUNE 1985 MARIETTA GA
  • not recognised as overdose until after
    tyler incident
  • 26 JULY 1985 HAMILTON ONT
  • operator overdose no dose indications
  • not suspected of overdose until patient
    returned
  • suspected microswitch malfunction-fixed
  • DECEMBER 1985 YAKIMA WA
  • not ascribed to overdose until second
    incident
  • 21 MARCH 1986 TYLER TX
  • malfunction 54 operator override
    electrical surge
  • 11 APRIL1986 TYLER TX
  • thought to be editing error up arrow
    key disabled
  • 17 JANUARY 1987 YAKIMA WA
  • all systems shutdown complete
    investigation and rework

8
Why?
  • The turntable was in the wrong position.
  • Patients were receiving x-rays without
    beam-scattering.
  • No hardware safety interlocks
  • Non descriptive error messages
  • User override able error modes
  • Software designed by only one person

9
Cost of the Bug
  • To users (patients)
  • Four deaths, two other serious injuries.
  • To developers (AECL)
  • One lawsuit
  • Settled out of court
  • Time/money to investigate and fix the bugs
  • To product owners (11 hospitals)
  • System downtime

10
Corrective Action Plan
  • Numerous hardware and software changes
  • All interruptions related to dosimetry not
  • continuable
  • independent hardware software shutdowns
  • potentiometer on turntable
  • hardware interlocks
  • dead man switch motion enable
  • Fix documentation, messages, user manuals

11
LESSONS LEARNED
  • For complex interrupt-driven software ,timing is
    of critical importance
  • Not to remove standard hardware interlocks when
    adding computer control
  • Revalidate reused software
  • Not to overrely on software

12
REFERENCES
  • An investigation of the Therac-25 Accidents
  • Nancy Leveson
  • Clark S.Turner
  • www.bowdoin.edu/allen/courses/cs260/readings/ther
    ac.pdf -
Write a Comment
User Comments (0)
About PowerShow.com