The document summarizes the Therac-25 radiation therapy machine failures that resulted in patient deaths in the 1980s. It argues that while the sole programmer bears some responsibility for software issues, the manufacturer AECL is ultimately at fault for neglecting quality, rushing development, hiring only one programmer, and failing to address user safety concerns. Both programmers and end users contributed to the failures through a lack of documentation, testing, oversight of machine operation, and communication during treatments.
The document summarizes the Therac-25 radiation therapy machine failures that resulted in patient deaths in the 1980s. It argues that while the sole programmer bears some responsibility for software issues, the manufacturer AECL is ultimately at fault for neglecting quality, rushing development, hiring only one programmer, and failing to address user safety concerns. Both programmers and end users contributed to the failures through a lack of documentation, testing, oversight of machine operation, and communication during treatments.
The document summarizes the Therac-25 radiation therapy machine failures that resulted in patient deaths in the 1980s. It argues that while the sole programmer bears some responsibility for software issues, the manufacturer AECL is ultimately at fault for neglecting quality, rushing development, hiring only one programmer, and failing to address user safety concerns. Both programmers and end users contributed to the failures through a lack of documentation, testing, oversight of machine operation, and communication during treatments.
Abstract — The tragic string of events the surrounds the breach [1]. Another case was the Y2K bug of 2000. The Therac-25 between 1985 and 1987 lead to the loss of at least six primary cause behind this was the fact that computer storage lives. Only holding the programmer responsible for this would was expensive, so only the last two digits were used to store be a misjudgment since multiple people, directly or indirectly, the year. The concern was that when the year 2000 would be contributed to the resulting tragedy. The tragedy is a prime reached, computers would read that as 1900 [2]. This example that demonstrates three important ideas: firstly, the affected banks, businesses, power plants, among others. In manufacturer is ultimately responsible for the quality and both cases, blaming the programmers would be arguably reliability of the software in their products; secondly, end-users wrong since they were limited by hardware capacities. As also contribute to software and hardware failure; and lastly, user feedback is an essential part of software improvement. for the data breach, developers of both Facebook and Cambridge Analytica are largely bound by the tasks Keywords —Therac-25, Sociotechnical system, corporate assigned to them by others who are higher up in the chain. decisions, cutting corners Corporate decisions like cost-cutting or business malpractice are not taken by developers or engineers, they are taken by I. INTRODUCTION owners and board members of said company. Thus, as the Cancer treatment, just like the deadly disease itself, must owners and manufacturers of the Therac-25, AECL must be treated with utmost importance. Given that the treatment bear the brunt of responsibility. involves exposure to radiation, the room for error is slim to B. End-users also contribute to software and hardware none. Therac-25 was meant to be a revolutionary method of failure treatment that utilised a “double-pass” concept for electron acceleration. Due to manufacturer neglect and design flaws The Therac-25 was a terribly designed tool that was also in software and hardware, the technology ended up taking used carelessly by its users. The most harrowing example of the lives of at least 6 people by administering lethal doses to this is the fact that error messages were ignored by the patients between 1985 and 1987. This analysis of the events, operators on a regular basis. Upon seeing the “H-tilt” and based on the subsequent investigation published by Nancy “no dose” on the system display, the operator simply Leveson and Clark Turner, expands on three ideas that proceeded with the treatment. Another account led to the attempt to support the theory that only holding the machine shutting down after displaying “Malfunction 54”. programmer responsible for this would be a Prior to this, the operator has mistakenly typed “x” instead misjudgment since multiple people, directly or indirectly, of “e” for the required treatment. According to the contributed to the resulting tragedy. investigation, the operator had become accustomed to typing “x” for administering X rays, but it is not unreasonable to II. SUPPORTING ARGUMENTS expect that an operator in charge of such machine would pay more attention to what they type, rather than what they are A. The manufacturer is ultimately responsible for the used to typing. Furthermore, the only way the patient in the quality and reliability of the software in their products. shielded room could communicate with the operator was A company like AECL hires engineers, programmers, through a video and audio monitor, both of which were out medical specialists, and various other people to work for non-functional at the time. This is completely out of the them, and while they are given the responsibility of control of both the programmer and even the manufacturer. producing certain results, they are not responsible for the The hospital, being the end-user in a sense, is responsible for final product. The Therac-25 was built over many years and the video and audio monitors being in working order. iterations by a multitude of people working at AECL. Those C. User feedback is essential and must not be neglected who worked on it indeed developed the puzzle pieces that ultimately built the Therac-25, but the final product, with all The Sociotechnical theory states that social practices, its flaws, belongs to AECL. As a programmer myself, the social relationships, and social institutions are required to fact that only one programmer was hired was an instant bad design, produce, distribute, and use technology [4]. One idea. As the sole programmer, they would have no interpretation of this could be that technology can only be colleagues to bounce ideas off of, or to verify each other’s developed and improved based on the people that use it, and existing code. Assembly language being an inherently more how they use it. In the context of the Therac 25, it had difficult, with more opportunity for errors, would almost people using it and it also had people who found it useful, force programmers to generate documentation for their but that was it. AECL made no attempts to investigate the colleagues’ and their own use. The decision to hire only one concerns of the very people who made the technology useful programmer to write all the code, from the Therac-6 to the in the first place. Multiple times, AECL blatantly refused to Therac-20, and finally to the Therac-25, was not the acknowledge or investigate reports of possible overdoses. programmer’s decision. Neither was the decision to remove They simply claimed that it was impossible. We now know the hardware locks on the Therac-25. It could even be that the amount of testing done during development was argued that AECL was to blame for very little nowhere near adequate, so AECL’s confidence on the documentation being made during development as the ones Therac-25 was grossly unfounded. This was not a form of in charge, they are to set guidelines for software technology that served a relatively harmless use, like a development and enforce them. This could be compared to calculator or an office computer. This was a machine that the data breach of Facebook and Cambridge Analytica. At had already taken lives by the time any semblance of an least 87 million accounts had been affected during the investigation took place. Both the FDA and AECL were extremely slow to act, and worse yet, kept the machines operational and continued treating patients. This can be interpreted as a form of corporate greed, prioritizing sales, and cutting costs above the lives of the patients. The programmer could definitely be held responsible for the lack ACKNOWLEDGMENT (Heading 5) of testing and documentation, but without AECL’s approval, they could not have acted on user feedback if they wanted to I’d like to thank Professor Christina Penner for fix the flaws in his software. introducing me to this case study and ethics regarding computer science as a whole. Furthermore, I’d also like to III. CONCLUSION thank my group members from Group #7 who offered invaluable ideas during the peer review phase. Finally, I’d The tragedy was series of events in which the like to thank John from the YouTube channel Plainly operators, manufacturer and the programmer all carry Difficult, who humorously but accurately portrayed the the blame, and thus, the programmer cannot be the only events surrounding the Therac-25 in an animated short one held responsible. They are definitely to blame for the documentary. lack of documentation, testing and safety oversights in his software. Despite his faults, had AECL enforced more rigid REFERENCES software development practices, hired more programmers, [1] I. Sherr, “Facebook, Cambridge Analytica, Data Mining and trump: not cut corners when developing the machine, it could be What you need to know,” CNET, 18-Apr-2018. [Online]. Available: https://www.cnet.com/news/facebook-cambridge-analytica-data- argued that none of this would have happened. The decision mining-and-trump-what-you-need-to-know/. [Accessed: 17-Feb- to refute any reports of overdose was also in the hands of 2022]. AECL, not the programmer. The analysis of this case [2] National Geographic Society, “Y2K Bug,” National Geographic Society, 09-Oct-2012. [Online]. Available: hopefully conveys the message that being overly cautious, https://www.nationalgeographic.org/encyclopedia/Y2K-bug/. [Accessed: 17-Feb-2022]. especially when dealing with the life-saving treatments, is [3] N. G. Leveson and C. S. Turner, "An investigation of the Therac-25 far more important than being overly concerned with accidents," in Computer, vol. 26, no. 7, pp. 18-41, July 1993, doi:10.1109/MC.1993.274940. revenues and margins. [4] D. G. Johnson, “Democracy, technology, and Information Societies,” The Information Society: Innovation, Legitimacy, Ethics and Democracy In honor of Professor Jacques Berleur s.j., pp. 5–16, 2007, doi:10.1007/978-0-387-72381-5_2.