Professional Documents
Culture Documents
Risks and Liabilities of Computer-Based Systems
Risks and Liabilities of Computer-Based Systems
of Computer-based
Systems
Overview
Software errors
Can KILL
Indirectly
Directly
Cost MONEY
Loss of equipment
Loss of business
Software Aids and Abets
Murder: 1992
A computer detected the tampering
when it called a second computer to report
the incident, the first computer received a
busy signal and never called back
Radiation Machine Kills Four:
1985 to 1987
Faulty software in a Therac-25
radiation-treatment machine resulted in
several cancer patients receiving lethal
overdoses of radiation
Radiation Machine Kills Four:
1985 to 1987
Four patients died
Radiation Machine Kills Four:
1985 to 1987
When their families sued, all the cases
were settled out of court
There were several errors,
among them the failure of the programmer
to detect a race condition (i.e.,
miscoordination between concurrent tasks)
Radiation Machine Kills Four:
1985 to 1987
Itwas found that found that accidents
occurred even after AECL thought it had
fixed particular bugs
"A lesson to be learned from the Therac-25
story is that focusing on particular software
bugs is not the way to make a safe system”
"The basic mistakes here involved poor
software-engineering practices and building
a machine that relies on the software for
safe operation”
Hyphen Costs $80 Million: 1962
Small systems
…form part of larger systems
A fault within a small part could
result in a catastrophe later on
There’s a Hole in the Bucket