[SystemSafety] Therac-25 redux

Sat Aug 16 06:10:22 CEST 2014

Just when you thought it was safe to be medicated by a machine ...  read
this from the Economist:

http://www.economist.com/node/21556098

An excerpt:

"During the 1980s a bug in the software of Therac-25 radiotherapy machines
caused massive overdoses of radiation to be delivered to several patients,
killing at least five. America's Food and Drug Administration (FDA) has
linked problems with drug-infusion pumps to nearly 20,000 serious injuries
and over 700 deaths between 2005 and 2009. Software errors were the most
frequently cited problem. If buggy code causes a pump to interpret a single
keystroke multiple times, for example, it could deliver an overdose.

...

Researchers at the University of Patras in Greece found that one in three of
all software-based medical devices sold in America between 1999 and 2005 had
been recalled for software failures. Kevin Fu, a computer science professor
at the University of Massachusetts, calculates that such recalls have
affected over 1.5m individual devices since 2002. In April researchers at
McAfee, a computer-security firm, said they had found a way to get an
implanted insulin pump to deliver 45 days' worth of insulin in one go. And
in 2008 Dr Fu and his colleagues published a paper detailing the remote,
wireless reprogramming of an implantable defibrillator."

There is some good news however:

the article goes on:

"The Generic Infusion Pump project, a joint effort between the University of
Pennsylvania and the FDA, is taking these troublesome devices back to
basics. The researchers began not by building a device or writing code but
by imagining everything that could possibly go wrong with a drug-infusion
pump. Manufacturers were asked to help, and several did so, including
vTitan, a start-up based in America and India. "For a new manufacturer, it's
a great head start," says Peri Kasthuri, vTitan's co-founder. By working
together on an open-source platform, manufacturers can build safer products
for everyone, while still retaining the ability to add extra features to
differentiate themselves from their rivals."

A quick search of the Internet did not reveal any publication of
drug-infusion pump hazards. Is anyone aware of same?

This brings me to my point: wouldn't it be great if we had a readily
accessible ontology of hazards for various application domains. It's an
obvious idea. Is anyone aware of discussions along these lines? In my time
in chemical processing this function was the role of company-internal
technology centres that were the guardians of safety for various chemical
processes. The information was heavily proprietary however. 

"Open source" hazard ontologies would solve the problem of corporate memory
loss, amnesia and denial. As a consultant running a hazard analysis you are
always dependent on your subject matter experts to know what they're talking
about, when it comes to predicting what could go wrong. I've seen situations
where political machinations have actually prevented knowledgeable people
from having a voice in this area. 

I am currently working on ontologies that inform software requirements
specification
(http://www.chambers.com.au/glossary/requirements_patterns.php). It occurs
to me though that they have a much broader application.

Cheers

Les

-------------------------------------------------
Les Chambers
Director
Chambers & Associates Pty Ltd
 <http://www.chambers.com.au> www.chambers.com.au

Blog:  <http://www.systemsengineeringblog.com/>
www.systemsengineeringblog.com

Twitter:  <http://www.twitter.com/chambersles> @ChambersLes
M: 0412 648 992
Intl M: +61 412 648 992
Ph: +61 7 3870 4199
Fax: +61 7 3870 4220
 <mailto:les at chambers.com.au> les at chambers.com.au
-------------------------------------------------

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20140816/d93f38bf/attachment.html>