[SystemSafety] Therac-25 redux

Chris Hills safetyyork at phaedsys.com
Thu Aug 21 14:53:59 CEST 2014 

By coincidence in the linkedin group:- "Embedded Systems Group"  
Under the discussion title:   "Not good news for firmware programmers"
Was this message and link:-

Take a look at this study - seems like a great many devices are not only
wide open but actively dangerous to other systems.
http://www.s3.eurecom.fr/docs/usenixsec14_costin.pdf 

The discussion is now saying it is not bad news for programmers in general
just the bad ones and should there be some sort of licensing or minimum
qualification for programmers. 


Chris 


-----Original Message-----
From: Les Chambers [mailto:les at chambers.com.au] 
Sent: 20 August 2014 23:54
To: safetyyork at phaedsys.com; 'Peter Bernard Ladkin'; dick at phaedsys.com
Cc: systemsafety at techfak.uni-bielefeld.de
Subject: RE: [SystemSafety] Therac-25 redux

Chris
Try this radio station. It calms me down.
http://www.sbs.com.au/shows/chill/
Les

-----Original Message-----
From: Chris Hills [mailto:safetyyork at phaedsys.com]
Sent: Thursday, August 21, 2014 2:23 AM
To: 'Peter Bernard Ladkin'; 'Les Chambers'; dick at phaedsys.com
Subject: RE: [SystemSafety] Therac-25 redux

Hi Peter,

Which suppliers would you wish to exclude?  And why?

We supply development tools so we see medical developers wanting to use
Windows and Linux (with USB, wi-fi, blue-tooth connections which frightens
the life out of me given that 90% of patients in Hospital will have wi-fi
and Bluetooth enabled devices and USB sticks. ) and less than robust
software development. 

True this is usually, but not always, just the front end and not the
underlying device that actually controls things. Though the embedded SW
development for the devices that do the controlling is also on the cheap and
cheaper ethos with lots of use of free software.  I have seen better
engineering attitude in companies making consumer items.  

I currently have a medical company looking to use the *cheapest* static
analysis tool from the cheapest supplier arguing that if the medical robot
starts to malfunction the surgeon can simply switch to manual so they don't
need a high end validated static analysis tool.  They would actually prefer
to save 10 GBP and buy from a box shifter than buy from a supplier with
support and expertise in critical systems.   Though they still think they
can ring in for some free advice! 

It is not so much a survey of dependability but a complete overhaul of the
way the industry thinks and works that is needed.  I think we have been very
lucky so far in the number of problems that have been caused compared to the
number I feel (on anecdotal evidence) are lurking and could cause a problem
at any time. 

OK... time for tablets, a cup of Green Jasmin tea and some tranquil music
lest I end up at the mercies of this dubious medical equipment. 

Chris


-----Original Message-----
From: Peter Bernard Ladkin [mailto:ladkin at rvs.uni-bielefeld.de]
Sent: 20 August 2014 11:12
To: safetyyork at phaedsys.com; 'Les Chambers'; dick at phaedsys.com
Subject: Re: [SystemSafety] Therac-25 redux



On 2014-08-20 11:31 , Chris Hills wrote:
> Hi Les, Peter and Dick
> 
> Re the discussion on Therac-25  and medical software

I think you are right and Dick is right that the medical-device supply
industry is not universally conforming to good practice in dependability. We
are not the only people who think the industry generally needs to get its
act together (since I don't work in the field, my view is also largely
indirect). But I don't know how to put a discussion group together on
dependability in medical devices that would exclude suppliers.

PBL


Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld,
33594 Bielefeld, Germany
Tel+msg +49 (0)521 880 7319  www.rvs.uni-bielefeld.de

More information about the systemsafety mailing list