Therac-25.

Philip Mourdjis Elgar Jenkinson Edward Abel

Key Dates

June 1985 - Kennestone July 1985 – Ontario - Canada December 1985 - Yakima Valley March 1986 - Tyler - East Texas April 1986 – Tyler – East Texas January 1987 - Yakima Valley Combining the strengths of UMIST and The Victoria University of Manchester

What Went Wrong

• Concurrency Race Condition – If settings changed within 8 seconds of setup some settings are not set correctly – Hard to actually test in deployment conditions • Incrementing check byte 1/256 times not checking • Other Issues – Lack of documentation, error messages – System logging to assist in error recreation – Migrating old software for new task without regression testing Combining the strengths of UMIST and The Victoria University of Manchester 2

Reflections

• • • •

Design

Emphasis on safety over speed of use Meaningful error messages Full documentation System logging, to aid bug recreation • • •

Testing

End user testing Deployment environment testing Regression testing •

Post Deployment

Pro-active attitude towards and expectation of bugs Combining the strengths of UMIST and The Victoria University of Manchester 3