[SystemSafety] Therac-25 redux

Matthew Squair mattsquair at gmail.com
Fri Aug 22 10:35:26 CEST 2014


I believe that Vice President Cheney had the wireless maintenance interface
disconnected in his pacemaker because of security concerns, or so the story
goes.

On a project I was working on for a train based system we thought about
putting in a phone home capability so we could sit back at home base and
update the onboard software without leaving the office (actually it's a
serious logistics exercise to update a train fleet which usually involves
working ungodly hours). Then we thought about the security can of worms we
were potentially opening up and decided a hard port with a human field
service engineer and a laptop on the other end had a much smaller attack
surface.


On Thu, Aug 21, 2014 at 10:53 PM, Chris Hills <safetyyork at phaedsys.com>
wrote:

> By coincidence in the linkedin group:- "Embedded Systems Group"
> Under the discussion title:   "Not good news for firmware programmers"
> Was this message and link:-
>
> Take a look at this study - seems like a great many devices are not only
> wide open but actively dangerous to other systems.
> http://www.s3.eurecom.fr/docs/usenixsec14_costin.pdf
>
> The discussion is now saying it is not bad news for programmers in general
> just the bad ones and should there be some sort of licensing or minimum
> qualification for programmers.
>
>
> Chris
>
>
> -----Original Message-----
> From: Les Chambers [mailto:les at chambers.com.au]
> Sent: 20 August 2014 23:54
> To: safetyyork at phaedsys.com; 'Peter Bernard Ladkin'; dick at phaedsys.com
> Cc: systemsafety at techfak.uni-bielefeld.de
> Subject: RE: [SystemSafety] Therac-25 redux
>
> Chris
> Try this radio station. It calms me down.
> http://www.sbs.com.au/shows/chill/
> Les
>
> -----Original Message-----
> From: Chris Hills [mailto:safetyyork at phaedsys.com]
> Sent: Thursday, August 21, 2014 2:23 AM
> To: 'Peter Bernard Ladkin'; 'Les Chambers'; dick at phaedsys.com
> Subject: RE: [SystemSafety] Therac-25 redux
>
> Hi Peter,
>
> Which suppliers would you wish to exclude?  And why?
>
> We supply development tools so we see medical developers wanting to use
> Windows and Linux (with USB, wi-fi, blue-tooth connections which frightens
> the life out of me given that 90% of patients in Hospital will have wi-fi
> and Bluetooth enabled devices and USB sticks. ) and less than robust
> software development.
>
> True this is usually, but not always, just the front end and not the
> underlying device that actually controls things. Though the embedded SW
> development for the devices that do the controlling is also on the cheap
> and
> cheaper ethos with lots of use of free software.  I have seen better
> engineering attitude in companies making consumer items.
>
> I currently have a medical company looking to use the *cheapest* static
> analysis tool from the cheapest supplier arguing that if the medical robot
> starts to malfunction the surgeon can simply switch to manual so they don't
> need a high end validated static analysis tool.  They would actually prefer
> to save 10 GBP and buy from a box shifter than buy from a supplier with
> support and expertise in critical systems.   Though they still think they
> can ring in for some free advice!
>
> It is not so much a survey of dependability but a complete overhaul of the
> way the industry thinks and works that is needed.  I think we have been
> very
> lucky so far in the number of problems that have been caused compared to
> the
> number I feel (on anecdotal evidence) are lurking and could cause a problem
> at any time.
>
> OK... time for tablets, a cup of Green Jasmin tea and some tranquil music
> lest I end up at the mercies of this dubious medical equipment.
>
> Chris
>
>
> -----Original Message-----
> From: Peter Bernard Ladkin [mailto:ladkin at rvs.uni-bielefeld.de]
> Sent: 20 August 2014 11:12
> To: safetyyork at phaedsys.com; 'Les Chambers'; dick at phaedsys.com
> Subject: Re: [SystemSafety] Therac-25 redux
>
>
>
> On 2014-08-20 11:31 , Chris Hills wrote:
> > Hi Les, Peter and Dick
> >
> > Re the discussion on Therac-25  and medical software
>
> I think you are right and Dick is right that the medical-device supply
> industry is not universally conforming to good practice in dependability.
> We
> are not the only people who think the industry generally needs to get its
> act together (since I don't work in the field, my view is also largely
> indirect). But I don't know how to put a discussion group together on
> dependability in medical devices that would exclude suppliers.
>
> PBL
>
>
> Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld,
> 33594 Bielefeld, Germany
> Tel+msg +49 (0)521 880 7319  www.rvs.uni-bielefeld.de
>
>
>
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
>



-- 
*Matthew Squair*
MIEAust CPEng

Mob: +61 488770655
Email: MattSquair at gmail.com
Website: www.criticaluncertainties.com <http://criticaluncertainties.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20140822/b11f754c/attachment.html>


More information about the systemsafety mailing list