Re: [SystemSafety] Therac-25 redux

From: Matthew Squair < >
Date: Fri, 22 Aug 2014 18:35:26 +1000


I believe that Vice President Cheney had the wireless maintenance interface disconnected in his pacemaker because of security concerns, or so the story goes.

On a project I was working on for a train based system we thought about putting in a phone home capability so we could sit back at home base and update the onboard software without leaving the office (actually it's a serious logistics exercise to update a train fleet which usually involves working ungodly hours). Then we thought about the security can of worms we were potentially opening up and decided a hard port with a human field service engineer and a laptop on the other end had a much smaller attack surface.

On Thu, Aug 21, 2014 at 10:53 PM, Chris Hills <safetyyork_at_xxxxxx wrote:

> By coincidence in the linkedin group:- "Embedded Systems Group"
> Under the discussion title: "Not good news for firmware programmers"
> Was this message and link:-
>
> Take a look at this study - seems like a great many devices are not only
> wide open but actively dangerous to other systems.
> http://www.s3.eurecom.fr/docs/usenixsec14_costin.pdf
>
> The discussion is now saying it is not bad news for programmers in general
> just the bad ones and should there be some sort of licensing or minimum
> qualification for programmers.
>
>
> Chris
>
>
> -----Original Message-----
> From: Les Chambers [mailto:les_at_xxxxxx > Sent: 20 August 2014 23:54
> To: safetyyork_at_xxxxxx > Cc: systemsafety_at_xxxxxx > Subject: RE: [SystemSafety] Therac-25 redux
>
> Chris
> Try this radio station. It calms me down.
> http://www.sbs.com.au/shows/chill/
> Les
>
> -----Original Message-----
> From: Chris Hills [mailto:safetyyork_at_xxxxxx > Sent: Thursday, August 21, 2014 2:23 AM
> To: 'Peter Bernard Ladkin'; 'Les Chambers'; dick_at_xxxxxx > Subject: RE: [SystemSafety] Therac-25 redux
>
> Hi Peter,
>
> Which suppliers would you wish to exclude? And why?
>
> We supply development tools so we see medical developers wanting to use
> Windows and Linux (with USB, wi-fi, blue-tooth connections which frightens
> the life out of me given that 90% of patients in Hospital will have wi-fi
> and Bluetooth enabled devices and USB sticks. ) and less than robust
> software development.
>
> True this is usually, but not always, just the front end and not the
> underlying device that actually controls things. Though the embedded SW
> development for the devices that do the controlling is also on the cheap
> and
> cheaper ethos with lots of use of free software. I have seen better
> engineering attitude in companies making consumer items.
>
> I currently have a medical company looking to use the *cheapest* static
> analysis tool from the cheapest supplier arguing that if the medical robot
> starts to malfunction the surgeon can simply switch to manual so they don't
> need a high end validated static analysis tool. They would actually prefer
> to save 10 GBP and buy from a box shifter than buy from a supplier with
> support and expertise in critical systems. Though they still think they
> can ring in for some free advice!
>
> It is not so much a survey of dependability but a complete overhaul of the
> way the industry thinks and works that is needed. I think we have been
> very
> lucky so far in the number of problems that have been caused compared to
> the
> number I feel (on anecdotal evidence) are lurking and could cause a problem
> at any time.
>
> OK... time for tablets, a cup of Green Jasmin tea and some tranquil music
> lest I end up at the mercies of this dubious medical equipment.
>
> Chris
>
>
> -----Original Message-----
> From: Peter Bernard Ladkin [mailto:ladkin_at_xxxxxx > Sent: 20 August 2014 11:12
> To: safetyyork_at_xxxxxx > Subject: Re: [SystemSafety] Therac-25 redux
>
>
>
> On 2014-08-20 11:31 , Chris Hills wrote:
> > Hi Les, Peter and Dick
> >
> > Re the discussion on Therac-25 and medical software
>
> I think you are right and Dick is right that the medical-device supply
> industry is not universally conforming to good practice in dependability.
> We
> are not the only people who think the industry generally needs to get its
> act together (since I don't work in the field, my view is also largely
> indirect). But I don't know how to put a discussion group together on
> dependability in medical devices that would exclude suppliers.
>
> PBL
>
>
> Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld,
> 33594 Bielefeld, Germany
> Tel+msg +49 (0)521 880 7319 www.rvs.uni-bielefeld.de
>
>
>
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety_at_xxxxxx >

-- 
*Matthew Squair*
MIEAust CPEng

Mob: +61 488770655
Email: MattSquair_at_xxxxxx
Website: www.criticaluncertainties.com <http://criticaluncertainties.com/>



_______________________________________________ The System Safety Mailing List systemsafety_at_xxxxxx
Received on Fri Aug 22 2014 - 10:35:35 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:06 CEST