Scary Software

Tuesday, November 1, 2005

In honor of Halloween, I was trying to think of the scariest software I’ve ever met.

A long time ago, I worked on an embedded project building one of those blood pressure kiosks like you'll find in a drugstore. The brain of the machine was a little 8 bit CPU. Every so often, I’d volunteer my own arm in the machine and measure my blood pressure as a test.

You know when you are getting your blood pressure measured in the doctor’s office …
… and the rubber bladder is starting to feel extra snug around your arm ...
… and you are wondering if the person who is pumping air into the bladder will stop soon?

Now imagine – instead of a person pumping air, there is a machine filling the bladder …
… using software written in C …
… where it only takes one NULL pointer to really make for a spectacular crash.

Scary thoughts were often in my head when my arm was in the machine. I hated it, although nothing bad ever happened.

Eventually, the FBI came, and I retired from embedded work.


Comments
Greg Tuesday, November 1, 2005
Back in school in the mid 80s, one of my instructors told this story: A guy was getting some sort of routine radiation treatment, when he felt like he was being stabbed. Before he could get off the table, he felt it again. Long story short, a couple weeks later he was dead from radiation exposure. The input screen for the X-ray machine had a few input fields, probably for dosage, duration, etc. The technician used the cursor keys to move from one field to the next, while the programmers expected users to use the TAB key. So although it appeared on screen like:
DOSAGE: 123 DURATION: 456
the machine read it as:
DOSAGE: 123456
Or something along those lines. So the patient got orders of magnitude over the correct dosage. The machine tested out fine, and they didn't figure it out until they did a reenactment and they saw what the technician did.
The story illustrated the need for thorough testing, and also made the point that your users will always manage to do something you never anticipated.
scott Tuesday, November 1, 2005
Wow, that reminds me of the Therac-25: http://en.wikipedia.org/wiki/Therac-25
Comments are now closed.
by K. Scott Allen K.Scott Allen
My Pluralsight Courses
The Podcast!