# P1 - Q26
The Therac-25 incident is one of the more difficult to understand. AECL, the company which designed and manufactured Therac-25 is opaque, and gives little to no information on how the software was developed. There is no one incident report, as this took place over two years and 6 unrelated accidents. Many institutions did not even realize the cause patients’ radiation burns and later medical issues until months after. Most of what follows is based on a paper by Nancy Leveson called “Medical Devices: Therac-25,” which was written in 1995 for IEEE.
Sometimes software bugs can result in the loss of lives, as was the case with a device called Therac-25. Of 11 Therac-25s installed, there were 6 reported accidents, including 3 fatalities, between 1985 and 1987, after which the device was recalled. Patients were given hundreds of times of radiation than is usual for this treatment. All of the safety mechanisms in Therac-25 relied on software, which itself was running on custom operating system with no synchronization, and, therefore, multiple race conditions that could not easily be detected and reproduced. Therac-20, a similar linear accelerator, which had hardware interlocks to ensure safety, experienced similar software malfunctions, but did not cause any bodily harm. It was revealed in a deposition that minimal unit testing was done on the software, violating principle 1.03, of the ACM/IEEE software engineering code of ethics.
In addition, the device