In the mid-1980s, the Therac-25 radiation therapy machine, designed by Atomic Energy of Canada Limited (AECL), turned out to have a catastrophic software bug. Between 1985 and 1987, at least six patients were overdosed with radiation doses up to 100× the intended amount. Three of them died.
What caused it?
Tom’s Hardware tells that the core issue was a “race condition” in the software. During treatment setup, operators could select an operating mode (e.g., X-ray or electron beam), but if they edited mode settings quickly, especially using keyboard and cursor commands, some safety checks were skipped. This could cause the high-current electron beam to fire with the X-ray target missing or even beam activation in unsafe configurations. Hardware safety mechanisms that were present in earlier systems (Therac-6, Therac-20) had been removed or reduced in favor of software checks.
Effects on patients
Overdoses led to severe injuries: burns, tissue damage, loss of mobility, and, in several cases, death. One patient felt an intense heat and trembling, followed by burns and permanent damage.
Why it happened
Design choices made the system fragile. The reliance on software for safety without redundant hardware interlocks was a major factor. Buggy code from older machines was reused, sometimes without re-testing under the new context. Error messages were vague (“Malfunction 54,” etc.), and some safety pauses could be overridden by operators. Also, AECL and regulators were slow to acknowledge the severity, since accidents were hard to reproduce in tests.
Legacy lessons
Therac-25 has become a classic case in software, engineering, and medical ethics: never assume software alone can guarantee safety. Critical systems need thorough testing, independent reviews, clear reporting of errors, human-factors awareness, and layers of safety (software + hardware). Standards, regulations, and awareness improved after the incidents.