If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(The Security Ledger)   IF using medical pump THEN write good code ELSE die from overdose of drugs   (securityledger.com) divider line 44
    More: Scary, Office of Science, insulin pump, Hospira, medical device, FUD, boots on the ground, intravenous, medication mistakes  
•       •       •

3042 clicks; posted to Geek » on 01 Nov 2012 at 10:50 PM (2 years ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



44 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread
 
2012-11-01 05:34:28 PM  
Is this the one we're going to RUN with?
 
2012-11-01 05:54:49 PM  
GOTO last reward

/END
 
2012-11-01 06:22:26 PM  

MaudlinMutantMollusk: GOTO last reward

/END



import pump.legal.indemnify;
 
2012-11-01 08:57:15 PM  
while (1) { pump(); }
 
2012-11-01 09:56:37 PM  
Or, you could do like you're taught in school as well, and do the calculations by hand before plugging the settings into the pump.

They do teach medical math for a reason, you know.
 
2012-11-01 10:41:28 PM  
Hah! Interviewed with these guys 5 months ago to work on that exact project -- in Poway, CA.

This was part of my response to the recruiter:

The corporate culture was pretty messed up, and they basically told me 55-60 hours a week, about 10 months worth of work, _plus_ international travel in the context of 1-2 weeks per 2-3 months. They previously laid off their entire development organization for this system -- an extraordinarily old, 1994, stove-piped embedded system-- and outsourced it to Romania and India and now they are having real issues with how it is getting performed.
 
2012-11-01 10:43:38 PM  
You know you've been using Tableau too much when you read the headline and think "where's the END".

/also, when you start thinking "I would have used IIF instead."
 
2012-11-01 10:53:27 PM  
LOAD "WITTYC64COMMENT",8,1
 
2012-11-01 11:00:55 PM  
We've been killing people accidentally that way since medical devices were invented.
 
2012-11-01 11:09:26 PM  
As a life long programmer, I can tell you 99% of the time we are forced to release code we know it not ready by sociopathic assholes is $2500 suits.
 
2012-11-01 11:10:57 PM  
no control structures == crappy code

if($medical_pump_use = TRUE) {code_well()} else {die "drug overdose"}
 
2012-11-01 11:14:16 PM  
nmemkha: As a life long programmer, I can tell you 99% of the time we are forced to release code we know it not ready by sociopathic assholes is $2500 suits.

90% of the code is there and working, ship it

umm, the 10% that's missing is the robust error checking/reporting/logging.

The customers care about features, not logging.

// IRQL_NOT_LESS_OR_EQUAL, WTF does that mean?
 
2012-11-01 11:34:29 PM  
RTOS, not just for airplanes anymore!
 
2012-11-01 11:35:21 PM  
ugg..worked in the medical software/hardware field for a while

dear lord is the documentation insane..why? becuase they dont really care if someone dies, they just care that they know who to blame
 
2012-11-01 11:46:48 PM  
That's not how if statements work.
 
2012-11-01 11:47:32 PM  

Brontes: RTOS, not just for airplanes anymore!


Speaking of airplanes, here's a fun fact that will make you empty your bowels when you get on a Boeing 787: the data buses for the critical systems (fly-by-wire, oxygen, pilots' vodak chillers) are shared by the WiFi network on the plane.
 
2012-11-01 11:50:23 PM  
Segmentation Fault


I'm not very good at this.
 
2012-11-01 11:54:08 PM  

lordargent: no control structures == crappy code

if($medical_pump_use = TRUE) {code_well()} or die ("drug overdose");


FTFY - much funny as or die. And you forgot a semicolon.
 
2012-11-01 11:56:54 PM  

Marine1: Brontes: RTOS, not just for airplanes anymore!

Speaking of airplanes, here's a fun fact that will make you empty your bowels when you get on a Boeing 787: the data buses for the critical systems (fly-by-wire, oxygen, pilots' vodak chillers) are shared by the WiFi network on the plane.


Wouldn't the wifi network use...the airwaves?
 
2012-11-02 12:02:20 AM  
// How about...

// Much faster
assert(secureCode == 1);

// Or maybe...
medicalPump ? writeGoodCode() : return(1);
 
2012-11-02 12:08:21 AM  

Fo Shiz: Hah! Interviewed with these guys 5 months ago to work on that exact project -- in Poway, CA.

This was part of my response to the recruiter:

The corporate culture was pretty messed up, and they basically told me 55-60 hours a week, about 10 months worth of work, _plus_ international travel in the context of 1-2 weeks per 2-3 months. They previously laid off their entire development organization for this system -- an extraordinarily old, 1994, stove-piped embedded system-- and outsourced it to Romania and India and now they are having real issues with how it is getting performed.


Please to do the needful.
 
2012-11-02 12:29:02 AM  

Fo Shiz: Marine1: Brontes: RTOS, not just for airplanes anymore!

Speaking of airplanes, here's a fun fact that will make you empty your bowels when you get on a Boeing 787: the data buses for the critical systems (fly-by-wire, oxygen, pilots' vodak chillers) are shared by the WiFi network on the plane.

Wouldn't the wifi network use...the airwaves?


Not sure if serious...
 
2012-11-02 12:52:42 AM  
Reminds me of The Legend of Therac-25 from my comp-sci classes. Sure, other software bugs have destroyed things and killed people, but there's just something so "'90s hacker movie" about a rare sequence of keystrokes resulting in a lethal dose of radiation.
 
2012-11-02 01:12:55 AM  

nmemkha: As a life long programmer, I can tell you 99% of the time we are forced to release code we know it not ready by sociopathic assholes is $2500 suits.


"After me cometh a hacker; tell him I know it's vile."

Link
 
2012-11-02 01:17:37 AM  
I'm a computer network and security guy for my day job, and unfortunately have had to spend lots of idle time sitting in hospital rooms in the last couple of years. I've had to program pumps from the user side and it's easy to use and I can see the big advantage from the last ten years. But I also make nurses nervous when I say "You know, malware spread via Androids could jump from the phone and infect anything talking wireless. I'd hate to have one of these pumps suddenly dump the whole dose at once." It's a bit of a thought exercise, but that's the way things are going. Makes me want to line the room with copper mesh at times.
 
2012-11-02 01:33:19 AM  

wraithmare: I'm a computer network and security guy for my day job, and unfortunately have had to spend lots of idle time sitting in hospital rooms in the last couple of years. I've had to program pumps from the user side and it's easy to use and I can see the big advantage from the last ten years. But I also make nurses nervous when I say "You know, malware spread via Androids could jump from the phone and infect anything talking wireless. I'd hate to have one of these pumps suddenly dump the whole dose at once." It's a bit of a thought exercise, but that's the way things are going. Makes me want to line the room with copper mesh at times.


There's no reason a wifi system can't be secure and reliable, other than the people who don't want to spend the money it takes to get there.

You also have to balance the occasional software-related death against the benefit that comes from computerized medical devices. Even though the odd radiation machine accidentally administers a lethal dosage the vast majority of them function normally and are able to give more effective doses with less impact on other organs than a human-operated machine would be able to.
 
2012-11-02 01:34:52 AM  

Fo Shiz: Hah! Interviewed with these guys 5 months ago to work on that exact project -- in Poway, CA.

This was part of my response to the recruiter:

The corporate culture was pretty messed up, and they basically told me 55-60 hours a week, about 10 months worth of work, _plus_ international travel in the context of 1-2 weeks per 2-3 months. They previously laid off their entire development organization for this system -- an extraordinarily old, 1994, stove-piped embedded system-- and outsourced it to Romania and India and now they are having real issues with how it is getting performed.


Hmmm. I recently spoke with some folks from a company that makes embedded video processors. They had outsourced their code and were bringing it back to the states because they were getting crap.
 
2012-11-02 01:51:11 AM  
I spent some time working on a nurse-call system, and the code/development standards they enforced were better than anything I had seen prior to or since then.
Not quite the same league as pumping someone full of chemicals, but as our project manager constantly reminded us, if a patient died because our alarm notification failed, we get sued.

Their development setup was fantastic; they had an automated build and release system (CruiseControl at the time) which ran the entire suite of unit tests every single time someone committed changes to source control. If the build failed, an air-raid siren would play followed by a sound-bite of "Game over man!" from Aliens, accompanied by a wall-mounted light turning red. Commit a change that fixed the build, and the wall light went green and played a round of applause over the dev floor speakers.

/csb
 
2012-11-02 01:56:13 AM  
use warnings;
use strict;
use somethingotherthanperl;
 
2012-11-02 02:01:16 AM  

Deuterium: I spent some time working on a nurse-call system, and the code/development standards they enforced were better than anything I had seen prior to or since then.
Not quite the same league as pumping someone full of chemicals, but as our project manager constantly reminded us, if a patient died because our alarm notification failed, we get sued.

Their development setup was fantastic; they had an automated build and release system (CruiseControl at the time) which ran the entire suite of unit tests every single time someone committed changes to source control. If the build failed, an air-raid siren would play followed by a sound-bite of "Game over man!" from Aliens, accompanied by a wall-mounted light turning red. Commit a change that fixed the build, and the wall light went green and played a round of applause over the dev floor speakers.

/csb


Nice. My last job the CEO told me to my face "80% [working code] is good enough. Our customers are small businesses that don't have the money to sue [us]". Sure it wasn't medical or mission critical, but it grated against my ethics to the point that I left soon after.

/csb
 
2012-11-02 03:21:56 AM  
// NOTE!!! code only fart apps 

if(coder==DRUNK)
{
probability_of_patient_dying++;
}


// NOTE!!! code only fart apps
 
2012-11-02 03:34:46 AM  
Is it just me or does the code in the headline make no sense.

If your not using the pump you die?
 
2012-11-02 05:02:18 AM  
BSOD indeed.
 
2012-11-02 07:32:43 AM  

Doctor Jan Itor: BSOD indeed.


There is a clause buried deep in the standard Windows EULA that specifically states that it should not
be used for mission critical applications, and it specifically cites medical control systems as an example.
 
2012-11-02 07:39:32 AM  
ERROR: Buffer overflow. Insulin dump follows.
 
2012-11-02 09:44:10 AM  

Deuterium: I spent some time working on a nurse-call system, and the code/development standards they enforced were better than anything I had seen prior to or since then.
Not quite the same league as pumping someone full of chemicals, but as our project manager constantly reminded us, if a patient died because our alarm notification failed, we get sued.

Their development setup was fantastic; they had an automated build and release system (CruiseControl at the time) which ran the entire suite of unit tests every single time someone committed changes to source control. If the build failed, an air-raid siren would play followed by a sound-bite of "Game over man!" from Aliens, accompanied by a wall-mounted light turning red. Commit a change that fixed the build, and the wall light went green and played a round of applause over the dev floor speakers.

/csb


Your story seems rare to me. It makes me feel better that someone is doing it right.
 
2012-11-02 11:05:06 AM  

Deuterium: csb


My organization, which makes software to help manufacture and sell paint, will never be that good, but the projects I've been working on lately have had unit tests (not great ones, but unit tests), run automatically with each check-in. We don't have anything exciting happen when a build fails, and don't plan to.
 
2012-11-02 11:11:34 AM  

DjangoStonereaver: Doctor Jan Itor: BSOD indeed.

There is a clause buried deep in the standard Windows EULA that specifically states that it should not
be used for mission critical applications, and it specifically cites medical control systems as an example.


Can't use iTunes to make weapons of mass destruction, either.
 
2012-11-02 12:33:31 PM  
As the father of a type 1 juveinle diabetic that uses a pump, I can not tell you how many times a person can keep themselves awake at night wondering what the odds of the pump delivering nothing, or all at once, in some malfunction. Neither prospect is good.
 
2012-11-02 03:14:35 PM  
armano: if($medical_pump_use = TRUE) {code_well()} or die ("drug overdose");

No, that part of the code is valid.

The bug is in the equal sign, the if condition always evaluates to true because "=" is an assignment operator (IE, the statement sets $medical_pump_use to the constant TRUE).

Closing braces contain an implicit semicolon

>perl -e "if($medical_pump_use eq TRUE) {code_well()} else {die 'drug overdose'}"
drug overdose at -e line 1. 

# double quotes around the string changed to single quotes to avoid collision with -e on the command line
 
2012-11-02 06:31:56 PM  
As someone who relies on an insulin pump to keep me alive, I am in no way worried by this. Nope, not me.

/damn thing is already full of bugs
//don't get me started on MRI machines and airport scanners
///slashies
 
2012-11-02 07:19:39 PM  

lordargent: armano: if($medical_pump_use = TRUE) {code_well()} or die ("drug overdose");

No, that part of the code is valid.

The bug is in the equal sign, the if condition always evaluates to true because "=" is an assignment operator (IE, the statement sets $medical_pump_use to the constant TRUE).


Use strict, dammit!
 
2012-11-02 07:21:14 PM  

rudemix: As the father of a type 1 juveinle diabetic that uses a pump, I can not tell you how many times a person can keep themselves awake at night wondering what the odds of the pump delivering nothing, or all at once, in some malfunction. Neither prospect is good.


Well, don't you worry, sir. The companies who contract out the firmware that runs those pumps are committed to providing you with the absolutely best code that money can buy in a third world country.
 
2012-11-02 09:50:16 PM  
SineSwiper: Use strict, dammit!

I fail people instantly if they don't use strict, but even I'm not strict enough to require strict on a -e.
 
Displayed 44 of 44 comments

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »
On Twitter





In Other Media


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report