Below are some of the hazards that may arise in a safety-critical software system for treating cancer patients
1. Incorrect dosage of radiation computed
2. Radiation delivered to the wrong site on patient’s body
3. Data for wrong patient used to control machine
4. Data transfer failure between database and therapy machine
1. Comparison with previous doses delivered. Establishment of a maximum monthly dose which may never be exceeded. Feasibility checks (e.g. for negative dosages). Confirmation of dose to be delivered by operator. Continuous visual display of dose being delivered.
2. Comparison with delivery site in previous treatment. Light used to illuminate site of radiation delivery. Operator confirmation of site before machine can operate.
3. Patient asked to verify name, address and age before machine starts by pressing button. Issue patient with a personal treatment card which is handed over to identify patient. Maintain separate list of patients to be treated each day and correlate with patient databases. Force machine operator to verify list and database consistency before starting machine.
4. Dual display of information in therapy machine and database. Highlighting of differences in operator display. Locking of machine until information is consistent. Use of check digits and other error checking codes in the data. Duplicate communication channels between machine and database.