| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to vulnerabilities in medical devices, specifically pacemakers, has been a concern that has happened before within the same organization or with its products and services. The article mentions previous research showing vulnerabilities in pacemakers, such as the ability to extract sensitive personal information or threaten a patient's life by changing the pacing behavior [41735]. This indicates that the issue of software vulnerabilities in medical devices, including pacemakers, has been a recurring problem within the same industry or organization.
(b) The software failure incident related to vulnerabilities in medical devices, particularly pacemakers, has also been a concern that has happened at other organizations or with their products and services. The article mentions a group of researchers led by Dr. Kevin Fu at the University of Michigan who demonstrated the possibility of extracting personal information from a pacemaker or threatening a patient's life by changing the pacing behavior [41735]. Additionally, hacker Barnaby Jack planned to demonstrate the remote control of pacemakers via wireless communications at a conference, highlighting the broader industry-wide concern regarding the security of medical devices like pacemakers. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase can be seen in the article where the author, Marie Moe, discusses the security vulnerabilities in the software running on her pacemaker. She mentions that the default configuration settings were not suitable for her due to a software bug in the programming device used to adjust the settings of the pacemaker. This bug caused the actual settings of her device to differ from those displayed on the screen, leading to significant impacts on her well-being [41735].
(b) The software failure incident related to the operation phase is evident in the same article when Marie Moe describes the consequences of the software bug in the pacemaker's programming device. Due to this bug, the pacemaker erroneously detected her pulse to be outside the upper heart rate limit, leading to a safety mechanism that suddenly cut her pulse in half when she reached a certain heart rate. This resulted in her body not receiving enough oxygen, causing discomfort and health issues during physical activities [41735]. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident discussed in the articles is primarily within the system. The failure was related to a software bug in the programming device used to adjust the settings of the pacemaker, causing the actual settings of the device to differ from those displayed on the screen at the hospital [41735]. This internal software bug directly impacted the well-being of the patient by erroneously configuring the heart rate limit, leading to discomfort and health issues. Additionally, the lack of transparency in the proprietary code running the pacemaker poses a security risk that originates from within the system, highlighting the importance of understanding and addressing vulnerabilities within the software of medical devices. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident occurring due to non-human actions:
- The article discusses a software bug in the programming device used to adjust the settings of the pacemaker, which caused the actual settings of the device to differ from those displayed on the screen at the hospital [41735].
- It mentions the vulnerability of pacemakers to hacking, with scenarios where sensitive personal information could be extracted or pacing behavior could be changed, highlighting the risks associated with the software running on these medical devices [41735].
(b) The software failure incident occurring due to human actions:
- The article mentions the lack of transparency in the proprietary code running on medical devices, raising concerns about trusting machines inside the body when there is no visibility into the software [41735].
- It also discusses the importance of security research in uncovering vulnerabilities in medical implants, emphasizing the need for pre-emptive hacking and coordinated vulnerability disclosure to improve patient safety [41735]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident occurring due to hardware:
- The article mentions a software bug in the programming device used to adjust the settings of the pacemaker, which caused the actual settings of the device to differ from those displayed on the screen at the hospital [41735].
- There is a mention of the pacemaker having built-in functionality for wireless communication, including a near-field interface and another wireless interface for remote monitoring purposes, which highlights the hardware components involved in the incident [41735].
(b) The software failure incident occurring due to software:
- The article discusses the software bug in the programming device that led to erroneous configuration settings in the pacemaker, affecting the patient's well-being [41735].
- The security researcher expresses concerns about the security vulnerabilities in the software running on the pacemaker and the potential risks associated with hacking such life-critical devices [41735]. |
| Objective (Malicious/Non-malicious) |
malicious, non-malicious |
(a) The articles discuss the potential malicious objective related to the software failure incident, particularly in the context of security vulnerabilities in medical devices like pacemakers. There are concerns about the possibility of hacking these devices to extract sensitive personal information, threaten patients' lives by changing pacing behavior, or remotely controlling pacemakers via wireless communications [41735]. Security researchers have highlighted the need for transparency and access to proprietary software in medical devices to address these vulnerabilities and prevent potential malicious attacks [41735].
(b) The articles also touch upon non-malicious factors contributing to software failure incidents. For example, a software bug in the programming device used to adjust the settings of a pacemaker led to incorrect configurations that affected the well-being of the patient [41735]. This incident highlights how unintentional software bugs or flaws can have significant consequences on the functionality and safety of medical devices, emphasizing the importance of thorough testing and debugging processes in software development for critical systems. |
| Intent (Poor/Accidental Decisions) |
poor_decisions, accidental_decisions |
(a) poor_decisions: The intent of the software failure incident can be attributed to poor decisions made in the design and implementation of the pacemaker software. The patient, who is also a security researcher, expressed concerns about the lack of transparency and security vulnerabilities in the software running on the pacemaker. Despite raising questions about potential security risks, the patient had to proceed with getting the implant due to the critical nature of the situation [41735].
(b) accidental_decisions: The software failure incident also involved accidental decisions or mistakes in the configuration settings of the pacemaker. The patient experienced issues with the programming device used to adjust the settings, which led to a software bug causing the actual settings of the device to differ from those displayed on the screen. This resulted in the pacemaker erroneously cutting the patient's pulse in half when it detected a heart rate above the configured limit, leading to discomfort and breathing difficulties [41735]. |
| Capability (Incompetence/Accidental) |
development_incompetence |
(a) The software failure incident occurring due to development incompetence:
- The incident described in the article highlights a software bug in the programming device used to adjust the settings of the pacemaker, which led to incorrect settings being applied to the device, affecting the patient's well-being [41735].
- The patient mentions that the default configuration settings of the pacemaker were not suitable for her due to her age, requiring months of trial-and-error tweaking by doctors to get the tuning right, further complicated by a software bug in the programming device [41735].
(b) The software failure incident occurring accidentally:
- The article does not specifically mention the software failure incident as being accidental. |
| Duration |
permanent, temporary |
(a) The software failure incident described in the articles is more of a permanent nature. The incident involves software bugs in the programming device used to adjust the settings of the pacemaker, leading to erroneous configurations that greatly affected the well-being of the patient [41735]. Additionally, the lack of transparency and access to the proprietary software running on the pacemaker poses a long-term security risk and vulnerability [41735].
(b) The software failure incident can also be considered temporary in the sense that it was a result of specific circumstances, such as the software bug in the programming device causing immediate discomfort and health issues for the patient when engaging in physical activities [41735]. |
| Behaviour |
crash, value, other |
(a) crash: The software failure incident described in the article resulted in a crash scenario where the pacemaker's software bug caused the actual settings of the device to differ from those displayed on the screen at the hospital, leading to significant negative impacts on the patient's well-being [41735].
(b) omission: The software failure incident did not specifically mention an omission scenario where the system omitted to perform its intended functions at an instance(s).
(c) timing: The software failure incident did not specifically mention a timing scenario where the system performed its intended functions correctly, but too late or too early.
(d) value: The software failure incident falls under the value scenario where the system performed its intended functions incorrectly due to a software bug in the programming device that caused the pacemaker to cut the patient's pulse in half erroneously, leading to discomfort and health issues [41735].
(e) byzantine: The software failure incident did not exhibit a byzantine scenario where the system behaved erroneously with inconsistent responses and interactions.
(f) other: The software failure incident involved a scenario where the pacemaker's software bug caused the device to behave in a way that was not intended, impacting the patient's health and well-being [41735]. |