Many software bugs are merely annoying or inconvenient but some can have extremely serious consequences - either financially or as a threat to human well-being. This is a list of the software bugs with the most notable consequences:
Contents |
Space exploration
- NASA Mariner 1 went off-course during launch, due to a missing overbar in the specifications for its FORTRAN software (July 22, 1962).[1] Note that the initial reporting of this software bug was incorrect (another bug).[2]
- Russian Space Research Institute's Phobos 1 deactivated its attitude thrusters and could no longer properly orient its solar arrays or communicate with Earth, eventually depleting its batteries. (September 10, 1988).[3]
- The European Space Agency's Ariane 5 Flight 501 was destroyed 40 seconds after takeoff (June 4, 1996). The US$1 billion prototype rocket self-destructed due to a bug in the on-board guidance software.[4]
- NASA Mars Polar Lander was destroyed because its flight software mistook vibrations due to atmospheric turbulance for evidence that the vehicle had landed and shut off the engines 40 meters from the Martian surface (December 3, 1999).[5] Its sister spacecraft Mars Climate Orbiter was also destroyed, but due to human error and not, as is sometimes reported, due to a software bug.[6]
- NASA Mars Global Surveyor a mis-sent command from Earth caused the software to incorrectly assume that a motor had failed, causing it to point one of its batteries at the sun - subsequently overheating it. (November 2, 2006). [7][8]
Medical
- A bug in the code controlling the Therac-25 radiation therapy machine was directly responsible for at least five patient deaths in the 1980s when it administered excessive quantities of X-rays. [9][10][11]
- A Medtronic heart device was found vulnerable to remote attacks in March 2008.[12]
Computing
- The year 2000 problem spawned fears of worldwide economic collapse and an industry of consultants providing last-minute fixes.[13] In addition, it is possible the problem could recur in 2038 (the year 2038 problem), as many Unix systems calculate the time in seconds since 1 January 1970, and store this figure as a 32-bit signed integer, for which the maximum possible value is 231 (2,147,483,648).[14]
Electric power transmission
- The 2003 North America blackout was triggered by a local outage that went undetected due to a race condition in General Electric Energy's XA/21 monitoring software.[15]
Telecommunications
- AT&T long distance network crash (January 15, 1990), in which the failure of one switching system would cause a message to be sent to nearby switching units to tell them that there was a problem. Unfortunately, the arrival of that message would cause those other systems to fail too - resulting in a 'wave' of failure that rapidly spread across the entire AT&T long distance network.[16][17]
Military
- The software error of a MIM-104 Patriot, caused its system clock to drift by one third of a second - resulting in it failing to locate and intercept an incoming missile which caused the deaths of 28 Americans in Dhahran, Saudi Arabia (February 25, 1991).[18][19]
- A Chinook crash on Mull of Kintyre in June 1994. A Royal Air Force Chinook helicopter crashed into the Mull of Kintyre, killing 29. This was initially dismissed as pilot error, but an investigation by Computer Weekly uncovered sufficient evidence to convince a House of Lords inquiry that it may have been caused by a software bug in the aircraft's engine control computer.[20]
- Smart ship USS Yorktown was left dead in the water in 1998 for nearly 3 hours after a divide by zero error. [21]
- A software glitch in a South African antiaircraft cannon has killed 9 soldiers and seriously injured 14 others in 2007 during a shooting exercise. [22]
Media
- Eve Online's deployment of the Trinity patch, which erased the boot.ini file from several thousand users' computers. This was due to the usage of a legacy system within the game that was also named boot.ini. As such, the deletion had targeted the wrong directory instead of the /eve directory.[23]
- In the Sony BMG CD copy prevention scandal (October 2005), Sony BMG produced a Van Zant music CD that employed a copy protection scheme that covertly installed a "rootkit" on any Windows PC that was used to play it. Their intent was to hide the copy protection mechanism to make it harder to circumvent. Unfortunately, the rootkit inadvertently opened a security hole resulting in a wave of successful trojan horse attacks on the computers of those who had innocently played the CD.[24] Sony's subsequent efforts to provide a utility to fix the problem actually exacerbated it.[25]
Encryption
- In order to fix a warning issued by Valgrind, a maintainer of Debian patched OpenSSL and broke the random number generator in the process. The patch was uploaded in September 2006 and made its way into the official release; it was not reported until April 2008. Every key generated with the broken version is compromised, as is all data encrypted with it, threatening many applications that rely on encryption such as S/MIME, TOR, SSL or TLS protected connections and SSH.[26]
References
- ^ "Space FAQ 08/13 - Planetary Probe History". Retrieved on 2008-01-07.
- ^ Hoare, C. A. R.. Hints on Programming Language Design. in Sigact/Sigplan Symposium on Principles of Programming Languages. October 1973., reprinted in Horowitz. Programming Languages, A Grand Tour, 3rd ed.. See Risks Digest: Mariner 1, Vol. 9: Iss. 54, 12 Dec 89 (and "Mariner I -- no holds BARred". Retrieved on 2008-01-07.
- ^ R. Z. Sagdeev & A. V. Zakharov (1989). "Brief history of the Phobos mission". Nature 341: 581–585. doi:.
- ^ Dowson, M. (March 1997\). "The Ariane 5 Software Failure". Software Engineering Notes 22 (2): 84. doi:.
- ^ "Mars Polar Lander". Retrieved on 2008-01-07.
- ^ "Units Blunder Sent Craft Into Martian Atmosphere: NASA". www.space.com. Retrieved on 2008-10-19.
- ^ "Report Reveals Likely Causes of Mars Spacecraft Loss". Retrieved on 2008-01-07.
- ^ "Faulty Software May Have Doomed Mars Orbiter". Space.com. Retrieved on January 11, 2007.
- ^ "The Therac-25 Accidents (PDF), by Nancy Leveson" (PDF). Retrieved on 2008-01-07.
- ^ "An Investigation of the Therac-25 Accidents (IEEE Computer)". Retrieved on 2008-01-07.
- ^ "Short summary of the Therac-25 Accidents". Retrieved on 2008-01-07.
- ^ "A Heart Device Is Found Vulnerable to Hacker Attacks". Retrieved on 2008-09-28.
- ^ "Looking at the Y2K bug, portal on CNN.com". Retrieved on 2008-01-07.
- ^ "The year 2038 bug". Retrieved on 2008-01-12.
- ^ "Software Bug Contributed to Blackout". Retrieved on 2008-01-07.
- ^ Sterling, Bruce. The Hacker Crackdown: Law and Disorder on the Electronic Frontier (ISBN 0-553-56370-X). Spectra Books.
- ^ "The Crash of the AT&T Network in 1990". Retrieved on 2008-05-15.
- ^ "Patriot missile defense, Software problem led to system failure at Dharhan, Saudi Arabia; GAO report IMTEC 92-26". US Government Accounting Office.
- ^ Robert Skeel. "Roundoff Error and the Patriot Missile". SIAM News, volume 25, nr 4. Retrieved on 2008-09-30.
- ^ "The Chinook Helicopter Disaster". Retrieved on 2008-01-07.
- ^ "Software glitches leave Navy Smart Ship dead in the water". Retrieved on 2008-01-07.
- ^ "Robot Cannon Kills 9, Wounds 14". Retrieved on 2008-09-29.
- ^ "About the boot.ini issue (Dev Blog)". Retrieved on 2008-03-08.
- ^ "Sony's 'rootkit' CDs". Retrieved on 2008-05-15.
- ^ "More on Sony: Dangerous Decloaking Patch, EULAs and Phoning Home", Mark's Blog, November 4, 2005, retrieved November 22, 2006.
- ^ "DSA-1571-1 openssl -- predictable random number generator". Retrieved on 2008-04-16.
No comments have been added.
