This document discusses the use of open source software and technologies in safety-critical medical device platforms. It argues that medical device vendors should be using open source to implement safety-critical requirements, contribute to open source projects, and create their own open source projects. Open source can help address the need for more connectivity and interoperability between devices as healthcare moves towards integrated systems. However, open source also presents compliance, reliability and security challenges that require risk assessments, hazard analysis, and processes to validate code from open source projects.
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
How to Use Open Source Technologies in Safety-critical Medical Device Platforms
1. Open Source Software (OSS) and Technologies
in Safety-critical Medical Device Platforms
Using Open Source to Design Connected Medical Devices
Shahid N. Shah, CEO
2. NETSPECTIVE
Who is Shahid?
• Chairman, OSEHRA.org Board of Advisors
• 20+ years of software engineering and
multi-discipline complex IT implementations
(Gov., defense, health, finance, insurance)
• 12+ years of healthcare IT and medical
devices experience (blog at
http://healthcareguy.com)
• 15+ years of technology management
experience (government, non-profit,
commercial)
www.netspective.com
Author of Chapter 13, “You’re
the CIO of your Own Office”
2
3. NETSPECTIVE
Open source software (OSS) is in your future
• You’re moving from standalone boxes to fully integrated
systems
• mHealth demands more interoperability
• Your customers demand flexible workflows with enhanced
functionality
• Your customer demand data integration with their systems
• Security of medical devices is under great scrutiny and
excuses aren’t going to be accepted
www.netspective.com
3
4. NETSPECTIVE
The new realities of patient populations
Prevention
•
Education
•
Health Promotions
•
Healthy Lifestyle Choices
•
Health Risk Assessment
Management
•
•
Obesity Management
Wellness Management
•
•
•
•
•
•
•
Assessment – HRA
Stratification
Dietary
Physical Activity
Physician Coordination
Social Network
Behavior Modification
•
•
•
Diabetes
COPD
CHF
•
•
•
•
•
Stratification & Enrollment
Disease Management
Care Coordination
MD Pay-for-Performance
Patient Coaching
•
•
•
•
Physicians Office
Hospital
Other sites
Pharmacology
•
Catastrophic Case
Management
Utilization Management
Care Coordination
Co-morbidities
•
•
•
26 % of Population
35 % of Population
35 % of Population
4% of Population
4 % of Medical Costs
22 % of Medical Costs
37 % of Medical Costs
36 % of Medical Costs
Source: Amir Jafri, PrescribeWell
www.netspective.com
4
6. NETSPECTIVE
Data is getting more sophisticated, analysis even more so
It’s hard today but will be even harder tomorrow
Economics
Administrative
www.netspective.com
Phenotypics
Behavioral
Biochemical
Genomics
Proteomics
IOT sensors
6
7. NETSPECTIVE
Implications of healthcare trends
PPACA
ACO
Software
Regulated IT and Systems
Integration Services
MU
Health
Home
www.netspective.com
PCMH
mHealth
DATA
Evidence Based Medicine
Comparative Effectiveness
7
8. NETSPECTIVE
What users want vs. what they’re offered
Data visualization requires integration and aggregation
What’s being offered to users
www.netspective.com
What users really want
8
9. NETSPECTIVE
Evolving Healthcare IT Enterprise Architecture
You need to fit into a complex environment
Device
Teaming
Cloud
Services
Patient
Self-Management
Platforms
SSL VPN
Patient Context
Monitoring
BaaS Gateway
(DDS, XMPP ESB)
,
Device
Data
Data Transformation (ESB, HL7)
Remote
Surveillance
Management
Dashboards
HIT
Integration
Report
Generation
Device reimbursement
www.netspective.com
Enterprise Data
RCM, Financials,
EHRs
Device
Management
Cross Device
App Workflows
Device Utilization
Device profitability
Alarm
Notifications
Device Inventory
9
10. • Should medical device vendors be using
open source to implement their safetycritical requirements?
• How about contributing to open source
projects?
• How about creating their own open
source projects?
www.netspective.com
10
11. Yes!
• If you’re not using open source projects in your
own devices then you’re doing far more
engineering work than is necessary.
• If you’re not contributing to open source then
you’re not making code you rely on better.
• If you’re not creating open source then you’re
missing a valuable marketing opportunity.
www.netspective.com
11
12. NETSPECTIVE
Connectivity is a must, OSS is answer
Most obvious benefit
Least attention
Most promising
capability
This talk focuses on
connected devices
www.netspective.com
12
13. NETSPECTIVE
Appreciate tradeoffs
The more connectionfriendly a device, the
harder it is to validate it
Integrationfriendliness
Ease of
validation
Lesson: Demand Testability
www.netspective.com
13
14. NETSPECTIVE
What are we afraid of when it comes to OSS?
Compliance
Reliability
Will the FDA and other
regulators accept open
source code in safetycritical systems?
Is open source code safe
enough for medical
devices?
www.netspective.com
14
15. Yes, of course.
Proof: we did it at American Red Cross in 1996 for a Class 3
device built on a modern enterprise IT ecosystem
Lesson: Risk managers and quality leadership often use
regulators as an excuse to prevent OSS use because of OSS
illiteracy, not legitimate strategy or actual evidence of harm.
Reality: Regulators don’t care about your use of open source,
they care about safe systems that meet intended use.
www.netspective.com
15
16. NETSPECTIVE
Code you write is not necessarily safer
There is significantly more and better
testing of large open source projects
than you could ever do
In an integrated ecosystem, you have to
learn how to rely on others and do so
safely and effectively
Modern IT systems’ custom
components
www.netspective.com
16
17. NETSPECTIVE
It’s not as hard as we think…
• Modern real-time operating systems (open source and
commercial) are reliable for safety-critical medical-grade
requirements.
• Open standards such as TCP/IP DDS, HTTP and XMPP can
,
,
pull vendors out of the 1980’s and into the 1990’s.
• Open source and open standards that promote enterprise IT
connectivity can pull vendors into the 2010’s and beyond.
www.netspective.com
17
19. NETSPECTIVE
Remove OSS illiteracy from decision making
Understand open
source licensing,
remove the fear of
IP loss
www.netspective.com
Understand where
code is coming
from and what test
harnesses included
Get in touch with
the open source
developers to find
out the current
utilization
19
20. NETSPECTIVE
Choose the right OSS projects
Requirements
traceability
possible?
Code reviews
conducted by OSS
code authors?
Unit testing
conducted by
authors?
Continuous
integration system
employed?
Integration testing
conducted?
Performance
testing
conducted?
Safety testing
conducted?
Security testing
conducted?
www.netspective.com
20
21. NETSPECTIVE
Engender trust in the code’s provenance
Connect to
the revision
control
system of the
open source
project
www.netspective.com
Create your
own binaries
Create a
process to
securely sign
the binaries
Create your
own
deployment
packages
21
22. NETSPECTIVE
Integrate OSS into your QSR process
Employ continuous
integration (CI) for
your own and OSS
project components
Create a process to
test the binaries
using code
coverage tools
Keep an eye on
changes coming in
from the source and
retest regularly
www.netspective.com
Conduct continuous
hazard and risk
analysis of outside
code
Review your process
with the compliance
officers and get
their regular buy in
22
23. NETSPECTIVE
But it’s not easy either…we need
Risk
Assessments
Hazard Analysis
Design for
Testability
Design for
Simulations
Documentation
Traceability
Mathematical
Proofs
Determinism
Instrumentation
Theoretical
foundations
www.netspective.com
23
24. NETSPECTIVE
OSS hazard and risk assessment
• What is the intended use for the device or system?
• How will the OSS product you’re planning to use going to be
tied to your intended use?
• What is the risk associated with the OSS product for that
particular intended use?
R = S h x Ph
www.netspective.com
24
25. NETSPECTIVE
Risk is related to severity and harm
R = risk
Sh = severity of harm
Ph = probability of harm
R = S h x Ph
• Harm is damage done to a person
• Severity is the degree of harm done
• Probability is the frequency and duration of exposure
www.netspective.com
25
26. NETSPECTIVE
Examples of Severity & Probability
Severity
Probability
• multiple fatalities
• fatalities
• severe injury (non-reversible, requires
hospitalization)
• moderate injury (reversible, requires
hospitalization)
• minor (reversible, requires first aid)
• very minor (no first aid)
•
•
•
•
•
•
•
www.netspective.com
Constant exposure
Hourly
Daily
Weekly
Monthly
Yearly
Never
26
27. NETSPECTIVE
Formal risk assessment methods
What-if analysis
Preliminary
hazard analysis
(PHA)
Fault tree
analysis (FTA)
www.netspective.com
Failure modes
and effects
analysis (FMEA)
Hazard and
operability
studies
27
28. NETSPECTIVE
OSS Risk analysis steps - FMEA
Define the function of the OSS product being analyzed.
Identify potential failures of the OSS.
Determine the causes of each failure types.
Determine the effects of potential failures.
Assign a risk index to each of the failure types.
Determine the most appropriate corrective/preventive
actions.
• Monitor the implementation of the corrective/preventive to
ensure that it is having the desired effect.
•
•
•
•
•
•
www.netspective.com
28
29. NETSPECTIVE
Good summary of FMEA
• http://en.wikipedia.org/wiki/
Failure_mode_and_effects_analysis
www.netspective.com
29
30. NETSPECTIVE
Sampling of OSS / open standards
Project / Standard
Subject area
D
G
Linux or Android
Operating system
OMG DDS (data
distribution service)
Publish and subscribe
messaging
AppWeb, Apache
Web/app server
OpenTSDB
Time series database
Open source project
Mirth
HL7 messaging engine
Built on Mule ESB
Alembic Aurion
HIE, message exchange
Successor to CONNECT
HTML5, XMPP JSON
,
Various areas
Don’t reinvent the wheel
SAML, XACML
Security and privacy
DynObj, OSGi, JPF
Plugin frameworks
www.netspective.com
Comments
Open standard with open
source implementations
Build for extensibility
30
31. NETSPECTIVE
OSS applicability to connectivity
Physical
• Wired, wireless (WiFi, cellular, etc.)
Logical
• Device Gateway Data Routers Systems
Structural
• Security, Numbers, Units of Measure, etc.
Semantic
• Presence, Vitals, Glucose, Heartbeats, etc.
www.netspective.com
31
32. NETSPECTIVE
OSS applicability to manageability
Security
• Is the device
authorized?
Teaming
Inventory
• Device grouping
• Where is the device?
Presence
• Is a device connected?
www.netspective.com
32
35. NETSPECTIVE
OSS in Ultimate Architecture Core
Connectivity is
built-in, not added
Device Components
Think about
Plugins from day 1
Build on
Open Source
Connectivity Layer (DDS, HTTP, XMPP)
Plugin Container
Device OS
(QNX, Linux, Windows)
Don’t create
your own OS!
www.netspective.com
Security and Management Layer
Create code as
a last resort
Security isn’t
added later
35