Medical devices, are a wonder of the modern age. Ranging from defibrillators, that can save the lives of a heart attack victim, to pacemakers and artificial hearts, that keep blood pumping smoothly throughout the body, medical devices have done and will continual do miraculous feats.
These devices continue to grow in capabilities, and with that, complexity. More than 50% of the medical devices sold in the United States rely on software to run and operate properly. For example the pacemaker may require over 80,ooo lines of written code. More complex machines such as an MRI (magnetic-resonance-imaging) scanner require over 7 million lines of code.
However, like all technology, medical devices are not immune to technical challenges and software glitches. The growing reliance of software causes many of the same problems that it causes anywhere else. Medical software is susceptible to bugs, crashes and digital attacks. According to research conducted at the University of Patras in Ground found that one in three of all software sold in the United States between 1999 and 2005 were failures.
When medical software malfunctions, there could be large implications. For example in the 1980s, a software bug in the Therac-25 radiotheraoy machines caused significant overdosing, which killed at least five patients. The Food and Drug Administration linked issues with drug infusion pumps with nearly 20,000 serious injuries and over 700 deaths between 2005 and 2009. Most of the errors were software related. If a bug with the code causes the software to recalculate dosages inaccurately, it could lead to deadly results.
Like all hardware running on networks and wireless connections, medical devices are vulnerable to hacking and malicious attacks. There have been studies, specifically on how a implantable cardioverter defibrillator could be remotely reprogrammed to either withhold therapy or deliver shocks – unnecessarily discomfort for the patient. Today the medical device industry lacks the high risk culture found in avionics and have failed to keep up with the latest developments within software engineering. Many manufactures do not have the expertise or desire to implement the latest tools in computer science.
So far, the research has yet to be conducted to understand how much of a problem medical devices malfunctions are. Mostly all of the software used for medical devices are closed and propitiatory. This is because companies want to protect their code from other competitors. which makes it difficult to uncover security flaws. Even free testing software for infusion-pump offered to manufactures from the FDA has not been used use.
As you can imagine, there is frustration with the lack of co-operation from the medical device industry, leading to desire by some academics to redesign the medical device industry from the ground up to include open-source principles. In opensource systems, the source of the code is share with the public. The theory is that exposing a design to more eyes would help improve the quality of the code and lead to safer products. In open source code, bugs and security flaws will be open to everyone to see and correct – this process tends happen much faster in OS development than in priority or closed software development.
There is a joint project called the Generic Infusion Pump project. This a partnership with the University of Pennsylvania and the FDA. The idea is to write the code first for a drug infusion pump device, that does not exist and imagine everything could go wrong with it . Several manufactures helped to be build this device. Only the best mathematical models were used to based the design on. The goal would be to rapidly prototype this device through 3D printing and download the open- source software to run it within hours.
There is also the Open Source Medical Device initiative at the University of Wisconsin – Madison. Researchers are designing a machine that combines radiotherapy with high resolution tomography(CT) and positron -emission tomography. (PET). Their goal is to supply, at no cost, everything necessary to build the device from scratch, including hardware specifications, source code, assembly instructions, suggested parts—and even recommendations on where to buy them and how much to pay.This will cost quarter of a the price of a commercial scanner.
Open- source devices are found in the most cutting edge medical technologies. There is even an opensource surgical robot called Raven, designed at the the University of Washington This breakthrough provides an affordable way for researchers around the globe to experiment with surgical technologies.
Opensource technology can help solve a variety of different problems in medical science, however they are all prohibited from being used on human patients. In order to be used in a clinical setting, opensource devices must undergo the same expensive and lengthy FDA process of commercial medical devices. Although software does not require analysis, the FDA does insist that there is rigorous documentation. This is not necessarily conducive to the informal opensource coding process.
There is a high cost to navigating America’s health regulatory regime. Some projects that were once open sourced became closed and proprietary due to millions of dollars and years of waiting for approval. Others projects are skipping America’s regulatory system all together, such as the Raven surgical robot and the Open Source Medical Device scanner, hope to find adoption in other countries where this strict barriers do not exist.
There are signs that the FDA is embarrassing some change. The Medical Device Plug-Play Interoperability Program, is funded by the National Institutes of Heath and FDA. It is focused on creating open standards for interconnecting devices from a variety of manufacturers.
Efforts go even further, a Medical Device Coordination Framework is being developed at Kansas Sate University to build an opensource hardware platform. This work to build displays, buttons, processors , sensors and actuators in a generic form can help create a variety of applications that can be integrated with opensource software, which can function as downloadable apps.
The National Institute of Standards and Technology is now recommending the FDA be responsible for approving and and watching out for cyber-security within medical devices.