• Save
OSCon 2011 Talk: The implications of open source technologies in safety critical medical device platforms
Upcoming SlideShare
Loading in...5
×
 

OSCon 2011 Talk: The implications of open source technologies in safety critical medical device platforms

on

  • 4,572 views

FDA regulated medical devices are considered safety-critical systems due to their ability to affect patient lives. Given the nature of scrutiny and the requirement to play it safe, most medical device ...

FDA regulated medical devices are considered safety-critical systems due to their ability to affect patient lives. Given the nature of scrutiny and the requirement to play it safe, most medical device vendors end up choosing proprietary or custom solutions for operating systems, databases, messaging platforms, alarm notification systems, and event logging.

This talk uncovered some of the common misconceptions around government regulations and how there are not inherent limitations around using FOSS in safety-critical systems so long as the requisite risk analysis and quality assurance work is conducted.

Shahid presented his recent work on modern medical device architectures, the challenges and opportunities associated with using open source software in medical devices, and real-world findings from use of open source answering questions such as:

Will the FDA accept open source in safety-critical systems?

Are open source systems safe enough for medical devices?

What kind of assessments are needed for open source software in medical devices?

Statistics

Views

Total Views
4,572
Views on SlideShare
2,344
Embed Views
2,228

Actions

Likes
0
Downloads
0
Comments
0

21 Embeds 2,228

http://www.healthcareguy.com 1365
http://www.hitsphere.com 376
http://feeds.feedburner.com 245
http://hitsphere.blueserf.com 122
http://healthworkscollective.com 41
http://hitsphere.com 37
http://weblog.chrisricard.net 7
http://core.traackr.com 7
http://translate.googleusercontent.com 5
http://embed.ly 4
http://www.newsblur.com 4
http://localhost 3
http://webcache.googleusercontent.com 3
http://my.aol.com 2
http://www.linkedin.com 1
http://www.medpedia.com 1
http://www.wellsphere.com 1
http://www.hitsphere.blueserf.com 1
http://healthcareguy.blueserf.com 1
http://74.6.238.254 1
http://131.253.14.98 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

OSCon 2011 Talk: The implications of open source technologies in safety critical medical device platforms OSCon 2011 Talk: The implications of open source technologies in safety critical medical device platforms Presentation Transcript

  • Open Source Technologies in Safety-critical Medical Device PlatformsUsing Open Source to Design Connected Medical Devices to Help Fill EHRs with Clinically Useful Data
    Shahid N. Shah, CEO
  • Who is Shahid?
    20+ years of software engineering and multi-site healthcare system deployment experience
    12+ years of healthcare IT and medical devices experience (blog at http://healthcareguy.com)
    15+ years of technology management experience (government, non-profit, commercial)
    10+ years as architect, engineer, and implementation manager on various EMR and EHR initiatives (commercial and non-profit)
    Author of Chapter 13, “You’re the CIO of your Own Office”
  • Healthcare landscape background
    The government (through Meaningful Use & ACO incentives) is paying for the collection of clinical data.
    Medical devices are the best sources of quantifiable, analyzable, and reportable clinical data.
    Most medical devices today are not connected so you do not have access to the best data.
    New devices are being design and deployed to support connectivity.
  • What if we had access to all this data?
    Source: Jan Whittenber, Philips Medical Systems
  • Where does patient data come from?
  • Where does patient data come from?
  • Patient data source analysis
    Meaningful Use and CER advocates are promoting (structured) data collection for reduction of medical errors, analysis of treatments and procedures, and research for new methods.
    All the existing MU incentives promote the wrong kinds of collection: unreliable, slow, and error prone.
    Accurate, real-time, data is only available from connected medical devices
  • Connectivity is a must, OSS is answer
    Most obvious benefit
    Least attention
    Most promising
    capability
    This talk focuses on connected devices
  • Key OSS questions
  • Simple answer
    Proof: we did it at American Red Cross in 1996
  • It’s not as hard as we think…
    Modern real-time operating systems (open source and commercial) are reliable for safety-critical medical-grade requirements.
    Open standards such as TCP/IP, DDS, HTTP, and XMPP can pull vendors out of the 1980’s and into the 1990’s. 
    Open source and open standards that promote enterprise IT connectivity can pull vendors into the 2010’s and beyond.
  • But it’s not easy either…we need
  • OSS hazard and risk assessment
    What is the intended use for the device or system?
    How will the OSS product you’re planning to use going to be tied to your intended use?
    What is the risk associated with the OSS product for that particular intended use?
    R = Sh x Ph
  • Risk is related to severity and harm
    R = Sh x Ph
    R = risk
    Sh = severity of harm
    Ph = probability of harm
    Harm is damage done to a person
    Severity is the degree of harm done
    Probabilityis the frequency and duration of exposure
  • Examples of Severity & Probability
    Severity
    multiple fatalities
    fatalities
    severe injury (non-reversible, requires hospitalization)
    moderate injury (reversible, requires hospitalization)
    minor (reversible, requires first aid)
    very minor (no first aid)
    Probability
    Constant exposure
    Hourly
    Daily
    Weekly
    Monthly
    Yearly
    Never
  • Formal risk assessment methods
  • OSS Risk analysis steps - FMEA
    Define the function of the OSS product being analyzed.
    Identify potential failures of the OSS.
    Determine the causes of each failure types.
    Determine the effects of potential failures.
    Assign a risk index to each of the failure types.
    Determine the most appropriate corrective/preventive actions.
    Monitor the implementation of the corrective/preventive to ensure that it is having the desired effect.
  • Good summary of FMEA
    http://en.wikipedia.org/wiki/Failure_mode_and_effects_analysis
  • Sampling of OSS / open standards
  • OSS applicability to connectivity
  • OSS applicability to manageability
  • OSS enables extensible devices
  • Appreciate tradeoffs
    The more connection-friendly a device, the harder it is to validate it
    Lesson: Demand Testability
  • 5
    Device Components
    3rd Party Plugins
    Web Server, IM Client
    • Presence
    • Messaging
    • Registration
    • JDBC, Query
    6
    App
    #1
    App
    #2
    Sensors
    Storage
    Display
    Plugins
    7
    Connectivity Layer (DDS, HTTP, XMPP)
    4
    Event Architecture
    LocationAware
    Plugin Container
    3
    2
    Security and Management Layer
    1
    Device OS
    (QNX, Linux, Windows)
    SSL VPN
    Healthcare Enterprise
    Cloud
    Services
    Workflow
    8
    Device Gateway (DDS, ESB)
    Notifications
    Patient Context
    Data Transformation (ESB, HL7)
    Inventory
    9
    Management
    Dashboards
    Enterprise
    Data
    Shahid’s “Ultimate Connectivity Architecture”
  • OSS in Ultimate Architecture Core
    Connectivity isbuilt-in, not added
    Think about
    Plugins from day 1
    Device Components
    Connectivity Layer (DDS, HTTP, XMPP)
    Plugin Container
    Security and Management Layer
    Device OS
    (QNX, Linux, Windows)
    Security isn’tadded later
    Build onOpen Source
    Don’t createyour own OS!
    Create code asa last resort
  • OSS enables plugin architecture
    Device Components
    3rd Party Plugins
    App
    #1
    App
    #2
    Plugins
    Connectivity Layer (DDS, HTTP, XMPP)
    Event Architecture
    LocationAware
    Plugin Container
    Security and Management Layer
    Device OS
    (QNX, Linux, Windows)
  • OSS in connectivity components
    Design all functions as plugins
    Surveillance &“remote display”
    Remote Access
    Event Viewer
    Alarms
    Device Components
    Web Server, IM Client
    • Presence
    • Messaging
    • Registration
    • JDBC, Query
    Connectivity Layer (DDS, HTTP, XMPP)
    Plugin Container
    Security and Management Layer
    Device OS
    (QNX, Linux, Windows)
  • OSS in device components
    Virtualize!
    Device Components
    3rd Party Plugins
    Web Server, IM Client
    Sensors
    Storage
    Display
    Plugins
    Connectivity Layer (HTTP, XMPP)
    Event Architecture
    Plugin Container
    “On Device”Workflow
    Security and Management Layer
    Device OS
    (QNX, Linux, Windows)
    LocationAware
    PatientContext, too
  • OSS enables enterprise integration
    DeviceTeaming
    Cloud
    Services
    SSL VPN
    Device
    Data
    Device Gateway(DDS, XMPP, ESB)
    Cross Device
    App Workflows
    Patient Context
    Monitoring
    Data Transformation (ESB, HL7)
    RemoteSurveillance
    Management
    Dashboards
    Enterprise
    Data
    AlarmNotifications
    HITIntegration
    DeviceManagement
    ReportGeneration
    Inventory
  • Device Components
    3rd Party Plugins
    Web Server, IM Client
    • Presence
    • Messaging
    • Registration
    • JDBC, Query
    App
    #1
    App
    #2
    Sensors
    Storage
    Display
    Plugins
    Connectivity Layer (DDS, HTTP, XMPP)
    Security and Management Layer
    Device OS
    (QNX, Linux, Windows)
    Healthcare Enterprise
    Cloud
    Services
    Device Gateway (DDS, ESB)
    Data Transformation (ESB, HL7)
    Management
    Dashboards
    Enterprise
    Data
    Ultimate Connectivity Architecture
    Event Architecture
    LocationAware
    Plugin Container
    SSL VPN
    Workflow
    Notifications
    Patient Context
    Inventory
  • Conclusion and Questions