• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
OSCon 2011 Talk: The implications of open source technologies in safety critical medical device platforms
 

OSCon 2011 Talk: The implications of open source technologies in safety critical medical device platforms

on

  • 4,494 views

FDA regulated medical devices are considered safety-critical systems due to their ability to affect patient lives. Given the nature of scrutiny and the requirement to play it safe, most medical device ...

FDA regulated medical devices are considered safety-critical systems due to their ability to affect patient lives. Given the nature of scrutiny and the requirement to play it safe, most medical device vendors end up choosing proprietary or custom solutions for operating systems, databases, messaging platforms, alarm notification systems, and event logging.

This talk uncovered some of the common misconceptions around government regulations and how there are not inherent limitations around using FOSS in safety-critical systems so long as the requisite risk analysis and quality assurance work is conducted.

Shahid presented his recent work on modern medical device architectures, the challenges and opportunities associated with using open source software in medical devices, and real-world findings from use of open source answering questions such as:

Will the FDA accept open source in safety-critical systems?

Are open source systems safe enough for medical devices?

What kind of assessments are needed for open source software in medical devices?

Statistics

Views

Total Views
4,494
Views on SlideShare
2,279
Embed Views
2,215

Actions

Likes
0
Downloads
0
Comments
0

21 Embeds 2,215

http://www.healthcareguy.com 1352
http://www.hitsphere.com 376
http://feeds.feedburner.com 245
http://hitsphere.blueserf.com 122
http://healthworkscollective.com 41
http://hitsphere.com 37
http://weblog.chrisricard.net 7
http://core.traackr.com 7
http://translate.googleusercontent.com 5
http://embed.ly 4
http://www.newsblur.com 4
http://localhost 3
http://webcache.googleusercontent.com 3
http://my.aol.com 2
http://www.linkedin.com 1
http://www.medpedia.com 1
http://www.wellsphere.com 1
http://www.hitsphere.blueserf.com 1
http://healthcareguy.blueserf.com 1
http://74.6.238.254 1
http://131.253.14.98 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    OSCon 2011 Talk: The implications of open source technologies in safety critical medical device platforms OSCon 2011 Talk: The implications of open source technologies in safety critical medical device platforms Presentation Transcript

    • Open Source Technologies in Safety-critical Medical Device PlatformsUsing Open Source to Design Connected Medical Devices to Help Fill EHRs with Clinically Useful Data
      Shahid N. Shah, CEO
    • Who is Shahid?
      20+ years of software engineering and multi-site healthcare system deployment experience
      12+ years of healthcare IT and medical devices experience (blog at http://healthcareguy.com)
      15+ years of technology management experience (government, non-profit, commercial)
      10+ years as architect, engineer, and implementation manager on various EMR and EHR initiatives (commercial and non-profit)
      Author of Chapter 13, “You’re the CIO of your Own Office”
    • Healthcare landscape background
      The government (through Meaningful Use & ACO incentives) is paying for the collection of clinical data.
      Medical devices are the best sources of quantifiable, analyzable, and reportable clinical data.
      Most medical devices today are not connected so you do not have access to the best data.
      New devices are being design and deployed to support connectivity.
    • What if we had access to all this data?
      Source: Jan Whittenber, Philips Medical Systems
    • Where does patient data come from?
    • Where does patient data come from?
    • Patient data source analysis
      Meaningful Use and CER advocates are promoting (structured) data collection for reduction of medical errors, analysis of treatments and procedures, and research for new methods.
      All the existing MU incentives promote the wrong kinds of collection: unreliable, slow, and error prone.
      Accurate, real-time, data is only available from connected medical devices
    • Connectivity is a must, OSS is answer
      Most obvious benefit
      Least attention
      Most promising
      capability
      This talk focuses on connected devices
    • Key OSS questions
    • Simple answer
      Proof: we did it at American Red Cross in 1996
    • It’s not as hard as we think…
      Modern real-time operating systems (open source and commercial) are reliable for safety-critical medical-grade requirements.
      Open standards such as TCP/IP, DDS, HTTP, and XMPP can pull vendors out of the 1980’s and into the 1990’s. 
      Open source and open standards that promote enterprise IT connectivity can pull vendors into the 2010’s and beyond.
    • But it’s not easy either…we need
    • OSS hazard and risk assessment
      What is the intended use for the device or system?
      How will the OSS product you’re planning to use going to be tied to your intended use?
      What is the risk associated with the OSS product for that particular intended use?
      R = Sh x Ph
    • Risk is related to severity and harm
      R = Sh x Ph
      R = risk
      Sh = severity of harm
      Ph = probability of harm
      Harm is damage done to a person
      Severity is the degree of harm done
      Probabilityis the frequency and duration of exposure
    • Examples of Severity & Probability
      Severity
      multiple fatalities
      fatalities
      severe injury (non-reversible, requires hospitalization)
      moderate injury (reversible, requires hospitalization)
      minor (reversible, requires first aid)
      very minor (no first aid)
      Probability
      Constant exposure
      Hourly
      Daily
      Weekly
      Monthly
      Yearly
      Never
    • Formal risk assessment methods
    • OSS Risk analysis steps - FMEA
      Define the function of the OSS product being analyzed.
      Identify potential failures of the OSS.
      Determine the causes of each failure types.
      Determine the effects of potential failures.
      Assign a risk index to each of the failure types.
      Determine the most appropriate corrective/preventive actions.
      Monitor the implementation of the corrective/preventive to ensure that it is having the desired effect.
    • Good summary of FMEA
      http://en.wikipedia.org/wiki/Failure_mode_and_effects_analysis
    • Sampling of OSS / open standards
    • OSS applicability to connectivity
    • OSS applicability to manageability
    • OSS enables extensible devices
    • Appreciate tradeoffs
      The more connection-friendly a device, the harder it is to validate it
      Lesson: Demand Testability
    • 5
      Device Components
      3rd Party Plugins
      Web Server, IM Client
      • Presence
      • Messaging
      • Registration
      • JDBC, Query
      6
      App
      #1
      App
      #2
      Sensors
      Storage
      Display
      Plugins
      7
      Connectivity Layer (DDS, HTTP, XMPP)
      4
      Event Architecture
      LocationAware
      Plugin Container
      3
      2
      Security and Management Layer
      1
      Device OS
      (QNX, Linux, Windows)
      SSL VPN
      Healthcare Enterprise
      Cloud
      Services
      Workflow
      8
      Device Gateway (DDS, ESB)
      Notifications
      Patient Context
      Data Transformation (ESB, HL7)
      Inventory
      9
      Management
      Dashboards
      Enterprise
      Data
      Shahid’s “Ultimate Connectivity Architecture”
    • OSS in Ultimate Architecture Core
      Connectivity isbuilt-in, not added
      Think about
      Plugins from day 1
      Device Components
      Connectivity Layer (DDS, HTTP, XMPP)
      Plugin Container
      Security and Management Layer
      Device OS
      (QNX, Linux, Windows)
      Security isn’tadded later
      Build onOpen Source
      Don’t createyour own OS!
      Create code asa last resort
    • OSS enables plugin architecture
      Device Components
      3rd Party Plugins
      App
      #1
      App
      #2
      Plugins
      Connectivity Layer (DDS, HTTP, XMPP)
      Event Architecture
      LocationAware
      Plugin Container
      Security and Management Layer
      Device OS
      (QNX, Linux, Windows)
    • OSS in connectivity components
      Design all functions as plugins
      Surveillance &“remote display”
      Remote Access
      Event Viewer
      Alarms
      Device Components
      Web Server, IM Client
      • Presence
      • Messaging
      • Registration
      • JDBC, Query
      Connectivity Layer (DDS, HTTP, XMPP)
      Plugin Container
      Security and Management Layer
      Device OS
      (QNX, Linux, Windows)
    • OSS in device components
      Virtualize!
      Device Components
      3rd Party Plugins
      Web Server, IM Client
      Sensors
      Storage
      Display
      Plugins
      Connectivity Layer (HTTP, XMPP)
      Event Architecture
      Plugin Container
      “On Device”Workflow
      Security and Management Layer
      Device OS
      (QNX, Linux, Windows)
      LocationAware
      PatientContext, too
    • OSS enables enterprise integration
      DeviceTeaming
      Cloud
      Services
      SSL VPN
      Device
      Data
      Device Gateway(DDS, XMPP, ESB)
      Cross Device
      App Workflows
      Patient Context
      Monitoring
      Data Transformation (ESB, HL7)
      RemoteSurveillance
      Management
      Dashboards
      Enterprise
      Data
      AlarmNotifications
      HITIntegration
      DeviceManagement
      ReportGeneration
      Inventory
    • Device Components
      3rd Party Plugins
      Web Server, IM Client
      • Presence
      • Messaging
      • Registration
      • JDBC, Query
      App
      #1
      App
      #2
      Sensors
      Storage
      Display
      Plugins
      Connectivity Layer (DDS, HTTP, XMPP)
      Security and Management Layer
      Device OS
      (QNX, Linux, Windows)
      Healthcare Enterprise
      Cloud
      Services
      Device Gateway (DDS, ESB)
      Data Transformation (ESB, HL7)
      Management
      Dashboards
      Enterprise
      Data
      Ultimate Connectivity Architecture
      Event Architecture
      LocationAware
      Plugin Container
      SSL VPN
      Workflow
      Notifications
      Patient Context
      Inventory
    • Conclusion and Questions