Java Development News:
Would you trust an embedded system with your life?
By Jason Tee
25 Aug 2011 | TheServerSide.com
Over the last 10 years, embedded technology has expanded enormously to serve an ever wider array of industries. Some of the most exciting applications are in the field of medical treatment. Here are just a few of the items you can find in the patient care arena that may incorporate one or more embedded devices:
- Blood pressure monitor, pulse oximeter, EKG, and other vital sign monitoring equipment
- GlucoWatch and similar continual blood sugar monitoring devices
- Robotics equipment used in surgery
- Pacemakers and cardioverter-defibrillators
- Scanning equipment (MRI, PET, etc.)
- Automated delivery systems for medications (including chemotherapy)
- Intelligent prosthetics such as digital hearing aids
These days, there are even tiny ingestible cameras that can take a journey through “Inner Space” allowing a GI doc to take a look at your intestinal tract. As microprocessors get smaller and smaller, there may come a day when most of us are walking around with embedded medical devices literally embedded in our bodies.
Staying alive, staying alive!
With such dependency on technology for medical diagnosis, monitoring, and treatment come some concerns. First, there’s the question of reliability. Embedded devices are intended to be failsafe by design, but this is the ideal – not always the reality. Hospitals can’t afford to have their monitoring equipment flat line just when they need it most. There’s also no point in having an automated dosing mechanism in place if it’s just as prone to error as a sleep deprived intern.
Second, there’s the issue of communication. Wireless, Web-enabled embedded devices offer a giant step forward in making remote monitoring possible. Being able to get real time data on a heart patient when they experience a cardiac event at home is great. But there’s also an element of risk involved in communicating private medical information in this way. Encryption and other security measures are essential for protecting patient data in compliance with HIPAA laws.
That brings up the third and potentially scariest concern. If a device can send and receive data, there is a possibility that it could be hacked. Researchers have already experimented with this idea and found that it is doable with the right equipment and a little know-how. Cardioverter-defibrillators and pacemakers are the obvious target (if you have the twisted frame of mind that would consider engaging in medical terrorism). Security features should be built in to the devices themselves and into the protocol for accessing the data network that handles device communication and control.
Fourth, there’s the problem of interoperability. The more readily various embedded devices can communicate with one another, the less time medical personnel must spend collating and reviewing data before making lifesaving decisions. Currently, most medical embedded systems are highly proprietary. Doctors might be using half a dozen different pieces of technology to collect various types of patient data. Currently, there’s no application on the market that is interoperable with all the different embedded devices in use to standardize, combine and interpret all this information as a complete “health picture”.
What’s being done to address these issues?
Each of these concerns is being addressed by IT engineering, software development, and life sciences researchers. For example, in 2007 Texas Instruments released the MSP430 microprocessor that converts analog signals from vital sign monitoring and diagnostic instruments into a digital signal. This powerful chip comes complete with processing power and a display graphic controller. It is designed to work with many different devices, including the next generation of embedded medical systems.
National Instruments has stepped into the arena to provide a graphical development environment for real-time embedded applications with highly reliable deterministic performance. NI LabVIEW is a favorite for start-up companies in the medical device field because it simplifies and speeds the process of development, allowing new technologies to reach the market faster.
LynuxWorks, Inc. is busily promoting open-source programming for medical embedded technology. The top goals for this approach are safety, security (with LynxSecure hypervisor), and interoperability. Microsoft is also a market leader in the medical industry with Windows Embedded systems. Since MS also has embedded programs for electronic health record management, it’s likely to be a popular choice for hospitals that want high levels of integration with an eye toward HIPAA compliance.
Each of the major embedded software players has its own security protocols in place for high-risk systems such as POS terminals. These security features could be repurposed for medical applications as awareness of the vulnerability of patient health information increases. As for the hackable pacemaker, the researchers at MIT who discovered how to hack in also created a password-protected jamming program that can protect against unauthorized access.
In the final analysis, the challenges facing the embedded medical community are serious...but not life threatening.