Re: Requirements for using Open Source Software in Medical Devices - IVD Medical Devi
After 10 years of regulatory auditing, now turning my hand to design of test equipment involving hardware, microprocessor level software and PC software, I have been wondering what is all the fuss about software -sure software has a lot of problems, but what is special about software that gets all the attention?
The conclusion I have is that there is nothing intrinsic about software that makes it different to any other area of design - there are for example exactly the same types of problems in both hardware and software.
The difference seems to come from hardware tending to be a system of off the shelf components, whereas in software we tend to write much of the material fresh for the device.
And therein lies the key danger - the amount of fresh new material that has not be subjected to test of time or wide application.
An off the shelf ADC (analogue to digital converter) has exactly the same potential problems as off the shelf software. The ADC has many complicated and critical aspects, and its failure may directly result in critical problems in the end medical device. But a medical device manufacturer is allowed to trust the ADC manufacturer's specification sheet without any special provisions, despite that the design of the ADC is outside of the manufacturer's control. Don't be fooled: end product verification testing does not fully test hardware circuits - it is no different to software in that it is impossible to test all permutations - and as such a huge amount of trust is being placed in the the component manufacturers.
Why? In truth we trust the ADC manufacturer largely because it is a well established component, sold by the millions in both medical and non-medical equipment.
And of course, if the failure of the ADC can lead to a serious event, such as death, then the manufacturer should put into place protection that operates independent of the ADC.
On the other hand, a manufacturer that uses some off the shelf software, suddenly the world comes down on them. Does this make sense? No. In the article above about IVD and open source software, every argument raised about OTS software can be equally applied to an OTS ADC.
I believe the original problem - fresh software - is being overlooked and as is typical, regulation has grabbed a subject and then ran with it far beyond the point where we can expect reasonable gains in safety for resources invested. Those resources get taken away from other more critical areas.
Whether open source or not, the reliability of most OTS software is bound to be several times higher than anything written by the medical device manufacturer, simply because of its wider application. Thus, we should be encouraging the use of OTS software rather than discouraging: it would be safer in the long run.
And again, a medical device should never be designed where the failure of a line of code can cause a serious event: there should be independent protection in place that at least ensures a fail safe situation.