I don't think what I'm saying is so radical, just pointing that the internal complexity of the average off the shelf IC is beyond what a medical device manufacturer could understand let alone validate.
But it' really about architecture, not off the shelf parts as such. In a high risk system there should be at least two independent systems.
Consider the following case:
A high power laser manufacturer uses an off the shelf scanner to provide X-Y position the laser output. They then use a different off the shelf device to double check the position of the scanner. A third off the shelf device (CPU) shuts down the system if any difference is detected. All off the shelf devices are purchased from well known manufacturers, vetted through the purchasing system.
That architecture is OK, even if the laser manufacturer doesn't really understand the internal working of the off the shelf parts.
But if the laser manufacturer wanted to skip the double check sensor, because they think the scanner is reliable, then a regulatory auditor (FDA, EU etc) certainly has reasonable concerns about the use of an off the shelf part.
But it' really about architecture, not off the shelf parts as such. In a high risk system there should be at least two independent systems.
Consider the following case:
A high power laser manufacturer uses an off the shelf scanner to provide X-Y position the laser output. They then use a different off the shelf device to double check the position of the scanner. A third off the shelf device (CPU) shuts down the system if any difference is detected. All off the shelf devices are purchased from well known manufacturers, vetted through the purchasing system.
That architecture is OK, even if the laser manufacturer doesn't really understand the internal working of the off the shelf parts.
But if the laser manufacturer wanted to skip the double check sensor, because they think the scanner is reliable, then a regulatory auditor (FDA, EU etc) certainly has reasonable concerns about the use of an off the shelf part.