Challenges of distributed risk management for medical application platforms

ISO 14971, the primary medical device risk management standard focuses on single-manufacturer monolithic devices. However, the trend towards medical systems built from reusable platforms and interoperable components produced by different manufacturers introduces a number of additional risk management challenges. In this paper, we revisit the stages of the ISO 14971 risk management process, identify risk management challenges associated with interoperable medical systems that are not sufficiently addressed in ISO 14971, and we discuss possible process, analysis, and management concepts that may be useful in addressing these challenges.

[1]  Lu Feng,et al.  A Safety Argument Strategy for PCA Closed-Loop Systems: A Preliminary Proposal , 2014, MCPS.

[2]  Eugene Y. Vasserman,et al.  SAFE and Secure: Deeply Integrating Security in a New Hazard Analysis , 2017, ARES.

[3]  Insup Lee,et al.  Toward patient safety in closed-loop medical device systems , 2010, ICCPS '10.

[4]  Sandy Weininger,et al.  Error Type Refinement for Assurance of Families of Platform-Based Systems , 2015, SAFECOMP Workshops.

[5]  John Hatcliff,et al.  Towards an AADL-Based Definition of App Architecture for Medical Application Platforms , 2014, FHIES/SEHC.

[6]  Steve Warren,et al.  An open test bed for medical device integration and coordination , 2009, 2009 31st International Conference on Software Engineering - Companion Volume.

[7]  John M. Rushby,et al.  Design and verification of secure systems , 1981, SOSP.

[8]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[9]  John Hatcliff,et al.  Ecosphere Principles for Medical Application Platforms , 2015, 2015 International Conference on Healthcare Informatics.

[10]  Martin Kasparick,et al.  Software design and implementation concepts for an interoperable medical communication framework , 2018, Biomedizinische Technik. Biomedical engineering.

[11]  Sandy Weininger,et al.  Supporting Medical Device Adverse Event Analysis in an Interoperable Clinical Environment: Design of a Data Logging and Playback System , 2011, ICBO.

[12]  Insup Lee,et al.  Rationale and Architecture Principles for Medical Application Platforms , 2012, 2012 IEEE/ACM Third International Conference on Cyber-Physical Systems.

[13]  John Hatcliff,et al.  An architecturally-integrated, systems-based hazard analysis for medical applications , 2014, 2014 Twelfth ACM/IEEE Conference on Formal Methods and Models for Codesign (MEMOCODE).

[14]  Eugene Y. Vasserman,et al.  Retrofitting Communication Security into a Publish/Subscribe Middleware Platform , 2014, FHIES/SEHC.

[15]  Eugene Y. Vasserman,et al.  A Reference Separation Architecture for Mixed-Criticality Medical and IoT Devices , 2017, SafeThings@SenSys.

[16]  Cyrille Comar,et al.  Certifiably safe software-dependent systems: challenges and directions , 2014, FOSE.

[17]  Gary T. Leavens,et al.  Behavioral interface specification languages , 2012, CSUR.

[18]  Clifton A. Ericson,et al.  Hazard Analysis Techniques for System Safety , 2005 .

[19]  Yi Zhang,et al.  Enabling Safe Interoperation by Medical Device Virtual Integration , 2015, IEEE Design & Test.

[20]  Insup Lee,et al.  Prototyping closed loop physiologic control with the medical device coordination framework , 2010, SEHC '10.

[21]  Eugene Y. Vasserman,et al.  Foundational Security Principles for Medical Application Platforms - (Extended Abstract) , 2013, WISA.

[22]  Insup Lee,et al.  The MIDdleware Assurance Substrate: Enabling Strong Real-Time Guarantees in Open Systems with OpenFlow , 2014, 2014 IEEE 17th International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing.

[23]  Dirk Timmermann,et al.  A safe and interoperable distributed alarm notification system for PoC medical devices using IEEE 11073 SDC , 2017, 2017 IEEE Healthcare Innovations and Point of Care Technologies (HI-POCT).

[24]  F. Golatowski,et al.  OR.NET: a service-oriented architecture for safe and dynamic medical device interoperability , 2018, Biomedizinische Technik. Biomedical engineering.

[25]  Eugene Y. Vasserman,et al.  An Overview of Regulatory and Trust Issues for the Integrated Clinical Environment , 2011 .