[HN Gopher] Linux OS Is Best for Medical Devices
___________________________________________________________________
Linux OS Is Best for Medical Devices
Author : acqbu
Score : 32 points
Date : 2021-06-06 17:27 UTC (5 hours ago)
(HTM) web link (hackernoon.com)
(TXT) w3m dump (hackernoon.com)
| nix23 wrote:
| So the article says that linux is better then windows CE?
|
| No thanks, i would not trust linux with my life, better take
| something like VXwork..that's why linux in aircraft's is just for
| the multimedia stuff.
| phone8675309 wrote:
| One of the key things that is important when investigating
| customer complaints in healthcare is that of reproducibility. Any
| software that we release to a site needs to either be archived so
| we can investigate on the same bits that went out the door or
| needs to be reproducible bit-for-bit when rebuilt.
|
| Being able to freeze a Linux software image and know there is
| nothing that is constantly trying to update it at the merest
| appearance of an Internet connection is important so we can do
| any investigation required of us.
| Bilal_io wrote:
| Somewhere, someone has released a medical device running on
| Linux and they have installed unattended-upgrades or a similar
| thing xD
| pocw wrote:
| Are you seriously recommending that people disable security
| updates as though that somehow makes anything better?
| richardwhiuk wrote:
| Automatic updates? Yes.
|
| If the alternative is a medical device running in an
| untested configuration, that may well be worse.
|
| Instead, updates should be verified by the manufacturer and
| pushed out on a schedule.
| Veserv wrote:
| To elaborate on the parent's point, you should not be
| running automatic updates because you should be running
| manually verified and rigorously tested updates before
| you push a change in a safety-critical component. This is
| because an update to every device containing that
| component introduces a correlated failure mode. If the
| change is bad, you risk harming or killing everybody at
| the same time. This is in contrast to standard hardware
| failures modes which are much more likely to be
| uncorrelated, so the chance of harming everybody at the
| same time is (1 / FailureRate) ^ N. If a safety-critical
| system requires updates and can not verified and tested
| in context before being deployed it is criminally
| irresponsible to deploy such a system. Both automatic and
| no updates are similarly inadequate in much the same way
| that even though cardboard is stronger than tissue paper,
| neither is an adequate bridge building material for a
| car-carrying bridge.
|
| tl;dr Both no updates and automatic updates are
| criminally irresponsible. If you can not verify and test
| updates in context for an appropriate amount of time to
| verify safety stop before you kill somebody.
| rubicks wrote:
| And probably by accident, at that. Ubuntu's default apt
| configuration is rather... chatty.
| Accujack wrote:
| Or, they have released a medical device with customized Linux
| software and not shared the source as the license requires
| because it's "proprietary information".
| PascLeRasc wrote:
| There's a few DIY insulin pumps, and surprisingly one of them
| recommends a full apt upgrade:
| https://openaps.readthedocs.io/en/latest/docs/Customize-
| Iter...
| rubicks wrote:
| Can we talk about how, in the first graphic, the "open-source
| distributions" that garner mention are Debian, Mint, Gentoo, and
| Slackware? Centos seems like a conspicuous absence.
| rfraile wrote:
| I know that some x-ray devices uses OpenBSD on the hardware that
| process and send the images to the hospital network.
| rubicks wrote:
| Which is exactly the OS you choose when you when you're pushing
| medical data through network stacks. I could belabor the usual
| arguments regarding "secure by default" configurations, but I'm
| sure HN readers have heard them before.
| newdude116 wrote:
| Any Engineer here (preferably EU-based) that wants to join an
| early stage medical devices start-up? (vested equity offered)
| newdude116 wrote:
| Why the downvote?
| kqr2 wrote:
| Probably best to use the whoishiring monthly thread:
| https://news.ycombinator.com/user?id=whoishiring
| newdude116 wrote:
| Thank you. But it was very on topic since it is about medical
| devices. Just a shot in the dark.
| sunstone wrote:
| Otherwise the 'blue screen of death' becomes all too literal.
| throw737858 wrote:
| Linux has no real-time capabilities and guarantees! Maybe with
| some crazy patch. But recommending general Linux kernel for
| medical applications is dangerous. It can not even play and
| capture audio in RT!!
| rubicks wrote:
| There's nothing "crazy" about the preempt-rt patch and coding
| your application to use the scheduler policies/priorities. Like
| anything else worth having in open source, it takes practice to
| learn or money for consultants.
| mdtusz wrote:
| I hear this argument a lot, but the reality is that most
| devices that need realtime support will either be using the rt
| patched kernel, or be using application specific mcu's that
| handle real-time constraints while the Linux system just acts
| as the main control hub and orchestrator.
| tempfs wrote:
| Linux also doesn't constantly stream telemetry from devices that
| are being used in a HIPAA-bound setting unlike Windows which is
| going be sending everything from operational metadata to memory
| dumps back to Microsoft who will mine, selling and eventually
| leak it all.
| [deleted]
___________________________________________________________________
(page generated 2021-06-06 23:02 UTC)