PikeOS and ELinOS in Medical Applications
Embedded Linux in Medical Technology
Linux makes valuable contributions as a component of Medical devices. Due to a large user base, Security gaps are quickly detected and thus also closed. Of course, it also plays a role at this point that a professional team takes care of the maintenance of a Linux integration in Medical devices and that the system is also regularly maintained. An optimal combination of a core development team and the use of open source can bring great advances in medical technology. The biggest advantage of Linux in data protection is that the source code for the aforementioned packages and the operating system itself is freely available. This exposes it to constant critical view by users, who are quick to build patches in case of Security vulnerabilities.
Hospital, Diagnosis and Information Center
A hospital ecosystem is comprised by several IT components that need to communicate with each other transferring data and device status, Cyber Security should be an item to be considered in all these different components. It should be part of all different stages of the procurement process and architectural definition. The use of crypto engines as well as secure update mechanisms are required according to the latest Medical device ordinance. The data need to be provided in real time to all stations and the devices need to be monitored as well as the software to be updated where needed. This will help the doctor get his patient data and increase information transparency for the hospital over all.
Hospital-portable and Home Ventilators
Especially since the COVID-19 virus spread breathing ventilators got highly important to help patients heal their lungs and help them getting back to normal breath rhythm. Ventilators are used in hospital but also in home area as portable devices. Any Malfunction can endanger life. Therefore those device must be:
- Scalable across different type of devices
- Must have mixed criticality with Safety measures
- Keep patient data and device information secure
- Follow industry specific standard for medical devices, such as IEC 61508 / IEC 62304
- Compliance to MPG (Medizinproduktegesetz - Medical Devices Act)
Blood Infusion Pump
A blood infusion pump device is needed for intensive care in infirmary stations of a hospital. Its software architecture must be consider Safety and Security aspects while providing always online connectivity interfaces at the same time. With PikeOS, you can:
- Separate the application implementing the functional Safety by means of resource and time partitioning
- Isolate and encrypt patient sensitive data from the communication stack
- Use secure communication channels
- Provide convenient functions by means of non-critical partitions
Safety-critical Medical applications must be certified to Safety standards such as IEC 62304 and/or follow FDA Device Classification. PikeOS is the best certification solution for three reasons: small size, virtualization, and unparalleled company support for the certification process.
The PikeOS partitioning concept makes it possible for applications of various levels of criticality to be certified for their individual required Safety levels while running securely in parallel on the same hardware platform. Even more important for certification is a competent and reliable partner when it comes to documentation, requirements and tests.
The PikeOS separation kernel itself is small in terms of implementation and its little number of system calls allows comprehensive evaluation and validation. As a matter of fact, PikeOS (4.2.3 Build S5577 x86_64, ARM v7/8) has passed the Common Criteria EAL3+ certification.
Medical devices for critical treatments must comply with Safety as well as Security regulations. Of prime importance, the life and health of patients must not be endangered. Furthermore, their personal data must be protected against unauthorized access. Its unique properties make PikeOS a reliable and efficient foundation for Medical applications:
Integrated Safety and Security reduce Certification Cost
Applications of various levels of criticality and Security are safely separated from each other in distinct partitions and can be certified separately.
IEC 62304 Industry Standard
PikeOS supports the process, the necessary artefacts, as well as analysis and tooling for a successful certification.
Support for a broad Variety of Guest OS allows Consolidation
PikeOS supports mixed-critical setups with precise roles, e.g. Linux-based graphic or network functionalities run concurrently with POSIX-based Safety-critical and time-critical medication applications. The applications are isolated from each other by means of strict partitioning.
Multiple Independent Levels of Security (MILS) Platform
Using MILS Platform to increase Safety and Security standards.
ElinOS Embedded Linux Distribution
ELinOS is an ideal embedded Linux platform that has low memory footprint and secure elements fitting the medical use cases.