Embedded Linux in Medical Technology
According to a study conducted by Fraunhofer ISI and Open Forum Europe (OFE) on behalf of the European Commission, companies in the EU invested around one billion euros in open source software in 2018. This has had an impact on gross domestic product (GDP) of 65 to 95 billion Euros. This shows the enormous importance that open source has among companies and organizations, including those in the medical field. Linux combines both Group Policy Objects (GPOs) and real-time operating system (RTOS) options, allowing it to be used in a wide range of medical devices, from a simple application to a complex system with vital functionality.
Linux is also being used in Telemedicine
Use cases for Linux in medicine don't have to be spectacular, revolving around automated, surgical robots. Linux also plays a role in other areas of medicine. More and more doctors offer consultation hours via the Internet. Here, too, medical devices are used and patients transmit data to the doctor. Here Linux can be an important tool, as the system is secure and extremely customizable. We show in more detail why this is so in the following sections.
Since telemedicine also involves the transfer of personal data and billing information, the General Data Protection Regulation (GDPR) plays an important role. Linux also makes it easy and flexible to identify the people involved. Under Linux, for example, it is possible to determine which method is to be used to encrypt the passwords. The passwords themselves can be stored in a specially secured file that can only be read by authorized programs.
Networking also plays an important Role in Medical Technology
Medical devices are becoming increasingly networked, just as other areas of our society are. Open architectures and standardized protocols play an important role. Here, of course, the open approach of Linux is ideal. This is also one of the reasons why System-on-Chip (SoC) solutions based on Linux are becoming more and more widespread.
Of course, embedded Linux systems without an SoC approach can also be used in healthcare. Examples of areas of application include devices for monitoring heart rates or for monitoring the general health of patients during surgeries. In particular, networking of the devices plays an important role, and with it security. Embedded Linux can also be used in robotic surgical instruments.
Affordable and portable products have a wide distribution, which has increased significantly in recent years. There is also an increasing adoption of embedded Linux in the medical field in conjunction with the boom of Industry-of-Things (IoT). IoT devices are becoming increasingly important for real-time monitoring of patient data. Experts expect this market to reach $500 billion by 2025. In life-and-death situations, every second matters. Through automated, and sensor-based monitoring, physicians can obtain a great deal of information. This plays an important role in critical care, but also in other areas, such as ambulances. Through IoT devices, patient data can be transferred directly from the ambulance to the hospital. Medical staff can adjust to the patient and already prepare treatments. This significantly increases the chances of survival, especially in the case of serious injuries.
What to consider when using Linux in safe Medical Devices
It is important for the use of embedded Linux in medical technology to consume as little memory as possible, which the medical device needs for its functions. In addition, such systems start much faster, which is of course relevant for medical devices. Systems such as SYSGO's Embedded Linux ELinOS, for example, boot in less than two seconds and already get by with 2 MB of memory.
Setup and operation should be as simple as possible, but at the same time offer maximum security. The Feature Configurator from ELinOS, for example, makes it easy to set up a functional yet lean embedded Linux distribution on a target system.
Security extensions such as SELinux should be a given in such systems. These requirements play an important role for stationary and portable devices. ELinOS Embedded Linux uses SELinux, ASLR and CAPP auditing. In addition, there is ANSSI conformity.
Features such as Address Space Layout Randomization (ASLR) add security and prevent exploitation of potential vulnerabilities. Linux systems support ASLR, but also a variety of other security technologies that are largely available for free via open source.
Therefore, it makes sense to use Embedded Linux extensively even when deployed on medical devices, regardless of whether the devices are networked or not. SYSGO's Embedded Linux ELinOS supports all the security features mentioned. The Debian-based distribution also offers proactive maintenance and security updates. This allows errors to be detected and avoided in good time, instead of just reacting to failures. For medical devices, of course, this plays a particularly important role. The support of the system is also important. ELinOS offers support for at least 5 years. If required, long-term support for 10 years and more is also possible, providing for investment security.
Linux itself is an operating system that does not perform any actions itself. Security functions and applications use the operating system for their operation, and the team that maintains the solution is responsible for ensuring that functions and security are guaranteed. Safety-related design plays an important role in this.
More on this topic can also be found on SYSGO Blog
Modern Microprocessors work optimally with Linux
Modern microprocessors in medical devices have multiple, universal CPU cores and thus also offer heterogeneous multiprocessing. Special cores are also available, for example for special functions and applications. This is ideal for Linux, since in this case the system can use the full range of CPU functions. In addition, current microprocessors are also more powerful and Linux can call up the performance optimally.
Matching this are container technologies, where applications are divided into different services, which Linux isolates from each other. Containers, which are used on the basis of Docker, for example, are an important part of modern application development because they make updates easier and the system works more stably. The well-known Docker container technology is part of embedded Linux systems, such as in ELinOS
Linux can increase Security and significantly reduce Energy Consumption on battery-powered Devices
Linux developers can separate parts of the system, which improves security and performance. For example, it is possible to isolate the user interface from other parts of the system. Processor clusters are used for this purpose. By separating the functions, it is also possible to switch off individual services that are not currently needed. This saves a lot of energy, which is of course important for battery-powered devices.
In addition, Linux can also use the processor cluster to provide special processor functions for applications. This includes symmetrical multi-processing, parsing tasks and assigning threads to certain processors. Here, of course, it is ideal if the critical area for security runs in a separate processor cluster at the same time. This improves performance and increases security at the same time. SYSGO's Embedded Linux ELinOS, for example, uses these functions.
Using the Power Framework in Linux
Linux offers the "Power Framework" option in its kernel. The function can switch off parts of the system via the kernel if they are not currently necessary. If necessary, the Linux kernel can switch the functions back on at any time. In this way, external interfaces in medical devices can be controlled. This clearly exploits the advantages of embedded systems.
It is also important at this point that the system provides a secure and effective interface for developers of medical programs. The example of SYSGO's Embedded Linux ELinOS uses an integrated Eclipse-based development environment.
Windows also often plays a role in development when Linux is used on embedded systems. Programmers must be able to develop and compile from Windows and Linux systems. The tools used should therefore ideally support both systems.
Secure Linux Systems for Medicine with Virtualization
To use secure Linux systems in medicine, it is not necessary to align the hardware with Linux. It is easily possible to use systems such as SYSGO's Embedded Linux ELinOS as guest OS in virtual environments.
In this way, secure practice computers can also be made available in medical practices, for example, to control access to patient data. A virtualization solution can be used as the base system, with the practice's own software running on a secure, virtual computer. This makes it possible to specify within the practice software that only certain data is available to individual users. The distinction as to who in the practice is allowed to view which information from the electronic patient file is made by the practice program. This runs on a secure Linux system. Linux offers the practice application various mechanisms for using the strong basic security for user separation for specific purposes.
Linux also provides the ability to allow only specific users to shut down and restart the computer. If access to the power switch, reset button and power outlet is not available to unauthorized users, Linux virtual computers are fully protected from unauthorized access.
Software Certification for Medical Devices - IEC 62304
Medical devices are demanding, so certifications play an important role. This ensures that the system is safe, stable and powerful. One such certification is IEC 62304. The development of software for medical purposes is regulated by the international standard IEC 62304.
This standard has been in effect since 2006 for medical devices that are also used on patients, for example, and must therefore ensure safe and adequate operation. Such devices are in many cases not stand-alone, but an integral part of the treatment. The performance and safety of the device therefore affect the other components of the medical solution.
IEC 62304 describes the classification of safety software and defines processes for software development, maintenance and risk management, configuration management, problem-solving processes and quality management.
In this respect, however, product development is not just about complying with standards and certifying them, it is also about exceeding them. This makes it possible to develop medical products that not only comply with regulatory requirements in the area of safety and security, but also exceed them.
Linux helps to create such solutions, as the basic operating system is already optimally designed for the respective medical requirements. Developers can focus on their application while relying on the security of the base operating system. It is also possible to update the system quickly to meet new legal requirements for medical devices.
Embedded Linux in medical devices is on the rise. When deploying it, care must be taken to ensure that systems are lean, secure and easy to use at the same time. The open source approach represents an important advantage. The system used should ideally be based on a distribution that offers good support with long-term maintenance, security updates and stable development. It is also important to use the various security features that are available in Linux.
More information at www.sysgo.com/elinos