Path: EDN Asia >> Design Centre >> Medical >> Beef up security of connected medical electronics
Medical Share print

Beef up security of connected medical electronics

04 Feb 2015  | Lauri Ora

Share this page with your friends

An issue designers face is that medical devices frequently utilise legacy software, often referred to as software of unknown pedigree (SOUP). Another issue is that they often rely on third-party software and drivers for function such as Internet connectivity, USB communication, or file management which may also be of unknown pedigree. Designers need to be sure that these software elements have been tested and integrated as part of an IEC 62304 compliant process, which can be both complex and time consuming.

Integration of safe and secure software with regular applications
The increasing need for both safety and security is changing the way systems are designed. One of the key considerations of safety design is separation and the need to separate system elements so that the failure or breach in one part of the system does not have a negative effect on another part of the system which may be running safety-related or secure functions.

Previously, designers used separate processors or even separate system boards to keep safety-related software isolated from regular application software. This reduced the likelihood that application software could have an adverse effect on the safety-related software. Designing and developing systems with full physical separation is inherently costly, due to the physical and logical constraints such separation requires. Having a mechanism to reduce the level of physical separation is therefore beneficial.

Increasingly these critical and non-critical elements can be combined in a single chip using multiple processor cores, or even on a single core that supports the ability to maintain separation through partitions. Different partitions will be separated in terms of resources and timing. Partitioning also allows other software, that doesn't need such stringent standard conformance, to be added to a design more easily and without increasing the hardware complexity.

Virtualisation is one key mechanism for increasing the separation between two or more software partitions executing on the same underlying hardware. Virtualisation allows the generation of virtual environments, which present the underlying system to different software partitions in isolation. Virtualisation can therefore be used to separate safety-related and regular software by allocating software of different criticality to separate partitions. A hypervisor is typically used to control the resource allocation as part of the virtualisation scheme.

ARM processors have various mechanisms for supporting software isolation and virtualisation. In the Cortex-M microcontroller range, memory protection unit (MPU) can be used for task isolation. The new ARMv8-R architecture supports virtualisation directly by providing a separate hypervisor mode, which can be used to run a trusted hypervisor, ensuring separation between different virtual machines executing in separate partitions. The Cortex-A series processors, which implement either ARMv7-A or ARMv8-A architectures, support separation via a memory management unit (MMU) and a hypervisor mode.

The range of ARM Cortex processors can address a range of different medical device use cases, from small sensor systems to large-scale data processing applications. The ARM Cortex processors and underlying ARM architectures provide a varying set of features for software isolation and partitioning, which can be beneficial for medical application software.

The growth of the connected world is driving new demands on the development of safety-related medical systems. Combining the safety requirements from different medical standards and demonstrating high levels of security is a challenge. However, the built-in fault detection, control, and software separation features and the advances in ARM architecture and the ARM safety ecosystem partner support for safety-related designs are helping developers overcome some of these key challenges. As an example, the new ARMv8-R architecture allows safety-related and non-safety related software to be used on the same CPU whilst maintaining strict separation. A growing number of development tools for the ARM architecture also come with supporting safety information, reducing the effort required to qualify them for use in safety-related designs.

Safety engineering challenges for medical devices cannot typically be solved in a bottom-up approach alone. However, the steps taken by ARM and its ecosystem partners have helped ensure that the necessary hardware, software, and tools, along with the supporting information, are available to help medical system designers and safety engineers achieve safe and secure products. By following the risk management practices required by medical standards, and utilising relevant features in ARM processors, the effort to develop medical software can be reduced. Ultimately this allows developers to focus on adding value to society through innovations in safety-related medical applications.

1. IEC 60601-1:2005+A1:2012. Medical electrical equipment – Part 1: General requirements for basic safety and essential performance.

2. IEC 62304:2006. Medical device software – Software lifecycle processes.

About the author
Lauri Ora is Functional Safety Manager at ARM at the company's global HQ in Cambridge, United Kingdom.

 First Page Previous Page 1 • 2

Want to more of this to be delivered to you for FREE?

Subscribe to EDN Asia alerts and receive the latest design ideas and product news in your inbox.

Got to make sure you're not a robot. Please enter the code displayed on the right.

Time to activate your subscription - it's easy!

We have sent an activate request to your registerd e-email. Simply click on the link to activate your subscription.

We're doing this to protect your privacy and ensure you successfully receive your e-mail alerts.

Add New Comment
Visitor (To avoid code verification, simply login or register with us. It is fast and free!)
*Verify code:
Tech Impact

Regional Roundup
Control this smart glass with the blink of an eye
K-Glass 2 detects users' eye movements to point the cursor to recognise computer icons or objects in the Internet, and uses winks for commands. The researchers call this interface the "i-Mouse."

GlobalFoundries extends grants to Singapore students
ARM, Tencent Games team up to improve mobile gaming

News | Products | Design Features | Regional Roundup | Tech Impact