Slashdot Mirror

← Back to Stories (view on slashdot.org)

SFLC Wants To Avoid Death by Code

Posted by timothy on from the me-too-me-too dept.

foregather writes "The Software Freedom Law Center has released some independent research on the safety of software close to our hearts: that inside of implantable medical devices like pacemakers and insulin pumps. It turns out that nobody is minding the store at the regulatory level and patients and doctors are blocked from examining the source code keeping them alive. From the article: 'The Food and Drug Administration (FDA) is responsible for evaluating the risks of new devices and monitoring the safety and efficacy of those currently on market. However, the agency is unlikely to scrutinize the software operating on devices during any phase of the regulatory process unless a model that has already been surgically implanted repeatedly malfunctions or is recalled. ... Despite the crucial importance of these devices and the absence of comprehensive federal oversight, medical device software is considered the exclusive property of its manufacturers, meaning neither patients nor their doctors are permitted to access their IMD's source code or test its security.'"

4 of 247 comments (clear)

  1. Re:Why? by julesh · · Score: 3, Interesting

    The devices themselves are rigorously tested in clinical trials. If they pass those tests, what more do you want?

    Software errors can (and in fact are most likely to) result in pathological behaviour in unusual circumstances. Example. "The failure only occurred when a particular nonstandard sequence of keystrokes was entered on the VT-100 terminal which controlled the PDP-11 computer: an "X" to (erroneously) select 25MV photon mode followed by "cursor up", "E" to (correctly) select 25 MeV Electron mode, then "Enter", all within eight seconds. This sequence of keystrokes was improbable, and so the problem did not occur very often [i.e. not in any clinical trials] and went unnoticed for a long time." An independent source-code audit could have saved three lives in that case.

  2. Re:So what by wiredlogic · · Score: 4, Interesting

    In the case of avionics, there are rigorous design and testing standards for electronics, software, and mechanical hardware that are mandated by the FAA. Passing them is part of the certification process. This task can be handled in house or by third parties that specialize in that task. The medical industry should largely be applying the same principles.

    --
    I am becoming gerund, destroyer of verbs.
  3. NEVADA GAMING COMMISSION has the code to slots gam by Joe+The+Dragon · · Score: 4, Interesting

    NEVADA GAMING COMMISSION has the code to slots games so why can't the FDA get the code to med systems?

  4. Re:this is Surprising? by TapeCutter · · Score: 3, Interesting

    Reproduced below are the statistics printed on my pack of smokes...

    Causes of death in Australia.
    Tabacoo - 19,019
    Alcohol - 2,831
    Motor vehicle accidents - 1,731
    Illegal drugs - 863
    Murders - 203

    --
    And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.