Slashdot Mirror
Medical Equipment Crashes During Heart Procedure Because Of Antivirus Scan (softpedia.com)
An anonymous reader quotes a report from Softpedia: The device in question is Merge Hemo, a complex medical equipment used to supervise heart catheterization procedures, during which doctors insert a catheter inside blood veins and arteries in order to diagnose various types of heart diseases. According to one such report filed by Merge Healthcare in February, Merge Hemo suffered a mysterious crash right in the middle of a heart procedure when the screen went black and doctors had to reboot their computer. Merge investigated the issue and later reported to the FDA that the problem occurred because of the antivirus software running on the doctors' computer. The antivirus was configured to scan for viruses every hour, and the scan started right in the middle of the procedure. Merge says the antivirus froze access to crucial data acquired during the heart catheterization. Unable to access real-time data, the app crashed spectacularly.
There is blood on your hands nadella.
Our antivirus is completely up to da
Upgrading to Windows 10......
SJW's don't eliminate discrimination. They just expropriate it for themselves.
Picking an OS that clear says not use it for real time possible life endangering task is a huge mistake!! QNX, RT_Linux, and more!!! Hello!!!
Should such a system really have a general purpose OS. There's an advantage to keeping things simple and having dedicated hardware.
Don't turn off your PC
"Enjoy what you're doing! If it becomes drudgery, you're doing it wrong!" - Jim Butterfield
Based upon the available information, the cause for the reported event was due to the customer not following instructions concerning the installation of anti-virus software; therefore, there is no indication that the reported event was related to product malfunction or defect. The product security recommendations, (b)(4), explicitly state, "the intent of these guidelines is to configure the anti-virus software so that it does not affect clinical performance and uptime while still being effective. To accomplish this, the anti-virus software needs to be configured to scan only the potentially vulnerable files on the system, while skipping the medical images and patient data files. Our experience has shown that improper configuration of anti-virus software can have adverse affects including downtime and clinically unusable performance. ".
For such a critical system, wouldn't it be wise to have redundant backups available? It seems negligent to me to rely on a single potential point of failure, with no backup.
Use some dedicated hardware with a custom software system with only components designed for the purpose of the machine and nothing else. Harden and sanity check the hell out of the I/O and connect THAT to your idiot box.
Twinstiq, game news
This is interesting; the configuration on a device like this should be highly controlled. I have no experience with medical devices, but I know that process control equipment generally has vendor approved configuration (and often they only certify one AV vendor so even if our corporate contract is with vendor A, we have to use vendor B for the process control stuff because that is what is certified by the control system vendor. They also have very specific settings you have to use. Failure to follow the settings could result in lack of process control at a critical time. It seems medical stuff must be under similar (if not even more restrictive) configuration control. Having AV do a "scan" every hour is very stupid since any competent AV is doing on-access scanning anyway. I would expect the vendor for the software has specified folders / files / etc. that must be exempted from the scan as well (vendors for process stuff such as Yokogawa, etc. specify that). Seems to be a configuration failure on the part of the facility.
This seems like another example of the cure being worse than the disease.
It just writes itself.
Antivirus systems aren't useless(I wouldn't trust their 'disinfection'; but they at least catch people reusing obsolete exploits and sometimes provide warnings that something is amiss); but this is one of those situations where hearing that antivirus software is running is a giant red flag: it usually means that a full-fat desktop/server OS with a network connection and who-knows-what-else running on it is doing the job of a dedicated computer. Quite probably being allowed to retain state over time except for the ever so occasional re-imaging. That just isn't going to go well. Even if your application needs full Windows whatever for some reason, there are plenty of ways to keep it on a much tighter leash than just shoving a desktop at the problem and hoping Norton can save you. If a system is contained by the network so that it can only talk to the external hosts it absolutely needs; and is booting from a clean, static, image every time(with all changes discarded after any data generated during the session are moved elsewhere) you are a great deal safer.
Why would anyone use Windows for a real-time critical application? There are small real-time OS's designed just for such applications.
[Insert pithy quote here]
I see what you did here, tehehehe
Stupidity is an equal opportunity striker.
Fellow slashdotter Bill Dog
When I had LASIK back in, oh, 2011, the computer that controlled the laser was running Windows 95 (I'm not kidding, at all).
It's why I was so happy to ditch Windows when Apple went Intel. Now 10 years of no virus scans interfering with my work. Hallelujah!!!
"Merge investigated the issue and later reported to the FDA that the problem occurred because of the antivirus software running on the doctors' computer. "
I seriously doubt the computer was owned by the doctor. More than likely, it was procured, set up and managed by a team of IT specialist at the hospital/clinic who know little to nothing about the software that might be running on it. Likewise, if the company supplying the software isn't providing a dedicated, hardened box to run the software on, they share the blame as well. Or, I have seen dedicated boxes with all kinds of crap loaded on them by operators who had no clue what the consequences might be. The bottom line here is that maybe computers should be kept out of the operating room. Or maybe doctors shouldn't be allowed to use them.
Kind of like a rectum exam to look for an enlarged prostate... Most men will die with prostate cancer than from it... No quack is pulling out a kernel of corn from my arse just to look for something that will most probably go to the grave with me. Unless she's a hot nurse, in that case she can finger bash my rim
If the patient was a typical politician, maybe this was actually a divide by zero error?
Who did not specify the use of a real time OS for critical equipment?
Why is antivirus needed on an air-gapped machine that doesn't accept USB devices or autorun? On these types of systems we use a system like Deep Freeze. Every reboot erases all changes made in the previous session. It essentially restores a system image every boot.
The connection of the second device to the first made an aggregate system. I doubt the aggregate system was tested to the full required medical equipment specification.
windoze? of course it's windoze! fuck you all who uses that shit in mission critical things! fuck m$.
Obamacare
Really?
Why anyone would put anti virus software on a computer that is isolated from the net, has likely all USB ports disabled etc. is beyond me.
Make the damn boot drive read only, put the data on a different drive/partition ... then you can even keep USB and DVD reader/writer accessible.
Just don't put a windows PC into any network unless you really knwo what you do.
Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
. ,even though it wasn't?), and that being able to use their knowledge of Windows is a benefit that will make their system better.
It is easy to fall for the siren-song hype from the marketeers that the general purpose operating system is up to the task (remember Microsoft's marketing push that Windows CE was a real-time operating system
Whether it is a weather application being used on live television, or a computer being used in an operating room, Microsoft has shown that Windows is not a proper steward of serious systems programming.
It didn't try to update to Windows 10 in the middle of the procedure!!!!
I swear there has to be an international body that can declare Windows as a virus that must be eliminated from the planet before humanity can move forward.
If telephones are outlawed, then only outlaws will have telephones.
Whatever happened to a simple audio log? We've got recorders that encode directly to MP3. Just make the recording and copy it into patient files after the end of procedure.
This 'do everything with a computer' mentality is exactly why we have these nonsensical issues happening in the first place.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
Why was a medical instrument dependent on a PC for a primary part of its function!? I can understand outputting to a monitor or some other piece of PC related hardware, and maybe logging data on a PC for later review (which sounds like part of this devices function) but running one of the devices video functions through a PC software bundle? Foolish is an understatement.
O M G.. Can you imagine if windows update and antivirus ran at the same time? The world would explode!
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
I used to work for a company that built ophthalmic ultrasound machines. It was Windows based (unfortunately). IT departments, being who they are, wanted to put things like antivirus on it. Then the doctors would complain that the MEDICAL INSTRUMENT wasn't performing as advertised. They send it in to us for 'repair'. We remove the shitty antivirus (and all the other crap that IT guys would install on it), then it works perfectly again. We return it.. and IT guys would screw it up again. Rinse, repeat, ad infinitum.
MEMO TO IT GUYS: Stop treating medical instruments like they're desktop computers! Find another solution, or AT LEAST be smart about how you're installing your junk on it, IT IS A MEDICAL INSTRUMENT, DAMNIT!
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
why are they using a general-purpose OS, supplied by a company that's known not to care about security (because it costs money and profit), for *life* saving mission-critical software? i don't understand.
I'm sure it was tested...badly. Looks like an epic fail of cGMP validation.
Scruting the inscrutable for over 50 years.
APK Hosts File Engine 9.0++ SR-4 32/64-bit http://www.bing.com/search?q=%...
Antivirus SLOWS YOU DOWN & has tons of exploits (Tavis Ormandy anyone?)!
Hosts add speed (hardcodes/adblocks), security (bad sites/poisoned dns), reliability (dns down), & anonymity (dns requestlogtrackers) natively. Hosts != blockable by ClarityRay (like. souled-out to admen inferior wasteful redundant slower usermode browser addons)
Less power/cpu/ram + IO use vs. DNS/routers/antivirus + less security issues/complexity. Compliments firewalls (w/ layered drivers blocking less used IP addys vs. hosts blocking more used domains) & DNS (lighten dns load). Gets data via 10 security sites.
Works vs. caps & HTTP PUSH ads w/ firewalls.
* Ads rob bandwidth/speed paid for, security (openbid adnetworks abuse), privacy in tracking + anonymity.
APK
P.S. - Safe https://www.virustotal.com/en/... (Verified by Malwarebytes' S. Burn "I've seen the code & yes it is safe" http://forum.hosts-file.net/vi... )
For equipment like this, it's pretty common that the PC does very little and an RTOS is probably not necessary. Anything important or real-time is done on the equipment itself and the PC is just a dummy terminal. If the PC goes haywire, a watchdog timer probably puts the system into a safe state. I think that's why it's so common to use Windows.
I'm not saying it's right. In fact, it's all the more reason to use as simple and streamlined OS as possible. Something like a customized RHEL that only has enough installed to run QT.
What that says to me is that the manufacturer knew about the problem and shipped it anyway. The usual and customary practice with Windows systems, especially older versions, is to install anti-virus. On critical systems, anti-virus would be considered best practice and not installing AV could be considered reckless. The manufacturer knew that protecting the machine in the ordinary manner would endanger patients and they did nothing to either alleviate the danger (don't CRASH just because an AV scan is running) or prevent it (don't provide administrator access to the OS on a surgical device).
At some point, the developers of computers that are used in critical situations (medical operations, battleships, etc) will soon realize that it is to the detriment of their end users to use a general purpose operating system for systems.
It doesn't matter; the developers have no input about the OS to be used. That decision is made by management.
Who in their right mind designs life-critical systems around off the shelf operating systems like Windows? There's a reason aircraft computer systems are custom and highly redundant. Medical equipment of this caliber is no different.
What company produced this system? Their accreditation should be revoked.
~Any apparent grammatical or typographic errors are caused by defects in your display device.
And who is going to know how to do this? You think the guy doing heart procedures knows how to configure the antivirus to that degree, or that the guy setting up the antivirus knows where the heart dude's proprietary software is saving the data files?
Hell, even as a SysAdmin I don't always know 100% what my software is doing in the background and can't account for the crazy shit my AntiVirus has done.
Not only that, but what's the point of having an antivirus if it's not scanning the locations most likely to to be changing. I'm assuming that "vulnerable files" means the OS in this case, but if those are infected your system is already owned and the first thing any good virus does is break the AV...
>
Whether it is a weather application being used on live television, or a computer being used in an operating room, Microsoft has shown that Windows is not a proper steward of serious systems programming.
Heh. Go to any major airport with nice big screen monitors showing flight information and some percentage of them will have Windows dialogue box on them informing you of some problem...
I'm a consultant - I convert gibberish into cash-flow.
It found a human virus?
Website Just Down For Me? Find out
Now doctors will need full local admin rights + app admin rights to turn off anything that may get in there way. In some settings (more likely with poor IT in place) may even need domain admin rights so they can over ride / block GPO's.
Granted if I were to design a medical device I would probably just use a stripped down version of Linux that just does what it needs to do.
Windows, OS X, and Linux with a full distribution on such a device is adding extra complexity where it isn't needed.
That is why a lot of these devices are still running off of DOS.
The coded application should be the star of the device not the OS which had to be configured to get out of the way,
Such a device should only have port 22 for Administration and updates, and whatever port needed to receive HL7. A Virus shouldn't have any clear path into such a device as it should be locked down.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Further to this, why do they need a Virus Scan anyway? What is a device like this doing connected to the Internet or even their Internal network?
>...not a proper steward...
I really, really like the way you frame this. The proverbial 'we' use products for whatever we're doing. And it IS companies' responsibilities to be less near-sighted and consider their audience.
not to install any software on it = no updates and that is bad as well when they get hacked with something that was fixed months ago in an os update.
How about not being online? At the cost we pay why should the system need to link to some E-doctor in el salvador?
Our office coffee machine runs Linux. Gotta make sure that coffee is flowing.
The surgeons should be happy and thankful for these automatic anti virus scans done by these machines. Come on, people, there is a patient on the gurney with chest cavity open, exposed to all sorts of pathogens in the atmosphere. Fungus spores, pollen, bacteria, virus all sorts of things want to get into the body and wreak havoc. It is a good thing, there are machines to do real time anti-virus scans. People complaining about it, being smug and superior over Microsoft, what the hell?!
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
A similar incidence occurred to me over 10 years ago. I was using a $200K+ testing equipment running an overnight test. I started the job Friday evening. On Saturday morning, when I logged back on, instead of good progress, there were only a few data files and the equipment had rebooted. I rushed to office and realized that an overnight anti-virus upgrade had forced a reboot: the testing SW was written on top of WinXP. Fortunately there was no real damage: the equipment had to be re-calibrated (took 30 min) and I had to restart the job. However the irony is that a $200K+ equipment was controlled by a $100 piece-of-sh*t from MS*T. The equipment vendor had their own OS/GUI etc. But at certain point, they decided to use the crap from M**T. It's true that many equipment, SCADA, medical equipment need an OS with GUI, file system and internet. However a shot-sighted decision to pick up something cheap can mean read dangers down the road.
... because anyone could look at the source code!
They should be running an antibacterial scan :D
Why on earth didn't the parent company push their own mission critical solutions on the client side?
I too am looking forward to the days where people can .... read the details of what happened and stop blaming the underlying OS for a poorly coded program connected to a poorly coded device.
I actually wish that this computer ran Linux. Then maybe we could have a proper discussion about the coding processes used in this specific application rather than the frothing at the mouth while ranting about Windows that every modded up Slashdot post here has become.
But sure carry on writing in bold without having a clue what you're talking about
The FIDS systems at the airport are not exactly critical to the safe operation of the Airport.
Stop trolling.
All critical computer systems are flight certified an there are NO windows systems allowed. MS will not support any use of Windows where there could be risk to life.
Disclaimer. I work on the Systems that run airport terminals. These are not flight critical systems and so there is plenty of Windows around (sadly). IT is a Piece of crap but the suppliers very seldom want to use anything else. Windows 10 is at the moment a total no go area. Far too many bits of kit that we have to work with just won't work with that pile of steaming dog poo.
I think an easy solution to this problem, is to make sure the machine that is collecting and performing the process is a standalone machine that is not somehow connected to a workstation/laptop, no matter how nice the idea to add convenience to the doctor(s) might be. When you are investing in a machine that is needing to be relied on during high-risk situations, the one thing you don't want, is for any potential interference of any sort. That means it needs to be non-networked, and have an entire operating system and API to do the entire task right on the one machine. Non-networked is an inconvenience, yes... but it makes sure there's no chances of any malware or any bad updates to corrupt the system and bring it down to its knees. Then, possibly the data could be transferred in a one-way method (never back to the machine) via an SD card, to allow the doctors and technicians to gather all the diagnostic data and present it to the patient and insurance agency.
The "need" for antivirus can be greatly diminished if these hosts are simply isolated properly.
If they want it on the domain for manageability, fine. Allow Kerberos/LDAPS/CIFS to domain controllers and Kerberos/CIFS to a file server for data transfer. Run antivirus on the file server.
Block everything else if you can, but make absolutely sure to deny HTTP and SMTP.
Put the damn things on their own subnet and enforce the restrictions via network ACLs so even the "clever" users can't disable it.
Medical and industrial equipment vendors have zero interest in making sure their tools work properly on a normal enterprise workstation. So give them their little sandbox, and keep them as far away from the business network as possible.
---
According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
complete fucking insanity is why IoT needs to be stopped. Here's a fucking crazy thought: don't connect complex medical equipment that is involved in keeping people alive during medical procedures to the internet at all. Ever. Under any circumstances. Use AV to pre-screen shit before you install it. While I'm on the table in a hospital in Canada, cut wide open, I am pretty damn sure no one in Finland needs to know what's up with the machine monitoring my heart. And I know my doctor doesn't need to be looking for kitten videos. Jesus Fuck when will these people get a damn clue?! THIS SHIT is why I don't want a self-driving car; it's not because I don't like the idea, it's because I don't trust an auto maker to get it right. They might be flawless for some time, and then... then some fucking moron is going to push an on-air update while I'm up in the mountains with no guardrail and off I go. Let's leave the internet to the stuff that can't kill us, PLEASE.
Must've been McAfee.
The only security products whose authors want you to die a painfull and horrible death.
Who the fuck uses a non-embedded version of Windows in a fucking invasive medical device *anyway*? It's almost absurd. I use embedded windows in several hard-realtime control systems with 250us cycle times (hard deadlines: you're late and and some expensive metal chunks crash into each other), and it works just fine... Someone dun goofed big time. These systems use built-in firewalls, are not updated willy-nilly, run only necessary services, and the software load is considered to be like firmware: no user and no IT department can mess with it. The OS and our software is running off read-only media anyway, and writable overlay is on a battery-backed, crash-surviving ram disk. This shouldn't be any different in a catheterization system. Once the procedure is done and the data synced with central server, the ram disk should be reset.
A successful API design takes a mixture of software design and pedagogy.
"the whole incident was nothing more than an oversight on the medical unit's side"
What if the unit had started to record erroneous date in the middle of the operation, would that also make an oversight on the medical unit's side. seriously, what the fuck is Windows even doing in an Operating Theater.
Never thought I would get to say that on /.! I work in a hospital and set up PCs for Cath-lab, surgical anesthesia monitors and stuff all the time. As far as this goes the hospital usually just buy the seats (or whatever) for the software and you install it. All the software like this comes with explicit and unambiguous instructions for directory and file type exclusions. Right or wrong, the software will run fine if this is done correctly - it will crash if it is not. First, all the posters are right, windows is crap and shouldn't be used. But it is chicken and egg - the hospitals buy it because that is what all the vendors write their apps for, and the vendors code for Windows because that is what hospitals buy. I am stuck with it. There are a few vendors that run Linux end-to-end, but it is rare.
Finally, I have proof for the PHB's that McAfee kills!
Table-ized A.I.
Turn drive scanning off, it's a resource hog and completely ignores the user. More to the point, if an infection has worked it's way onto the system, bypassing the active resident scanner, do you think the drive scanner is effective at this point?
Why does this need to be connected to a network?
Running Antivirus or any other unneeded software on a critical medical computer is Wrong.
Connecting a critical medical computer to any network, that would make Antivirus necessary, is Wrong.
Having the Medical software crash because it could not access data is Wrong.
"If Engineers built buildings the way Programmers write programs, the first woodpecker that came along would destroy civilization!"
Beware, it is not going to be long before companys, and even individuals, will be sued for things like this. It already happens in other fields.
The obvious question is who if the irresponsible party who either built or bought a mission critical app that ran Windows????
the app...
An app? So it was running on a mobile phone? or tablet
... crashed spectacularly
The crash was spectacular... so how was it different or spectacular? In what way was this so much more special than a regular program crash?
Outsourced programming