Slashdot Mirror

← Back to Stories (view on slashdot.org)

Medical Equipment Crashes During Heart Procedure Because Of Antivirus Scan (softpedia.com)

Posted by BeauHD on from the Windows-10-Update dept.

An anonymous reader quotes a report from Softpedia: The device in question is Merge Hemo, a complex medical equipment used to supervise heart catheterization procedures, during which doctors insert a catheter inside blood veins and arteries in order to diagnose various types of heart diseases. According to one such report filed by Merge Healthcare in February, Merge Hemo suffered a mysterious crash right in the middle of a heart procedure when the screen went black and doctors had to reboot their computer. Merge investigated the issue and later reported to the FDA that the problem occurred because of the antivirus software running on the doctors' computer. The antivirus was configured to scan for viruses every hour, and the scan started right in the middle of the procedure. Merge says the antivirus froze access to crucial data acquired during the heart catheterization. Unable to access real-time data, the app crashed spectacularly.

16 of 266 comments (clear)

  1. No problem by NotDrWho · · Score: 4, Funny

    Our antivirus is completely up to da

    Upgrading to Windows 10......

    --
    SJW's don't eliminate discrimination. They just expropriate it for themselves.
    1. Re:No problem by some+old+guy · · Score: 4, Interesting

      Having worked in biochem, it's not the hardware vendors causing the lag, it's the FDA-mandated cGMP validation and certification process that takes for.fucking.ever and has to be repeated for every tiny little change. Yes, it helps ensure quality and consistency, but it is painfully slow and discourages change, however desirable.

      --
      Scruting the inscrutable for over 50 years.
  2. RT OS for Reatime tasks by Anonymous Coward · · Score: 5, Insightful

    Picking an OS that clear says not use it for real time possible life endangering task is a huge mistake!! QNX, RT_Linux, and more!!! Hello!!!

    1. Re:RT OS for Reatime tasks by DarkOx · · Score: 4, Insightful

      I have often wondered about this. Does Microsoft sell Windows license with a EULAs that don't contain prohibitions for uses cases like these?

      The Microsoft software was designed for systems that do not require fail-safe performance. You may not use the Microsoft software in any device or system in which a malfunction of the software would result in foreseeable risk of injury or death to any person.

      In most other engineering professions if you picked a component specifically labeled and sold as not fit for use case you'd be taking on all kinds of liability. Can you imagine if an architect decided to build a parking deck and spec'd concrete be mixed from a cement product labeled "not for structural use?"

      I can hear the lawyers salivating at the very idea. Yet Windows is used in off label ways seemingly all the time.

      --
      Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
    2. Re:RT OS for Reatime tasks by worf_mo · · Score: 4, Funny

      What's a PTB?

      Pointy-tailed Boss

  3. Manufacturer Narrative from FDA report. by Anonymous Coward · · Score: 5, Informative

    Based upon the available information, the cause for the reported event was due to the customer not following instructions concerning the installation of anti-virus software; therefore, there is no indication that the reported event was related to product malfunction or defect. The product security recommendations, (b)(4), explicitly state, "the intent of these guidelines is to configure the anti-virus software so that it does not affect clinical performance and uptime while still being effective. To accomplish this, the anti-virus software needs to be configured to scan only the potentially vulnerable files on the system, while skipping the medical images and patient data files. Our experience has shown that improper configuration of anti-virus software can have adverse affects including downtime and clinically unusable performance. ".

  4. So was this out of spec? by GIL_Dude · · Score: 4, Insightful

    This is interesting; the configuration on a device like this should be highly controlled. I have no experience with medical devices, but I know that process control equipment generally has vendor approved configuration (and often they only certify one AV vendor so even if our corporate contract is with vendor A, we have to use vendor B for the process control stuff because that is what is certified by the control system vendor. They also have very specific settings you have to use. Failure to follow the settings could result in lack of process control at a critical time. It seems medical stuff must be under similar (if not even more restrictive) configuration control. Having AV do a "scan" every hour is very stupid since any competent AV is doing on-access scanning anyway. I would expect the vendor for the software has specified folders / files / etc. that must be exempted from the scan as well (vendors for process stuff such as Yokogawa, etc. specify that). Seems to be a configuration failure on the part of the facility.

    1. Re:So was this out of spec? by jfdavis668 · · Score: 5, Informative

      The device was hooked via a serial cable to a PC to record the logs during the procedure. The PC antivirus ran, and locked the log file to scan it, causing the medical device to crash. Yes, that is a very bad way to design a machine.

    2. Re:So was this out of spec? by Anonymous Coward · · Score: 4, Insightful

      oblig:
      https://xkcd.com/463/

      Clearly, someone is doing their job horribly wrong.

  5. Scanning for viruses during heart surgery by ZipK · · Score: 4, Funny

    It just writes itself.

  6. Sometimes 'antivirus' is a warning sign... by fuzzyfuzzyfungus · · Score: 4, Interesting

    Antivirus systems aren't useless(I wouldn't trust their 'disinfection'; but they at least catch people reusing obsolete exploits and sometimes provide warnings that something is amiss); but this is one of those situations where hearing that antivirus software is running is a giant red flag: it usually means that a full-fat desktop/server OS with a network connection and who-knows-what-else running on it is doing the job of a dedicated computer. Quite probably being allowed to retain state over time except for the ever so occasional re-imaging. That just isn't going to go well. Even if your application needs full Windows whatever for some reason, there are plenty of ways to keep it on a much tighter leash than just shoving a desktop at the problem and hoping Norton can save you. If a system is contained by the network so that it can only talk to the external hosts it absolutely needs; and is booting from a clean, static, image every time(with all changes discarded after any data generated during the session are moved elsewhere) you are a great deal safer.

  7. Re:Windows 10 update will kill human beings by Ol+Olsoc · · Score: 4, Funny

    For what? This was an antivirus scan and the report itself doesn't mention an OS. Furthermore, this crash brought down the whole system. If developers are writing their software to utilize drivers, they ought to make sure those drivers aren't so buggy that the mere stopping of data will tank the entire system...especially a system that should be as close to "bulletproof" as bulletproof can be in the technological sense of the word.

    Windows can never fail - only we can fail Windows.

    And Bulletproof and Windows never belong in the same sentence.

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  8. Re:Seriously? by jfdavis668 · · Score: 5, Informative

    The machine didn't use Windows. It was hooked to a PC to record the logs during the procedure so the doctor could review them later. The AV software locked the log to perform the scan, and the medical device crashed. They had to reboot the PC to keep working.

  9. General purpose OS not suitable for critical use by QuietLagoon · · Score: 4, Interesting
    At some point, the developers of computers that are used in critical situations (medical operations, battleships, etc) will soon realize that it is to the detriment of their end users to use a general purpose operating system for systems.

    .
    It is easy to fall for the siren-song hype from the marketeers that the general purpose operating system is up to the task (remember Microsoft's marketing push that Windows CE was a real-time operating system ,even though it wasn't?), and that being able to use their knowledge of Windows is a benefit that will make their system better.

    Whether it is a weather application being used on live television, or a computer being used in an operating room, Microsoft has shown that Windows is not a proper steward of serious systems programming.

  10. Re:Windows 10 update will kill human beings by Opportunist · · Score: 4, Insightful

    IIRC the EULA of every Windows version so far said that the OS must not be used in life-or-death critical operations.

    Not that it isn't used in, say, nuclear plants (which are explicitly cited in the EULA, btw), but if you use something that is clearly not good enough for the job, and even tells you that it's too crappy for important tasks, well, you can't really complain, can you?

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  11. Re:Damnit, it is a MEDICAL INSTRUMENT! by gweihir · · Score: 4, Interesting

    The stupidity of some IT people is staggering. We had one case where they put AV on a highly isolated system and then had to compromise its isolation to allow over-the-net updates. When we told them that the system was not isolated anymore and that at the very least the AV vendor could now attack them over the network, they did not even understand what we were talking about. They mumbled something about "all machines must have AV".

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.