Healthcare IoT: Promise And Peril

By Gale Morrison & Ed Sperling

As more connectivity and communication capability is built into everyday healthcare and medical devices, engineers are tasked with ensuring these devices are both completely secure and ultra-reliable.

Reliability generally is measured in mean time between failure (MTBF), but when it comes to safety-critical markets, that equation takes on a whole new level of importance. A failure in a smart phone is inconvenient. A failure in a medical device can cost a life, and that affects everything from how much effort is put into pre-silicon verification and post-silicon validation to the length of time a product will be considered safe to use. It also adds to the cost and complexity of designs—even those developed at older process nodes—including multiple levels of signoff to reduce potential liability if something goes wrong.

“Different applications have different levels of signoff,” said Carey Robertson, product marketing director at Mentor Graphics. “So with medical, it may be developed at an old process node, but it will have very sophisticated requirements.”

This is one of the reasons the medical IoT market has been much slower to develop than consumer markets. The amount of regulation and data required to bring products to market can be huge, and the requirements go up proportionately with the risk.

Still, medical IoT devices continue to gain acceptance. The sheer convenience of the devices for a reasonable cost, as well as the potential for providing far more data over time rather than a one-time check of vital signs, for example, has resulted in a far different reception to healthcare electronics than the one received several years ago.

“When I talked with healthcare providers and clinicians a few years ago, they said they didn’t know what to trust with consumer devices, and that in the future it would require medical-grade devices,” said Mike Muller, ARM’s CTO. “That has completely changed. If I go to my doctor and say, ‘Here are my blood pressure readings for the last two months,’ he doesn’t care how I got those. It doesn’t need to be a medically approved device. He’s quite happy to take any data I can give him to help with diagnosis. There has been a change from, ‘This is medical,’ to ‘Any data I get can help.’ Obviously, if you’re in the operating theater, you have a different level of requirement for certification of medical equipment. But there is starting to be a breakdown of two different worlds that don’t interact, to a world where getting the best outcome for patients uses whatever is available to make that happen. There has been a change in attitude about how you bring consumer devices into a professional world. That opens a lot of opportunities beyond the opportunities in approved medical devices.”

It also opens new opportunities for what in the past were unexciting technologies from a system design standpoint. Consider hearing aids, for example. In the past, the emphasis was on shrinking the device and extending the battery life. But hearing aids today are undergoing something of a technological revolution.

“We’re seeing more bendable packages,” said Mike Gianfagna, vice president of marketing at eSilicon. “But we’re also seeing more adaptive behavior. It’s pretty standard to be able to control this with Bluetooth on a cell phone. New devices use a simple DSP to get more sophisticated about what they can interpret. So the device automatically can determine if you’re in a crowded room or if you’re watching TV. That presents big packaging and power challenges, too.”

Demand grows
One of the key drivers of these kinds of innovations are aging populations in a number of markets, including North America, Europe and the Asia/Pacific region.

Source: United Nations Dept. of Economic and Social Affairs. (Listings by country can be found here.)

David Niewolny, healthcare segment manager for NXP’s Freescale business unit, pointed to a “huge emergence of technology in healthcare,” in a recent webinar. “Our aging population is set to double, with no increase in the number of physicians.”

That means for chronic diseases of the heart and for diabetes, for instance, technology will lead the way in improving patient care and lowering costs. So, how to bring that about? Hardware engineers have the usual constraints of power and continuous operation, and resisting physical tampering. But by far the biggest risk to manage is security, Niewolny said.

“Making sure someone does not have the ability to change [device] functionality or pull data off the device [is paramount],” Niewolny said. “So you prevent unauthorized execution of software. Whether it’s a simpler Cortex-M type device or the most sophisticated ARM A9s, you want and you get secure storage, a secure clock, a true random number generator [for the encryption tasks and securing software downloads].”

IP vendors have been investing heavily in security. ARM has its Trustzone and has introduced a number of secure platforms. Rambus has acquired a number of companies with security capabilities. Synopsys has built security into its ARC processors and memories. Cadence has done the same for its own IP and DSP cores. And Mentor has developed its own secure embedded software IP. After years of ignoring security, it has become a must-have addition for IP, particularly for safety-critical markets where regulations stipulate levels of security and reliability.

This has been an accepted practice for years in the mil/aero markets. For healthcare, it is relatively new, in part because new devices and innovations are just beginning to come to market. And for other markets, such as consumer, it’s still a work in progress. So while the IP may have built-in security capabilities, it may or may not get used in end devices, depending upon the level of liability associated with those devices.

Innovations abound
How much of a burden security and reliability put on designers isn’t clear. Innovation continues, but most of it involves external monitoring rather than implantable devices, where the risk is higher. The ARM/UNICEF partnership, for example, has spawned a “Wearables for Good” design challenge. One of the winners, according to ARM’s Muller, was Khushi Baby, a data storing necklace using Near Field Communications (NFC) technology. A smart phone can read the child’s immunization record from it, as well as update the record.

Another entrant in the challenge was a breath sensor for prostate-specific antigen (PSA), a flag for prostate cancer. “That technology can be used for lung cancer, as well,” said Muller. “The technology was originally developed for the defense industry to detect explosives, but it also can be used in healthcare. Today, the machines (the readers) are the size of a PC. But this year, you will see it available in a portable device. A phone could do the detection. The next trial will be for colorectal cancer.

“The interesting thing here is that it can be used to actually prevent disease,” he added.

There are some bright spots on implantable medical devices, as well. Muller pointed to the promise in what we learn from the biomedical sensors by gathering and analyzing all their data, and then using the learning to guide medical treatment. “Michigan State has developed a platform to measure pressure inside of the cranium. You can use this to determine how a person is responding to chemotherapy and whether a tumor is shrinking. That can replace an MRI, which is not a simple procedure.”

Technology is boundless, human nature less so
Still, the barriers clearly are not in what today’s hardware and software engineers can do. They lie more with medical device maker engineering budgets post-Affordable Care Act (ACA), the vast and fragmented inter-device communication standards landscape and, in the United States and Europe, the intense regulatory and lawsuit risk management pressures.

AT Kearney, the Chicago-based management consultancy, estimates that medical device industry operating margins could decline by 8% between 2014 and 2020. The firm said pressure is at least two-pronged—regulatory scrutiny and pressure, and the control that payers and providers have over system costs.

AT Kearney believes manufacturers will invest more in new versions of already-approved devices, rather than break new ground. This is good news for semiconductor makers with healthy market share, but bad news for other companies looking to get their technology designed into a new device platform.

That said, security holes in current generation devices must and likely will be addressed. In 2009, a huge class of infusion pumps found to be defective were ordered taken back from customers and destroyed, said Andrew Caples, senior product manager for the Nucleus product line at Mentor Graphics.

In recent months, Little Canada, MN-based St. Jude Medical faced intense scrutiny from the FDA, Department of Homeland Security and investors. The problem stemmed from allegations that its Merlin@Home gateway, which can talk to implanted defibrillators and pacemakers, could be hacked. St. Jude is suing the research group and hedge fund that went public with the claims.

Meanwhile, Johnson & Johnson on Oct. 4 issued a warning that a line of its insulin infusion pumps were vulnerable to hacks. The vulnerability comes from the devices’ unencrypted RF communication system, the company said, and patients can turn it off.

The FDA uncorked a draft guidance in January on cybersecurity risks, in which it encouraged manufacturers “to address cybersecurity throughout the product lifecycle, including during design and development.” It has made several efforts to let device makers share information about where vulnerabilities are and how to eliminate them.

One software firm, Belgium’s Sigasi, is building tools that get to that product lifecycle component. Focus is being put on the “electronic trail” of how a device functions, how it was tested, and the possible impact of the technology—particularly for ingestible or implantable electronics.

“To put a chip in someone’s body you have to provide a lot of documentation,” said Philippe Faes, CEO of Sigasi, noting this is no different than in other safety-critical markets such as automotive or mil/aero where the loss of life can be significantly higher. “If you look at the defense industry, the damage is a lot wider. Anything in that market can be critical.”

The challenge, though, is to make sure that companies don’t lose control of their IP with all of this documentation, he said. “The code still is owned by the designer and it has to stay that way.”

Still, the hope is that medical device makers can invest in such engineering efforts wholeheartedly, as opposed to using their money to deflect lawsuits over perceived and as yet unrealized risks.

Related Stories
Medical IoT Showing Signs Of Life
Market growth is expected to be strong, but development cycle is slow.
Using Chip Technology To Detect And Prevent Diseases
Semiconductor economies of scale begin filtering into the medical market.
Flexible Sensors Begin Ramping
Technology opens up new possibilities for the Internet of Everything.