SFLC Wants To Avoid Death by Code

foregather writes "The Software Freedom Law Center has released some independent research on the safety of software close to our hearts: that inside of implantable medical devices like pacemakers and insulin pumps. It turns out that nobody is minding the store at the regulatory level and patients and doctors are blocked from examining the source code keeping them alive. From the article: 'The Food and Drug Administration (FDA) is responsible for evaluating the risks of new devices and monitoring the safety and efficacy of those currently on market. However, the agency is unlikely to scrutinize the software operating on devices during any phase of the regulatory process unless a model that has already been surgically implanted repeatedly malfunctions or is recalled. ... Despite the crucial importance of these devices and the absence of comprehensive federal oversight, medical device software is considered the exclusive property of its manufacturers, meaning neither patients nor their doctors are permitted to access their IMD's source code or test its security.'"

this is Surprising?

[querky]

the software running your pacemaker is probably patented too!

So what

[clarkkent09]

Does a government agency examine the source code which keeps airliners in the air, cars on the road, nuclear plants from blowing up etc etc? If the government is going to evaluate and approve every important piece of code line by line we will pretty soon run out of programmers. But then, chip designs will have to be evaluated too because they can fail as well. Next, mechanical designs, engines, turbines, reactors, better make sure that the government is stocked with experts in all those fields too.

After all, nothing can possibly be safe until it is certified as such by the government. Just ask hundreds of thousands of people who died while the drugs that could have saved them were waiting for the FDA approval. They are pretty safe now.

Re:this is Surprising?

[JustinRLynn]

They tried to outlaw alcohol once.. look where it got them. Sometimes the cure is worse than the disease.

Re:So what

[QuantumG]

I think you miss the point. You should be able to examine the code in the pacemaker inside you - or hire an expert to do so.

Re:Why?

[julesh]

Even more so how many doctors or patients are going to have the knowledge to "examine the source code" and tell whether it is working properly?

It only takes one or two to achieve useful results.

Re:Why?

[mirix]

I'm sure Therac-25 [wikipedia.org] passed some sort of trials too. That didn't stop it from killing people, of course.

Re:this is Surprising?

[insertwackynamehere]

It really kills me when someone is all for marijuana being legalized but thinks that banning alcohol is the second greatest idea in their head. I know frustrated potheads love to feed the whole "alcohol is more dangerous than weed" line over and over, but not everyone who drinks alcohol does so in a way that threatens their health. Someone who smokes weed everyday and turns every conversation into a "weed should be legalized" conversation is a lot more unhealthy than someone who drinks alcohol in moderation.

Re:Why?

[Spiked_Three]

Really? Let's hear your prosecution for a case of murder by hacking an implantable device? Even if someone was smart enough to look into the device to see it had been hacked, there would be no evidence of who did it. Pick an important enough target, ie Dick Cheney, and you have a perfect untraceable murder.

Re:HeartHacks

[JustOK]

OSX: soon to be ad supported, will only beat during approved activities, phones home with details about your liver.

Re:HeartHacks

[JamesP]

No

WIth the exception of ATMs (and some radar guns) I wouldn't even bother with an OS

And that's GOOD. I DON'T want anything more complex than a couple (ok, 100) of lines of code in my pacemaker, thank you very much

It doesn't NEED to be more complex than that, and it SHOULDN'T

Re:Why?

[Shinobi]

A source code audit would not necessarily have found it. Like with so many other obscure faults, most likely, you'd have to go through a full trial and error on an actually running system, since you do not always know beforehand if the error is introduced by the specific source code, the compiler or anything else.

Huh?

[jmactacular]

"patients and doctors are blocked from examining the source code"

huh? are either qualified to do so?

Re:So what

[PopeRatzo]

I don't think code-reviews by bureaucrats is a good option

Of course not, but presumably the reviews would be done by programmers and analysts who would then report to the FDA.

When a drug is evaluated for it's safety and effectiveness, it's not "bureaucrats" that are doing the evaluation, it's doctors and pharmacologists and public health specialists.

When you throw a word like "bureaucrats" around, you make it sound like some clerk from the DMV is going to be doing the evaluation.

Yes, agencies like the FDA have become bureaucratic clusterfucks of non-progression and end up doing more damage than good.

Only because the lobbyists who have become the ones writing the regulations prefer it that way. The answer is certainly not to "fix" the bureaucracy by making them even more ineffective. Anyone who tries to reduce the argument to "less government" is trying to do exactly that. I know that's not what you're doing, of course, but there are people who have been misled into believing that the solution to any problem is "less government". However, there are very few examples where deregulation has made a situation better for anyone but a very few.

Re:Open Source pacemakers

[matria]

Or maybe you might learn what "open source" is. It is not necessarily free. It is not necessarily part-time. It merely means that the source code is available. Such a long bout of rabid typing for such a small amount of understanding.

Re:Why?

[vux984]

An independent source-code audit could have saved three lives in that case.

=Could have= saved 3 lives.

Would have cost 10s of thousands? millions?

Pretty much every time someone on the planet dies of accidental causes there is some procedure or process that "could" have saved them.

Life just isn't that safe. And I'd rather not spend every dime of the gdp trying to make it as safe as possible.

When people die its tragic. If its something simple to fix, we fix it. But lets not lay guilt trip down every time anybody dies. Life is dangerous and it wouldn't be worth living if we made it safe, because the only way it will ever be safe is if we lock everyone up in straight jackets in padded rooms.

Re:Why?

[demonlapin]

Most of these devices don't spend all that long on the market. They keep getting better, having new features and lower power consumption. Proving the code would slow the pace of advancement. Irony of medical advances: an imperfect device that kills a few people may in fact be (from a public-health POV) better than a perfect device that takes an additional two years to develop.

Re:Same as in the pilot seat

[Errol backfiring]

What on earth do Doctors think they will see in the source code?

That you did your job as you say you did. That something can go right and that laws were respected is no surprise to me. But I want to make sure that that is the case. You probably only see the cases that have a good testing. I want to make sure I am not depending my life on a device that was not tested adequately. I worked in both aviation and medical firms, and the security attitude of the medical world really scared the living daylight out of me.

So no, I will not take adequate medical testing for granted. Especially when information technology is involved.

Re:How are you alive?

[CraftyJack]

in college working towards a MA, aiming towards being a LPC or LSW specializing in substance abuse treatment

been drinking since I was 14 or so, am now 41.

I start around 3pm, give or take a little and go until I go to bed, which in many cases is not until 1 or 2am.

I'm sorry, but I simply can't take you seriously. You're either stretching the truth, or you are a 41 year old student that spends nearly half his day drinking. Either way, you're not credible.

Re:Same as in the pilot seat

[StormReaver]

The amount of testing and verification that goes into these software categories often exceed the development cost...

Then what's the harm in releasing the source code so those who are qualified to review it can do so?

The most likely answer is: "to protect our proprietary secrets from competitors!"

My response to that is, "what proprietary secrets?" If every company does the type of due-diligence you claim, then everyone in the field is already at the same level of competence and will not benefit from someone else's code. If not every company performs the same level of diligence, then that's all the more reason to have their code reviewed.

The most likely reasons to fight having their code reviewed are arrogance and fear.

Re:Same as in the pilot seat

[chaim79]

yah, you have no clue.

If you were able to sit down and listen in to any of our peer reviews or look through our test cases and procedures you might get an understanding. We work on Safety Critical software, there are no 'qualms about lying', and just 'saying it's all good' will in fact cause you to lose your job and fast. We regularly work on DO-178B Level A projects, that's the kind of project where if something fails people will die. As it stands I doubt there is an airline in the USA that doesn't have some code we've either developed or reviewed. We lie on something and we have a good chance of being on the airplane that lie is going to effect. We also do a bunch of medical project (pacemakers), one of our top managers made sure that when his father got a pacemaker that we worked on.

Bottom line is we will not lie on safety critical software, to the degree where we have stopped working with customers that have repeatedly requested us to lie to get a project done in time or under budget. There business wasn't worth our reputation or peoples lives.

Re:this is Surprising?

[insertwackynamehere]

I dunno though, I don't wanna pass judgement but three or fewer drinks a day is really not that little. I think if you are having more than three drinks daily, you may have a problem. Sometimes at a party I'll have more than three drinks, but I don't party every night either. I also don't drink on a daily basis.