SFLC Wants To Avoid Death by Code 247
foregather writes "The Software Freedom Law Center has released some independent research on the safety of software close to our hearts: that inside of implantable medical devices like pacemakers and insulin pumps. It turns out that nobody is minding the store at the regulatory level and patients and doctors are blocked from examining the source code keeping them alive. From the article: 'The Food and Drug Administration (FDA) is responsible for evaluating the risks of new devices and monitoring the safety and efficacy of those currently on market. However, the agency is unlikely to scrutinize the software operating on devices during any phase of the regulatory process unless a model that has already been surgically implanted repeatedly malfunctions or is recalled. ... Despite the crucial importance of these devices and the absence of comprehensive federal oversight, medical device software is considered the exclusive property of its manufacturers, meaning neither patients nor their doctors are permitted to access their IMD's source code or test its security.'"
this is Surprising? (Score:5, Insightful)
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
It really kills me when someone is all for marijuana being legalized but thinks that banning alcohol is the second greatest idea in their head. I know frustrated potheads love to feed the whole "alcohol is more dangerous than weed" line over and over, but not everyone who drinks alcohol does so in a way that threatens their health. Someone who smokes weed everyday and turns every conversation into a "weed should be legalized" conversation is a lot more unhealthy than someone who drinks alcohol in moderation
Alcohol kills a lot of people (Score:2)
How are you alive? (Score:5, Informative)
I'm not trolling or flaming at all here, I'm genuinely surprised.
By my quick-and-dirty calculations:
I tend to feel rough after four or five beers. How is it you're drinking five to ten times that *a night* and still around to talk about it lucidly? I'd expect some serious delerium tremens in short order on that track...
Curious,
Re: (Score:2)
4 or 5 beers is rough? I don't drink 25, but it takes 4 or 5 to just feel it. 12 is a fun Friday night.
4 or 5 is what my girlfriend would call rough.
Re: (Score:2)
I never claimed to be much of a drinker. :)
On a more sobering note, it's partly that my mom drank herself to death, and I'd rather not follow in her footsteps.
And as a side benefit, having a wuss tolerance is certainly cheaper!
Sláinte,
Re: (Score:2)
I never claimed to be much of a drinker. :)
On a more sobering note, it's partly that my mom drank herself to death, and I'd rather not follow in her footsteps.
And as a side benefit, having a wuss tolerance is definitely cheaper!
Sláinte,
Re: (Score:2)
I used to drink a lot a have a great time with the night life. Now I have three kids and a more-than-full-time job. I'm lucky if I can get down two beers in a night.
Sigh!
Re: (Score:2)
I'd suggest putting a down-payment on a new liver down now while you still can.
Re: (Score:2)
I've had my hard days, though not 25 or 50 cans of beer. However, when I worked in construction, I knew some guys who could buy a 24 pack and put it away all by themselves, every single night. I also knew some guys who could drink almost a handle of vodka by themselves. Those are the real alcoholics. Some of them never stopped drinking at all. Wake up, have a screwdriver. Carry a flask around at work. Drink more with lunch.
I'll never forget one of the guys turning yellow and his buddies dropped him off at t
Re: (Score:2)
There is a huge difference between getting drunk on normal strength beer and even standard strength spirits, never mind fucking rocket fuel.
Re:How are you alive? (Score:5, Insightful)
in college working towards a MA, aiming towards being a LPC or LSW specializing in substance abuse treatment
been drinking since I was 14 or so, am now 41.
I start around 3pm, give or take a little and go until I go to bed, which in many cases is not until 1 or 2am.
I'm sorry, but I simply can't take you seriously. You're either stretching the truth, or you are a 41 year old student that spends nearly half his day drinking. Either way, you're not credible.
Re:this is Surprising? (Score:4, Informative)
But thanks for the amateur psychoanalyzing, it was very humorous.
Yeah, I guess a real psychoanalyst requires someone who...
I was a thief when I was teen-ager. Not a grab and run, bust a glass thief either. I was a break in, and steal everything you had in the house, and bust your safe if you had one.
Eh, I got banned from the WoW forums on one account for calling the mods fucktard asshats who...well, you get the idea.
...is a douchebag AND a troll [slashdot.org]:
Whoever modded the above post troll is a fucking idiot whose mother is a cocksucking whore on a Glasgow street corner. If you fail to recognize a legitimate question, maybe you need to get the dick out of your mouth and the dildo from your ass and learn to read. That's the problem with handing moderation points to just anyone on /. Fucking morons get them too.
...is a white supremacist [slashdot.org]:
Niggers are different than me and need to be looked down upon, especially if the law prevents me from killing them on sight or at least putting them back in chains and out in the fields.
...is an attempted killer [slashdot.org] (thankfully only attempted):
Convicted of 1 B&E, 1 Burglary, 1 Armed robbery, 1 assault with a deadly weapon inflicting serious injury with intent to kill, Violating the federal Firearms Licensing Act, Possession of Stolen Government property, and an explosives charge for the hand grenades.
...believes mentally ill people should be put down [slashdot.org]:
If someone is a diagnosed pedophile, there is only one sure fired way to make sure they never do it again, a bullet through the head, or a more humane method if that is your preference.
...enjoys taking out his rage by beating up pedophiles [slashdot.org] while in prison:
We'd beat them [the pedophiles] down, the guards would beat them down, and they would not stop, could not stop more likely.
And the very best part is, this guy is a certified counselor [slashdot.org]! And he's PAID by your very own tax money!
I work as as a SAC II (substance abuse counselor) for pay, part-time and also am doing my internship at the same location. It's free work IMNSHO. The only reason I put up with it is because as soon as I finish my MA and get my license, I go full time with about a 95% pay raise, plus state government benefits, and will be able to do private assessments and counseling on the side for about a grand a week.
Hire your own stonewallred today! Limited offer! *Exclusions include non-whites, democratic party members, women, and educated persons.
I feel so inspired and humbled.
Re: (Score:2)
So you never drive, since that amount of alcohol every night means you are always over the legal limit?
Or you are *really* obese, which I guess is pretty likely since you are consuming 150% to 300% of the normal human calorie intake just in everclear.
At usual rates you'll take 70 hours to get back to a legal BAC, but since there's less than 24 before you drink the next batch you must be excreting it in various additional ways.
Re: (Score:2)
SUM(DrunkDrivingDeaths) + SUM(AlcoholFueledDomesticViolenceDeaths) > SUM(ODedOnCrack)
Your using different criteria to evaluate danger. You're looking at each drug in a vacuum, he's looking at how society chooses to use each drug. And unless you know of some magical way to stop drunk driving and domestic violence, his perspective is a lot more realistic.
Re:this is Surprising? (Score:4, Interesting)
Causes of death in Australia.
Tabacoo - 19,019
Alcohol - 2,831
Motor vehicle accidents - 1,731
Illegal drugs - 863
Murders - 203
Re: (Score:2)
Actually, not only is alcohol not inherently dangerous, many studies suggest that, if consumed moderately and appropriately, it can actually be beneficial.
The same cannot be said of nicotine or marijuana.
Re: (Score:2)
not to put too fine a point on it but most of those studies are bullshit funded by beer companies.
The simplest mistake most make is a selection bias.
They separate people into drinkers and non drinkers and look at their health and wow, the drinkers turn out to be more healthy.
thus leads on all that bullshit about a glass of wine/half a glass/a glass and a half etc etc a day being good for you.
if you separate people into 3 groups, drinkers, non-drinkers and non-drinkers who used to drink but now can't because
Re: (Score:2)
Re: (Score:2)
Many people have died from drinking too much alcohol.
Re: (Score:3, Insightful)
I dunno though, I don't wanna pass judgement but three or fewer drinks a day is really not that little. I think if you are having more than three drinks daily, you may have a problem. Sometimes at a party I'll have more than three drinks, but I don't party every night either. I also don't drink on a daily basis.
Re: (Score:2)
So what (Score:5, Insightful)
After all, nothing can possibly be safe until it is certified as such by the government. Just ask hundreds of thousands of people who died while the drugs that could have saved them were waiting for the FDA approval. They are pretty safe now.
Re:So what (Score:5, Insightful)
I think you miss the point. You should be able to examine the code in the pacemaker inside you - or hire an expert to do so.
Re: (Score:2)
Re: (Score:2)
However much a reasonable person agrees should be. Note that most reasonable people don't consider RMS a reasonable person, so it's somewhere between pacemakers and text editors.
Re: (Score:2)
Of course. You, and your doctor, and any agency that is allowing that product to be sold for a particular therapeutic purpose should be able to examine the software (and hardware ) design of any device that is sold specifically for a medical purpose.
Re: (Score:2)
"I do not have any idea how anyone could expect to review all of the code associated with any medical device."
People manage it for many entire operating systems.
he's not saying GPL.
You can opensource code without giving everyone and his dog the right to steal it for their own hardware.
I don't know about you but if I had a piece of hardware which my life depended on I'd want to be able to inspect the design and code for faults.
My right to stay alive trumps their desire to hide messy code.
Re: (Score:2)
I would say that I should be able to examine the software (and of course hardware!) of any device that I own. People have certainly never needed anybody's permission to examine, and even modify, their own property since the beginning of time; why the heck should that magically change now just because the
Re: (Score:2)
Re: (Score:2)
what happens when that same person accidentally stabs himself in the eye with a screwdriver?
or jumps off a bridge?
no doubt his relaives would sue the company which built the bridge and his shoe manufacturer(since he walked to the bridge) anyway.
"people might hurt themselves through stupidity" is an endless argument which could be applied to everything in the universe and every freedom or right.
it is not a decent argument against this.
Re: (Score:2)
Oh please, so many problems in the US today are by enforced empowerment of litigious idiots. Not perfect? RARGH SUE. What's this? one of little jimmy's toys comes from a country where people sometimes fall over? RARGH SUE. What's this? my tap water has one atom per gallon of uranium, only detectable due to recent advances in hypersensitive ICP-AES? RARGH SUE. Liability is paralysing your nation, and all this will mean is less people making pacemakers.
Re: (Score:2)
Mission critical things (life support, nuclear core monitors, etc) sure as fuck should have an independent code review.
Re: (Score:2)
Re: (Score:2)
You don't have to have the device installed at all, you know. You're the one who needs a service from them.
Re: (Score:2)
Re: (Score:2)
Re:So what (Score:5, Interesting)
In the case of avionics, there are rigorous design and testing standards for electronics, software, and mechanical hardware that are mandated by the FAA. Passing them is part of the certification process. This task can be handled in house or by third parties that specialize in that task. The medical industry should largely be applying the same principles.
Comment removed (Score:5, Informative)
Re:So what (Score:5, Informative)
I've tested medical device software and I had to sign my name on forms over 5K times for just one version. This was just for the behavior and appearance of the localized GUI, not the pure functionality. Each test was recorded via video. The 90GB of video, 4GB of datasets, and the 220 pounds (100kg) of signed test forms were shipped at the end of the 6 week series.
At the medical device customer's end, all of the tens of thousands pages of signed and initialed test forms were scanned and burned to disks. The plan to hang on to these for about a century.
Then, the forms are updated and reviewed, new languages and OS versions added and the cycle continues. Every step is reviewed and audited. We don't want the FDA asking 10 years from now if something was tested or considered for testing without giving defensible answers.
The folks testing the functionality of the software had close to 100K of tests for each version of device software. (Different vendor, so I am going by what the device company told me.)
We all reported to the same defect database, so we could be aware of progress and problems.
Long hours, fun times.
Re: (Score:2)
Finally someone who talks sense. It's so easy to say that everybody and his dog should have access to the source code of my pacemaker, but then what? I sure wouldn't want my doctor to change the software because he thinks he knows better than the experts at the manufacturer's. I think it's completely useless to have anyone but the manufacturer have access to the source code.
Re: (Score:2)
Why wait for enough tombstones for the technology to get fixed?
That seems to work well for airliners, trains and nuclear plants.
Cars seem to need some help too.
Drug approval is a given in the US, the idea because its a chip they can have a free pass seems great in the short term, but will catch up with many.
Who will pay for new devices for a generational fault? Better to at least have some outside on average that just trusting the
Re: (Score:2)
Wait a minute. Did he just say airliners are fixed for known safety issues?
I call BS on this one.
Most airplanes are full of foam plastic walls and flamable seating, an old problem airplane manufacturers refuse to fix.
Many similar issues exist.
Re: (Score:2)
Not just government (Score:3, Interesting)
Does a government agency examine...
How about the other entities mentioned in the summary (let alone TFA) -- patients and, more importantly, *doctors*? If not them -- who should review them?
After all, nothing can possibly be safe until it is certified as such by the government. Just ask hundreds of thousands of people who died while the drugs that could have saved them were waiting for the FDA approval. They are pretty safe now.
FDA approval works roughly about as well as "self-regulation" works, since the F
Just the facts, ma'am (Score:2)
Just ask hundreds of thousands of people who died while the drugs that could have saved them were waiting for the FDA approval.
What is your source for these numbers?
I think you'll find that the experimental protocol at best simply extends the life of the terminally ill patient for some few weeks or months. It is not a miracle cure - it is an investment in the future.
39% of lung cancer cases are diagnosed after the cancer has already metastasized (distant stage). The corresponding 5-year relative lung cance
Re: (Score:2)
Re: (Score:2)
Medical devices are already blackbox tested for function, the SFLC presumably
Re: (Score:2)
Re: (Score:2)
To be fair, black box testing is the foundation of device testing in the health field. And for simple devices it is exactly what you want: making sure that the outcomes are as specified.
However, as any engineer knows, for complex devices there can be innumerable states, and no test can achieve good coverage of these states. So it is appropriate to vet the internals of these complex devices.
Just because companies wish to keep these details as trade secrets does not mean that it is in the public interest
Re: (Score:2)
Much larger number of programmers are gainfully employed, and there are thousands of openings for software engineers in the SF Bay Area alone. Does anyone really want the ones who can't get hired reviewing mission critical code anyway?
Re: (Score:2)
If the alternative is having *nobody* reviewing it, yeah I do.
Re:So what (Score:5, Insightful)
Of course not, but presumably the reviews would be done by programmers and analysts who would then report to the FDA.
When a drug is evaluated for it's safety and effectiveness, it's not "bureaucrats" that are doing the evaluation, it's doctors and pharmacologists and public health specialists.
When you throw a word like "bureaucrats" around, you make it sound like some clerk from the DMV is going to be doing the evaluation.
Only because the lobbyists who have become the ones writing the regulations prefer it that way. The answer is certainly not to "fix" the bureaucracy by making them even more ineffective. Anyone who tries to reduce the argument to "less government" is trying to do exactly that. I know that's not what you're doing, of course, but there are people who have been misled into believing that the solution to any problem is "less government". However, there are very few examples where deregulation has made a situation better for anyone but a very few.
Re:So what (Score:5, Informative)
Hardware that is literally the only thing keeping you alive should be subject to some regulation. I don't think code-reviews by bureaucrats is a good option, but perhaps independent third parties would be a start.
Given that basically all such devices have been reviewed by Underwriter Laboratories or an equivalent OSHA recognized testing lab already, I don't see what needs to change.
Despite all the flaws of the US tort system, it does provide a strong financial incentive for things like pacemakers to be designed robustly. And yes, the code also gets reviewed.
It may surprise people, but the system being proposed is already in place and it works pretty well.
Why? (Score:2)
The devices themselves are rigorously tested in clinical trials. If they pass those tests, what more do you want?
Re: (Score:2)
Re: (Score:3, Insightful)
Even more so how many doctors or patients are going to have the knowledge to "examine the source code" and tell whether it is working properly?
It only takes one or two to achieve useful results.
Re: (Score:2)
I would be HIGHLY MOTIVATED to learn.
Re: (Score:2)
I've got one of these things - a result of conductive systems failure (CSF) - it means the top half can't talk to the bottom half to coordinate/synchronize pumps.
In a way, I whole heartedly (pun intended) agree with your statement - but then I start to think - Windows 95 probably could have passed a clinical trial - and then came the hackers.
So, I got this thing in my chest that keeps me alive, can be communicated with via an electromagnet, and has anyone ever really considered what would h
Re: (Score:3, Insightful)
Re:Why? (Score:4, Interesting)
The devices themselves are rigorously tested in clinical trials. If they pass those tests, what more do you want?
Software errors can (and in fact are most likely to) result in pathological behaviour in unusual circumstances. Example. [wikipedia.org] "The failure only occurred when a particular nonstandard sequence of keystrokes was entered on the VT-100 terminal which controlled the PDP-11 computer: an "X" to (erroneously) select 25MV photon mode followed by "cursor up", "E" to (correctly) select 25 MeV Electron mode, then "Enter", all within eight seconds. This sequence of keystrokes was improbable, and so the problem did not occur very often [i.e. not in any clinical trials] and went unnoticed for a long time." An independent source-code audit could have saved three lives in that case.
Re: (Score:3, Insightful)
A source code audit would not necessarily have found it. Like with so many other obscure faults, most likely, you'd have to go through a full trial and error on an actually running system, since you do not always know beforehand if the error is introduced by the specific source code, the compiler or anything else.
Re:Why? (Score:5, Insightful)
An independent source-code audit could have saved three lives in that case.
=Could have= saved 3 lives.
Would have cost 10s of thousands? millions?
Pretty much every time someone on the planet dies of accidental causes there is some procedure or process that "could" have saved them.
Life just isn't that safe. And I'd rather not spend every dime of the gdp trying to make it as safe as possible.
When people die its tragic. If its something simple to fix, we fix it. But lets not lay guilt trip down every time anybody dies. Life is dangerous and it wouldn't be worth living if we made it safe, because the only way it will ever be safe is if we lock everyone up in straight jackets in padded rooms.
Re: (Score:2)
An independent source-code audit could have saved three lives in that case.
What evidence do you have that an independent code audit would have had any more chance of catching the error than an internal code audit ?
Re:Why? (Score:4, Insightful)
I'm sure Therac-25 [wikipedia.org] passed some sort of trials too. That didn't stop it from killing people, of course.
Re: (Score:2)
Maybe the folks at the SFLC should consider building an Arduino based pacemaker, then they can write their own GPL licensed software. They can invest the money to get it FDA approved, too. But, I suspect what they really want is to force others who have already made that considerable investment to disclose their work for all others to see.
Re:Why? (Score:4, Insightful)
If only (Score:2)
That would save us all a lot of trouble.
Stay away from Windows CE (Score:4, Funny)
One of the July 2010 updates bluescreened my 81-year-old dad.
The hospital backed out the update but they had to reboot him in safe mode and go up the back door.
HeartHacks (Score:2)
On the other side of things, imagine the scandal of somebody with a pacemaker installed for the purpose of athletic advantage, perhaps at the Olympics. Can you say heart hack? The winning line-up of the hacked-pacemaker 500, by embedded OS of choice:
1. DSL (Damn Small Linux), lightweight, fast, an
Re: (Score:3, Insightful)
OSX: soon to be ad supported, will only beat during approved activities, phones home with details about your liver.
Re: (Score:3, Insightful)
No
WIth the exception of ATMs (and some radar guns) I wouldn't even bother with an OS
And that's GOOD. I DON'T want anything more complex than a couple (ok, 100) of lines of code in my pacemaker, thank you very much
It doesn't NEED to be more complex than that, and it SHOULDN'T
Re: (Score:3, Informative)
Adaptable rates? You'll need a motion-detection routine in order to speed the heart up so that people can enjoy even the mildest exercise.
Pacing only when needed, not when it's not? You'll need more code to identify when a beat has occurred within the correct time interval.
How about automatic defibrillators? Those are the devices that will shock a heart back into a normal rhythm, which is far more than a regula
Same as in the pilot seat (Score:5, Informative)
I work for a company does full life-cycle development and verification of safety-critical software, the main areas we work in are aircraft instrumentation, smart munitions, and medical equipment (including pacemakers). The amount of testing and verification that goes into these software categories often exceed the development cost, and at every level it is documented and traced. What on earth do Doctors think they will see in the source code? We do verification, peer review, tracing, etc. what would an MD find that a room full of software, system, and QA engineers wouldn't? About the only thing that they would be able to look at and have a hope in understanding is criteria for taking action, and that is in the requirements and should be reviewed at that level, not at the code level.
Next thing they know Pilots will demand the ability to review the code for their cockpit management system and soldiers the ability to review the code for their Anti-Tank rockets!
Re: (Score:2)
So you do what people want the FDA to do, but are unable to. Not sure what you're getting at.
They want a third party (the FDA) to review code on the manufacturers device to make sure there are no hidden bugs. No one said they want random MD's to do code review.
Re: (Score:3, Funny)
Oh, so because a few employees within a company (and maybe a closely related partner) have looked over the source, it's "peer reviewed"? Peer review means that EVERYONE can examine the source, including people you have never met nor have even heard their names. It means that people you absolutely hate can review your source, not just a few of your employees that have no qualms about lying and saying it's all good just to keep their jobs.
In other words, your source code has had as much legitimate peer revi
Re: (Score:3, Insightful)
yah, you have no clue.
If you were able to sit down and listen in to any of our peer reviews or look through our test cases and procedures you might get an understanding. We work on Safety Critical software, there are no 'qualms about lying', and just 'saying it's all good' will in fact cause you to lose your job and fast. We regularly work on DO-178B Level A projects, that's the kind of project where if something fails people will die. As it stands I doubt there is an airline in the USA that doesn't have so
Re: (Score:3, Funny)
That puts the testing quality roughly somewhere between most video games and Windows.
Re: (Score:3, Insightful)
What on earth do Doctors think they will see in the source code?
That you did your job as you say you did. That something can go right and that laws were respected is no surprise to me. But I want to make sure that that is the case. You probably only see the cases that have a good testing. I want to make sure I am not depending my life on a device that was not tested adequately. I worked in both aviation and medical firms, and the security attitude of the medical world really scared the living daylight out of me.
So no, I will not take adequate medical testing for granted
Re: (Score:3, Insightful)
The amount of testing and verification that goes into these software categories often exceed the development cost...
Then what's the harm in releasing the source code so those who are qualified to review it can do so?
The most likely answer is: "to protect our proprietary secrets from competitors!"
My response to that is, "what proprietary secrets?" If every company does the type of due-diligence you claim, then everyone in the field is already at the same level of competence and will not benefit from someone else's code. If not every company performs the same level of diligence, then that's all the more reason to have th
Reliability certification is needed (Score:2)
Re: (Score:2, Interesting)
The FDA requirements on software are strict. There are requirements for coding practices, testing, QA, etc. Inspectors show up, without notice, to check for compliance.
The code reviews are very thorough and require a manager and at least two other programmers.
All code has to be instrumented and scripts written to force execution of all code.
The output traces from instrumentation have to be fully documented. Everything that happens is documented.
They require the source code with all changes documented,
Re: (Score:2)
It is not a big deal (Score:2)
If they properly test the device, the everything should be covered.
I think the FDA does need to realize there is a software component. For no other reason then to require a full recertification of the devise every time the firmware changes. The risk I see is that an item gets certified and then bugs get introduced later if future firmware updates.
The FDA should also be notified of any bugs uncovered in existing firmware. Put the responsibility of deciding if an item needs recalled our of the hands of the
This affects more than medical devices (Score:2)
I have no doubt that the same issues that affect critical medical devices also affect automobile "drive-by-wire" systems like the Toyota runaway accelerator problem. Those systems need to be subject to inspection and validation by independent experts in the relevant hardware/software technology. And if there are problems, the hardware and software need to be even more thoroughly inspected.
Huh? (Score:2, Insightful)
"patients and doctors are blocked from examining the source code"
huh? are either qualified to do so?
Re: (Score:2)
Then make a selection from the devices on the market and at least know the software is "not faulty", all things been equal.
Hardware may advance or fail, but software can be reviewed.
Re: (Score:2)
Someone needs to write a country music song.... (Score:2, Funny)
Proprietary pacemaker code excerpt (Score:5, Funny)
for(i = 0; i < max_int;i++){
sleep(1);
beat_heart();
}
// printf("hi!!!!!\n")
Re: (Score:2)
That *is* about 70 years... I think I'd be fairly happy if my Pacemaker lasted 70 years... :)
What is the hardware life expectancy on those things anyway?
NEVADA GAMING COMMISSION has the code to slots gam (Score:5, Interesting)
NEVADA GAMING COMMISSION has the code to slots games so why can't the FDA get the code to med systems?
Re: (Score:2)
Why do you think the FDA can't do that? They can basically do anything they want, followed by the threat to kick you (the manufacturer) out of the US market and/or shut down your factories if they're in the US.
Have a nice day.
Aww, Thufir... (Score:2)
"...neither patients nor their doctors are permitted to access their IMD's source code or test its security.'"
"Aww Thufir, don't feel badly...everyone gets a heart-plug here..."
Let's hope any vulnerabilities aren't wirelessly-exploitable!
Strat
Independent test (Score:2)
Medical device companies typically outsource hardware for a series of hardware tests. Similar arrangements can be made to test software similar to DO-178B test levels for avionics. This should be a documented process.
Insulin Pumps... (Score:2)
My girlfriend has an insulin pump made by Medco. It has to do certain things like, if she has a certain high blood sugar level, give the right amount of insulin dose for the next hour to bring her into a normal range. If she eats, she estimates the amount of carbs she's eaten, enters in a certain dose level, and the pump calculates how much insulin she needs, based on the type of insulin she's using.
It uses a AAA battery. If the battery starts to run low, it beeps. If the battery is almost dead it beeps
Re: (Score:2)
IF the pump runs out of insulin---THE PUMP SAYS NOTHING. [...] Good thing she doesn't have to milk a hairless cat to live, huh?
Its not so hard to milk a hairless cat. You just attach eight of those electronic insulin pumps to their nipples, and off you go.
Now you have to watch closely, 'cuz the stupid things won't know to stop if the cat runs dry and if you're not looking, all you'll have left is what looks like somebody's nutsack laying on the floor.
Why is this even a damn issue these days?! (Score:2)
Serious, WTF! Why are we still having to dick around with these issues of closed systems that you are prevented from reviewing, especially since they affect people's health directly! This should not require any kind of debate and if these medical devices that are certified by a government entity such as the Food & Drug Administration (FDA) then the manufacturers must be required to publicly disclose the design and software source code to the FDA for their review and additionally for public review sinc
Re: (Score:3, Insightful)
Or maybe you might learn what "open source" is. It is not necessarily free. It is not necessarily part-time. It merely means that the source code is available. Such a long bout of rabid typing for such a small amount of understanding.