© 2015 UL LLC
Anura Fernando – Principal Engineer, Underwriters Laboratories (UL)
Wearables TechCon - March 10, 2015
Copyright © 2015 UL LLC ® All rights reserved
Wearable Computing
Technologies and Regulations
Anura S Fernando
Anura S. Fernando is UL’s Principal Engineer for Medical Software &
Systems Interoperability.
Background:
• Degrees in Electrical Engineering, Biology/Chemistry, and Software Engineering
• 17 years experience at UL with safety critical software and control systems certification; as well
as research across many industries – process automation, alternative energy, medical, hazardous
locations, appliances, optical radiation, nanotechnology, battery technologies, etc.
• Research and publications in Predictive Modeling and Risk Analysis, Cybersecurity, Systems of
Systems, Software, Health IT, Apps, and Medical Device safety.
• Projects with numerous Fortune 500 companies, DoD, DoE, DHS, FDA, FCC, ONC, NASA
and several U.S. National Laboratories
Additional experience relevant for this discussion/audience:
• Contributed to the development of several standards involving software and Functional Safety
as a member in IEC, ISO, ASME committees and Expert Task Force member.
• UL lead for the development of the AAMI/UL 2800 family of eHealth standards for
interoperable medical device interface safety.
• Member of the Federal Advisory Committee FDASIA WG to the Health IT Policy Committee,
FDA Medical Device Interoperability Coordinating Council, Medical Device Interoperability
Safety Working Group, Health Information Management Systems Society, Association for the
Advancement of Medical Instrumentation, and the International Council on Systems
Engineering
Three Key Points for WT Developers
• Understand use cases
• Manage risk and address safety concerns with
wearables
• Use standards strategically for market access
and to address regulatory concerns
It used to be that people had to go inside the
computers to use them…
Slide 4 http://www.computerhistory.org/revolution/birth-of-the-computer/4/78/325
…now computers can go inside people
Slide 5
http://www.moreinspiration.com/article/922/endoscopic-capsules
Wearable computing technologies are pervasive
Slide 6
http://2.bp.blogspot.com/-afr-gp6eyl
http://www.untitledname.com/archives/upload/2005/10/bicyclist-cell-phone.jpg http://i-cdn.phonearena.com/images/articles/84906-image/wear.png
Accelerometer
Gyroscope
Magnetometer
Barometer
Proximity
Touch screen
GPS
WiFi
Bluetooth
GSM/CDMA Cell
NFC
Camera
Light sensor
…with many sensors creating many possibilities
In a “microbiome” of wearable sensors…
http://www.bizjournals.com/sanjose/news/2013/06/21/216-million-geeky-americans-want.html?s=image_gallery
…we can become the “quantified self”
Slide 9
http://www.thethinkingbench.com/the-year-of-the-quantified-self-revolution/
…we can become the “ubiquitous self”
Slide 11
http://www.sintef.no/home/Information-and-Communication-Technology-ICT-old/Software-Engineering-Safety-and-Security/Research-groups/Model-Based-Systems/Ubiquitous-and-mobile-computing/
All this data can also improve healthcare delivery
Slide 12
http://www.cs.purdue.edu/homes/bertino/IIS-eHealth/images/ehealth_full.jpg
Using “big data” for customized or remote care
13 http://jackbrowntelecomprofessional.files.wordpress.com/2012/06/mban-3.jpg
Wireless Devices…FCC or FDA or both?
Usage of the 2360-
2390 MHz frequencies
are restricted to indoor
operation at health-care
facilities and are subject
to registration and site
approval by
coordinators to protect
aeronautical telemetry
primary usage.
Operation in the 2390-
2400 MHz band is not
subject to registration or
coordination and may
be used in all areas
including residential.
14
ALL cell phones must meet
the FCC’s RF exposure
standard, which is set at a
level well below that at which
laboratory testing indicates,
and medical and biological
experts generally agree,
adverse health effects could
occur. www.fcc.gov
Consumer product or medical device?
A medical device1 is "an instrument, apparatus, implement, machine,
contrivance, implant, in vitro reagent, or other similar or related article,
including a component part, or accessory which is:
recognized in the official National Formulary, or the United States
Pharmacopoeia, or any supplement to them, intended for use in
the diagnosis of disease or other conditions, or in the
cure, mitigation, treatment, or prevention of disease, in
man or other animals, or
intended to affect the structure or any function of the
body of man or other animals, and which does not achieve any
of its primary intended purposes through chemical action within or on
the body of man or other animals and which is not dependent upon
being metabolized for the achievement of any of its primary intended
purposes."
http://www.fda.gov/aboutfda/transparency/basics/ucm211822.htm
15
Labeling can make all the difference…
16
http://www.fda.gov/MedicalDevices/ProductsandMedicalProcedures/Ob
esityDevices/ucm350134.htm
Treat Obesity vs. Manage Weight
The struggle to characterize relative risk
Proposed in 2015 draft guidance on low risk general wellness
devices
Whether a device is low risk for purposes of this guidance is
determined by whether or not the product:
1) is invasive;
2) involves an intervention or technology that may pose a risk to a
user’s safety if device controls are not applied, such as risks from
lasers, radiation exposure, or implants;
3) raises novel questions of usability; or
4) raises questions of biocompatibility.
17
UL participates with government agencies to
establish perspectives on risk
18 http://www2.idexpertscorp.com/images/uploa
ds/ehr.jpg
http://static.ddmcdn.com/gif/wireless-
network-1a.jpg http://www.commercialintegrator.com/
images/
FDA Safety and Innovation Act (FDASIA WG)
Risk defined in general terms
The ISO 31000 (2009) /ISO Guide 73:2002 definition of risk is:
‘the effect of uncertainty on objectives‘
Uncertainty: The lack of complete certainty, that is, the existence of more than
one possibility. The "true" outcome/state/result/value is not known.
Measurement of uncertainty: A set of probabilities assigned to a set of
possibilities. Example: "There is a 60% chance this market will double in five
years"
Risk: A state of uncertainty where some of the possibilities involve a loss,
catastrophe, or other undesirable outcome.
Measurement of risk: A set of possibilities each with quantified probabilities
and quantified losses. Example: "There is a 40% chance the proposed oil well
will be dry with a loss of $12 million in exploratory drilling costs".
Douglas Hubbard "The Failure of Risk Management: Why It's Broken and How to Fix It, John Wiley & Sons, 2009.
Slide 21
Slide 23
Hazardous
Energy
Source
Transfer
Mechanism
Susceptible
Part
HBSE Premise
ENERGY TRANSFER
INJURY
AND
INADEQUATE
PERSONAL
SAFEGUARD
PERSONAL
SAFEGUARD
FAILURE
NO
PERSONAL
SAFEGUARD
OR
INADEQUATE
PERSONAL
AVOIDANCE
AVOIDANCE
NOT
POSSIBLE
AVOIDANCE
NOT
ATTEMPTED
OR
BODILY
EXPOSURE
AND
INADEQUATE
EQUIPMENT
SAFEGUARD
EQUIPMENT
SAFEGUARD
FAILURE
NO
EQUIPMENT
SAFEGUARD
OR
INADEQUATE
EQUIPMENT
SAFEGUARD
EQUIPMENT
SAFEGUARD
FAILURE
NO
EQUIPMENT
SAFEGUARD
OR
HAZARDOUS
ENERGY
AND
(EVENT)
OR
(EVENT)
OR
HBSE Standard Injury Fault Tree
No
No
IDENTIFY ENERGY
SOURCE
IS SOURCE
HAZARDOUS?
IDENTIFY MEANS BY WHICH
ENERGY CAN BE
TRANSFERRED TO A BODY PART
DESIGN SAFEGUARD WHICH
WILL PREVENT ENERGY
TRANSFER TO A BODY PART
MEASURE SAFEGUARD
EFFECTIVENESS
IS SAFEGUARD
EFFECTIVE?
DONE
Yes
Yes
HBSE Process
…or Data …or Process
Analysis Drives UL’s Safety Testing and Certification
Applying HBSE to Wearable Technologies
24
Hazardous
Energy
Source
Transfer
Mechanism
Susceptible
Part
HBSE Premise
…or Data …or Process
Are there any hazards?
We can see some wearable technology risks
25
Optical Radiation
(LASER, UV, etc…) Privacy, Security, Performance if used by Dr
(Cryptographic verification, HIPAA)
Acoustic Energy Data Integrity, Usability
Slide 26
http://sfdata.startupweekend.org http://wp.wpi.edu
Where is all this data stored? Is it secure?
Is it correct?
What could go wrong?
• What happens if bits of
my diagnostic image data
get lost?
• What happens if my
prescription data gets
corrupted?
• What happens if my
surgeon gets someone
else’s record?
27
Incorrect Information Exchange
31
1001010010100101101010 X
Single Event Upset or Data Corruption
EXAMPLE:
Incorrect Timing of Information
33
1001010010100101101010
Information provided when app is inactive
EXAMPLE:
Regulators are balancing risk and innovation…
FCC Requirements for MBAN and FDA MOU – 24 May 2012
FDA Guidance: RF Wireless Technology…– 13 Aug 2013
FDA Guidance for Home Use Devices – 24 Nov 2014
FDA Draft Guidance: General Wellness (Low Risk) – 20 Jan 2015
FDA Guidance: Mobile Medical Applications – 25 Sept 2013
EC Guidance Document – Qualification and Classification of stand alone
software (MEDDEV 2.1/6) – Jan 2012
FDA Final Rule: MDDS – 15 Feb 2011
FDA Guidance: Medical Device Data Systems, Medical Image Storage
Devices, and Medical Image Communications Devices – 9 Jan 2015
FDA Guidance: Management of Cybersecurity – 2 Oct 2014
…and continually evolving Regulatory Science
FDASIA Health IT Report – Proposed Strategy and Recommendations for a
Risk-Based Framework – Apr 2014
FDA Draft Guidance: Applying Human Factors and Usability Engineering to
Optimize Medical Device Design – 22 June 2011
IMDRF Document: “Software as a Medical Device”: Possible Framework
for Risk Categorization and Corresponding Considerations – 18 Sep 2014
UL can provide standards-based testing and
certification to address hazards at all levels
38
Use Hazards – Safety & Effectiveness
(e.g. interoperability, performance, reliability, co-existence, usability, biocompatibility,
satisfying claims)
Data Hazards – Acquisition, Storage, Propagation
(e.g. Integrity, Security, Accuracy, Precision, Protocol Compliance)
Energy Hazards – Kinetic and Potential
(e.g. electricity, batteries, optical radiation, ionizing radiation, RF emissions, acoustic,
pinch-points, etc…)
Assurance Cases,
Safety
Certifications,
Certificates of
Conformance,
Product Marks
Testing to Support Safety Claims
Modified from: http://www.fda.gov/ucm/groups/fdagov-public/documents/image/ucm260345.jpg
Testing to Support Security Claims
40
)))))))
Cryptographic Verification
http://img.mit.edu/newsoffice/images/article_images/20110214123646-1.jpg
Assurance cases can help support safety claims
Slide 41
https://buildsecurityin.us-cert.gov/bsi/1051-BSI/version/default/part/ImageData/data/Assurance_Cases_and_LifeCycle_Processes.png
Standards Can Help Guide Assurance Cases
Slide 42
https://buildsecurityin.us-cert.gov/bsi/1051-BSI/version/default/part/ImageData/data/Assurance_Cases_and_LifeCycle_Processes.png
Safety Standards
Regulators Leverage Standards
Aug 6, 2013 FDA Recognized Consensus Standards Support
Interoperability:
There are 25 new standards grouped mainly into three categories:
1. Managing risk in a connected and networked environment;
2. Nomenclature, frameworks and medical device specific communications,
including system and software lifecycle process;
3. Cybersecurity standards from the industrial control systems arena that are
relevant to medical devices.
Coming soon:
AAMI / UL 2800 – interoperable medical device interface safety
http://www.securedgenetworks.com
Technology is enabling rapid product innovation and
new safety standards and regulations are emerging
44
IDEA PRODUCT
& SERVICE
Managing innovation and regulatory change
Different kinds of wearables bring different risks
Slide 45
Created by Beecham Research in Partnership with Wearable Technologies Group
http://www.hl7standards.com/blog/2013/09/12/redesigning-wearable-tech/
Plan early to avoid unintended
consequences
Slide 46
- Improper V&V – no pre-release integration testing
http://50quidsoundboy.net/wp-content/uploads/2011/05/thumb-21367-radiation_therapy.jpg
- Integrated re-used sw into
incompatible hardware (no interlocks)
- “unlikely” sequence of keystrokes
Ariane 5
Floating point value too large to be
represented by signed integer
Therac - 25
Mars Climate Orbiter
- Mismatched units
Ask yourself some questions
47
Is there optical radiation? Do I need to worry about security / HIPAA?
Do I need to worry about
acoustic energy? Are there usability related hazards?
…and ask yourself some more questions
Slide 48
Can this cause skin irritation? Are surface temperatures ok? Do I use Lithium Ion Batteries?
How do I deal with
shipping and storage?
How do I deal with cleaning,
reprocessing, sterilization?
And there are many more questions to consider…
How do I assess and control
quality and stability of materials?
Top Related