The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.04 - July-Aug. (2013 vol.11)
pp: 14-26
Homa Alemzadeh , University of Illinois at Urbana-Champaign
Ravishankar K. Iyer , University of Illinois at Urbana-Champaign
Zbigniew Kalbarczyk , University of Illinois at Urbana-Champaign
Jai Raman , Rush University Medical Center
ABSTRACT
Malfunctioning medical devices are one of the leading causes of serious injury and death in the US. Between 2006 and 2011, 5,294 recalls and approximately 1.2 million adverse events were reported to the US Food and Drug Administration (FDA). Almost 23 percent of these recalls were due to computer-related failures, of which approximately 94 percent presented medium to high risk of severe health consequences (such as serious injury or death) to patients. This article investigates the causes of failures in computer-based medical devices and their impact on patients by analyzing human-written descriptions of recalls and adverse event reports obtained from public FDA databases. The authors characterize computer-related failures by deriving fault classes, failure modes, recovery actions, and number of devices affected by the recalls. This analysis is used as a basis for identifying safety issues in life-critical medical devices and providing insights on the future challenges in the design of safety-critical medical devices.
INDEX TERMS
Medical devices, Analytical models, Safety, Security, Biomedical equipment, Accidents, Injuries, Computers, Failure analysis, Government agencies, Food and Drug Administration, medical devices, failure analysis, safety, FDA recalls, FDA adverse events, MAUDE database, FDA
CITATION
Homa Alemzadeh, Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jai Raman, "Analysis of Safety-Critical Computer Failures in Medical Devices", IEEE Security & Privacy, vol.11, no. 4, pp. 14-26, July-Aug. 2013, doi:10.1109/MSP.2013.49
REFERENCES
1. B. Zhivko, G. Mitalas, and N. Pallikarakis, “Analysis and Classification of Medical Device Recalls,” Proc. Int'l Federation Medical and Biological Engineering, Springer, 2006, pp. 3782-3785.
2. “Medical Device Databases,” US Food and Drug Administration, 5 Mar. 2013; www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/ Databasesdefault.htm.
3. D. Wallace and D. Kuhn, “Failure Modes in Medical Device Software: An Analysis of 15 Years of Recall Data,” Int'l J. Reliability Quality and Safety Eng., vol. 8, no. 4, 2001, pp. 351-372.
4. K. Fu, “Trustworthy Medical Device Software,” Public Health Effectiveness of the FDA 510(k) Clearance Process, Nat'l Academies Press, 2011, p. 102.
5. W.H. Maisel et al., “Recalls and Safety Alerts Involving Pacemakers and Implantable Cardioverter-Defibrillator Generators,” J. American Medical Assoc., vol. 286, no. 7, 2001, pp. 793-799.
6. N. Leveson, Engineering a Safer World: Systems Thinking Applied to Safety, MIT Press, 2011.
7. D.B. Kramer et al., “Security and Privacy Qualities of Medical Devices: An Analysis of FDA Postmarket Surveillance,” PLoS ONE, vol. 7, no. 7, 2012, pp. 1-7.
8. Guidance for Industry and FDA Staff—Total Product Life Cycle: Infusion Pump—Premarket Notification [510(k)] Submissions,” US Food and Drug Administration, Apr. 2010; www.fda.gov/medicalDevices/DeviceRegulationandGuidance/ GuidanceDocumentsucm206153.htm .
9. D.E. Arney et al., Generic Infusion Pump Hazard Analysis and Safety Requirements Version 1.0, tech. report MSCIS-08-31, Dept. Computer and Information Science, University of Pennsylvania, Feb. 2009.
10. K. Pattabiraman et al., “SymPLFIED: Symbolic Program-Level Fault Injection and Error Detection Framework,” Proc. IEEE Int'l Conf. Dependable Systems and Networks (DSN), IEEE, 2008, pp. 472-481.
11. K. Pattabiraman, Z. Kalbarczyk, and R.K. Iyer, “Automated Derivation of Application-Aware Error Detectors Using Static Analysis: The Trusted Illiac Approach,” IEEE Trans. Dependable and Secure Computing, vol. 8, no. 1, 2011, pp. 44-57.
12. “External Defibrillator Improvement Initiative,” US Food and Drug Administration, Nov. 2010; www.fda.gov/downloads/MedicalDevices/ProductsandMedicalProcedures/ CardiovascularDevices/ ExternalDefibrillatorsUCM233824.pdf .
13. “Pulse Oximeters—Premarket Notification Submissions [510(k)s] Guidance for Industry and FDA Staff,” US Food and Drug Administration, Mar. 2013; www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/ GuidanceDocumentsucm341718.htm .
14. R. Jetley, S.P. Iyer, and P.L. Jones, “A Formal Methods Approach to Medical Device Review,” Computer, vol. 39, no. 4, 2006, pp. 61-67.
15. E. Jee, I. Lee, and O. Sokolsky, “Assurance Cases in Model Driven Development of the Pacemaker Software,” Leveraging Applications of Formal Methods, Verification, and Validation, LNCS 6416, 2010, pp. 343-356.
21 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool