The Software Freedom Law Center's latest white-paper, "Killed by Code: Software Transparency in Implantable Medical Devices," examines the strange circumstances around pacemakers and other implanted medical devices. Regulators like the FDA inspect the hardware designs for these devices in great detail, but the crucial software that runs the devices is a closed book -- a proprietary secret that's only ever called in for examination when the devices start to crash, with disastrous circumstances.
In 2008, the Supreme Court of the United States' ruling in Riegel v. Medtronic, Inc. made people with IMDs even more vulnerable to negligence on the part of device manufacturers.4 Following a wave of high-profile recalls of defective IMDs in 2005, the Court's decision prohibited patients harmed by defects in FDA-approved devices from seeking damages against manufacturers in state court and eliminated the only consumer safeguard protecting patients from potentially fatal IMD malfunctions: product liability lawsuits. Prevented from recovering compensation from IMD-manufacturers for injuries, lost wages, or health expenses in the wake of device failures, people with chronic medical conditions are now faced with a stark choice: trust manufacturers entirely or risk their lives by opting against life-saving treatment.
Killed by Code: Software Transparency in Implantable Medical Devices
We at the Software Freedom Law Center (SFLC) propose an unexplored solution to the software liability issues that are increasingly pressing as the population of IMD-users grows--requiring medical device manufacturers to make IMD source-code publicly auditable. As a non-profit legal services organization for Free and Open Source (FOSS) software developers, part of the SFLC's mission is to promote the use of open, auditable source code5 in all computerized technology. This paper demonstrates why increased transparency in the field of medical device software is in the public's interest. It unifies various research into the privacy and security risks of medical device software and the benefits of published systems over closed, proprietary alternatives. Our intention is to demonstrate that auditable medical device software would mitigate the privacy and security risks in IMDs by reducing the occurrence of source code bugs and the potential for malicious device hacking in the long-term. Although there is no way to eliminate software vulnerabilities entirely, this paper demonstrates that free and open source medical device software would improve the safety of patients with IMDs, increase the accountability of device manufacturers, and address some of the legal and regulatory constraints of the current regime.
(Image: Medtronic EnRhythm Pacing System, a Creative Commons Attribution (2.0) image from winton's photostream)
A group of tech firms will meet today to plan the filing of an amicus brief in support of lawsuit to challenge U.S. President Donald Trump’s “Muslim Ban.” Trump’s order was issued on Friday, and restricts immigration from seven Muslim-majority countries in which Trump has no business interests. Adjacent Muslim-majority nations in which Trump does […]
The World Economic Forum asked “leaders from business, government, academia and nongovernmental and international organizations” to take a survey on the potential risks and benefits of different emerging technologies. They seemed to think the space technologies will have little benefit and pose little risk. Energy capture, storage, and transmission has the great promise and little […]
The graphene temporary tattoo seen here is the thinnest epidermal electronic device ever and according to the University of Texas at Austin researchers who developed it, the device can take some medical measurements as accurately as bulky wearable sensors like EKG monitors. From IEEE Spectrum: Graphene’s conformity to the skin might be what enables the […]
Although there will never be a consensus about the best way to make coffee, any coffee connoisseur will agree that controlling the grind of your beans and balancing water temperature are the keys to a tasty cup. Since your plastic coffee pot doesn’t really allow for that kind of customization, going back to the French […]
Not all hackers are malicious information thieves—white-hat ethical hackers work with technology companies to ensure the security of their computer systems and user data. With all of today’s high-profile data breaches, ethical hackers are in considerable demand. To learn these critical skills and break into the high-paying cyber security field, try taking the courses in this […]
Making people aware of goods and services in the digital age requires an array of new strategies from social media and email to number-crunching tools like Google Analytics. To get a handle on the techniques used to capture attention and convert traffic into dollars in a crowded online environment, the Full-Stack Marketer Bundle offers 22 hours of training to get […]