Mobility in health care represents a win-win-win for health care providers, insurers, and patients by simplifying information exchange, reducing costs, and improving patient health and outcomes. Embedded technology vendors are also looking to cash in on the mobile health (mHealth) trend by offering small, portable, consumer-type devices with fast processing capabilities and multiple connectivity options tailored to meet the specific needs of the medical market.


But the potential rewards mHealth promises to deliver come with risks and trade-offs that all involved parties must be willing to address, especially considering the high stakes of the health care field. Just as HIMSS leaders recently urged Congress to protect patient privacy and security by developing a nationwide patient data matching strategy, embedded technology companies are similarly tasked with the challenge of designing their connected devices to be secure and resistant to attacks that could jeopardize critical health data.


One way to help ensure security in embedded designs is by leveraging the advanced technologies provided in the 3rd-generation Intel® Core™ processor architecture. The Ivy Bridge platform supports Intel® Trusted Execution Technology (Intel® TXT), which offers malware protection by validating component behavior at start-up, as well as Intel® Virtualization Technology (Intel® VT), which enables applications to run in secure partitions that prevent unintended software interactions. Combining these technologies creates a secure, virtualized platform that verifies the integrity of a virtual machine prior to launching an application.


Wind River works closely with Intel to develop embedded platforms equipped with virtualization hardware-assist and other features that safeguard mobile medical devices from security threats. In the following interview, Santhosh Nair, general manager of intelligent platforms at Wind River, shares his perspective on how mHealth has introduced opportunities along with security risks and other complications and discusses how Wind River and Intel are striving to overcome these challenges with innovative techniques for protecting mobile medical designs.


RR: How has the mobile trend in health care opened new opportunities for growth in the embedded market?

Nair: The mobile trend in health care has opened up significant market opportunities for innovation and lowering the cost of health care. Specifically, consumer-based devices like blood pressure meters, thermometers, and tablets are getting integrated with the regulated hospital-based equipment, which requires qualifying and/or securing consumer-based devices to perform basic health monitoring and reporting. This creates the need for a hardware platform that can multiplex between safety-critical operations and non-critical operations, which can be done through the basic building blocks of silicon, operating systems, and middleware. We see this as a prime opportunity for embedded vendors like Wind River to excel in this market.


RR: What security risks does this increasing mobility pose for devices that help maintain and monitor patients’ health?

Nair: mHealth adoption requires companies to take a hard look at their core strategies. Products need to be designed to work well with other products and they must be secure, hence the need to design for safety/security. Patient data privacy and data integrity are paramount when we deploy devices for chronic disease management, aging independently, and health and wellness. In addition, this information has to seamlessly flow into the larger database of patient health records.


Decision making and treatment options depend greatly on getting this right. As the connected health ecosystem gets more complex, so does the opportunity for errors and misuse. Malware and viruses need to be top of mind for device manufacturers because their devices are going to be deployed in networks that are not necessarily controlled. Designing for security across the ecosystem and at various layers of the device is critical.


RR: How does the mobility requirement complicate medical device design issues such as interoperability and regulatory compliance?

Nair: Devices are increasingly required to integrate and exchange data with other devices or monitoring systems in centrally managed networks. Interoperability, not just basic connectivity, is necessary to ensure optimal outcomes. This means devices must be adaptable to the interoperable standards at play in the hospital or home to enable optimal workflows. Today, lack of interoperability is a contributing factor to the increasing cost of health care, and unfortunately there are very few incentives that enforce interoperability.


In addition, the mHealth world is polarized as to whether or not to regulate the devices. If the complete mHealth system is regulated, that exacerbates the task at hand for the regulators and could even affect innovation.


RR: How can embedded vendors address the security risks and other challenges that accompany mobile medical designs?

Nair: Wind River and Intel are collaborating on a reference design for a mobile therapeutic device (see Figure 1) that combines Intel’s high-performance multicore processing technology with Wind River virtualization software, enabling multiple operating systems and applications to run on a single, scalable hardware device.

image004.pngFigure 1: This mobile therapeutic device reference design developed by Wind River and Intel will be on display at the AdvaMed 2012 conference next month in Boston.


Today’s therapeutic devices must perform multiple tasks with multiple applications. To enhance the security of the device and assure continuous availability, it is essential to separate safety-critical applications, such as dosage calculations or flow control, from non-safety-critical applications. Virtualization allows critical and non-critical applications to run independently in separate hardware partitions controlled by an embedded hypervisor.


The design leverages the COM Express form factor to allow scalability across different types of devices, from Intel® Atom™ to Intel® Core™ processors. This secure partitioning makes the device less vulnerable to external threats and tampering. Each application can be designed to run on a different operating system protected by its own partition, rather than relying on a single operating system for all the applications. If a malware breach occurs in any part of the system, its effect on other parts of the system can be limited. This essentially provides performance security for the modality.


Read this post and view this webinar for more info on Wind River’s holistic approach to securing platforms for medical devices. And check out this new white paper to discover the issues that software developers should consider when choosing Linux for medical devices.

medical.pngTo learn more about delivering quality health care with secure devices, see

security.pngFor more on securing connected devices, see

Jennifer Hesse

OpenSystems Media®, by special arrangement with Intel® Intelligent Systems Alliance

Wind River is an Associate member of the Intel® Intelligent Systems Alliance.