Electronic Design

Medical Device Design Must Adhere To Safety-Critical Criteria

The increased dependence on multiprocessor systems employing embedded microprocessors, microcontrollers, and DSPs present opportunities as well as challenges to medical electronics designers. This trend has led to a heavier reliance on software for safety-critical functions and elevated the need to manage electromagnetic compliance (EMC) through design. Such concerns place broad demands on engineers as they plan, design, verify, and scale up their next-generation products.

Although embedded processors have been routine in medical devices for decades, their functionality?both in breadth and variety?is greater than ever. Whether it's PICs used for medical-standard-compliant audio generation, DSP-based back-EMF motion control, biological signal processing, or high-speed imaging, medical devices with multiple embedded processors are becoming the norm.

The motivations for this trend are well established and can be traced to reduced component count, improved reliability, increased functionality and flexibility, and reduced size and production costs. Additional benefits include the ability to integrate self-test and monitoring both in the production and clinical environments. These factors and others have driven processors deeper and more broadly into designs, with important implications.

One consequence of this trend is that embedded processor designs are becoming increasingly central to the safety-critical performance of devices, raising the ?level of concern? as defined by the U.S. Food and Drug Administration (FDA). While this has been true for some time in certain highly integrated products such as implanted pacemakers and pulse generators, until relatively recently, it was less common in external therapeutic and diagnostic devices.

Meeting Safety-Critical Guidelines
Clearly, the overall architecture of a system's hardware and processor implementation has significant risk and performance ramifications. What is less obvious is that these architecture choices impact not only the size and complexity of the software, but also the traceability, test coverage, and verification requirements.

Documentation, self test, and hazard mitigation requirements for ?major level of concern? software are significantly greater from an FDA perspective. As a result, embedded software and electronics engineers need to familiarize themselves with the mechanisms and motivations behind applicable international device standards.

These standards include ISO 14971, the ?International Standard for Risk Management of Medical Devices,? and the FDA's ?Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices.? Systems engineers can't make informed design decisions without understanding this process. With the increased reliance on embedded processors, this includes consideration of software safety and criticality.

Another consequence of the proliferation of embedded controllers in medical devices is a greater need to address electromagnetic interference (EMI) in compliance with the IEC601-1-2:2002 standard and in consideration of a product's intended-use environment. High-speed processors and their associated memories and displays are notorious electromagnetic radiators.

As they become more distributed and increasingly integrated into system packaging, it becomes more difficult to manage emissions with ferrites or mechanical and metallic substructures. In addition, in-system communications are growing in complexity and bandwidth, both of which contribute to a product's overall emissions footprint.

Fortunately, a wide range of compact and economical board-mountable EMC management components is available to deal with this issue. But they're only practical if they're designed in during the earliest stages of product development and in conjunction with a solid overall EMC strategy. These components also are important in reducing overall system susceptibility to EMI and electrostatic-discharge (ESD) sources.

While ESD effects in analog or asynchronous digital systems are often momentary or transient, they can be much more dramatic in high-speed embedded systems. An ESD-related reset of a safety-critical, processor-based subsystem may present an unacceptable risk or hazardous situation that must be properly mitigated. The effectiveness and appropriateness of a particular mitigation technique are based on the engineer's experience, analysis, and experimentation, and they can have a major impact on development schedules and production costs.

The increased use of embedded processors in medical devices has had a profound and beneficial impact on product designs.However, it does require serious consideration to be given to such issues as risk management and EMC to ensure timely development of safe and effective products.
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.