Connected devices have irrevocably altered the healthcare and life sciences landscape by collecting, analyzing, transmitting and sharing data through interoperability and web connectivity.
However, the longer lifespan of these devices and the growing technical complexity and connectivity require regular firmware updates to ensure optimal functionality and security.
Until recently, enhancing a device without altering or changing hardware or the device itself was unthinkable. Firmware-driven design and Firmware over-the-Air updates have introduced a new level of flexibility and adaptability that allows the introduction of new features, customization enhancements, and improvements within the same device.
This blog looks at the significance of Firmware Over The Air (FOTA) and how it redefines firmware updates and enables intelligent and improved operational efficiency in medical devices.
The risks of skipping updates: Why effective firmware matters
Medical devices like pacemakers, implantable cardioverter-defibrillators (CDs), neurostimulators, infusion pumps, respiratory devices, surgical robots, and implantable drug pumps depend on the firmware to operate and deliver electrical impulses, monitor vital signs, administer medications, and perform other functions.
The inability to update firmware also threatens the security of the entire connected ecosystem as it controls the hardware and plays a crucial role in the proper functioning, accuracy, and safety of medical devices.
Imagine a scenario where a connected medical device cannot update its firmware. This would result in critical vulnerabilities not being addressed, forcing either decommissioning or replacement with the new devices and hindering value-driven and cost-effective patient care.
Unlike standalone devices, connected medical devices are part of a broader ecosystem, intertwining with various other systems, networks, and protocols, introducing additional layers of complexity, such as interoperability, data privacy issues, and cybersecurity risks.
The traditional approaches to updating medical devices are time-consuming and unable to cope with the complexity and agility required by the life sciences industry. Consequently, MedTech companies now prefer to include device-update strategies and solutions into the design that ensure desired flexibility and efficiently address existing challenges.
Lastly, global regulatory bodies are pushing for timely and secure updates in medical devices. Some have mandated regular device updates, an essential part of the devices' quality management system.
In April 2022, the FDA issued a guideline emphasizing the need for cybersecurity to be considered part of the quality management system and in pre-market submissions. Meanwhile, the European Medical Device Regulation (MDR) requires manufacturers to demonstrate software validation and maintain a system for managing software updates and upgrades. The regulation also requires that software updates and changes do not negatively impact the safety or performance of the device.
Table 1: Understanding the complexity of medical device updates
Level up your devices: smart update strategy
A successful firmware strategy must incorporate regulatory, safety, interoperability, cybersecurity, data privacy, clinical, and operational factors such as:
- Establishing traceability enables organizations to track and document all changes made through updates.
- Ensuring seamless transition to the new version without interrupting business continuity.
- The ability to roll back to the previous working version in case of unexpected issues or complications in device functionality after the update to minimize disruptions in patient care.
- A robust, reliable, and resilient update process that can handle failures without affecting the device's overall functionality. Strong and reliable collaboration among manufacturers, healthcare providers, regulators, and other stakeholders to navigate these complexities while prioritizing patient safety and quality of care.
Seamless medical device firmware upgrades with Firmware Over-The-Air (FOTA)
FOTA is commonly used in various electronic devices, including smartphones and IoMT (Internet of Medical Things), notably in medical devices. It enables efficient and remote updates to the device's software or firmware.
This method often performs bug fixes, security updates, feature enhancements, and overall improvements without physical intervention or device recall.
Wirelessly updating or reprogramming the firmware on a device, typically over a network connection, without requiring a physical connection or intervention (FOTA), offers remote, agile, secure, and efficient ways of updating smart medical devices and interconnected systems. This approach safeguards the devices and eliminates the risk of falling out of compliance with evolving industry and technological benchmarks.
The seamless and remote updating system can swiftly deploy the latest advancements, security patches, and enhancements, ultimately delivering uninterrupted patient care and operational efficacy in healthcare settings.
FOTA: the key to secure, connected devices
As more and more MedTech companies are opting for and requesting Firmware Over-The-Air (FOTA) updates to push firmware updates to medical devices, Nagarro is collaborating with them to assist MedTech companies on their journey to Firmware Over-The-Air (FOTA).
We work with leading healthcare and life sciences organizations to devise custom FOTA solutions that meet their distinctive business requirements and constraints. In a recent partnership, Nagarro worked with one of the world's leading medical device manufacturers.
Case study: secure, global FOTA updates for 100,000+ medical devices
We helped enable a FOTA remote service platform to roll out updates across all devices swiftly without disrupting the client's business continuity. They leveraged Nagarro's FOTA accelerator modules to develop and maintain a global service platform 24/7 in a highly regulatory-compliant environment supporting the following use cases:
- Asset registration and establishing secure communication via a trust protocol
- Remote access tunneling for troubleshooting
- Software packages, instrument settings, alarms distribution between devices and platform
The medical device manufacturer remotely rolled out updates to more than 100,000 connected devices globally. The cost-effective solution helped them minimize system variations in the field and improved the complaint resolution timeline. The company is now conceptualizing a new service platform that leverages the technical prowess of more modern loT solutions for FOTA.
Nagarro is partnering with many leading life sciences and healthcare organizations for similar projects. As we deliver these projects, we learn from our experiences and use the insights to improve our FOTA offerings further – consulting, customized engineering solutions, quality management, and off-the-shelf "FOTA accelerator" modules.
Another similar collaboration involved Nagarro working with a German home automation company to roll out remote firmware updates for home automation devices. We used an Enterprise Firmware Over the Air (FOTA) update solution to release device firmware updates to thousands of end devices, ranging from thermostats and plugs to lawnmowers.
We designed and developed a secure and reliable solution that can support multiple device types and protocols and is scalable up to multimillion devices. It enabled the following use cases:
- Upload of firmware packages
- Flexible updates – service engineers can mark updates as optional, mandatory, or even optional with a due date when mandatory
- Rules engine to define/update rules based on the current device and gateway versions
- Remote canary testing and pre-production validation
- Integration of the solution into the existing service portal for a single access point
- Transfer of firmware packages from cloud storage to the gateways, enabling scalability
- Download the entire package to the devices before uploading for high reliability
- End-to-end communication encryption and firmware signature ensure security
- Resumable downloads capability for resilience
Our solution enabled the remote rollout of firmware updates on over a million devices, including feature enhancements, defects or bug fixing, or security patch rollouts on multiple devices.
This platform has enabled validation and canary tests with dedicated production servers before the final rollout, leading to high-quality products in final production.
Nagarro's journey across various industries employing FOTA capabilities has been a two-way learning process. We've applied our expertise to each sector and gained profound insights and innovative ideas that have played a crucial role in continuously improving our FOTA offerings.
The future is FOTA
MedTech companies increasingly opt for Firmware Over-The-Air (FOTA) updates to efficiently and securely push firmware updates to medical devices despite the varied needs driven by their integrated ecosystem, product diversity, and data-driven strategies.
Soon enough, firmware Over-The-Air (FOTA) will transition from being a mere choice to an absolute necessity for MedTech companies. Those who embrace this technology early on stand to gain the most from its transformative potential. MedTech companies that take proactive measures today position themselves as pioneers in the evolving landscape of value-based care and secure their position in tomorrow's market.