I recently met with the CEO and CTO of a medical start-up. Their previous remote patient monitoring (RPM) endeavor was successful, with a buy-out from a prominent Fortune 500 medical device firm. Their new initiative includes a wearable device, but primarily their solution will provide a cloud tool with holistic personal and clinical engagement analytics.

From a business perspective, their interests lie in patient/consumer data security, robust and reliable system performance, and, as in the past, low system cost. As we’ve been acquainted for nearly eight years, the conversation was open and congenial. With the niceties behind us, the CTO came to the point: “So Steve, tell me: as a commercial operating system vendor, what exactly is your value proposition compared to Linux?”

The question came as no surprise as it is one of the questions I am always asked when I meet with a medical company. The question, of course, is perfectly legitimate: why pay for an operating system (OS) when there’s a “free” OS option available?

You may have noticed I used quotations marks when referring to the free OS. Let me explain why.

While an open source OS is free in that it has little upfront cost, the same can be said of a free puppy. Anyone who has a dog knows of the never-ending expenses that pet ownership can entail, from veterinarian bills to food costs to the time invested for training — together, these represent the true total cost of ownership for a puppy. Likewise, the total cost of ownership for a “free” OS includes the extra effort and testing needed to certify a medical device that uses an open source OS, the potential income lost from the resulting delay in bringing the device to market, and the investment needed to sustain an in-house team of OS experts.

Certification is where I began my response to the CTO. The concept of traceability lies at the heart of a standard such as IEC 62304; to meet the standard, a manufacturer develops a device in such a way that safety requirements identified during the hazard and risk analysis can be traced throughout all phases of the project. This covers key aspects of the software’s development cycle: how it’s designed, how the requirements are mapped, how the test procedures map to the requirements, and so on. Due to its very nature, Linux doesn’t provide records of development processes. There are no requirements or traceability matrices or development plans to back up the design of the software. Consequently, the onus is on the device manufacturer to provide proof that the software does what it’s supposed to do. Given the size of the Linux kernel (tens of millions of lines of code) and the constant change going on in the source base, this is a daunting task, and adds significantly to the total cost of ownership.

I also stressed to the CTO that, if they worked with a commercial OS vendor, they could focus on their value proposition and IP, rather than being concerned about proving the compliance of their operating systems in application. This would save them real support dollars, which they would have needed to manage themselves. Their CEO suggested that their part-time Linux specialist from their last Linux venture cost him $80K per year over several years to manage. To a small start-up, this is a huge investment and a distraction from their purpose. 

With the cost/value portion of the discussion complete, the CTO asked specifically about the reliability and security of our microkernel OS in comparison to Linux. I pointed out that, in a microkernel OS, all software components — including device drivers, networking stacks, and applications — run in isolated spaces controlled by the OS and the hardware. As a result, if you were to develop a buggy device driver, it can crash without impacting any of the other software components of the OS, or the device, and can be automatically restarted in milliseconds. This modular approach to OS design allows developers to create self-healing systems that can recover dynamically from software faults, but just as important, it makes it easier to locate and fix the causes of faults in the first place. Moreover, it can greatly simplify the FDA certification process, both for time and cost. From a security perspective the architecture of a microkernel OS like QNX offers a footprint, or attack surface, that is approximately 200 times smaller than that of Linux. Which goes without saying is a huge security advantage. Beyond that, Linux doesn’t offer elliptical curve cryptography at government grade FIPS 140-2, which is required to sell into Veteran’s Administration (VA) hospitals.

By the end of the meeting I felt like a lawyer making his closing remarks to a judge and jury — it’s for all the challenges I’ve outlined that many device manufacturers consider choosing a commercial OS over an open source OS. While the upfront cost of a commercial OS may initially dissuade some medical device manufacturers, including fledgling start-ups, the inherent benefits of faster time to market, easier pre-market approval, and lower total cost of ownership can make this approach a much more attractive option.

Also read: