Base 10 Systems, Inc. (Trenton, NJ)

The method and system of running application software in a safe and secure environment comprises a data processor with an operating system that is responsible for processing, as well as an intermediate shell which interacts with operating software and the operating system to provide an environment of safety for the application software. To create a safe-critical environment the application software should only interact with the intermediate shell.

The present invention concerns a system and a method for operating application software in a safety critical environment. A safe critical environment is one in which a computer software activity (process functions, processes, etc.) where errors like accidental or unintentional events that fail to take place when required, erroneous values, or undetected hardware problems can lead to the potential for danger, or the loss of predictability of outcomes for the system. Safety critical environments are necessary for safe computer software components. Inadvertent actions could cause death, injury or occupational illnesses. The outcomes of computer-related actions can be used to make decisions that could result in injuries, death or other serious outcomes. A safety critical environment is a standard set of rules or guidelines that are incorporated into military specifications like MIL-STD-882B. This is as a complement to software that is created under DOD-STD-2167 and DOD-STD-2168. In addition, the ability to examine and audit the performance of the program, after the program has been completed, to insure compliance becomes an element of the safety critical environmental.

Special purpose computers were developed to fulfill the performance, testing and requirements for reporting of software applications.

The government agencies, such as the Food and Drug Administration impose safety critical standards for existing medical systems and demand to validate the process of developing software and the accuracy of the software when used for safety critical procedures There is a requirement for security critical environments that are embedded into general purpose data processing system like those that run standard commercial operating systems like DOS, system 7, forMacintosh and Windows. The safety critical environment will also be accountable for monitoring and verifying of correct operation to permit demonstratable evidence of the operation of the application.

The primary goal of this invention is to create an environment that is safe and secure for systems that process data that is not normally capable of providing this environment. It is also compatible with an industry-standard operating system for personal computers.

These and other objects of the present invention are achieved by the present invention by an intermediate operating shell that is overlayed on a conventional personal computer operating system such as DOS, the System 7 operatingsystem for the Macintosh, Windows, OS/2, etc. The purpose of this intermediate shell is to emulate the safety-critical environment of personal computers, which are normally not a safety critical system, monitoring its performance and integrity as a safety critical instrument. The shell communicates with operating systems to monitor every aspect of the system and to detect unsafe deviations. It is able to correct these immediately or prevent the system from running. The shell also has the ability to interact with application software so that the application software doesn’t have to interface with the operating system in the traditional way. The intermediate shell provides a consistent and standard operating environment for the application software that will conform to safety-critical requirements.

The present invention allows for the intermediate shell to be superimposed onto an operating system to simulate a critical database processing system. The preferred intermediate shell is a standard machine-to-application software that supports commonly used database structures and operations as well as common screen handling capabilities.

A few of the features of the operation that is considered to be safety-critical that is carried out by the intermediate shell are the database integrity checking with each read and write into the database, range-checking, continuous checking of thehardware and problem logging. The intermediate shell also carry out the safety critical characteristics of redundancy using double copy-by-copy comparison of all data or equivalent methods for validation of database information using periodic redundancy checks of all data elements, hardware validation and variables data validation, which includes range testing and format testing.

The shell runs the application software on the background and examines the integrity and hardware of the database. This is an important aspect of this invention.

These and other features and advantages of the invention will be apparent from the description of the invention taken with the attached drawings, wherein:

Click here to view the patent on USPTO website.

Get Patents with PatentPC

What is a software medical device?

The FDA refers to software functions which may comprise ” Software as a Medical Device” (SaMD), and “Software in Medical Device (SiMD) ), which is software that is integral to (embedded within) an medical device.

Section 201(h) of the Federal Food Drug and Cosmetic Act, 21 U.S.C. 321(h)(1), defines a medical device as ?an instrument, apparatus, instrument, machine, contrivance, implant an in vitro reagent or other similar or similar item, which includes an accessory or component that is . . . (b) is intended to be used in the diagnosis of diseases or other conditions, or in the treatment or mitigation of disease, or prevention of disease, in man or other animals or (c) intended to affect the structure or any function of the body of man or other animals.? To be considered a medical device and consequently subject to FDA regulations, the software must meet the minimum of these criteria:

  • It is essential to use it in diagnosing and treating patients.
  • It should not be designed to alter the structure or the function of the body.

If your software is designed to be utilized by health professionals to diagnose, treat or manage patient records in hospitals and other medical facilities, the FDA is likely to view such software to be medical devices that are subject to regulatory review.

Is Your Software a Medical Device?

FDA’s current oversight, which focuses on the functionality of the device more than its platform, is designed to ensure that FDA applies its regulatory oversight to medical devices that have capabilities that pose risks to the safety of patients. Some examples of Device Software and Mobile Medical Apps FDA is focused on

  • Software functions that aid those suffering from psychiatric disorders diagnosed (e.g., post-traumatic stress disorder (PTSD) or anxiety, depression, obsessive compulsive disorder) maintain their behavioral coping skills by providing the “Skill of the Day” behavior technique or audio-based messages the user may access during times of increased anxiety;
  • Software functions provide periodic reminders, motivational guidance and information on education to patients who are recovering from addiction or smokers looking to quit;
  • Software functions that utilize GPS location data to warn asthmatics of conditions in the environment that could trigger asthma symptoms or warn an addict (substance abusers) whenever they are near a designated high-risk or high-risk location.
  • Software functions that employ video and video games to encourage patients to complete their exercise routines at home;
  • Software functions which allow users to select which medication or herb they would like to take at the same time. They also give information on interactions and provide the details of the type of interaction that was reported.
  • Software functions that are able to take into consideration specific characteristics of the patient, such as gender age, gender, and other risk factors, to provide individual counseling, screening and prevention advice from well-established and highly-respected experts.
  • Software functions that make use of an inventory of typical symptoms and give guidance on when to see the doctor.
  • Software functions that help users to navigate through a questionnaire about their symptoms and then give a recommendation for the best medical facility to treat their needs.
  • Mobile applications are intended to enable users to initiate a pre-specified nurse call or emergency call using broadband or mobile phone technology;
  • Apps that permit caregivers or patients to send emergency notifications to first responders through mobile phones
  • Software functions that track the use of medicines and give users user-defined reminders for improved drug adherence
  • Software functions give users access to their health information. This can include historical trends as well as comparisons of vital signs (e.g. body temperature, heart rate , blood pressure).
  • Software functions that aggregate and show patterns in health-related incidents that affect individuals (e.g., hospitalization rates or alert notification rates);
  • Software tools allow users to either manually or electronically input blood pressure data, and to share it via e-mail, track it and trend it, then upload it to an electronic health record.
  • Mobile apps that offer reminders about oral health or tools to track users suffering from gum disease.
  • Apps that give mobile users access to information and other tools for patients with prediabetes;
  • Apps that let users display images and other messages on smartphones, which could be utilized by addicts looking to stop their addiction.
  • Software functions that offer drug-drug interactions and relevant safety data (side effects, drug interactions and active ingredient) in a report basing on demographic data (age, gender) and medical data (current diagnosis) and current medications as well as
  • Software functions provide the surgeon with a list of recommended intraocular lens strengths and the recommended axis of implantation based on information supplied by the surgeon (e.g., expected surgically-induced astigmatism that is likely to occur, the length of the patient’s axial axis and corneal astigmatism preoperatively, etc.)
  • Software, typically mobile apps which converts a mobile platform to an approved medical device.
  • Software that is connected to mobile platforms with a sensor or lead that measures and displays the electrical signals generated by the heart (electrocardiograph, ECG).
  • Software that connects a sensor to the mobile platform, or other tools in the platform, to view or record eye movements to detect balance disorders
  • Software that inquires about their history with donors and records , and then transmits the answers to a blood collection facility. This program is used to determine whether a donor is eligible to collect blood or any other component.
  • Software that connects with an existing device to control its operation, function, or energy source.
  • Software that changes the settings or functions of an infusion pump.
  • Software that regulates the inflation or deflation of the blood pressure cuff
  • Software that calibrates hearing devices and evaluates the sound intensity characteristics and electroacoustic frequency of masters hearing aids and hearing aids for groups.

What does it mean if your software/SaaS is classified as a medical device?

SaaS founders need to be aware of the compliance risks that medical devices pose. Data breaches are one of the biggest risks. Medical devices often contain sensitive patient data, which is why they are subject to strict regulations. This data could lead to devastating consequences if it were to become unprotected. SaaS companies who develop medical devices need to take extra precautions to ensure their products are safe.

So who needs to apply for FDA clearance? The FDA defines a ?mobile medical app manufacturer? is any person or entity who initiates specifications, designs, labels, or creates a software system or application for a regulated medical device in whole or from multiple software components. This term does not include persons who exclusively distribute mobile medical apps without engaging in manufacturing functions; examples of such distributors may include the app stores.

Software As Medical Device Patenting Considerations

The good news is that investors like medical device companies which have double exclusivity obtained through FDA and US Patent and Trademark Office (USPTO) approvals. As such, the exit point for many medical device companies is an acquisition by cash rich medical public companies. This approach enables medical devices to skip the large and risky go-to-market (GTM) spend and work required to put products in the hands of consumers.

Now that we have discussed the FDA review process, we will discuss IP issues for software medical device companies. Typically, IP includes Patents, Trademarks, Copyrights, and Trade secrets. All of these topics matter and should be considered carefully. However, we will concentrate on patents to demonstrate how careless drafting and lack of planning can lead to problems, namely unplanned disclosures of your design that can then be used as prior art against your patent application.

In general, you should file patent application(s) as soon as practicable to get the earliest priority dates. This will help you when you talk to investors, FDA consultants, prototyping firms, and government agencies, among others. Compliance or other documents filed with any government agency may be considered disclosure to third parties and could make the document public. In general, disclosures to third parties or public availability of an invention trigger a one year statutory bar during which you must file your patent application. Failure to file your application within the required time frame could result in you losing your right to protect your invention.

The information from your FDA application may find its way into FDA databases, including DeNovo, PMA and 510k databases and FDA summaries of orders, decisions, and other documents on products and devices currently being evaluated by the FDA. Your detailed information may be gleaned from Freedom of Information Act requests on your application. This risk mandates that you patent your invention quickly.

When you patent your medical device invention, have a global picture of FDA regulatory framework when you draft your patent application. Be mindful of whether your software/SaaS application discusses the diagnosing and treating patients or affecting the structure or function of the body and add language to indicate that such description in the patent application relates to only one embodiment and not to other embodiments. That way you have flexibility in subsequent discussions with the FDA if you want to avoid classification of your software/SaaS/software as a medical device. In this way, if you wish to avoid FDA registration and oversight, you have the flexibility to do so.

An experienced attorney can assist you in navigating the regulatory landscape and ensure that you comply with all applicable laws. This area of law is complex and constantly changing. It is important that you seek legal advice if you have any questions about whether or not your software should be registered with FDA.

Patent PC is an intellectual property and business law firm that was built to speed startups. We have internally developed AI tools to assist our patent workflow and to guide us in navigating through government agencies. Our business and patent lawyers are experienced in software, SaaS, and medical device technology. For a flat fee, we offer legal services to startups, businesses, and intellectual property. Our lawyers do not have to track time as there is no hourly billing and no charges for calls or emails. We just focus on getting you the best legal work for your needs.

Our expertise ranges from advising established businesses on regulatory and intellectual property issues to helping startups in their early years. Our lawyers are familiar with helping entrepreneurs and fast-moving companies in need of legal advice regarding company formation, liability, equity issuing, venture financing, IP asset security, infringement resolution, litigation, and equity issuance. For a confidential consultation, contact us at 800-234-3032 or make an appointment here.