Base 10 Systems, Inc. (Trenton, NJ)

A system and method for running software applications in a safety critical environment involves providing a processor having an operating system to perform processing operations and an intermediate shell that communicates with the operating system and application software to emulate an environment that is safe to the software. The application software runs by interacting solely with the intermediate shell to create a security critical environment therefor.

The present invention is an apparatus and method of operating software in a safety critical environment. A safe critical environment is one in which computer program’s operation (processes, functions, etc.) may occur. that is prone to errors, such as inadvertent or illegal events, failures to take place at the time it is needed, inaccurate values, or undetected hardware failures can result in a potential hazard, or a loss of predictability in system outcome. Security critical environments are required for safety critical computer software components. Inadvertent actions can directly cause death, injury or occupational illnesses. The outcomes of computer actions could also be utilized in making decisions that could result in injury or death or other serious results. Safety critical environments are a common set of guidelines or standards and is addressed in military specifications such as MIL-STD-882B. It works in concert with software which was developed under DOD-STD-2167 as well as DOD-STD-2168. In addition, the capability to examine and audit the performance of the program following the completion of its execution to ensure compliance, becomes part of the safety critical environmental.

Special-purpose computers were designed in order to meet all the testing, performance and requirements of software applications for reporting.

As government agencies like the Food and Drug Administration impose safety critical standards for existing medical systems, and require to validate the software development process and the correct performanceof thesoftware when it is used in safety-critical procedures There is a requirement to provide safe critical environments in general-purpose data processing systems such as standard commercial operating systems like DOS, system 7, forMacintosh and Windows. This safety critical environment would also be accountable for monitoring and confirming correct operation to permit demonstratable proof of the system’s operation.

The principal object of the invention is to create a safe critical environment for systems that process data that isn’t normally capable of creating such an environment. It also runs an industry-standard operating system for personal computers.

These and other objects of the present invention are achieved by the present invention by an intermediate operating shell that is superimposed on a standard personal computer operating system such as DOS or the System 7 operatingsystem for the Macintosh, Windows, OS/2 and OS/2. The function of this intermediate shell is to mimic a safety critical environment for personal computers that are typically not a safety critical system, and to monitor its performance integrity as a safetycritical instrument. The shell communicates with the operating systems to track every aspect of the system and to detect any safety-critical deviations. It is able to correct these immediately or prevent the system from continuing. The shell also works with application software to ensure it does not interfere with the operating system in general. The intermediate shell provides a consistent and standard operating environment for application software, which is in line with the requirements of safety.

In accordance with the invention described herein, the intermediate shell is superimposed over the operating system, thereby mimicking an important security information processing system. The preferred intermediate shell provides a consistent machine-to-application application that supports commonly used database structures and operations as well as common screens handling capabilities.

The intermediate shell executes security essential operations, such as checking for integrity of the database with each write and read to a database, range check as well as continuous checks of the hardware and logs for problems. The intermediate shell has safety-critical characteristics such as redundancy through double copy comparing all data , or other equivalent methods, validation of database information through cyclic redundancy checks on all data elements including hardware validation and validation of variable data, testing of format, and testing of range.

Another important characteristic of the present invention is the fact that it executes the application software in the background and continuously monitors the hardware as well as the integrity of the database from the background. This makes it transparent to theuser.

These , as well as other characteristics and advantages of the invention can be seen in the detailed description of the invention by the drawings attached, wherein:

Click here to view the patent on USPTO website.

Get Patents with PatentPC

What is a software medical device?

The FDA refers to software functions which may comprise ” Software as a Medical Device” (SaMD) as well as “Software in a Medical Device (SiMD) ), which is software that is integral to (embedded in) the medical device.

Section 201(h),?21 U.S.C. 321(h),(1) defines a medical device to be?an apparatus, device machines, devices, implant an in vitro regulator and other similar items in addition to an accessory or component. . . (b) is intended to be used in the diagnosis of illnesses or other conditions or for the treatment or mitigation of disease, or prevention of disease, for animals or humans, or (c) designed to alter the structure or any function of the body of man or any other animal.? To be considered a medical device, and consequently subject to FDA regulation, the software must meet at least one of the following requirements:

  • It must be designed to be used to diagnose or treat a patient; or
  • It must be intended to modify the structure or any functions of the body.

If the software you use is designed to be utilized by health professionals to diagnose, treat, or manage patient information in hospitals and other medical facilities, the FDA is likely to consider the software to be medical devices that are subject to regulatory review.

Is Your Software a Medical Device?

According to FDA’s current oversight strategy that considers the function of the software higher than its device’s platform, FDA will apply its regulation only to medical devices that have functionality that could pose a danger to the safety of patients. Examples of Device Software and Mobile Medical Apps that FDA is looking at include

  • Software functions that help those suffering from psychiatric disorders diagnosed (e.g. post-traumatic stress disorder (PTSD), anxiety, depression, obsessive compulsive disorder) maintain their behavioral coping skills by providing a “Skill of the Day” method of behavior or audio messages that the user can use when they are experiencing an increase in anxiety;
  • Software functions that offer periodic educational updates, reminders, or motivational advice to smokers trying to quit, addicts recovering from addiction, or pregnant women;
  • Software functions that utilize GPS location data to alert asthmatics when they’re near high-risk locations (substance users) and to inform asthmatics to possible environmental conditions that may trigger symptoms.
  • Software that utilizes video and games to encourage people to do their exercise at home.
  • Software functions that require a user to enter which herb and drug they would like to take simultaneously and give information on whether interactions have been observed in the literature as well as an overview of the type of interaction was described;
  • Software functions that take into account specific characteristics of patients, such as gender, age, and risk factors, to provide specific counseling, screening and prevention advice from well-established and respected experts.
  • Software functions that utilize a checklist to determine typical symptoms and give information on when to visit an acupuncturist.
  • Software functions guide the user through a checklist of symptoms and signs to recommend the type of health facility that is most suitable for their needs.
  • Mobile applications are designed to let users initiate a nurse call or emergency call by using broadband or cell phone technology;
  • Mobile apps that enable the patient or caregiver to design and send an alarm or general emergency alert to emergency responders.
  • Software that tracks medication and provides user-configured reminders to improve medication adherence.
  • Software functions that give patients with a way to access their own health data, such as access to the information gathered during a prior visit to a doctor or historical trends and comparison of vital signs (e.g., body temperature and blood pressure, heart rate or respiration rate);
  • Software functions that reveal patterns in personal health incidents (e.g. rate of hospitalization or alert notification rates)
  • Software functions that allow the user to gather (electronically or manually entered) blood pressure information and share this data through e-mail or track and analyze it, or add it to an electronic or personal health record;
  • Mobile apps that allow to track and remind users about oral health. They also provide devices to monitor users suffering from gum disease.
  • Mobile applications that give patients suffering from prediabetes advice or tools that can help them improve their eating habits or increase their physical exercise
  • Apps that allow users to display messages and images on their mobile devices. These apps could be utilized by substance abusers who want to end their addiction.
  • Software functions that offer drug-drug interactions, as well as relevant safety data (side effects, drug interactions active ingredient) in a report based on demographic data (age and gender), clinical information (current diagnosis), and current medications; and
  • Software functions that give the surgeon the list of suggested intraocular lens power and suggested an axis for implantation based upon information inputted by the surgeon (e.g. an anticipated surgically induced astigmatism, length of the patient’s axial and corneal astigmatism preoperatively, etc.)
  • Software, typically mobile apps which converts a mobile platform to an approved medical device.
  • Software that is connected to a mobile device using a sensor or a lead to monitor and display the electrical signals produced by the heart (electrocardiograph, ECG).
  • Software that connects a sensor to the mobile platform, or other tools in the platform, in order to monitor or record the eye movements in order to diagnose balance disorders
  • Software that collects data about potential donors, and then transmits the information to the blood collection facility. The software can determine whether a person is eligible to donate blood or any other component.
  • Software that connects to an existing device type in order to regulate the device’s operation, function or energy source.
  • Software that modifies or deactivates the functions of an infusion pump
  • Software that regulates the inflation or deflation of the blood pressure cuff
  • Software is used to calibrate hearing devices and assess the electroacoustic frequency, sound intensity characteristics, and sound quality of hearing aids, master hearing aids, group hearing aids or group auditory trainers.

What does it mean if your software/SaaS is classified as a medical device?

SaaS founders need to be aware of the compliance risks that medical devices pose. Data breaches are one of the biggest risks. Medical devices often contain sensitive patient data, which is why they are subject to strict regulations. This data could lead to devastating consequences if it were to become unprotected. SaaS companies who develop medical devices need to take extra precautions to ensure their products are safe.

So who needs to apply for FDA clearance? The FDA defines a ?mobile medical app manufacturer? is any person or entity who initiates specifications, designs, labels, or creates a software system or application for a regulated medical device in whole or from multiple software components. This term does not include persons who exclusively distribute mobile medical apps without engaging in manufacturing functions; examples of such distributors may include the app stores.

Software As Medical Device Patenting Considerations

The good news is that investors like medical device companies which have double exclusivity obtained through FDA and US Patent and Trademark Office (USPTO) approvals. As such, the exit point for many medical device companies is an acquisition by cash rich medical public companies. This approach enables medical devices to skip the large and risky go-to-market (GTM) spend and work required to put products in the hands of consumers.

Now that we have discussed the FDA review process, we will discuss IP issues for software medical device companies. Typically, IP includes Patents, Trademarks, Copyrights, and Trade secrets. All of these topics matter and should be considered carefully. However, we will concentrate on patents to demonstrate how careless drafting and lack of planning can lead to problems, namely unplanned disclosures of your design that can then be used as prior art against your patent application.

In general, you should file patent application(s) as soon as practicable to get the earliest priority dates. This will help you when you talk to investors, FDA consultants, prototyping firms, and government agencies, among others. Compliance or other documents filed with any government agency may be considered disclosure to third parties and could make the document public. In general, disclosures to third parties or public availability of an invention trigger a one year statutory bar during which you must file your patent application. Failure to file your application within the required time frame could result in you losing your right to protect your invention.

The information from your FDA application may find its way into FDA databases, including DeNovo, PMA and 510k databases and FDA summaries of orders, decisions, and other documents on products and devices currently being evaluated by the FDA. Your detailed information may be gleaned from Freedom of Information Act requests on your application. This risk mandates that you patent your invention quickly.

When you patent your medical device invention, have a global picture of FDA regulatory framework when you draft your patent application. Be mindful of whether your software/SaaS application discusses the diagnosing and treating patients or affecting the structure or function of the body and add language to indicate that such description in the patent application relates to only one embodiment and not to other embodiments. That way you have flexibility in subsequent discussions with the FDA if you want to avoid classification of your software/SaaS/software as a medical device. In this way, if you wish to avoid FDA registration and oversight, you have the flexibility to do so.

An experienced attorney can assist you in navigating the regulatory landscape and ensure that you comply with all applicable laws. This area of law is complex and constantly changing. It is important that you seek legal advice if you have any questions about whether or not your software should be registered with FDA.

Patent PC is an intellectual property and business law firm that was built to speed startups. We have internally developed AI tools to assist our patent workflow and to guide us in navigating through government agencies. Our business and patent lawyers are experienced in software, SaaS, and medical device technology. For a flat fee, we offer legal services to startups, businesses, and intellectual property. Our lawyers do not have to track time as there is no hourly billing and no charges for calls or emails. We just focus on getting you the best legal work for your needs.

Our expertise ranges from advising established businesses on regulatory and intellectual property issues to helping startups in their early years. Our lawyers are familiar with helping entrepreneurs and fast-moving companies in need of legal advice regarding company formation, liability, equity issuing, venture financing, IP asset security, infringement resolution, litigation, and equity issuance. For a confidential consultation, contact us at 800-234-3032 or make an appointment here.