Real-time virtualisation for embedded systems in medical devices
20 November 2017
Complex medical devices often integrate different embedded systems for various functions, including virtualisation and ‘medical IoT’ connectivity. This piece explains how embedding all – or at least most – of these functions on a single embedded device offers significant cost-saving opportunities.
This piece originally appeared in the November 2017 issue of Electronic Product Design & Test; to view the digital edition, click here – and to register to receive your own printed copy, click here.
Embedded Systems in intelligent medical devices – from infusion pumps to stationary MRTs – have always had to fulfil several tasks: the control of the device, the data computation (often in real-time), as well as visualisation of the generated data via a graphical user interface. And with the medical IoT, they now also have to provide more connectivity and communication capabilities.
The licensing of medical devices on a ‘per-use’ basis is another trend being driven by the IoT: the advantage being that hospitals can reduce capital investment – and even fixed operating costs. Plus, vendors benefit from accelerated sales cycles because there are no longer the same financial barriers for deploying the latest, more effective and/or more efficient technologies. However, IoT connectivity also makes it essential to secure the devices against external threats and data loss.
The conventional way is separation
Utilising dedicated computing resources for all these different tasks is the proven, conventional way to separate safety-related software from non-safety elements, such as the user interface. This separation helps to simplify the engineering process, as well as the medical certification of the device, compared to a design where all the software runs under one operating system. In that case, every part – safety critical or non-safety critical – must meet all the safety regulations (which can drastically increase development and certification costs, and consequently mitigate the cost benefits of hardware consolidation).
In addition, if real-time behaviour is required (for example for device control or critical computations), separation of the real-time functions from non-real-time functions can help to improve the deterministic behaviour of the device. In this case, real-time can be guaranteed even when other parts of the system, such as visualisation and communication, reach their maximum workload or hang. Separation is also beneficial for non-trusted internet operations, because IoT-connected medical devices can theoretically be accessed from the internet, like any PC.
This opens the door for unauthorised access to confidential data, malicious software, viruses and other threats. OEMs therefore have to harden their devices against these threats. One effective option is to separate the device via a dedicated security system, which routes all communication from and to the external world, acting like a dedicated firewall and gateway – securing the medical device against security violations over the network.
Integration is more efficient
Despite these points, hardware-based separation is expensive – and most or all of the functions can be integrated on a single hardware platform, if it is powerful enough and supports real-time-capable secure hypervisor technology, to separate the applications via software. A good starting point for such multifunctional medical embedded systems are the scalable AMD Embedded G-Series and R-Series APUs. These have integrated Radeon graphics technology, combined with the hypervisor technology from Real-Time Systems (RTS), which is focused on secure medical and automation devices that demand real-time functionality.
Powerful processors for medical imaging and monitoring applications
The multi-core AMD Embedded G-Series and R-Series APUs provide more than enough computing power to handle all these tasks on a standalone multi-core processor. They also integrate a high-performance programmable graphics unit on a single silicon die. This allows these APUs to process different data structures in the most efficient way: multifunctional, serial workloads via the x86 cores; and parallel workloads, such as those for image processing, via the graphics unit (GPU).
For this purpose, the AMD APUs integrate several hundreds to thousands of computing units in the GPU. As their name implies, these Single Instruction Multiple Data (SIMD) engines can process a plurality of data elements in parallel – using a single instruction. In imaging, for example, this includes all calculations required for a line, or complete frame, of an image or video recording. A picture line of 4,096 pixels (4K) with 16-bit colour information requires roughly 8.5 clock cycles per picture line and about 17,700 clock cycles for a complete picture. Given a clock rate of 800 MHz, an operation can be applied to a complete 4K image within 22 microseconds.
High GPGPU performance
The AMD Embedded R-Series SoC processors offer the highest theoretical performance of 819 GFLOPs. This allows them to apply up to 92,570 operations per second to a complete 4K image with 4,096 x 2,160 pixels. It is also notable that the new AMD Embedded R-Series SoCs offer a widely scalable TDP of 12 to 35 watts, which enables fanless, completely closed operation – and therefore particularly hygienic and robust – designs.
Another advantage is that AMD’s Radeon GPUs are also available as a single-core solution for the seamless scaling of the data collection process. In addition, GPGPU processing does not use proprietary software such as CUDA, which creates dependency on a single vendor, but instead supports openCL standards that have the backing of other leading vendors.
Reliable hypervisor technology for multifunctional systems
The second precondition for a multifunctional embedded medical system is a secure and real-time capable hypervisor. It allocates the individual hardware resources of the embedded computing platform to individual virtual computers, each capable of running their own operating system – thus separating the different device functions from each other. As an example, a quad-core AMD G-Series or R-Series processor can be split into four fully independent virtual computers, running real-time or general-purpose operating systems independently.
The RTS real-time hypervisor provides all the necessary basic requirements for the development of such multifunctional and connected medical devices. The latest version 4.6 supports all current AMD Embedded G-Series and R-Series APUs. This allows developers to use all of the hardware functions as before, without any restrictions. The RTS real-time hypervisor enables simultaneous operation of real-time operating systems, such as Wind River VxWorks or QNX Neutrino RTOS, and classic multi-purpose operating systems like the Microsoft Windows family (including Windows 10 IoT and Linux on a single APU).
All virtualised systems run separately – and can even be rebooted without affecting each other or interfering with the operation of the others. This is particularly important for safety-critical medical devices on which the care of a patient depends. Together with the provided security features, such as the API for starting, stopping, or monitoring individual operating systems, the RTS hypervisor is not only a practical platform for secure medical devices, but also for all embedded applications where separation and/or real-time security play an important role.
Computer-on-Modules simplify design-in
COM Express Computer-on-Modules simplify the integration of the AMD Embedded G-Series and R-Series APUs into medical devices with the RTS hypervisor. Such modules provide an application-ready comput-ing core so that developers no longer need to design and configure0 their embedded devices from the ground up. They need only choose the suitable module, integrate an application-specific carrier board, and define the required extensions and external interface. As a result, Computer-on-Modules significantly reduce design efforts and resources as compared to the requirements of a full custom design.
Test and certification demands, moreover, are also reduced, because the core is already tested and pre-validated for all major, globally-recognised certifications. Challenges, such as product discontinuations or new processor generations, can easily be handled by a simple exchange of the Computer-on-Module.
The standardisation of COM Express modules offers further benefits; for example, engineers can rely on identical interfaces for new or next-generation products. Designers are well supported by a range of vendors, improving long-term availability and ensuring buyers’ freedom to choose the best solution. The broad ecosystem of accessories includes application-ready cooling solutions and carrier boards, enabling a competitive landscape for purchasing components – or even re-using third-party layouts to minimise NRE costs.
The form factor is used by a large community, which in turn ensures continuous improvement of the standard. As a vendor-independent standardisation body, the PICMG hosts the world’s leading COM Express standard and actively supports the developer community in promoting its value, contrasted to proprietary solutions. Medical engineers also benefit from the fact that crucial medical domain expertise remains in-house, while embedded computer specialists develop and manufacture the application-ready computing cores.
These include all the required BSP and driver support, plus the integration of technologies such as the RTS hypervisor, and even the latest IoT APIs introduced recently at Embedded World. They offer a secure remote system monitoring solution over the wire to remotely update, monitor and control the medical device. OEMs can use this information for predictive maintenance, asset and inventory management, software updates and usage tracking for new business models. These value-adds make for application-ready multifunctional modules, which greatly simplify the use of embedded technologies.
Contact Details and Archive...