In medical technology, digitalization primarily means networking. Complex analysis devices can be operated more easily and doctors can communicate with their colleagues in a straightforward manner. With the fourth industrial revolution already in the process of completely transforming an industry, digitalization is now arriving in medicine as well. However, in laboratories, doctors' offices and hospitals, the focus is on security and data protection. Doctors can analyze the data collected on site and exchange information with colleagues thanks to networked systems. We found out how this can be implemented in practice in an interview with Markus Dillinger, General Manager Technology at System Industrie Electroinc (S.I.E). Mr. Dillinger, IoT and the digital factory have arrived in industry and are being used successfully. What does networked medical technology look like? The operating room of the future, as well as individual medical practices, will be fully digitized and partially automated. However, while automation plays a very important role in industry, in medical technology it is more the networking and the shift of analysis methods to the so-called point-of-care that are to be seen as the drivers of digitalization. Highly complex laboratory analyses can be carried out in ever smaller and, above all, ever easier-to-operate devices. Operation ultimately resembles that of a smartphone. In addition, the analysis and patient data obtained are fully automatically compared with each other, exchanged among doctors and devices, and analyzed. Digitalization in the medical industry must be done more sensitively than in manufacturing, for example. What do concrete steps toward digital medical technology look like? As stated in my previous answer, a great deal of data, some of it sensitive, is processed and exchanged digitally. It goes without saying that digitalization must be accompanied by appropriate protection of this sensitive data. Apart from this, the issue of fail-safety in medicine must be viewed much more critically than in many areas of industry. Whereas a stopped assembly line costs money, a failed device in the operating room can have much more serious consequences. Therefore, the principle of "function before safety" applies in the design and development of medical devices. Nevertheless, appropriate safety concepts must be considered and incorporated as early as the development phase. Modern security concepts are based on the classic pillars of security. Could you please explain this in more detail. The three so-called pillars of IT security, confidentiality, integrity and availability, have a major influence on modern security concepts for medical devices. The more we work in a fully automated and digitally based manner, the more vulnerable a device becomes to unwanted external access, manipulation and/or misuse. In this context, I consider it particularly important to raise awareness among manufacturers and distributors, as well as physicians in private practice and clinics. Complete security concepts do not start with classic fears such as hackers or database crashes. In principle, most products are easiest to manipulate on site. Access to equipment and premises with sensitive data is often the first starting point that is overlooked. Of course, together with our partners, we also implement solutions for these problems, such as adapted circuit designs to secure USB slots or verification software to prevent manipulation. prevent manipulations. The solutions and approaches for digitalization are there, but they must be implemented completely and with the utmost care. Medical data must be secure from access and tampering. How do you safeguard this? As already mentioned on the topic of security design, an individual, whether a development specialist like us, a manufacturer, a distributor or a physician, can never fully secure data. What is important is a planned and professional interplay of various security mechanisms to reliably secure data, access protection, and access options and authorizations for sensitive areas and equipment. As developers and as drivers of digitalization in medical technology, we see the creation of attention or awareness for the overall topic as one of our most important tasks, in addition to professional security concepts in our own development projects and orders. When an entire industry network is on the verge of a paradigm shift, or even in the midst of its beginnings, this network can only generate optimal solutions together.

The technical (r)evolution in laboratories and hospitals and its demands on security and data protection. Digitalization is on the rise. While industry can already point to far-advanced processes and successes with buzzwords such as "Industry 4.0", "IoT" and the "digital Factory", the healthcare sector is still at the beginning of a similar development. Markus Dillinger, General Manager - Technology at System Industrie Electronic GmbH, a development and manufacturing specialist in the medical & IVD sector, says: "A complete digitalization and extensive automation of the healthcare sector with a focus on faultlessness, connectivity and safety is inevitable. However, unlike in industry, we see much more sensitive areas of application and data protection needs in the medical sector. Accordingly, the development of advanced medical devices must always go hand in hand with fully comprehensive security concepts. In addition, the fundamental risk assessment of the two sectors is also significantly different. While business IT has been and continues to be designed with a clear focus on security over function, the principle of function over security usually applies to medical devices, as it does in industry." This unavoidable prioritization of the health sector must be incorporated by modern development and manufacturing specialists in the design of new equipment. The three pillars of security Modern security concepts are based on the classic "three pillars of security". Confidentiality - Integrity - Availability. For each of these pillars, appropriate hardware and software precautions must be taken in the context of a fully digitized medical system. At the beginning of a protection concept, the protection goal must be defined. In the context of this definition, the following questions must be answered for each individual product: What is to be protected? Why should it be protected? Who is the potential attacker? In the case of digital medical devices, a dedicated approach is recommended. "Fully digital medical devices can be manipulated and attacked on several levels;" says Markus Dillinger. "Bootloaders, the operating system and device-specific application software are all based on the respective hardware platform. Each of these levels is vulnerable and must be protected accordingly." Protection at all levels Complete protection concepts therefore start at the hardware level to guarantee the long-term availability (see above: "Three pillars of security") of developed devices. For example, robust ESD-compliant circuit design beyond the standard specifications and discharge measures for potential overvoltage in the housing can protect devices from USB high-voltage generators. These sticks, which are relatively easy to purchase, could quickly and effectively put equipment out of operation without appropriate protection. This would be particularly fatal in the health sector. "While increasing networking and interfaces can make workflows easier and more convenient in the future, it must be clear that any additional possibility of intervention also makes systems more vulnerable. To this end, attention must be paid to particularly secure product design as early as the product development phase," says Dillinger. In the area of system integrity, the next step is to determine who can change data and how, and to ensure appropriate traceability. In addition to the classic encryption of sensitive data, secure boot systems, which prevent access and manipulation during the boot phase, are particularly effective aids here. Secure boots force all hardware and software components in operation to authenticate themselves at system startup. If this authentication fails, the system prevents access. Hardware tools such as a case intrusion protection or detection in combination with correspondingly reacting automatisms such as data deletion or device shutdown can also be valuable measures for the protection of sensitive data. Of course, the issue of confidentiality is also taken into account in modern security concepts. Irrespective of networking via the Internet or intranet, the USB interface is another major weak point of unsecured devices. The above-mentioned Secure Boot or a corresponding USB device authentication provide a quick and easy remedy. Markus Dillinger adds: "However, awareness must be created, especially at the end customer level. Who can access a device, when and how? Are there communicated and known update concepts? How are devices protected against unauthorized access? In cooperation with partner companies, we see time and again that the extensive training of service personnel and the definition of uniform service procedures are extremely important steps towards a mature security concept. It's important to make yourself and partners aware that system protection doesn't start with software or virus protection, but much earlier." Looking at these approaches and concept structures, it becomes clear relatively quickly why the healthcare sector still lags behind industry or the IT sector when it comes to digitalization. industry. Far more sensitive data, a much greater focus on fail-safety and the correspondingly required complex security concepts do not make the tasks for developers, manufacturers and end users any more difficult - but they do make them much more complex. However, one thing is clear: developers, service providers and their partner networks are working at full speed on new solutions - the (r)evolution in the medical sector towards a fully networked, automated and digitized healthcare system is imminent.

New forms of collaboration are needed for fully networked medical technology. Using the example of a connector to the telematics infrastructure, this article shows how medical technology 4.0 can succeed. Digitalization is also in full swing in medical technology, and yet the revolution is proceeding at a more moderate pace compared to the successes in industry (Internet of Things, IoT). The medical technology environment is significantly more demanding, as more requirements are placed on the environment surrounding life-support systems. In particular, the handling of highly sensitive data poses additional challenges for the digital transformation in healthcare. The development partnerships between manufacturers (distributors) and simple system integrators that have been customary up to now are also facing new tasks due to the required integration and consideration of security, data protection, encryption and the analysis of potential attack vectors for networked medical technology. Completely new forms of cooperation are required here, and all parties involved must take different paths, because the required know-how can no longer be mapped via a classic customer-supplier partnership between two participating companies. Focus on security-specific requirements In the development of fully networked medical technology, the focus is on security-specific requirements in addition to the usual requirements for reliability and quality as well as normative requirements; examples include encryption and infrastructural connections as well as standardized, location-independent network and service access for medical technology equipped with the appropriate hardware and software. One of the most important and at the same time most fundamental steps is the connection of medical practices to the telematics infrastructure (TI) in Germany. The path to secure and standardized handling of the digital patient file by the end of 2020 shows, even before the threshold into the actual treatment environment, what security and development specialists in medical technology will be confronted with. The connector from security specialist Secunet, which now enables over 45,000 medical practices to access the TI via Arvato Systems' VPN access service, is one of the latest success stories in med-tech digitalization. In the course of developing the so-called Secunet connector, developers at S.I.E, under the leadership of Secunet and its partner network, had a rare opportunity to witness and understand the above-mentioned new forms of collaboration in the medical industry between distributors, developers and partners in the efficient creation of highly complex, security-relevant systems such as the connector. Digital medical technology requires rethinking "The genesis of our connector for connection to the telematics infrastructure is a wonderful example of the changes that are also needed in the medical technology industry itself. Together with our development partner S.I.E, we broke completely new ground in the conceptual design and implementation of this solution," says Markus Linnemann, Division Manager Critical Infrastructures Secunet Security Networks. And indeed, a look at the entire corporate network involved in the realization of this project quickly reveals that classic hierarchically organized development processes in a classic client-customer relationship between the various organizations would have stood in the way of the goal of targeted and efficient development. In the development phase of the connector, Secunet Security Networks itself acted as a security specialist with the appropriate market access and S.I.E as a system integrator and expert for the development of the hardware. Arvato Systems, on the other hand, oversaw the connector's counterpart, the VPN access service, and together with Secunet and its partner eHealth Experts implemented the "My Access Service" service. Of course, the Federal Office for Information Security (BSI) and gematik, as supervisory bodies for the security and functionality of the connector, are also involved in this security-sensitive case. Josef Krojer, General Manager of S.I.E comments: "At this point, however, the network is far from complete. Of course, we also have appropriate partners for platform technologies or industrial design on board. However, in a classic systems integration development relationship of the past, these partners would not have any connection to the marketer, let alone direct end-customer feedback with the corresponding impact on schedules and costs." In short - as can also be seen from the organizational matrix (see image) of this project, the requirements of a digital medical technology create a complex network already in the development phase, which requires new approaches. Joint digital development and transfer platforms Markus Linnemann of Secunet Security Networks explains, "This is precisely the point at which we realized, together with S.I.E, that we needed a more intensive form of know-how transfer and collaboration. Classic requirements specification development without a common understanding of the overall process and without a common goal in finding a solution slows down the processes and makes success within the given timeframes almost impossible." As a result, the companies involved granted each other insight and access to data and partners in a completely new way. In expert calls, the participating companies coordinated on the entire service supply chain within their respective development domains. Specialists from all areas of this service chain examined imponderables found in joint discussions, agreed short-term goals within the framework of agile development sprints, and transferred required know-how. Common digital development and transfer platforms also served as a basis. "This approach sounds absolutely simple and logical at first glance, but it is completely new. Development processes, partner networks and calculations Giving each other such deep insights into development processes, partner networks and also calculations in order to create a solution together requires courage and a new kind of trust. The classic fear of disclosing supply chains had to give way to the common goal of timely market entry and the clarity that only in a strong alliance with free communication channels was it possible to achieve the goal. This challenge was accepted and implemented excellently by all the companies involved," says Josef Krojer. The basis was created. A company network with open and modern, partially digitized communication channels, a complete know-how set and a common goal and solution concept of how the connection to the telematics infrastructure should look. As part of this collaboration, the companies not only granted each other significantly intensive access to each other's resources, but the work within the individual domains was also actively shaped jointly. Fewer loops in hardware development As an example, a secure manufacturing domain was implemented for the connector at S.I.E. Markus Linnemann of Secunet Security Networks comments: "Due to the history of the company, we already had very deep knowledge in the certification of highly secure development and delivery processes. Being able to pass on this knowledge easily and effectively to our partners through the newly created communication structures was an important success factor." This step enabled S.I.E.'s Common Criteria certification by the BSI to be achieved much faster and with fewer problems at the first attempt. In addition, the matrix communication in the form of the expert calls paid off by significantly reducing the number of loops in hardware development, which also saved resources and led to bringing the product to market faster. Over 45,000 connectors sold However, a product or service only ever becomes a real success through the actual behavior of the market. After market launch, over 45,000 connectors have already been sold to date and a correspondingly large number of practices have been connected to the telematics infrastructure. Tests and surveys confirm the success of the development and give hope for the future development of the medical technology sector itself. Even at this early stage, the companies are planning to build on the success of the connector by developing a version for the hospital infrastructure. "The connection of hospitals and other professional groups and institutions involved in medical care via a standardized interface technology, based on the devices already developed, is subsequently a logical next step," says Josef Krojer in this regard. "Together with Secunet and the entire development network, we have created a basis in recent years to efficiently move from an abstract idea for digitalization in the regulatory demanding medical technology industry to a resilient roadmap of implementation." From security to production to logistics The example of the Secunet connector and the approach of the network of companies involved shows the way forward for development projects in the medical technology industry. Above all, it provides insights and foreshadowing of how digitalization is actually progressing in highly sensitive environments and industries. New collaborative development processes, more open communication channels based on partnership, and a shared understanding of the goals of entire networks of specialists - from security to production to logistics - are necessary from the outset in order to achieve and drive forward the major common goal for digitalization. Accordingly, the transformation itself takes place not only systemically and technically, but above all also in terms of corporate culture. These changes and the setting of the course, which - as can be seen in the example of the connector and the telematics infrastructure - are already in full swing, open up new paths and opportunities - on the way to medical technology 4.0.

S.I.E and its partner secunet Security Networks AG are committed to digitalization in medical technology. The companies' focus here is on the interaction between humans and machines. Digitalization and disruption. Terms that change industries, open up new paths and technologies for people, and stand for the times we live in like no other. While development in areas such as industry is advancing rapidly, the healthcare sector and the entire medical technology sector are faced with the challenge of having to deal with sensitive patient data in complex operator networks as well as across operator boundaries. The protection of such data must be ensured, but also the premise of "function before safety", which is common in medical technology (MIT), must be adhered to. The well-being of patients comes first. Two pioneers in the digitalization of medical technology are the embedded systems specialist S.I.E and its partner, the IT security specialists at secunet Security Networks AG. During the research for this article, the two companies gave us an exclusive look behind the scenes of two digitalizers, or rather, digitalization enablers. The companies' focus is particularly on the further development of an entire industry. "Digitalization only works if we enable ourselves and the entire industry environment to share a common foundation of know-how and technology. At this point, it is much less about marketing service than about basic work to enable real innovation and disruption in the context of digitalization in medical technology as well," says Josef Krojer, one of S.I.E.'s managing directors. In order not to let digitalization hover over an industry as a buzzword and sword of Damocles, but to actually break it down in a tangible and understandable way, S.I.E has developed its own digitalization model. Sami Badawi, Head of Marketing and co-developer of the model explains, "In digitalization, we don't focus on linking and listing hardware, software and various layers up to the cloud. Our focus is on human-machine interaction. To this end, we have broken down both systems, the digital world and the physical world, and taken a process approach to representation. We are concerned with digitalization as a transformative process. We understand it as the analysis of processes in the physical world and the mapping of digital counterparts in the digital world. In particular, we need to look at the interfaces between the worlds - so that users perceive machines as a friend and helper rather than a threat or hindrance. Machines should help with decisions and only take responsibility where it is possible and makes sense." Taking a closer look at the model, especially the digital world, it becomes clear that interface technologies for the secure transport of signals between sensors and computer systems such as cloud, Fog, and edge computing devices are the most important foundation of digitalization. This is precisely where S.I.E and secunet Security Networks AG have chosen their entry point for the joint digitalization roadmap for medical technology, thereby further expanding their joint activities for the digitalization of healthcare. An initial contribution has already been made by the secunet konnektor, the security technology heart of communication in the telematics infrastructure. Doctors in private practice, pharmacies, and large hospital infrastructures and data centers will thus have access to the digital health network. Torsten Redlich, Deputy Head of Division eHealth at secunet Security Networks AG, says: "Another important aspect besides secure patient data processing via the telematics infrastructure is the protection of decentrally operated medical technology. Together with S.I.E, we want to advance the topic of Medical Technology 4.0 and enable operators and distributors to securely integrate medical devices into operator infrastructures. A device designed for this purpose with IoT interfaces for securely connecting medical devices to operator infrastructures has already been seen as a valuable first step by many medical technology distributors." The comprehensive networking of devices and their intermingling with IT-supported systems is the key driver of new digital business models in medical technology and only enables the processing, correlation and analysis of generated data volumes. However, this level of networking and distributed data processing inevitably leads to new challenges and security risks for operators and manufacturers of such devices. Practical experience has shown that there is an acute and omnipresent threat to networked medical technology from cyber attacks and that protective measures must be taken and permanently maintained for equipment and transferred data. However, medical technology regulations restrict the modification of IT components. Medical technology products must comply with legal quality specifications, which undergo extensive testing and approval prior to release for use. This poses a problem for rapid software updates and upgrades. Now, in order to be able to respond to the rapidly changing IT influences and arm oneself against current IT threats, protection concepts are needed that work flexibly on and around the medical technology itself. This is precisely where the joint approach of a gateway and interface technology comes in: a "trusted edge platform" as a secure system environment protects connected medical technology from external influences in the sense of a protective shell and provides an execution environment for reloading and executing individual applications around which medical technology cannot normally be easily retrofitted. Accordingly, operators and distributors of medical devices as well as service providers can take advantage of the flexible concept of the Trusted Edge Platform and securely integrate their IT services into operator infrastructures, securely transfer data in and out of IT services via directed and controllable communication channels, protect medical devices at the same time, and develop new digital business models on this basis. develop. To this end, the companies are already in workshops and concrete development of digital business cases with several well-known med-tech in-transit providers. Josef Krojer explains, "It goes without saying that the development of a Trusted Edge Platform, i.e., a solution consisting of hardware and software, for connecting med-tech devices to individual infrastructures is a complex and operator-specific challenge." To this end, S.I.E together with secunet Security Networks AG offers interested parties various workshop formats for analyzing current business cases and possible use cases for digitalized medical technology. While the Trusted Edge Platform has already been finalized to a large extent, the individualized choice of hardware design, the connection to various forms of operator infrastructures, and the design and integration of apps, operator feeds, and even the opening of individual channels for third-party providers must be clarified and implemented on a case-by-case basis. "The only possible way to realize this is a collaborative, open development approach. The workshops and also the deeper collaboration in product and digital business case analysis and business modeling are a quantum leap compared to classic requirements specification developments of the past. We can only master digitalization in medical technology together in large know-how clusters and with co-creation approaches," says Josef Krojer.

Development | In mid-2018, Exias Medical will launch its new stand-alone electrolyte analyzer for point-of-care diagnostics. The IVD analyzer enables significantly faster measurement procedures with simplified operability. Exias brought electronics specialist S.I.E on board for hardware and software development. The trend towards moving modern diagnostic equipment to the so-called "point of care", i.e. to doctors and clinics in private practice, poses new challenges for manufacturers and developers. manufacturers and developers new challenges. Smaller, faster, simpler: this is what both doctors and patients expect from fully digital minilabs. To this end, Exias Medical GmbH from Graz, Austria, has developed a highly integrated measuring unit for electrolyte analysis, which, thanks to its innovative electrochemical measuring process, is capable of satisfying precisely those needs. Human-machine interface for improved operability The intuitive and smartphone-like control by means of a state-of-the-art touchscreen interface simplifies the operation of the unit. At the same time, all consumables are combined in a single cartridge. These optimizations, in conjunction with the process technology, result in a more than 50 % shorter measuring time and lower sample volume in relation to comparable electrolyte analyzers on the market. In addition, the instrument is the world's first and only electrolyte analyzer to feature a fully automated module for daily quality control measurements. In the design of the new analyzer, particular emphasis was placed on intuitive and easy operation. "The first and initial approach to the operation was a tablet-based control system. However, due to the high demands on the reliability of the system and a corresponding long-term availability, these plans were quickly discarded and the idea of developing a specially designed, fully integrated user interface was born," recalls Josef Hindinger, Managing Partner of Exias Medical and responsible for Research & Development at the Austrian medical technology company. "However, the development of human-machine interfaces, their conceptualization and design is not our core business. That's why we brought a competent development partner on board at this point in the conceptual design process with S.I.E." The Vorarlberg-based innovation driver S.I.E from Lustenau realizes custom-fit, application-oriented and platform-based modular human-machine interfaces including graphical user interfaces (GUI) for its partners. After initial exploratory talks in spring 2015, the first workshops were quickly started. "The biggest challenge for complex analytical devices is to make them as intuitive to use as possible. It should be possible for the units to be controlled in an uncomplicated manner by appropriately trained personnel, and they should nevertheless be able to optimally process their originally complex task area in the background," says Dr. Michael Saugspier, Business Unit Manager Human Machine Interfaces at S.I.E. He is certain: "Functional samples of the assemblies, which we make available in very early development phases in order to begin work on basic software logics, help us and our partners to tackle this important task at an early stage and to test results directly in practice. At the end of the day, we see the most important point in development in partnership as an assembly that is optimally integrated into the end product and the absolute focus on the application and user." Cooperation from the very first development steps Together, Exias Medical and S.I.E developed the electronic system architecture and mechanics for integrating the HMI (human-machine interface) unit, as well as corresponding program logics. "An important success factor f in this very open and trust-based type of joint development was the very early timing of the start of the collaboration," Hindinger says. "Already in the course of the first workshops, important mutual needs and requirements were discussed and uncovered, which would have been much more difficult to implement at a later stage of development." Currently, the electrolyte analyzer is in the process of design transfer. The sales launch and market entry for the device is planned for mid-2018. The operating philosophy and system architecture developed in this project will also be used and applied for other devices in a similar environment in the future. Josef Hindinger is very satisfied with the schedule and the collaboration: "Thanks to precise collaborative project management, mutual integration into systems and tool landscapes, and the flexibility of both partners, we can now look forward with pride to the scheduled market launch and further projects." Dr. Michael Saugspier also sees the trend towards development networks throughout the industry: "More and more often, we experience that specialists such as Exias Medical bring specialists on board as partners for assemblies such as the HMI units in order to focus their own manpower in their actual core area. Of course, this type of cooperation is always based on corresponding trust and openness to jointly master all imponderables along the development process." However, the work carried out together with the Graz-based diagnostics specialist once again demonstrates the benefits for both sides - electronics development specialists and medical device manufacturers.

The transformation of manufacturing & development and supply chains Medical technology is a fast-growing industry with great potential for expansion. Technological advances are enabling better and faster diagnoses and opening the way to personalized medicine. Development is also facing new challenges. On the one hand, short development cycles are required. On the other hand, new technologies must be mastered and successfully integrated. To meet this challenge, a rethinking of current development processes is required. In order to keep pace with technological progress and withstand time pressure, the use of standardized modules - in both hardware and software - will increasingly be the subject of modern development processes. By dividing tasks and using standard platforms, developers can concentrate on their core know-how. The use of tablets and smartphones has fundamentally changed both operation and interaction and has become indispensable in the 21st century. New developments therefore require a modern, well-connected HMI control system that increases ease of use through simple and error-free operation. At System Industrie Electronic, we have recognized this trend and the complexity of the entire process - from usability to integration to life cycle management. That is why we have developed a platform for modern HMI controls with a focus on interaction and control. This modular system of pre-verified hardware and software modules enables rapid implementation, fast prototyping and easy development. 80% of the platform are standardized modules with a customization level of 20%. In addition, the necessary documentation for certification is available. This drastically reduces time-to-market and costs. Modern HMI controls are complex units in themselves and consist of a large number of components as well as complex manufacturing processes such as the optical connection between cover glass and display. Standardization therefore also facilitates supply chain management, as the unit can be supplied as a single module from a single source. In addition, the availability of the components used is increased by active life cycle management, which conserves resources and ensures availability over the entire life cycle of the product. Combining the complexity of operation in an intelligent HMI operating unit and simplifying the associated supply chain makes it possible to manage technological progress in the future and thus help patients. This is what we believe in - this is what we stand for.

“Master of Human-Machine-Interface” – We make your studies feelable and experienceable. We rely on our junior staff. At S.I.E you can already play an active role in the company during your studies and gain important experience. We have given the Technikland an exclusive look behind the scenes and into the working world of Martin – one of our dual students. You can find the result here – enjoy reading.