Today it would be difficult to find a medical device that does not critically rely on computer software in its function, manufacture, or use in clinical decision making. Despite the lessons learned by the radiation accidents of the Therac-25 twenty years ago, medical devices that rely on software (e.g., drug infusion pumps, linear accelerators for radiation) continue to injure or kill patients in preventable ways. Why is it so hard to create trustworthy software for medical devices? Devices are not isolated devices. They are systems of systems. And software plays a significant role for control of these critical systems that can significantly affect patient safety, either positively or negatively, depending on its trustworthiness. Failure to meaningfully specify requirements, complacency, and lack of care for human factors further erode trustworthiness. The lack of trustworthy medical device software leads to shortfalls in properties such as safety, effectiveness, dependability, reliability, security, and privacy. Good systems engineering and the adoption of modern software engineering techniques can address many of the risks of medical device software---leading to devices that help patients lead more normal, healthy lives.
Kevin Fu is an assistant professor in the Department of Computer Science at the University of Massachusetts Amherst in the beautiful northeastern region of the United States. His research focuses on security, privacy, and low-power operation of pervasive computer systems such as RFID-scale computers and software-controlled medical devices. To this end, Prof. Fu works on energy-aware software and cryptographic technology for computational RFIDs---tiny embedded computers that operate without batteries. Prof. Fu's contributions include the security analysis of several systems ranging from contactless no-swipe credit cards and implantable cardiac defibrillators to access-controlled Web sites and automated software updates. Prof. Fu is an ACM Senior Member, Alfred P. Sloan Research Fellow, MIT Technology Review TR35 Innovator of the Year, and recipient of the NSF CAREER award. His research appears in computer science conferences, medical journals, and has been featured in media such as The New York Times, The Wall Street Journal, NPR, and various news programs. He served on numerous program committees of leading conferences in secure systems, and has given dozens of invited talks world-wide to industry, government, and academia. Prof. Fu leads the UMass Amherst Security and Privacy Research (SPQR) lab. He serves as director of the RFID Consortium on Security and Privacy (RFID-CUSP.org) and co-director of the Medical Device Security Center. He is also a frequent visiting faculty member at Microsoft Research and the Beth Israel Deaconess Medical Center of the Harvard Medical School. Prof. Fu received his Ph.D. in Electrical Engineering and Computer Science from the Massachusetts Institute of Technology. He also holds a certificate of achievement in artisanal bread making from the French Culinary Institute and maintains an active participation in the study of Latin and the Classics. For more information, visit http://www.cs.umass.edu/~kevinfu/