[ChuckMcM]

I think you have it backwards (no disrespect intended). When you evaluate the choice of Windows you have to acknowledge that it brings with it the vulnerability of viruses and so the necessity of anti-virus software. Either you own that decision, and as part of your support your tool provides the necessary antivirus and you also insure through testing configuration management that its configured appropriately, or you choose a different option up to an including writing your own system to manage the "time critical bits".

Having their software run in a Windows ecosystem that they do not have strict configuration management control over was a bad decision and on the basis of this failure report. That it did not result in patient injury or death was fortunate but is certainly not guaranteed.

[Amezarak]

> When you evaluate the choice of Windows you have to acknowledge that it brings with it the vulnerability of viruses and so the necessity of anti-virus software.

No matter what OS you choose it is vulnerable to viruses. You and I will agree that the odds are your Windows system is much more at risk by at least an order of magnitude. But the IA people who demanded that this system run antivirus are just as likely to demand that Linux run antivirus, simply because the vulnerability theoretically exists and making that demand fulfills their CYA requirements. I've worked on standalone Linux systems that IA demanded have antivirus.

> Either you own that decision, and as part of your support your tool provides the necessary antivirus and you also insure through testing configuration management that its configured appropriately, or you choose a different option up to an including writing your own system to manage the "time critical bits".

According to the article, the software runs on the user's hardware. While they certainly could have made a decision to provide their own controlled hardware, it's entirely possible that hospital was not open to that option for cost reasons, for IT management reasons, whatever.

[ChuckMcM]

   > No matter what OS you choose it is vulnerable to
   > viruses.

It is a bit more nuanced than that. While it is true that absolute security is generally deemed impossible, if you use a widely deployed operating system in your device there are both a number of actors trying to compromise it for different reasons, and a number of examples that can be acquired for testing different exploits.

By writing just enough "OS" to achieve your goals in an embedded system, and then designing a clean access API through which you cannot affect the underlying code (no "here download this new firmware" call) you can avoid that particular threat vector.

[DyslexicAtheist]

> You and I will agree that the odds are your Windows system is much more at risk by at least an order of magnitude

it is a common misconception that Windows is still worse a platform than Linux when it comes to security. Not trolling ... I'm using Linux since '96 and built my life and career on it. Opinion of some people in infosec circles (@thegrugq @csoghoian ...) is that Windows no longer lags behind:

https://grugq.github.io/presentations/COMSEC%20beyond%20encr...

[dantiberian]

There's two separate things that are conflated here:

* Is Windows security equal to or greater than Linux and OS X (Probably yes)

* Are the overwhelming majority of viruses written to target Windows systems (yes)

I really enjoyed this article on security economics which goes into this in more depth: http://tidbits.com/article/15939

[wyager]

>No matter what OS you choose it is vulnerable to viruses

This may be theoretically true, but it is not practically the case. There is a reason Linux and OS X users almost never use antivirus software.

Using Windows on a medical device is inexcusable. It's a heart monitor, not a game system.

[clay_to_n]

Many big-name vitals monitors seem to run Windows under the hood. They have a whole PC in there, connected to their hardware sensors. If you pay extra for network connectivity or a similar premium feature, I suspect it's the same software with some flag turned on.

[Coincoin]

Medical devices are used by humans. Humans, for some reason prefer and know Windows better. Why shouldn't the devices use Windows?

Today, doctors from a hospital the other side of the country can diagnose your cancer realtime while you are still in the MRI machine, and they do it with Windows, because that's what humans know and use.

[wyager]

> Humans, for some reason prefer and know Windows better

Probably because they've been exposed to it in a many settings, for better or for worse. Windows being popular does not imply that Windows is appropriate for any given task.

> Why shouldn't the devices use Windows?

Is this a serious question?

Windows is probably the least stable production OS in the world today.

Windows is extremely bloated compared to an appropriate embedded OS.

Windows is (practically speaking) the only OS where antivirus software is a fact of life. Viruses should not be a concern for medical equipment.

Windows is not even close to real-time.

I don't want to see "Your heart monitor is restarting for updates in 3... 2... 1..."

> and they do it with Windows

This may be technically true, but this in no way implies that Windows is uniquely suited for or appropriate for the task. They could also do it using a PlayStation, but this is probably not an appropriate platform.

[MertsA]

The benefit you're describing is just end users already being familiar with the interface because it's running Windows. That's not the case here, the entire interface on this device is of the custom application itself. It doesn't matter that the user already knows that the start button can be used to launch new programs, they're never going to see any hint that the device is built around Windows unless it's broken. There are numerous disadvantages to using Windows for a heart monitor, everyone else has described this to death but the only real benefit to using Windows is that development doesn't require a software developer competent with embedded work. Now they can hire any Tom, Dick, and Harry from the local community college because it's just a Windows app.

[morgante]

Users shouldn't be exposed to the OS here at all.

[nickpsecurity]

"No matter what OS you choose it is vulnerable to viruses. You and I will agree that the odds are your Windows system is much more at risk by at least an order of magnitude. But the IA people who demanded that this system run antivirus are just as likely to demand that Linux run antivirus"

That's not true for what those systems should be really running which is separation kernel platforms. These isolated tasks in partitions using high-assurance kernels designed to not fail in every way you can think of and with almost no code to hit. The apps even donate their own resources for kernel calls. Interface is in untrusted VM that sends checked commands to real software running on isolated partition optionally on Ada or Java runtime for memory-safety. Anti-virus is not available and not necessary given the untrusted part is strongly contained & the trusted part is memory safe.

http://www.ghs.com/products/safety_critical/integrity-do-178...

https://os.inf.tu-dresden.de/papers_ps/nizza.pdf

Just a matter of using right tools for the job. Any medical device using Windows or any other complex OS isn't doing it right. Even OpenBSD would've been a better choice given it rarely is hacked, crashes, or needs updates. Antivirus software wouldn't run as it's not available for these. It would be a network appliance or something that didn't affect running system.

[Diederich]

Is the day to day impact of antivirus on Linux the same as on Windows?

[Cheapshot1]

even better analogy is. Is the day to day impact of your own customized OS the same as windows. If the medical equipment ran independently we wouldn't have anything really to worry about.