To Use COTS Hardware or to Not?

Jan. 28, 2013
When It Comes to Cost vs. Safety Built-for-Purpose Hardware Is Worth the Premium
About the Author
John Rezabek is a process control specialist for ISP Corp. in Lima, Ohio. Email him at [email protected] or check out his Google+ profile.I happened to visit the local hospital recently for an outpatient procedure, the details of which I will spare you all. Suffice it to say I'm over 55 and fasting was involved. But I can tell you, it used some impressive instrumentation, networks and computers.

Before losing consciousness and while awaiting the arrival of the doctor, from my gurney I was able to survey much of the procedure room, which had multiple carts piled with biomedical electronics. Interestingly, I wasn't able to spot a single branded piece of equipment that didn't bear the logo of the gadget supplier. Even the monitor, which for all appearances was no more than an old 4:3 aspect ratio LCD flatscreen with a VGA connection to the custom-logo box beneath, wasn't "commercial off the shelf" (COTS) — it bore the biomedical OEM's logo. Surely, I thought, at least half these boxes contained little more than an Intel-based PC microprocessor and motherboard. Why hadn't the influx of COTS hardware made its way to the medical instrument provider and their end users? Can the distinctions we observe offer any guidance when we are faced with the choice — to COTS or not?

One observation we can make immediately pertains to our differing cultures with respect to cost. Although there has been pressure on the healthcare industry from Medicare and insurance providers to keep costs in line, that care should be compromised in any way to reduce cost is a thought rarely spoken. There are armies of aggressive attorneys eager to extract their measure for any harm, real or perceived. The idea that some exam or procedure was compromised by a monitor from Walmart would be easy prey.

With network hardware and other microprocessor-based appliances being produced in abundance for consumer and business applications, the cost for an industrial application is temptingly low. Certainly, nearly all of us have systems with workstations, monitors, Ethernet switches, routers, and even wireless access points that were intended for office or campus end users. This has been the case for enough years that some in our discipline might never have seen a built-for-purpose operator interface.

So having been on the COTS path for 10–15 years or more, what are the consequences and compromises we've experienced? We don't need to think very long or hard to recount the effects of Windows operating system foibles, from drivers to viruses to random OS lockups. Even late vintage Windows 7 workstations have exhibited vexing malfunctions. In one example, our operators would be slowed when their mouse appeared to stop working because an error pop-up dialog box appeared behind an always-on-top trend display. Our dual-screen workstations required Visual Basic (VB) code additions and a registry hack before dialog repositioning functioned properly for some ATI graphics cards. To date, there have been no dire consequences, but imagine if the malfunction was affecting the monitoring of vital signs of an anesthetized patient, instead of a brewery, bakery or chemical plant? In contrast to the anesthesiologist, the industrial user's stomach for risk is much greater, when the patient is a bottle of Bud or a package of hotdogs.

Sometimes, though, even the misplaced hotdog has some measurably dire consequence, even if it isn't as severe as those in the medical profession. We are tasked with interlocks for worker safety, for example. How much of this would we risk on COTS-based platforms? The safety systems in the chemical plants and refineries that surround me at my place of business perhaps have a COTS-based engineering interface or even an HMI that runs on a Windows platform, but the core interlocks have no dependence on these peripherals to do their work. Some process analyzers like Fourier transform infrared (FTIR) rely on Windows boxes for their measurement, and consequently fall short for critical safety interlocks. It's likely NFPA codes and practices would forbid the use of a COTS-based PLC for something like a boiler burner management system (BMS) or one for an incinerator.

Though cheap, flexible and customizable has its appeal, we hit the wall when process safety, worker safety and our license to operate in our communities are inserted into the equation.
Our counterparts in the biomedical field might be less enslaved to cost than we are, but their culture for managing risk can be informative. When the security and integrity of our workers, our manufacturing assets, and our infrastructure can be compromised, built-for-purpose hardware is worth the premium.