Operating Systems: Back to Basics

24x7mag.com/2018/03/operating-systems-back-basics/

Networking/IT
Published on March 18, 2018

By Arleen Thukral, MS, CCE, CHTM

In the HTM world, we must keep abreast of the myriad ways to troubleshoot within the operating system
(OS) environments of a vast spectrum of medical devices. Serving as intermediaries between computer
hardware and users, OSes are a collection of software that manages the computer hardware resources
and provides common services for computer programs.

The kernel is the essential center of a computer operating system, the core that provides basic services
for all other parts of the OS. On most systems, it is one of the first programs that loads on startup after
the bootloader. It handles memory and peripherals, like keyboards, monitors, printers, and speakers. The
kernel’s critical code is usually loaded into a protected area of memory, which prevents it from being
overwritten by applications or other minor parts of the operating system.

Typical computer systems today use hardware-enforced rules that direct programs to access specific
data. The processor monitors the execution and stops a program that violates a rule. Another approach is
to use language-based protection, in which the kernel will allow code to execute that has been produced
by a trusted language compiler. Kernel designs differ in how they manage these system calls and
resources.

Linux Versus Windows

A discussion of operating systems would be remiss without discussing the differences between Linux and
Windows. Representing the most significant difference between the two programs, Linux provides access
to all users to alter the code to the very kernel that serves as the foundation of the Linux OS.
In addition, with Linux, users are free to modify the software and use and even republish or sell it, as long
as the code is made available. You can download a single copy of a Linux distribution or application and
install it on as many machines as you like.

On the other hand, with a Microsoft license, you can do none of the above. You are bound to the number
of licenses you purchase, so if you purchase 10 licenses, you can legally install that OS or application on
only 10 machines unless you purchase an Enterprise license.

Both systems offer support. With Linux, you can assess forums or purchase support contracts, like Red
Hat and Novell. However, when you use the peer support inherent in Linux, you do fall prey to time. You
might have an issue with something and send out an email to a mailing list, but suggestions are left up
to chance—potentially taking days to come, in some cases.

With Windows, you can purchase any network interface card and have the guarantee that any piece of
hardware will work with the operating system. With Linux, you may need to more selective with getting
the OS to communicate with your modem, for example. However, this issue of hardware support is slowly
becoming nonexistent.

With Linux, you have a centralized location where you can search for, add, or remove software. For
example, with package management system Synaptic, you can open up one tool, search for an
application or group of applications, and install that application without having to do any web searching
or purchasing. With Windows, you must know how to find the software you want to install, download the
software or put the CD into your machine, and run the executable.
Lastly, Linux allows for multilayered run levels, while Windows only has a single-layered run level. With
Windows, getting to the command line in safe mode is difficult, and you still may not have the tools to
fix a problem. With Linux, even in command line, you can install a tool to troubleshoot. This is especially
useful for administering a Linux server from the command line as you can run the startx command.

It is important to be aware of these differences as you work your way around troubleshooting medical
devices on Windows or Linux OS.

Windows 10

Some of the latest medical devices are built on Windows 10, which offers multifactor authentication. This
can allow clinicians to login with iris or face recognition to medical devices with supported cameras. In
addition, administrators can set up policies for automatic encryption of sensitive data, selectively block
applications from accessing encrypted data, and enable Device Guard—a system that allows
administrators to enforce a high security environment by blocking the execution of software that is not
digitally signed by a trusted vendor or Microsoft.

Device Guard is designed to protect against zero-day exploits and runs inside a hypervisor so that its
operation remains separated from the operating system itself.

Handheld and Embedded Operating Systems

As more medical devices are becoming portable and have limited random access memory (RAM) and
read-only memory (ROM) resources, CEs and BMETs need to become familiar with embedded operating
systems. Embedded OSes have a narrow scope tailored to a specific application in order to achieve the
desired operation ideal for small devices, such as Site Rite ultrasounds.
Although there are several embedded operating systems for personal digital assistants, including
Windows Embedded Compact (CE), EPOC and PalmOS, I will discuss Windows CE here. Windows CE is
optimized for devices that have minimal memory; a Windows CE kernel may run with 1 MB of memory.

Devices are often configured without disk storage and may be configured as a “closed” system that does
not allow for end-user extension (burn to ROM). The fundamental unit of execution is the thread,
simplifying the interface and improving execution time. The latest version of Microsoft CE includes
support for Bluetooth, 802.11b, and other mobile phone technologies.

Windows 10 IoT

Recognizing the need for increased security in HIPAA environments, Microsoft has added a number of
features for healthcare to Windows 10 IoT (successor to Windows CE). The system has tools that enable
clinicians to view an electronic medical record alongside a home health app, business intelligence
functions for visualizing quality-of-care data, and Power Map for combining a healthcare provider’s
information with population health statistics.

Windows 10 IoT includes embedded lockdown features that can be used to secure a device to make the
Windows OS completely invisible behind an application. One of the most important features in the
embedded channel is the unified write filter, which can protect the device from unwanted changes to the
disk. Once users activate this filter, new data will be only written in RAM and not to the physical hard
disk, so all changes will not affect hard disk and will be gone after restart.
In cases like a database, where a file or a folder must be updated on the disk, exclusions for specific files
or folders can be created. There is also a servicing mode available that lets users update device with an
activated filter. Servicing mode restarts the device into an unprotected mode. During this, the unified
write filter is deactivated, and there will be a full-screen screensaver that users cannot exit. When
finished, it will restart again, and the filter will protect the device again.

Other Operating Systems

ThreadX is a real-time operating system, and its name is derived from the fact that threads are used as
executable modules—with the letter “X” representing context switching. Welch Allyn vital sign monitors
utilize ThreadX OS, which is ideal due to its picokernel multitasking design, event notification, and
priority inheritance.

Moreover, in real-time computing, priority inheritance is a method for making sure when a job blocks
one or more high-priority jobs, it ignores its original priority assignment and executes its critical section
at an elevated priority level.

I hope this information helps you as you troubleshoot within different OS environments.

Arleen Thukral, MS, CCE, CHTM is a VISN 20 biomedical engineer at VA NorthWest Healthcare Network in
Seattle. Questions and comments can be directed to kstephens@nullmedqor.com.

Related Articles

Healthcare Gets ‘Smart’

 Fighting Fire with FHIR
All About FIPS 140-2
Report: Enterprise Imaging to Increase Share of Global Imaging IT Market
Implementing Medical Devices on Active Directory
The Challenge of Securing Medical Devices

Resource Library