The Medical Technology Association of Australia (MTAA) Cybersecurity Working Group and innovative medical technology devices manufacturers Anatomics and Avicena provide updates to Carole Goldsmith, on their organisation’s advances and guidance on good cybersecurity practices to prevent risks and threats.

Medical devices’ internet and network connectivity, enables information sharing and treatment delivery. It does however expose medical devices to potential cybersecurity risks and threats, advises the Medical Technology Association of Australia (MTAA) on its website’s regulatory summary:  Cybersecurity for medical devices. These threats can be reduced and managed by good cybersecurity practices, with all stakeholders involved in the design, manufacture and use of medical technology, responsible for cybersecurity.

Director for Government Affairs, Australia/New Zealand at Abbott, Paul Davies chairs the MTAA’s Cybersecurity Working Group (CSWG). Abbott is a global healthcare company with a diverse range of businesses and products in diagnostics, medical devices, nutrition and branded generic medicines.

“Any MTAA member can contribute to the CSWG and it’s represented by med-tech majors, SMEs and software developers, whose products are used in hospital systems. We also liaise with the Australian Cybersecurity Centre which provides a link between the Australian Government and the private sector.

“One of the working group’s purposes is to be a clearing house for its participants to share experiences with each other, about what issues we’re confronting in Australia, and globally regarding cybersecurity. As developers, Australian medical devices are built to very high standards. We always need to ensure that they can operate in the Australian context and be up-to date with the government’s security requirements,” advises Davies.

A major accomplishment of the working group participants is the guidance document, developed by the Therapeutic Goods Administration (TGA), in 2020, with input from industry. The document Medical device cybersecurity for industry, Version 1-1 March 2021 has since been updated to this 2021 version, by the TGA.

“One of the working group’s main focuses is to maintain a dialogue with the TGA about how that regulatory guidance is functioning and ensuring that it reflects any changes in the cybersecurity environment,” says Davies. “It also includes a lot of work that international regulators have been working on for some time.”

Davies adds that when developing products, you need to have systems in place to ensure that information security is maintained in medical devices’ development.

“Medical device developers need to ensure that data produced by their devices is appropriately protected, for example by encryption and identify vulnerabilities in software. Also have a system in place to take corrective action, which requires consultation with the TGA.

“We want to ensure that because cyber risks are very dynamic and they change a lot, that we’re providing accurate information to customers and patients.  We (the CSWG) are also advising the medical devices’ industry on actions required to address those risks. So that’s a really important part of our dialogue with the TGA,” says Davies.

Anatomics – World leader in manufacturing surgical applications

Melbourne innovative medical devices’ company Anatomics Pty Ltd has manufactured almost 5,000 specialised medical devices for surgeons world-wide since the company was founded 27 years ago. These include both patient-specific and standardised off-the-shelf (OTS) surgical implants and tools.

The patient-specific surgical applications are made directly from the patient’s CT scan, advises Anatomics VP Global Sales and Marketing, Gibran Maher: “Our engineers in Melbourne work with the patient’s surgeon and design the implant from each patient’s CT scan. Many of these are then individually 3D printed in medical polymer at Anatomics’ manufacturing site in Bentleigh, in Melbourne’s east.”

Anatomics has developed one of the world’s most advanced medical polymer implant manufacturing facilities. It has a range of 3D printers, an R&D laboratory, clean room, sterilisation facility, IT development area and office space.  Anatomics employs 32 people, the majority are at its Bentleigh head office site with others based in Adelaide, Melbourne, Sydney, Brisbane, Auckland, San Francisco and Singapore.

Founder and Chairman of Anatomics, Professor Paul D’Urso is an internationally recognised Australian-born and educated neurosurgeon, scientist, and innovator. He pioneered the technology of 3D biomodelling and has published and presented over 140 scientific papers and holds multiple international patents.

Anatomics customers include: Neurosurgeons, Plastic and Reconstructive Surgeons, Oral and Maxillofacial Surgeons, Orthopaedic Surgeons, ENT Surgeons and Thoracic Surgeons world-wide.  “Our job is to work closely with these surgeons, to understand complex conditions and implement their feedback, to continuously improve our devices,” says Maher. “We incorporate their feedback into our quality management system, to ensure that our devices are the best possible for their patients.”

The patient-specific devices are surgically implanted in the patient’s body and often allow tissue integration with vascularisation in as little as four weeks.

The StarPore® polymer tissue scaffold developed by Anatomics exhibits extremely good biocompatibility in patients, such that it is used to create new ears for children with microtia (congenital absence of an ear), advises Maher.

The company manufactures a diverse range of devices for neuro, spinal, facial, orthopaedic and thoracic surgeons. “Among Anatomics’ ground-breaking applications are our StarPore® thoracic implants and our SkullPro® beanie which helps the patient protect their brain after head injury surgery, instead of wearing heavy and bulky helmets.

Anatomics has been working with the CSIRO to make SkullPro® smart by including sensors to monitor the brain and can relay data via 5G and WiFi to enable a brain machine interface using artificial intelligence. This will assist neurosurgeons to remotely determine the right time for reconstructive surgery. We already have SkullPro® 1.0, which is currently available for head injury patients worldwide. Model 2.0 is under development with the CSIRO.  Anatomics is very grateful to MTP Connect which has provided grants for R&D for both StarPore® and SkullPro®.

“The world’s first 3D printed thoracic reconstruction was manufactured by Anatomics in 2015 and now we have developed the next-generation version,” says Maher.  “Our StarPore® thoracic implants are the world’s only polymer tissue scaffold for thoracic reconstructive surgery and have been successfully implanted in Australia, USA, UK, Portugal and NZ.”

StarPore® is the only porous high-density polyethylene polymer used to replace and repair people’s ribcages that are damaged by trauma, tumours or infection. Professor Paul D’Urso says: “Custom ribcage reconstruction was one of many Anatomics world-first applications which have revolutionised the way surgeries are performed. Previously surgeons used bone cement and wires to reconstruct the ribcage whilst the patient was on the operating table.”

Cybersecurity and medical implants

When asked how Anatomics ensures cyber security of its devices, Maher says: “The most important thing for us is that we are compliant with the TGA cybersecurity guidelines and the USA regulatory standard, according to the Health Information Privacy Act. So, we use a range of software to ensure that we have complete encryption and privacy with all of our data. We outsource our advice to make sure that we’re always compliant with the current stringent standards. The data that we get from patient scans is anonymised, so that identifying particulars or details are removed and no one else can ever see them.”

Speaking on Anatomics’ future plans, Maher advises: “The smart helmet SkullPro 2.0 is progressing very well and we now have a working brain machine prototype. We’re communicating with clinicians around the world to validate and verify the prototype and they believe that it will add a lot of value to the care of brain-injured patients globally. We are also working with global key opinion leaders in neurosurgery, plastic surgery, rehabilitation and thoracic surgery to ensure the global success of our innovative portfolio.”

Avicena Systems – Innovation in biosecurity screening

Perth medical technology manufacturer, Avicena Systems has developed a ground-breaking, rapid pandemic scale surveillance screening instrument, aptly named Sentinel, which facilitates pathogen detection, including COVID-19. The Sentinel instrument can process more than 90,000 samples daily with data available in under 40 minutes, up to 10 times faster than the PCR (Polymerase Chain Reaction) COVID tests.

Avicena received a Federal Government $3m grant last July to scale up manufacturing of its Sentinel COVID-19 (and other pathogens) screening system. The device can be deployed at border checkpoints and airports, delivering results within 35 minutes of passenger sampling, enabling enough time to prevent an infectious person from boarding a flight.

“Our instrument is based on a flexible design that enables us to adapt the workflow easily to support screening for pathogens such as COVID-19, influenza, RSV (Respiratory Syncytial Virus), dengue, hepatitis B, malaria and TB,” advises Avicena’s CEO and Co-Founder Tony Fitzgerald. “Each Sentinel instrument is a revolutionary molecular assay system designed to deliver over 92,000 samples per day with an average turnaround time of just 35 minutes.

“Avicena’s approach to pathogen screening is novel, because unlike other pathogen screening instruments, which use a batch-based approach to loading and processing, Sentinel uses a continuous random-access methodology, which results in a dramatic improvement in sample throughput and processing economics.”

The company’s Chief Innovation Advisor and electrical engineer, Paul Ostergaard is the Sentinel instrument’s principal inventor. The initial prototyping and testing of the Sentinel took around nine months.

Sentinel’s regulatory applications have been filed in Australia, the UK, and the USA, and Europe has already approved it for test chemistry, advises Fitzgerald.  “The Sentinel is being deployed in Perth for surveillance screening in the resources sector, under an exemption from WA’s Chief Health Officer, while TGA evaluation is underway.”

To date, Avicena has manufactured seven of its Sentinel systems and three portable Sentinel Mini instruments at its West Perth manufacturing site. As well as the two in Perth, one is installed in Budapest, Hungary, to screen the Budapest population for COVID and influenza. Another is being shipped to the US for validation trials and one to Victoria for COVID pilot testing.

Biosecurity and Cybersecurity enabled

When asked how the Sentinel works, Fitzgerald explains: “The Sentinel uses a nucleic acid amplification technology called LAMP (Loop Mediated Isothermal Amplification) which can amplify the genetic material of a pathogen up to a billionfold. PCR uses a similar approach but LAMP is much quicker and can be equally sensitive.”

“As a biosecurity testing device, the LAMP test chemistry used on the Sentinel can be substituted if new pathogens emerge or there is a big outbreak of a current pathogen such as influenza,” says Fitzgerald. “Because the daily throughput is potentially so high (92,000+ per day), it is feasible to do a population scale screening in the event of a resurgence of the current COVID pandemic or a new pathogen pandemic such as TB which is emerging again in some countries.”

To ensure cybersecurity for Sentinel users, Fitzgerald advises that the Sentinel only requires the barcoded specimen tube ID and the machine does not store any personal information.  The association between the sample ID and the candidate is performed through external systems such as the pathology provider.

“Communication between the Sentinel and the cloud is encrypted, and access requires multi-factor authentication to help prevent unauthorised access.  The firewall provides protection against intrusion and full audit logs are maintained. Access to the Sentinel itself requires operator access through authentication on a per-user basis. Cyber security provisions follow the TGA guidelines for medical devices.”

Manufacturing the Sentinel

The Sentinel is modelled using 3D CAD to produce its components which includes: aluminium machined parts, extrusion cut to length, sheet metal fabrication and 3D printed custom parts, explains Fitzgerald. “Detailed design then follows according to the product specifications and often the elements with higher risk are tested using rapid prototyping. In-house 3D printing really helps with a quick turnaround.

“The Sentinel’s detailed design in 3D ensures the correct alignment of all parts and eliminates the risk of mechanical interferences. This is really important for a robotic machine with multiple moving axes.

“Assembly instructions are accessed on-line using iPads which ensures the correct documents are always being used.  Once an assembly has been built and tested, the assembly procedure is signed off electronically with full traceability of and by whom and when the work was done,” advises Fitzgerald.

Avicena’s future plans are very positive, with a strong emphasis on markets in North America, the Middle East and Australasia. “We are looking at diverse testing of pathogens across the world. If different pathogens are discovered, you have to be able to screen for them rapidly and the Sentinel is an ideal solution.”