Reliability and safety

Much thought and analysis has been given to the reliability of the device and the handling of faults. 
​One of the most critical aspects of processor controlled systems is the reliability of the software and the reliability of any change to it.

As devices get more advanced they provide more complex algorithms, a richer more capable user experience, networking capabilities and more. This translates to more complicated software which in turn increases the risk of inadvertently affecting performance or reliability aspects when making even the smallest of changes.

​Reliability based in dual processors

Our ventilators are designed with high end processors which separate between the ventilation tasks and all user related and network related tasks.

The main processor, which is a high end real time processor without any operating system, controls all the hardware and runs all ventilation algorithms. This ensures high performance while maintaining full control of all the code, its timing and removes the dependency on the reliability of third part code incorporated in any operating system otherwise used. 

A second high performance processor (UI processor) is dedicated to the user interface and the networking aspects. It also acts as a safety processor which tracks the main processor and can detect hazards and mitigate them directly – increasing the total reliability and safety of the ventilator.

The two processors communicate over high speed links with built in management of timing and error correction. 

The reliability is not only increased by the tracking of each processor by the other and the implementation of the main processor without a third party operating system. The inherent separation of the software between the processors means that user interface operations, networking overhead and other things that affect the timing of the system never affect the actual performance of the ventilator.

Safety and validation

By separating the ventilation software from the user interface and the networking software, changes to the user interface functionality or networking functionality requires changes to their corresponding software module. Not only does this significantly increase the reliability of the software change, it also means that only this module needs to be re-validated whereas the software on the other processor is not.
​The same reliability and safety aspects relate to the distribution of software updates.