In my previous posts, I discussed how the transition that we’re observing to digital manufacturing (especially additive manufacturing) means medical device manufacturers are confronted with a new set of risks related to the management and control of the engineering and manufacturing data of their products. I identified five key risk areas that manufacturers must secure in order to safeguard their brand value — I discussed IP risk, liability risk, and confidentiality risk in my last post. In this final post, I’ll focus on two risk areas that are specifically focused on the manufacturing process: production risk and traceability risk.
Loss of control over the production process
Before the digitization of manufacturing, ensuring the quality of a part was less complicated because the barriers to gray-market or counterfeit operators were much higher. For starters, a complex medical part or product would require a precise manufacturing process that involved tooling, costly machinery, and all the human expertise that this involves. So, it was difficult for a rogue operator to (say) manufacture a heart valve or prosthetic.
Today, with additive manufacturing, anybody who has the right 3D printer and materials, along with the digital design files of a part, can manufacture an exact replica of the ‘legitimate’ part. Security technology can prevent this from happening by controlling under which conditions and rules a part can be made from its digital description, and this also addresses the issue of whether the part can be made, by whom, on which machine, and in what quantity.
But what about quality control? Additive manufacturing offers the possibility of fabrication using a wide variety of materials, and let’s not forget that additive manufacturing only recently transitioned from the world of prototyping in R&D labs to becoming a legitimate production process on the factory floor. Machine parameters, part positioning and material quality are critical to ensure manufacturing of medical devices to the correct specifications and standards.
This risk is substantially amplified when we move from centralized manufacturing to distributed manufacturing. It’s relatively easy to manage this quality risk internally, but much more difficult to manage once manufacturing data is shared with legitimate third parties for production (or, worse, stolen for unauthorized production).
Unauthorized manufacturing may lead to sub-standard quality part, a potential costly recall, or a failure that could disrupt entire systems. Any deviance from what has been defined as the original digital “recipe” for the part can create an immense —and possibly lethal— quality risk.
Loss of control over traceability
The integrity and traceability of medical products is critical to prevent counterfeit, maliciously modified, poor quality, or uncertified parts from entering the physical supply chain. Until now, the main cause for concern has centered on the software within medical devices. According to Fierce Medical “medical device recalls reached record highs in 2018 thanks to software complications that are likely to continue with the proliferation of high-tech devices.”
Today, with the increase of additive manufacturing techniques, manufacturers and healthcare facilities must prepare for the infiltration of hardware that may be flawed and whose provenance may be in question. Again, cybersecurity technology offers a way to address these concerns by registering and authenticating each step of the lifecycle of a medical device — from design through to physical fabrication.
Sometimes referred to as the ‘digital thread,’ these secure and immutable transactions enable the device manufacturer to precisely trace how any part or device was manufactured and then determine recalls and address production issues at the root cause. This will provide significant cost reductions and provide additional quality assurance measures. The future of the medical industry will be dependent on the ability to provide the exact knowledge of how and when a medical product was manufactured, from which design revision, and which parameter definition.
As medical device manufacturers embrace digital manufacturing techniques, they will turn to technology that protects and validates manufacturing data at rest, manages the data flow through licensing, and maintains decentralized and inalterable records of these movements. When someone’s life is in the balance, it is of paramount importance to ensure the security and integrity of the digital data that enables a part to be manufactured. Particularly in the medical device industry, additive manufacturing demands cybersecurity technology that encrypts, distributes, and traces the digital flow of parts — and that can prevent counterfeits while ensuring that maliciously modified, substandard, or uncertified parts cannot be placed into service.
About the Author:
Stephan is currently the Co-founder and Chief Strategy Officer of Identify3d, a software company that develops software solutions for Digital Manufacturing, in charge of Strategy and Business Development. Identify3d enables the Digital Thread through design protection, manufacturing repeatability, and traceability. Stephan has more than 25 years of experience in Operations, Supply Chain, M&A and Restructuring with companies such as EY, Alvarez & Marsal and REL Consultancy. He holds an M.B.A. from Baruch College’s Zicklin School of Business and a Master in management from Dauphine University (France). Stephan also lectures at the Berkeley-Columbia Executive M.B.A. on performance improvement topics. He is a board member of 3D4pro, an Additive Manufacturing Saas company.