Apologies for posting a pay walled article. Consider subscribing to 404. They’re a journalist-founded org, so you could do worse for supporting quality journalism.
Trained repair professionals at hospitals are regularly unable to fix medical devices because of manufacturer lockout codes or the inability to obtain repair parts. During the early days of the COVID-19 pandemic, broken ventilators sat unrepaired for weeks or months as manufacturers were overwhelmed with repair requests and independent repair professionals were locked out of them. At the time, I reported that independent repair techs had resorted to creating DIY dongles loaded with jailbroken Ukrainian firmware to fix ventilators without manufacturer permission. Medical device manufacturers also threatened iFixit because it posted ventilator repair manuals on its website. I have also written about people with sleep apnea who have hacked their CPAP machines to improve their basic functionality and to repair them.
PS: he got it repaired.
Regulation won’t detail what a company does to that level. They might say something like “fasteners shouldn’t come loose” but it wouldn’t have a torque spec.
That would run face first into proprietary info and corporate classified info.
The other side of regulation should be around purchasing. Bad repairability, delays in repairs, and proprietary parts need to be more important factors when deciding on what device to buy. Either at the government level for public institutions, or at least at the corporate level for private
Behold all the fucks I do not give. If it’s that critical they lose all claim to being proprietary. It’s just like patent, there’s no such thing as a secret patent, so anything that safety critical doesn’t get to stay secret either.
It doesn’t now but it’s utterly trivial to fix that. Just make the regulations say that components must meet the manufacturer specifications and require manufacturers to publish and maintain all the specifications of all safety critical components. If they want to keep it secret then that means it’s not safety critical and they’re responsible for any accidents resulting from its failure.