Not just start-ups, but also large and well-established companies rely more and more on cloud-based solutions to digitalize their supply chain. But which technical possibilities are available on cloud platforms like Amazon Webservices and Microsoft Azure for the development of critical applications, e.g. in the medical context? We as Saxonia Systems (since 03/2020 ZEISS Digital Innovation) answered exactly these questions during our Cloud Special Days on OOP 2019 in Munich together with among others Carl Zeiss Meditec AG.
Presentation 1
Save and compliant: How you build a medical cloud platform
In their first contribution, Thorsten Bischoff (Carl Zeiss Meditec AG) and Dirk Barchmann (Saxonia Systems AG) offered an impression into the development of an already internationally introduced mobile application: It enables doctors to synchronise information concerning patients and surgeries between the doctor’s office and a remote surgical suite using a cloud platform based on Amazon Webservices (AWS). The main focus was placed on the security of the data to be transmitted and stored (encryption in transit / at rest), whereby a large number of industrial norms and legal regulations in the various target countries had to be observed and fulfilled. Examples include the DSGVO in Europe or the HIPAA Privacy, Security, Transactions Rule in the USA as well as the worldwide approved ISO-27001 standards. Central key elements are already reviewed, and certified cloud services like for example the Amazon Key Management Service (KMS) for encrypting data or the Amazon Simple Storage Service (S3) for storing it. Not only technical questions had to be clarified – organisational and procedural adjustments were also made because of the usage of cloud services to achieve the necessary certifications.
Presentation 2
Pre- and post-processing of cataract surgeries in the cloud
In the following presentation of Rainer Scheubeck (Carl Zeiss Meditec AG) and Alexander Casall (Saxonia Systems AG), they reported how a solution used for preparation, planning and post-processing of eye surgeries is developed and brought into production in the cloud.
In addition to the possibility of rolling out updates centrally and maintaining data (e.g. master data) centrally, the dynamic scalability of the application was an argument for a cloud-based solution. To secure the sustainability and expandability of the application, the components of the application are run as Docker containers based on the cluster management solution Kubernetes. The used cloud-native services like Azure Kubernetes Service and Azure CosmosDB are connected over standardised and conventional interfaces. This way, the application can run relatively independent of the public cloud provider and it is possible to change the chosen provider with little effort needed. Because this application is a medical product and therefore its development and distribution is regulated by several institutions, special emphasis was placed on infrastructure and test automation during conception and development.
Presentation 3
Explore new ways with the cloud
In the third talk, Dr. Andreas Zeidler (Carl Zeiss Meditec AG) and Leo Lindhorst (Saxonia Systems AG) presented the current perceptions of a F&E project of Carl Zeiss Meditec AG. The goal is to validate, how existing on-premises solutions can be migrated on AWS. The background is the rising demand of calculation-intensive analyses of physicians for which the established on-premises infrastructure is to weak. For validation, multiple minimal products are developed based on the prototype of a medical cloud platform to explore the different approaches and challenges of a cloud migration. In this process, modern concepts and technologies like data lake or serverless architectures is used.
Presentation 4
Private Cloud – An alternative?
For those cases where the transformation into a public cloud infrastructure is not possible, the private cloud can be an alternative. In the last presentation of the day, Günther Buchner (Saxonia Systems AG) explained his experiences regarding the introduction of an OpenStack-based private cloud infrastructure in a large-scale enterprise. This is an infrastructure centrally run from the company on their own hardware for different parties within the organisation. This infrastructure has cloud properties like on-demand scalable provision and billing of resources, high availability, and central implementation of cross-cutting functionalities. In the described scenario, OpenStack was used as base technology.
OpenStack offers an Infrastructure as a Service (IaaS) layer as base for the service of, in this presented project, Cloud Foundry as Platform as a Service (PaaS). The costs, analogous to the public cloud, are allocated to the departments that use the private cloud services based on a cost key. Although the introduction of such a complex IT infrastructure involves considerable effort, it also offers a number of advantages: For example, companies can increase agility and flexibility in software development with cloud technologies without being dependent on public cloud providers or having to deal with the more complex data protection situation with providers outside their own organization.