Cloud Infrastructure and FDA Compliance

By Bruce Maches

May 5, 2010

In my first blog entry I provided background on some of the issues life sciences companies are facing and the potential for cloud computing in dealing with these challenges. In my previous blog entry I provided a high level overview of the extensive system validation and verification process required by the FDA regulatory guidelines. This entry will focus on the infrastructure services side of cloud computing. I will also discuss how the aspects of public versus private cloud impacts the approach for implementing cloud computing in the life sciences. I have already received feedback from a number of you and the regulatory compliance topic seems to be of the most interest so I will focus my next few entries on cloud services and FDA compliance.
 
As mentioned in my prior post, CFR 21 Part 11 validation is a basic fact of life for FDA regulated companies. While my focus is and will continue to be on the life sciences, the FDA also provides the regulatory framework that food and cosmetics companies must adhere to. Many of the challenges faced by these companies are the same that life science companies are dealing with. This includes such items as product recalls, lot traceability, clinical testing studies, and managing product manufacturing.
 
So – how does the cloud infrastructure paradigm align with the FDA regulatory compliance model? Part 11 validation outcome is all about ensuring system quality and to be able to trust that the system in question was installed, operates, and performs correctly. Keep in mind that the FDA, like similar regulatory bodies, doesn’t tell you ‘this is how you must do things’ what they do is state ‘this is what needs to be done’ and it is up to you to prove that you are meeting the guidelines as stated. If you went to the FDA and said ‘we want to leverage cloud for this new system we are implementing’ they would not tell you how to do it and if it would be accepted or not. They would simply point to CFR 21 Part 11 and say ‘if you meet those standards it is acceptable’. That is not something you want to gamble on after investing significant funds in a new cloud based system that must be validated.
 
Since the Installation Qualification (IQ) document covers the infrastructure piece we can concentrate on how to support IQ validation requirements while attempting to utilize cloud based infrastructure and the differences between private and public environments.
 
An IQ document contains a complete set of detailed information on the hardware environment, the underlying software (from OS to application) and instructions on how to install the system from out of the box. A significant amount of this information is captured simply to avoid the risk of failing an audit and these procedures were originated prior to the advent of cloud computing. Some of the items recorded as part of the IQ script normally include:
 
• Hardware serial number
• System configuration
• Equipment location
• Exact versions off all installed software
 
Of course you can see that with public cloud services there are already some issues. In a public cloud offering there is no way to know the detailed information on the hardware and software that your system will be running on or even the exact location of the system itself. In the current way of approaching the IQ validation process, public cloud computing is just not a viable option for these types of applications. Until regulatory auditors can handle not knowing the hardware configuration and location it is just too big a risk to attempt to put a validated application into the public cloud and hope you can pass any potential regulatory audit. That doesn’t mean that a life science company couldn’t use public cloud provisioned infrastructure for non-validated applications and many are doing so now.
 
Now for private cloud the situation can be different if, and it is a big if, the provider of the public cloud is willing to go through the time and expense to pre-validate their entire environment prior to loading any real applications. This would mean creating and executing an IQ document for each server/OS configuration installed in the private cloud. While this sounds like a lot of work, it would be manageable if the private cloud environment were to be completely homogenous from both a hardware and system software standpoint. You would create one IQ document template and execute it for each separate server being installed. This way you could record the hardware information and software installation configuration for every machine. The drawback to this is that every potential user of this validated environment would need their applications to fit into this ‘one size fits all’ offering limiting its appeal to potential clients.
 
Another approach would be to create a certain base level of validation for the private cloud environment. In other words, validate the hardware piece and common software components through the IQ process. The data center operator could then create pre-qualified machine images with all of the supporting documentation which could then be ordered by the client to fit their particular needs. These machine images could include various operating systems, database engines or other supporting software. These would have been through a qualification process meaning that most of the IQ portion is complete with only minor client unique portions remaining. A client could then pick the most appropriate machine image for their needs with supporting documentation and most of the IQ complete. They would then only need to go through the IQ process for those pieces necessary to meet their specific needs.  
 
So – in a nutshell, the public cloud model just does not fit, at this time, the current practices for validation in FDA regulated companies. However the private cloud environment could be leveraged to provide life science companies with a short-cut to completing overall system validation. Any cloud infrastructure provider willing to put in the up-front effort will find they have a solution that would be very appealing to FDA regulated companies looking to be more efficient with their IT dollars. I am actually in the process of starting this effort with a large managed services provider and will keep you updated on how it works out.
 
In my next entry I will discuss how infrastructure as a service can be used to lower costs and increase speed to market for life science companies. I will also provide some examples of what is being done currently in the industry.
 
Feel free to contact me at [email protected]

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industry updates delivered to you every week!

MLPerf Inference 4.0 Results Showcase GenAI; Nvidia Still Dominates

March 28, 2024

There were no startling surprises in the latest MLPerf Inference benchmark (4.0) results released yesterday. Two new workloads — Llama 2 and Stable Diffusion XL — were added to the benchmark suite as MLPerf continues Read more…

Q&A with Nvidia’s Chief of DGX Systems on the DGX-GB200 Rack-scale System

March 27, 2024

Pictures of Nvidia's new flagship mega-server, the DGX GB200, on the GTC show floor got favorable reactions on social media for the sheer amount of computing power it brings to artificial intelligence.  Nvidia's DGX Read more…

Call for Participation in Workshop on Potential NSF CISE Quantum Initiative

March 26, 2024

Editor’s Note: Next month there will be a workshop to discuss what a quantum initiative led by NSF’s Computer, Information Science and Engineering (CISE) directorate could entail. The details are posted below in a Ca Read more…

Waseda U. Researchers Reports New Quantum Algorithm for Speeding Optimization

March 25, 2024

Optimization problems cover a wide range of applications and are often cited as good candidates for quantum computing. However, the execution time for constrained combinatorial optimization applications on quantum device Read more…

NVLink: Faster Interconnects and Switches to Help Relieve Data Bottlenecks

March 25, 2024

Nvidia’s new Blackwell architecture may have stolen the show this week at the GPU Technology Conference in San Jose, California. But an emerging bottleneck at the network layer threatens to make bigger and brawnier pro Read more…

Who is David Blackwell?

March 22, 2024

During GTC24, co-founder and president of NVIDIA Jensen Huang unveiled the Blackwell GPU. This GPU itself is heavily optimized for AI work, boasting 192GB of HBM3E memory as well as the the ability to train 1 trillion pa Read more…

MLPerf Inference 4.0 Results Showcase GenAI; Nvidia Still Dominates

March 28, 2024

There were no startling surprises in the latest MLPerf Inference benchmark (4.0) results released yesterday. Two new workloads — Llama 2 and Stable Diffusion Read more…

Q&A with Nvidia’s Chief of DGX Systems on the DGX-GB200 Rack-scale System

March 27, 2024

Pictures of Nvidia's new flagship mega-server, the DGX GB200, on the GTC show floor got favorable reactions on social media for the sheer amount of computing po Read more…

NVLink: Faster Interconnects and Switches to Help Relieve Data Bottlenecks

March 25, 2024

Nvidia’s new Blackwell architecture may have stolen the show this week at the GPU Technology Conference in San Jose, California. But an emerging bottleneck at Read more…

Who is David Blackwell?

March 22, 2024

During GTC24, co-founder and president of NVIDIA Jensen Huang unveiled the Blackwell GPU. This GPU itself is heavily optimized for AI work, boasting 192GB of HB Read more…

Nvidia Looks to Accelerate GenAI Adoption with NIM

March 19, 2024

Today at the GPU Technology Conference, Nvidia launched a new offering aimed at helping customers quickly deploy their generative AI applications in a secure, s Read more…

The Generative AI Future Is Now, Nvidia’s Huang Says

March 19, 2024

We are in the early days of a transformative shift in how business gets done thanks to the advent of generative AI, according to Nvidia CEO and cofounder Jensen Read more…

Nvidia’s New Blackwell GPU Can Train AI Models with Trillions of Parameters

March 18, 2024

Nvidia's latest and fastest GPU, codenamed Blackwell, is here and will underpin the company's AI plans this year. The chip offers performance improvements from Read more…

Nvidia Showcases Quantum Cloud, Expanding Quantum Portfolio at GTC24

March 18, 2024

Nvidia’s barrage of quantum news at GTC24 this week includes new products, signature collaborations, and a new Nvidia Quantum Cloud for quantum developers. Wh Read more…

Alibaba Shuts Down its Quantum Computing Effort

November 30, 2023

In case you missed it, China’s e-commerce giant Alibaba has shut down its quantum computing research effort. It’s not entirely clear what drove the change. Read more…

Nvidia H100: Are 550,000 GPUs Enough for This Year?

August 17, 2023

The GPU Squeeze continues to place a premium on Nvidia H100 GPUs. In a recent Financial Times article, Nvidia reports that it expects to ship 550,000 of its lat Read more…

Shutterstock 1285747942

AMD’s Horsepower-packed MI300X GPU Beats Nvidia’s Upcoming H200

December 7, 2023

AMD and Nvidia are locked in an AI performance battle – much like the gaming GPU performance clash the companies have waged for decades. AMD has claimed it Read more…

DoD Takes a Long View of Quantum Computing

December 19, 2023

Given the large sums tied to expensive weapon systems – think $100-million-plus per F-35 fighter – it’s easy to forget the U.S. Department of Defense is a Read more…

Synopsys Eats Ansys: Does HPC Get Indigestion?

February 8, 2024

Recently, it was announced that Synopsys is buying HPC tool developer Ansys. Started in Pittsburgh, Pa., in 1970 as Swanson Analysis Systems, Inc. (SASI) by John Swanson (and eventually renamed), Ansys serves the CAE (Computer Aided Engineering)/multiphysics engineering simulation market. Read more…

Choosing the Right GPU for LLM Inference and Training

December 11, 2023

Accelerating the training and inference processes of deep learning models is crucial for unleashing their true potential and NVIDIA GPUs have emerged as a game- Read more…

Intel’s Server and PC Chip Development Will Blur After 2025

January 15, 2024

Intel's dealing with much more than chip rivals breathing down its neck; it is simultaneously integrating a bevy of new technologies such as chiplets, artificia Read more…

Baidu Exits Quantum, Closely Following Alibaba’s Earlier Move

January 5, 2024

Reuters reported this week that Baidu, China’s giant e-commerce and services provider, is exiting the quantum computing development arena. Reuters reported � Read more…

Leading Solution Providers

Contributors

Comparing NVIDIA A100 and NVIDIA L40S: Which GPU is Ideal for AI and Graphics-Intensive Workloads?

October 30, 2023

With long lead times for the NVIDIA H100 and A100 GPUs, many organizations are looking at the new NVIDIA L40S GPU, which it’s a new GPU optimized for AI and g Read more…

Shutterstock 1179408610

Google Addresses the Mysteries of Its Hypercomputer 

December 28, 2023

When Google launched its Hypercomputer earlier this month (December 2023), the first reaction was, "Say what?" It turns out that the Hypercomputer is Google's t Read more…

AMD MI3000A

How AMD May Get Across the CUDA Moat

October 5, 2023

When discussing GenAI, the term "GPU" almost always enters the conversation and the topic often moves toward performance and access. Interestingly, the word "GPU" is assumed to mean "Nvidia" products. (As an aside, the popular Nvidia hardware used in GenAI are not technically... Read more…

Shutterstock 1606064203

Meta’s Zuckerberg Puts Its AI Future in the Hands of 600,000 GPUs

January 25, 2024

In under two minutes, Meta's CEO, Mark Zuckerberg, laid out the company's AI plans, which included a plan to build an artificial intelligence system with the eq Read more…

Google Introduces ‘Hypercomputer’ to Its AI Infrastructure

December 11, 2023

Google ran out of monikers to describe its new AI system released on December 7. Supercomputer perhaps wasn't an apt description, so it settled on Hypercomputer Read more…

China Is All In on a RISC-V Future

January 8, 2024

The state of RISC-V in China was discussed in a recent report released by the Jamestown Foundation, a Washington, D.C.-based think tank. The report, entitled "E Read more…

Intel Won’t Have a Xeon Max Chip with New Emerald Rapids CPU

December 14, 2023

As expected, Intel officially announced its 5th generation Xeon server chips codenamed Emerald Rapids at an event in New York City, where the focus was really o Read more…

IBM Quantum Summit: Two New QPUs, Upgraded Qiskit, 10-year Roadmap and More

December 4, 2023

IBM kicks off its annual Quantum Summit today and will announce a broad range of advances including its much-anticipated 1121-qubit Condor QPU, a smaller 133-qu Read more…

  • arrow
  • Click Here for More Headlines
  • arrow
HPCwire