Improving Verification & Validation in the Medical Device Domain (original) (raw)

Envisioning a Requirements Specification Template for Medical Device Software

Lecture Notes in Computer Science, 2014

In many health jurisdictions, software is considered to be medical device software (MDS), when it is used to analyze patient data in order to render a diagnosis or monitor the patient's health; when it is to be used by a patient to diagnose an ailment; or when it is used to deliver functionality for a medical device. Flaws in MDS can result in patient harm, including death. Legislators and regulatory agencies publish guidelines and regulatory standards that are aimed at ensuring the safety, security and dependability of MDS. These guidelines and standards universally agree that a complete and consistent requirement specification is vital to the success of medical device software. Moreover, we observe that regulators are shifting from being process focused to being product focused in their approval guidance. In this paper, we review challenges associated with requirements used in the development of MDS, current standards and guidelines relevant to MDS, and existing templates for requirement specifications. We then propose a set of design objectives for a 'good' MDS requirements template and propose a template structure for MDS requirement specification fulfilling all the design objectives. Our template is, by design, tailored to facilitate the gathering and documenting of high quality requirements for MDS.

Formal validation and verification of a medical software critical component

2015 ACM/IEEE International Conference on Formal Methods and Models for Codesign (MEMOCODE), 2015

Medical device software malfunctioning can lead to injuries or death for humans and, therefore, its development should adhere to certification standards. However, these standards establish general guidelines on the use of common software engineering activities without any indication regarding methods and techniques to assure safety and reliability. This paper presents a formal development process, based on the Abstract State Machine method, that integrates most of the activities required by the standards. The process permits to obtain, through a sequence of refinements, more detailed models that can be formally validated and verified. Offline and online testing techniques permit to check the conformance of the implementation w.r.t. the specification. The process is applied to the validation of the SAM medical software, that is used to measure the patients' stereoacuity in the diagnosis of amblyopia.

The demands of safety-critical medical device software development

Software development is frequently challenged with quality concerns. One of the primary reasons for such issues is the very nature of the software development process. First, it can be difficult to accurately and completely identify the requirements for a software development product. Also, the implementation on various platforms and the need to integrate with sometimes unforeseeable additional systems adds complexity. For safety critical domains, such as the medical device and healthcare sectors, these hurdles are amplified. Whereas a failure in a desktop application may be resolved through a restart with no harm incurred, a failure in a medical device can have life threatening consequences. Our work in the Regulated Software Research Centre (RSRC) aims to support medical device producers in the production of safer medical device software. In this paper, we describe the MDevSPICE framework and how it addresses the safety concerns faced by medical device producers.

MDevSPICE - A Comprehensive Solution for Manufacturers and Assessors of Safety-Critical Medical Device Software

Communications in Computer and Information Science, 2014

Development of Software for Safety Critical Medical Devices-an Interview-Based Survey of State of Practice

To be able to survive in the long run the medical device industry of today needs effective development processes and ways to secure quality. These development processes and quality assurance processes must follow the different laws and regulations over the world depending on what market the organisations are established on. Organisations have been developing medical devices and systems over many years but now this type of products contain more and more software. The development of software is often appended in to the existing development and quality assurance processes and these processes may not be the most efficient and correct processes when it comes to software. This paper presents the results from an interview study with the purpose to survey how the medical device companies work today, what development processes and quality assurance techniques they use and how laws and regulations affect their way of working. Safety is very essential for the medical device organisations and all the interviewed organisations consider the software in their medical device as safety critical. Risk and risk analysis is an important part of the safety thinking and is frequently performed by the organisations. However established and systematic techniques to analyse risks of the medical devices are not so frequently used as expected. The intension is that the results from the study could be used as a help to find more adapted processes and techniques for software development in the medical device domain. The results have also been used to derive a set of requirements on new techniques and methods in the area. The derived requirements can serve as guidance to researchers aiming at improving processes, methods and techniques in the medical device domain.

Development of a Process Assessment Model for Medical Device Software Development

Software that is incorporated into a medical device, or which is a standalone medical device in its own right, is of a safety critical nature and subject to regulation from various jurisdictions (principally the EU and the US). In order to satisfy jurisdictional regulations, developers of medical device software generally implement standards and guidance provided by international standards bodies and national administrative departments. However, the various standards and guidance documents are not developed as a single cohesive set but often as separate resources addressing distinct areas of concern. The result for medical device software developers is that integration of these various sources represents a challenging undertaking. The aim of this paper is to describe the integration of the several process models and regulatory standards, first, into a process reference model and then into a process assessment model for medical device software development. The focus is on the integration of regulatory standards from the medical device domain with generic software development process models, resulting in a unified best practice framework for medical device software development. The process reference model for medical device software development is going to be published this year as IEC TR 80002-3, and the process assessment model for medical device software development is currently being validated through pilot studies in medical device industry. This best practice framework will help small software developers in their adoption of regulations-compliant best practices while reducing the overhead associated with understanding the long list of regulations and standards they need to adhere to when developing software for medical devices. This framework will also help the manufacturers in selecting their software suppliers assuring that the suppliers have adopted the best practices and are compliant with the medical device standards and regulations.

Addressing Regulatory Requirements In Medical Device Software Systems

Regulatory requirements are an indispensable part of Medical device related software systems as those systems are safety critical and its failure can be life threatening. For this reason, the medical device software systems must be reliable and must maintain international standards and regulations. As a result Regulatory Requirement is generally held responsible for the certification or license of the software as it imposes constraints and regulations on both the system and the organization. Since most of the systems are looking forward to automation applying Artificial Intelligence and machine learning techniques, these systems should adhere to strict law and order. But, due to the natural language created ambiguity, conflicts, informal definition and lack of understanding regarding this particular type of requirement resulted in frequent failure. And so business entrepreneurs of modern time put much emphasis on Regulatory requirements management to avoid law suit. Therefore, researchers are developing many new frameworks and methodologies to apply Regulatory requirements in medical device related systems. This paper discusses on the researches regarding the modern approach to address Regulatory requirements for safety critical medical device software. The results of this analysis can serve the research communities to understand problems regarding the topic, the parallel activities and their interrelation to reach a better solution, and future trend of interest for the researchers on Regulatory requirements.

Demonstrating that medical devices satisfy user related safety requirements

One way of contributing to a demonstration that a medical device is acceptably safe is to show that the device satisfies a set of requirements known to mitigate hazards. This paper describes experience using formal techniques to model an IV infusion device and to prove that the modelled device captures a set of requirements. The requirements chosen for the study are based on a draft proposal developed by the US Food and Drug Administration (FDA). A major contributor to device related errors are (user) interaction errors. For this reason the chosen models and requirements focus on user interface related issues.

Development of MDevSPICE® - the medical device software process assessment framework

Journal of Software: Evolution and Process, 2015

Software Process Improvement to assist Medical Device Software Development Organisations to comply with the amendments to the Medical Device Directive

A recent revision to the European Medical Device Directive (MDD) 2007/47/EC made fourteen amendments to the original directive (93/42/EEC). A number of these changes directly affect the de-velopment of software for use in healthcare. The most significant change in relation to medical device software development is that standalone software is now seen as an active medical device and should be developed following state of the art medical device software development processes. State of the art medical device software processes is understood within the industry as developing software in accordance with IEC 62304 and standards that are aligned with it. This paper identifies how changes to the MDD affect medical device software development companies and recommen-dations are made as to how medical device software development companies can conform to the latest regulatory requirements. Additionally, the paper provides an overview of how Medi SPICE is currently being developed to provide organisations with a single point of reference for the practices that should be implemented in order to produce regulatory compliant medical device software.

Improving Verification & Validation in the Medical Device Domain (original) (raw)

Related papers