Requirements Gathering. Hazard Analysis. Configuration Management
|
|
- Valerie Harrison
- 8 years ago
- Views:
Transcription
1 !" # $
2 Requirements Gathering Hazard Analysis Configuration Management
3 %&!'! () ) *! & ) )!!
4 !" +&,(),!) #,'! -) &() ) '. /!! ' 0),! &!
5 !
6 (). &.! %, & # " 1! 2!() 3 &45. 6! /!6 )! &! &!,6),!,. &())!! 7!,!,$
7 &,%, & Requirements Gathering Hazard Analysis Configuration Management
8 !, & 8) )! # () 9! :!!*. ;<!,
9 $%&
10 $%& Linear accelerator system built for cancer therapy Instrument was further advancement of earlier models (controlled entirely through software) 11 Units installed in US / Canada; hundreds of patients treated (thousands of treatments) Mechanism: radiation beam destroys cancer tissue Electron beam treats shallow tissue X-rays penetrate deeper, minimal damage to overlying area X-rays produced by hitting metal target with high-energy electrons Six overdose accidents (3 fatal): June 1985, July 1985, December 1985, March 1986, April 1986, January 1987 Overdoses (~100x intended dose, ~20x lethal wholebody dose) traced to two specific software errors
11 $%& Single electron gun produces both modes In x-ray mode, electron energy must be ~100x higher (target is a good attenuator) Low energy + target = underdose High energy + no target = huge overdose
12 $%& System: Cryptic error messages; errors and malfunctions common Operators could, and often did, override Treatment Pause Did not produce audit trail that could help diagnose problems Relied entirely on software removed electromechanical safety interlocks that were in previous models Quality Practices: Little documentation during development; no problem tracking after release Minimal unit and integration testing QA was primarily 2700 hours of use as integrated system Failed to look for root causes - seized on each issue as the problem Treated requirements / design / directed testing as troublesome afterthought
13 ' ( September 16, 2008: Automated External Defibrillator recalled Device was configured with the incorrect software, for semi-automatic instead of fully automatic use. When needed for a cardiac arrest emergency, device will require user to press the shock button instead of automatically delivering a shock (but the shock button is covered). August 2, 2008: MultiLeaf Collimator recalled Charged-particle radiation therapy system. Dose Calculation Error: Software anomaly may result in failure of a MLC leaf to reach planned position, potentially resulting in misadministration of dose to a patient. July 29, 2008: Cardiac Resynchronization Therapy Defibrillator (CRT-D) recalled Timing Feature Error: An implementation error allows the usage of the V-V timing feature, which is not approved for use in the U.S.
14 ' ( March 6, 2007: AEDs recalled Self-test software may allow a self-test to clear a previously detected low battery condition September 2006: Infusion pump Touch-sensitive keypad used to program the pump sometimes registers a number twice when it has been pressed only once ( key bounce ). Thus the pump would deliver more than the intended amount of medication, leading to over-infusion and serious harm or death to the patient. June 6, 2006: Ventilators recalled Older generation software - incorrect oxygen cell calibration (without compressed air supply) - can disable all alarms March 6, 2006: Dialysis device recalled Class I recall of dialysis device (11 injuries, 9 deaths): excessive fluid loss may result if caregiver overrides device's "incorrect weight change detected" alarm. (Device used for continuous solute and/or fluid removal in patients with acute renal failure.)
15 ' ( June 2005: Glucose Meter If dropped or operated in battery-low condition for extended time, meter may set readout to different units. March 15, 2005: Infusion pump fails if receives data Serial port on back allows nurse-call or hospital-info system to monitor pump. If external system sends data to pump, failure condition 16:336 may result; if during infusion, pump must be powered off and restarted. August 2004: Software card for programming infusion pumps Software Application Card was used with an external programming device to set up parameters on specific models of implantable infusion pumps. Users could mistakenly enter a periodic bolus interval into the minutes field, rather than the hours field, resulting in deaths and injuries due to drug overdose. Numerous adverse events occurred, including two patient deaths and seven serious injuries.
16 ' ( June 2001: Radiation treatment planning software Software used to calculate dose duration for radiation treatment of cancer would allow use of no more than four protective blocks (stated in the user guide). Physicians at Natl. Cancer Institute in Panama devised a way to "fool" the software into using five blocks, by entering data as if they were a single shape. If coordinates entered a specific way, the calculated dose would be as much as twice that intended. Users did not confirm calculated results; at least five patients died as a direct result of overexposure to radiation.
17 ) #*"'+, ) )=!*) % >)?,+@ 8
18 -. CDRH study: 2792 total medical device recalls, recalls (6% of total) software-related Of the 165: General Device Recalls Device Software Design SW Chg Control post-launch Mfg Process SW Design 133 (81%) Inadequate software design 32 (19%) Post-launch software change control
19 /0#*" D. Wallace & R. Kuhn (NIST, 1999): 383 SW-related device recalls Manufacturer recalls No deaths or serious injuries Data only from FDA records Could only classify fault type for 342
20 1 "
21 $- "23
22 1-
23 4 Practices: both for error prevention and error detection Complete specification of requirements Expertise in application domain Attention to details of current process Mental execution of trouble spots Change impact analysis Defect tracking and analysis Employing checklists, questions, methods to force symptoms to occur Software configuration management Traceability of all artifacts Traceability & CM of all changes
24 8&&, & 2 () " 7 7. () &)&
25 (). &.! %, & +)!, & & )!6) &! &)!)
26 # 8 Requirements Gathering Hazard Analysis Configuration Management
27 Have you ever tried driving to a new destination without a map? If you don t know where you re going, how will you know you got there? A sailor without a destination cannot hope for a favorable wind. - Leon Tec, M.D.
28 9 &,!# '! + #$ % # (! * " # )
29 /. 3 ;!() & )! = 3:)8 )45 End users / marketing find it difficult to express wants / needs Some (many?) requirements are assumed Relationships and ramifications can be tricky to imagine up front Language is often vague, ambiguous, or imprecise True needs vs. would-be-nice are difficult to distinguish Sometimes, requirements are too explicit, and limit choice of technology
30 ; < User requirements - description of the tasks a user must be able to perform by use of the product Functional requirements - specific behaviors the software needs to exhibit
31 =" Requirements Specifications
32 >8 +!;! 8; ) 4
33 Characteristics of an SRS: Correct (every item is one S/W shall meet) Unambiguous Complete Consistent (i.e. internally) Ranked for importance / stability Verifiable Modifiable (structured, not redundant) Traceable
34 B Tests for each Requirement: Complete (source, rationale, identifier, use case, type, fit criterion) Traceable Consistent (terminology used uniformly) Relevant (to product purpose) Unambiguous (measurable fit criterion) Viable (within product constraints!) Solution Neutral Also tested: gold plating and creep
35 $! Measurable: Quality measure to gauge any solution Coherent: Definition of every essential subject matter term Consistent: Every use a defined term consistent with definition Complete: Wide enough context of the requirements; included conscious, unconscious, undreamed of requirements Relevant: Every requirement relevant to this system Solution Neutral: No solutions posturing as requirements Traceable: Each requirement uniquely identifiable; Each requirement tagged to all parts of the system where used Ranked: Stakeholder value defined for each requirement Risk Assessed: Hazard level stated, were the software not to fulfill the requirement
36 +$/ $C Focus on the purpose, not on the implementation You don t need: A web interface Username / password login Radio button to select age group You DO need: Access for users outside the LAN Access only to authorized users Only one age group assigned each patient record
37 > 1 ),& /!,
38 0 Where to search for requirements? Clinicians (users) Other technical experts Design / Manufacturing Engineers Developers Quality specialists Regulatory experts Professional bodies (standards) Adjacent systems Management Inspectors
39 + C " Who are the actors? What is the system s boundary? OTS software: which features are actually used? Both normal and exception cases included? Everything from user / actor point of view? Do we understand the user s job?
40 +*" + () 2 & "!2!,6&)!&!6!,!)! A1! B! *
41 1 +) 2. The system shall store a list of all gauges on the calibration program 3. The system shall maintain information about each gauge 3.1. Each gauge shall have a unique identification 3.2. For each gauge, the system shall store its type, the property it measures, the units of measurement, and tolerances at up to five calibration points The system shall permit setting high and low tolerances independently of each other The system shall permit setting tolerances on only one side (high or low) 4. The system shall maintain a schedule of calibration due date for each gauge 5. The system shall provide means for a user to enter calibration data, and apply pass/fail criteria to the data entered.
42 1-9 User Security R_S1 The metrology lab needs to limit use of the calibration system to authorized users. R_S2 The metrology lab needs to restrict specific actions according to the employee's job function. Gauge Data R_D1 The metrology lab needs to maintain an up-to-date list of all gauges. R_D2 The metrology lab needs to store properties, calibration dates, and calibration data for each gauge. Gauge Operations R_O1 The metrology lab needs the ability to set and track status of each gauge (in lab, checked out, out for repair, out for calibration, inactive). R_O2 R_O3 R_O4 R_O5 The metrology lab needs to be able to calibrate any gauge which is considered available (i.e. in lab and Master Gauge calibration is in date.) The metrology lab needs to have the calibration routine set a calibration to PASS only if all measurements are within tolerance. The metrology lab needs to prevent any gauge from being checked out for use if a calibration has not been carried out and passed within the calibration period. The metrology lab needs to record a history of all calibrations and status changes for every gauge.
43 1 8 Instead of a series of shalls, describe functional behavior for a series of situations Much easier to link privileges, functions, prerequisites, error responses Training is worth the time/expense; Use Cases are not always intuitive to construct
44 1 8 Gauge Calibration ID CAL1 Description Perform routine gauge calibration Depend DAT4 Actor Calibrator Input Enter measurement at each defined calibration value. Record any special circumstances or observations. Note that system automatically records user name and date. Output If all measurements fall within defined tolerances: Display calibration succeeded message and print report Save measurements, date, user name Calculate next calibration date from interval and today s date Error If any measurements fall outside tolerances: Display calibration failed message, set gauge status = NOT CAL
45 .4 " %>)" *() = %>)+@=
46 (). &.! %, & +)!, & & )!6) &! &)!) 1! 2!() 3 &45 " " $
47 Requirements Gathering Hazard Analysis Configuration Management
48 . 0 ) 9. 2! & &! & = )), & )&, = ;! 2(). 6 6)@
49 .4 " ;() = ; ) :!=
50 ' C) D?!43 5 E1$F35%!7 "!:!&& G!.#9#9#+HFI #8EIJKE G! )!&! % :/!
51 Change is inevitable Lack of CM is frustrating, inefficient and may be harmful CM controls and coordinates work products of many different software engineers on common project Simultaneous Update Double Maintenance Shared Code and Work Products Common Code Versioning
52 2 Product attributes defined Product configuration documented Correlation with requirements Changes identified and evaluated for impact Change activity managed using a defined process Configuration information stored and organized for retrieval
53 # We don't lose" elements introduced to mitigate identified risks * ' Involves systematically managing and controlling changes to item baselines and software releases Ensure accurate and timely changes to configuration documentation Eliminate unnecessary change proliferation
54 4 #) &)!!)
55 .4 " 1! % )8&&). ; 8' *= %),8:&.
56 () ;! &4 3 )8:&5 ; ) 3)! EE=5
57 2
58 !. Version Control Basic requirement Ensures repeatability and traceability Configuration Support Mechanisms enable user to identify software system correctly Tracks relationships between items in configuration between components Library/Repository Captures SCM information and stores versions of items Mechanisms create audit trail of all SCM activities and database transactions
59 !. 5 =7 Reporting/Query Dependency Report Impact Report Build Report Change Status Report Difference Report History Report Access Control Report Conflict Detection Report Query capability supports configuration audits and collection of metrics
60 !. 5 =7 Security/Protection Allow user to define varying levels of access Provide protection from data corruption and loss Provide backup, archive, and restore capabilities Build Support Track each item and information about each item that comprise the build Implement own build facility Cross Development Builds Parallel Builds Distributed Builds
61 Baseline Specification or product formally reviewed and approved to serve as basis for future development Must be changed only through formal control procedures Configuration Control Board Group responsible for evaluating and approving proposed changes to configuration items Configuration Identification Selection and recording configuration items and characteristics for system Configuration Item Aggregation of hardware, software, or both treated as single entity and designated for configuration management
62 5 =7 Configuration Status Accounting Consists of recording and reporting of information needed to manage configuration effectively Patch Interim software fix pending final design fix in source code Release Formal notification and distribution of approved version Software Library Controlled collection of software and related documentation designed to aid in software development or maintenance Software Life Cycle Period of time begins when software product conceived and ends when software no longer available for use
63 -D Best practice is a four part number <major version>.<minor version>.<build number>.<revision> Major The internal version of the product that rarely changes Minor Usually an incremental release of the product Build Changes with every new build of the code Revision Can have several meanings such as bug number, predecessor build, service pack etc. Example: Version Major version for Win XP 2600 is the Release to Manufacturing build number 2180 is service pack 2
64 2 Process of creating application binaries for useable software release Releases can be intermediate for testing or final Inputs specified Structure of Product Items in Product Environment Items Good practices Build early and build often Automate the build process Check all files before build Increment build number every single time Don t use dates in the version numbers Don t use marketing labels for the versions
65 . Maintain continuous records of status of all baselined items Provides mechanism for disaster recovery Typical information required Time baselines were established When each item included in baseline When each change added to baseline Description of each configuration item Status and description of each software related change Documentation status for each baseline Changes planned for each future baseline
66 4 8$ Version Description Document (VDD) Release Notes Hardware/Software Compatibility Matrix 4 Problem capture and tracking Patches and interim updates Customer support
67 "" ;?, &&,&) ; &! ) )
68 (). &.! %, & +)!, & & )!6) &! &)!) 1! 2!() 3 &45. 6! /!6 )! & 3
69 +,. Requirements Gathering Hazard Analysis Configuration Management
70 +,. %!-./!!0 1 2!-!
71 ., Hazards identified through systematic methods (FMEA, FMECA, or FTA) Requirements: become more refined as design evolves Hazards: evaluate repeatedly throughout project Systematic analysis: best if we know the design Hazard mitigation: changing or adding to requirements
72 -.33", Don t necessarily need to know details of system For each hazard, ask why it would occur Include combination circumstances For each immediate cause, ask why again Trace all the way down until root causes are identified
73 #*"-. %3 4/3 5 3)0 65 "3#! " " 7!!!!! ;"$< 3 # # # 98 58#!3!! /.8! : 8! 7 / "! "!
74 -#.2"" Failure mode and effects analysis: requires some knowledge of the system s architecture For each component (object, function, subsystem), ask how it might fail and what the effect would be Generally, consider only single point failures (not combinations of failures) Each identified failure mode need to trace to a system-level hazard
75 #*"-#. Failure Mode Effect Causes S1 Mitigation S2 Sample ID / results array off by one Wrong results reported Inconsistent array logic; incorrect initialization 5 Optional operator approve results before saving 2 Initialization fails to warm up lamp Can t perform analyses Startup logic can be set to skip steps and left that way 4 Reset all startup parameters on initialization 1 Dilution factor associated with pipet tip, picked in advance Wrong result reported (dilution applied to wrong sample) Counting logic not rechecked when pickin-advance process introduced 5 (a) Track dilution and pipet tip separately; (b) show dilution with reported result 1 S1 = Severity rating before mitigation; S2 = severity rating after mitigation Severity (sample values only): 5 = critical; 1 = nuisance Note this analysis does not include two of the standard engineering estimates: occurrence (probability) or detection.
76 +,") * Direct failure Software flaw in normal, correct use of system causes or permits incorrect dosage or energy to be delivered to patient. Permitted misuse Software does not reject or prevent entry of data in a way that (a) is incorrect according to user instructions, and (b) can result in incorrect calculation or logic, and consequent life-threatening or damaging therapeutic action. User Complacency Although software or system clearly notes that users must verify results, common use leads to over-reliance on software output and failure to crosscheck calculations or results.
77 +,") * User Interface confusion Software instructions, prompts, input labels, or other information is frequently confusing or misleading, and can result in incorrect user actions with potentially harmful or fatal outcome. Security vulnerability Attack by malicious code causes device to transmit incorrect information, control therapy incorrectly, or cease operating. No examples in medicaldevice software known at this time, but experience in personal computers and "smart" cellular phones suggests this is a serious possibility.
78 # D 11.+! :, ) ) % ) ) 18,8,L; ;)!#&=L >) )!)A& B
79 ."" #8EIJKE7!, & & )!!6,!) 6!,() #+HFI7 ) &.#;H!!&!!)! &%06& EIJKE.##F7!, ; AB ;HEIJKE ) M &!6 )! 6,&,&EIJKE()!2#+HHE/E6*0EJJ
80 0)EFGHE 3 Sets forth plan: Identify hazardous situations and evaluate Implement control measures Check remaining risk for acceptability Track information post-launch Annexes (larger than standard itself) provide questions to ask, list of example hazard areas, methods of control, descriptions of analysis techniques
81 Compare the development lifecycle... Customer Needs Activities outside the scope of Customer Needs Satisfied SYSTEM development ACTIVITIES (including RISK MANAGEMENT) 7 Software RISK MANAGEMENT 5.1 SW Devel Planning 5.2 SW Rqmts Analysis 5.3 SW Architect design 5.4 SW Detailed design 5.5 SW Unit Implem & verif 5.6 SW Integrn, Int Tstg 5.7 SW System Testing 5.8 SW Release 8 Software CONFIGURATION MANAGEMENT 9 Software problem resolution
82 With the MAINTENANCE lifecycle - Maintenance Request Activities outside the scope of Request Satisfied SYSTEM maintenance ACTIVITIES (including RISK MANAGEMENT) 7 Software RISK MANAGEMENT 6.1 Estab SW Maint Plan 6.2 Prob & modificn analysis 5.3 SW Architect design 5.4 SW Detailed design 5.5 SW Unit Implem & verif 5.6 SW Integrn, Int Tstg 5.7 SW System Testing 5.8 SW Release 6.3 Modification Implementation 8 Software CONFIGURATION MANAGEMENT 9 Software problem resolution
83 EFGHE " * Topics include: Causal chains, first & last points of software control Direct and indirect causes (with tables of examples) Risk control measures for software-related hazards Architecture, design, coding approaches to minimize hazards Types of maintenance
84 +, Direct hazards are a natural outcome of the interactions between the design and the outside world Indirect hazards come about specifically because of how the item is designed!
85 +,) Collaborate with users and domain experts to identify them Create data and software with the capacity to inject hazards into the system (external simulation or comprehensive mock object) Coverage based both on external systems and on actions of users Do this instead of up-front Analysis Paralysis!
86 +, Unit test unit test unit test! Keep unit tests and acceptance tests up to date! Automate testing to keep frequency and coverage both high Refactor to keep design as simple as possible
87 (). &.! %, & +)!, & & )!6) &! &)!) 1! 2!() 3 &45. 6! /!6 )! &! &!,6),!, 1 =
88 . Requirements Gathering Hazard Analysis Configuration Management
89 > )8" ()+ +: 8!60!6!1 ))0
90 # Changes in Use Field Issues Enhancement Requests Defect Tracking CAPA Requirements Revision Design Updates Configuration Management Regression Testing Hazard Re-Analysis Impact Assessment Mini-SDLC
91 #4 +. & () !/)M () 3'=5.99!&, '! +@., &! &,
92 +,0 C) ) & )%)%,! /%0& )!)& )! * &!@! ) '& )&
93 >' 5E7 FDA: Design Control, Medical Devices (March 11, 1997) FDA: General Principles of Software Validation (Jan 11, 2002) FDA: Premarket Submissions, Software Contained in Medical Devices (May 11, 2005) FDA: Off-The-Shelf Software Use in Medical Devices (Sep 9, 1999) FDA: Cybersecurity for Networked Medical Devices, OTS Software (Jan 14, 2005) FDA draft guidance: Radio-Frequency Wireless Technology in Medical Devices (Jan 3, 2007)
94 >' 5%7 AAMI TIR32:2004 Medical device software risk management IEC 60812:2006 (2 nd ed) Analysis techniques for system reliability Procedure for failure mode and effects analysis (FMEA) IEC : 2005 (3 rd ed) Medical electrical equipment Part 1: General requirements for basic safety and essential performance ( Programmable Electrical Medical Systems is available standalone, but will not be in the future) IEC 62304:2006 Medical Device Software Software Life Cycle Processes ISO 13485:2003 (2 nd ed) Medical devices Quality management systems Requirements for regulatory purposes ISO 14971:2007 (2 nd ed) Medical devices Application of risk management to medical devices
95 - FDA, CDRH Software Related Recalls for Fiscal Years (May 1992). Institute of Electrical and Electronics Engineers, "Recommended Practice for Software Requirements Specifications" (IEEE ), 01-May Robertson, James and Suzanne, Mastering the Requirements Process, Harlow (England), Addison-Wesley / ACM Press, Schneider, Geri, and Jason P. Winters, Applying Use Cases: A Practical Guide, Harlow (England), Addison-Wesley / ACM Press, Therac-25 Investigation: Leveson, N.G., Safeware - System safety and Computers. 1 ed. 1995: Addison-Wesley Publishing Company Inc. Revised version at: Wallace, D., R. and D.R. Kuhn, Lessons from 342 Medical Device Failures. in 4th IEEE International Symposium on High-Assurance Systems Engineering Washington, D.C.: IEEE. (medical device software failure study) NIST version at:
96 : 6600 N($ $($ OO) 6,6.EIO JK/JHO/EEE 6:$%$ :!)! 6 EJJ 6%.H KE/JJ/OJK N $ 29$ $!" G : 6 M%,! 6 # $ EE,$6 $K %6JEE!$N $ 29$ $
Software Development in the FDA-Regulated World: Why Test Only When We re Done?
Software Development in the FDA-Regulated World: Why Test Only When We re Done? Ron Morsicato Agile Rules Brian Shoemaker ShoeBar Associates 1 Goal of this presentation We aim to show an approach which
More informationHow To Write Software
1 Medical Device Software - Software Life Cycle Processes IEC 62304 2 Credits John F. Murray Software Compliance Expert U.S. Food and Drug Administration Marcie R. Williams Medical Device Fellow Ph.D.
More informationWHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE
WHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE White paper produced by Maetrics For more information, please contact global sales +1 610 458 9312 +1 877 623 8742 globalsales@maetrics.com
More informationSoftware-based medical devices from defibrillators
C O V E R F E A T U R E Coping with Defective Software in Medical Devices Steven R. Rakitin Software Quality Consulting Inc. Embedding defective software in medical devices increases safety risks. Given
More informationDocument issued on: May 11, 2005
Guidance for Industry and FDA Staff Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices Document issued on: May 11, 2005 This document supersedes Guidance for the
More informationMEDICAL DEVICE Cybersecurity.
MEDICAL DEVICE Cybersecurity. 2 MEDICAL DEVICE CYBERSECURITY Introduction Wireless technology and the software in medical devices have greatly increased healthcare providers abilities to efficiently and
More informationEVALUATION OF AUTOMATIC CLASS III DESIGNATION FOR STUDIO on the Cloud Data Management Software DECISION SUMMARY
A. DEN Number: DEN140016 EVALUATION OF AUTOMATIC CLASS III DESIGNATION FOR STUDIO on the Cloud Data Management Software B. Purpose for Submission: DECISION SUMMARY De novo request for adjunct data management
More informationMedical Product Software Development and FDA Regulations Software Development Practices and FDA Compliance
Medical Product Development and FDA Regulations IEEE Orange County Computer Society March 27, 2006 Carl R. Wyrwa Medical Product Development and FDA Regulations Introduction Regulated FDA Overview Medical
More informationRisk Assessment for Medical Devices. Linda Braddon, Ph.D. Bring your medical device to market faster 1
Risk Assessment for Medical Devices Linda Braddon, Ph.D. Bring your medical device to market faster 1 My Perspective Work with start up medical device companies Goal: Making great ideas into profitable
More informationThe Therac 25 A case study in safety failure. Therac 25 Background
The Therac 25 A case study in safety failure Radiation therapy machine The most serious computer-related accidents to date People were killed References: Nancy Leveson and Clark Turner, The Investigation
More informationBuild (develop) and document Acceptance Transition to production (installation) Operations and maintenance support (postinstallation)
It is a well-known fact in computer security that security problems are very often a direct result of software bugs. That leads security researches to pay lots of attention to software engineering. The
More informationMedical Device Software Standards for Safety and Regulatory Compliance
Medical Device Software Standards for Safety and Regulatory Compliance Sherman Eagles +1 612-865-0107 seagles@softwarecpr.com www.softwarecpr.com Assuring safe software SAFE All hazards have been addressed
More informationConsiderations for using the Web for Medical Device Applications
Considerations for using the Web for Medical Device Applications MEDS, San Diego August 23 rd, 2012 Daniel Sterling, President Who is Sterling? Your Partner in Medical Device Development What we do: o
More informationRisk Management and Cybersecurity for Devices that Contain Software. Seth D. Carmody, Ph.D. 12 th Medical Device Quality Congress March 18, 2015
Risk Management and Cybersecurity for Devices that Contain Software Seth D. Carmody, Ph.D. 12 th Medical Device Quality Congress March 18, 2015 Main Points Establish a Cybersecurity Risk Management Program
More informationImplementation of ANSI/AAMI/IEC 62304 Medical Device Software Lifecycle Processes.
Implementation of ANSI/AAMI/IEC 62304 Medical Device Software Lifecycle Processes.. www.pharmout.net Page 1 of 15 Version-02 1. Scope 1.1. Purpose This paper reviews the implementation of the ANSI/AAMI/IEC
More informationVerification and Validation of Software Components and Component Based Software Systems
Chapter 5 29 Verification and Validation of Software Components and Component Based Christina Wallin Industrial Information Technology Software Engineering Processes ABB Corporate Research christina.wallin@mdh.se
More informationSoftware Engineering. Computer Science Tripos 1B Michaelmas 2011. Richard Clayton
Software Engineering Computer Science Tripos 1B Michaelmas 2011 Richard Clayton Critical software Many systems must avoid a certain class of failures with high assurance safety critical systems failure
More informationIHE Patient Care Device (PCD) Technical Framework White Paper
Integrating the Healthcare Enterprise 5 IHE Patient Care Device (PCD) Technical Framework White Paper 10 Overview and Profile Roadmap Version 1.0 15 20 September 1, 2009 Copyright 2009: IHE International
More informationNew Devices Mean New Risks: The Potential for Liability When Software is a Component of Medical Devices. September 25, 2013
New Devices Mean New Risks: The Potential for Liability When Software is a Component of Medical Devices September 25, 2013 The Hartford Insuring Innovation Joe Coray Dan Silverman Providing insurance solutions
More informationIntroduction into IEC 62304 Software life cycle for medical devices
Introduction into IEC 62304 Software life cycle for medical devices Christoph Gerber 4. September 2008 SPIQ 9/5/2008 1 Agenda Current Picture Regulatory requirements for medical device software IEC 62304
More informationInformation Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus
Information Technology Engineers Examination Information Security Specialist Examination (Level 4) Syllabus Details of Knowledge and Skills Required for the Information Technology Engineers Examination
More informationThe FDA Perspective on Human Factors in Medical Device Software Development
The FDA Perspective on in Medical Device Development Molly Follette Story, PhD FDA /CDRH / ODE 2012 IQPC Design for Medical Devices Europe Munich, Germany Februar y1, 2012 Overview Guidance for FDA premarket
More informationFDA Perspectives on Human Factors in Device Development
FDA Perspectives on in Device Development Molly Follette Story, PhD FDA /CDRH / ODE Understanding Regulatory Requirements for Usability Testing RAPS Webinar June 7, 2012 Overview What are human factors
More informationIntland s Medical Template
Intland s Medical Template Traceability Browser Risk Management & FMEA Medical Wiki Supports compliance with IEC 62304, FDA Title 21 CFR Part 11, ISO 14971, IEC 60601 and more INTLAND codebeamer ALM is
More informationcodebeamer INTLAND SOFTWARE codebeamer Medical ALM Solution is built for IEC62304 compliance and provides a wealth of medical development knowledge
codebeamer Medical ALM Solution is built for INTLAND Traceability matrix Medical wiki Risk management IEC 62304 compliance codebeamer INTLAND codebeamer Medical ALM Solution is built for Medical Device
More informationTesting Metrics. Introduction
Introduction Why Measure? What to Measure? It is often said that if something cannot be measured, it cannot be managed or improved. There is immense value in measurement, but you should always make sure
More informationIEC 61508 Overview Report
IEC 61508 Overview Report A Summary of the IEC 61508 Standard for Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems exida Sellersville, PA 18960, USA +1-215-453-1720
More information2015. All rights reserved.
DOCUMENT: Future AAMI/IEC 62304:2006/AMD1, 18-August-2015 Final Draft International Standard for Vote, Amendment 1 to IEC 62304: Medical device software Software life cycle processes. Public Review Draft
More information-.% . /(.0/.1 . 201 . ) 53%/(01 . 6 (01 (%((. * 7071 (%%2 $,( . 8 / 9!0/!1 . # (3(0 31.%::((. ;.!0.!1 %2% . ".(0.1 $) (%+"",(%$.(6
!""#"" ""$"$"# $) ""$"*$"# %%&''$ $( (%( $) (%+"",(%$ -.% Number Phase Name Description. /(.0/.1.(((%( $. 201 2,%%%% %$. %(01 3-(4%%($. ) 53%/(01 %%4.%%2%, ($. 6 (01 (%((. * 7071 (%%2. 8 / 9!0/!1 ((((($%
More informationClinical Risk Management: Agile Development Implementation Guidance
Document filename: Directorate / Programme Document Reference NPFIT-FNT-TO-TOCLNSA-1306.02 CRM Agile Development Implementation Guidance v1.0 Solution Design Standards and Assurance Project Clinical Risk
More informationRequest for Proposal for Application Development and Maintenance Services for XML Store platforms
Request for Proposal for Application Development and Maintenance s for ML Store platforms Annex 4: Application Development & Maintenance Requirements Description TABLE OF CONTENTS Page 1 1.0 s Overview...
More informationThe purpose of Capacity and Availability Management (CAM) is to plan and monitor the effective provision of resources to support service requirements.
CAPACITY AND AVAILABILITY MANAGEMENT A Project Management Process Area at Maturity Level 3 Purpose The purpose of Capacity and Availability Management (CAM) is to plan and monitor the effective provision
More informationSystem Requirements Specification (SRS) (Subsystem and Version #)
of the (Subsystem and Version #) () (Document Revision Number) Contract (No.) Task (No.) GSA Contract (No.) Prepared for: The United States Department of Agriculture Food & Nutrition Service (FNS)/ Information
More informationSummary of CIP Version 5 Standards
Summary of CIP Version 5 Standards In Version 5 of the Critical Infrastructure Protection ( CIP ) Reliability Standards ( CIP Version 5 Standards ), the existing versions of CIP-002 through CIP-009 have
More informationFDA Releases Final Cybersecurity Guidance for Medical Devices
FDA Releases Final Cybersecurity Guidance for Medical Devices By Jean Marie R. Pechette and Ken Briggs Overview and General Principles On October 2, 2014, the Food and Drug Administration ( FDA ) finalized
More informationData Quality Assessment. Approach
Approach Prepared By: Sanjay Seth Data Quality Assessment Approach-Review.doc Page 1 of 15 Introduction Data quality is crucial to the success of Business Intelligence initiatives. Unless data in source
More informationSoftware Verification and Validation
Software Verification and Validation Georgia L. Harris Carol Hockert NIST Office of Weights and Measures 1 Learning Objectives After this session, using resources and references provided, you will be able
More informationJump out of the Waterfall: Applying Lean Development Principles in Medical Device Software Development
Jump out of the Waterfall: Applying Lean Development Principles in Medical Device Software Development Brian Shoemaker ShoeBar Associates Nancy Van Schooenderwoert Lean-Agile Partners Inc. Copyright 2009-10
More informationMedical Device Software
Medical Device Software Bakul Patel Senior Policy Advisor 1 Overview Medical devices and software Oversight principles and Current approach Trends, Challenges and opportunities Addressing challenges 2
More informationA Risk Management Capability Model for use in Medical Device Companies
A Risk Management Capability Model for use in Medical Device Companies John Burton Vitalograph Ltd. Gort Rd. Business Park Ennis Ireland 353.65.686471 john.burton@vitalograph.ie Fergal Mc Caffery Lero
More informationConsiderations When Validating Your Analyst Software Per GAMP 5
WHITE PAPER Analyst Software Validation Service Considerations When Validating Your Analyst Software Per GAMP 5 Blair C. James, Stacy D. Nelson Introduction The purpose of this white paper is to assist
More informationThe U.S. FDA s Regulation and Oversight of Mobile Medical Applications
The U.S. FDA s Regulation and Oversight of Mobile Medical Applications The U.S. FDA s Regulation and Oversight of Mobile Medical Applications As smart phones and portable tablet computers become the preferred
More informationAnnouncement of a new IAEA Co-ordinated Research Programme (CRP)
Announcement of a new IAEA Co-ordinated Research Programme (CRP) 1. Title of Co-ordinated Research Programme Design and engineering aspects of the robustness of digital instrumentation and control (I&C)
More informationCMS Policy for Configuration Management
Chief Information Officer Centers for Medicare & Medicaid Services CMS Policy for Configuration April 2012 Document Number: CMS-CIO-POL-MGT01-01 TABLE OF CONTENTS 1. PURPOSE...1 2. BACKGROUND...1 3. CONFIGURATION
More informationCHAPTER 7 Software Configuration Management
CHAPTER 7 Software Configuration Management ACRONYMS CCB CM FCA MTBF PCA SCCB SCI SCM SCMP SCR SCSA SEI/CMMI SQA SRS USNRC INTRODUCTION Configuration Control Board Configuration Management Functional Configuration
More informationSoftware Safety Basics
Software Safety Basics (Herrmann, Ch. 2) 1 Patriot missile defense system failure On February 25, 1991, a Patriot missile defense system operating at Dhahran, Saudi Arabia, during Operation Desert Storm
More informationRevision History Revision Date 3.0 14.02.10. Changes Initial version published to http://www.isasecure.org
SDLA-312 ISA Security Compliance Institute Security Development Lifecycle Assurance - Security Development Lifecycle Assessment v3.0 Lifecycle Phases Number Phase Name Description PH1 Security Management
More informationSafety Requirements Specification Guideline
Safety Requirements Specification Comments on this report are gratefully received by Johan Hedberg at SP Swedish National Testing and Research Institute mailto:johan.hedberg@sp.se -1- Summary Safety Requirement
More informationHow To Validate Software
General Principles of Software Validation; Final Guidance for Industry and FDA Staff Document issued on: January 11, 2002 This document supersedes the draft document, "General Principles of Software Validation,
More informationCombination Products. Presented by: Karen S. Ginsbury For: IFF March 2014. PCI Pharma
Combination Products Presented by: Karen S. Ginsbury For: IFF March 2014 Types of products Biological and medical device (freeze dried + syringe dual volume) Medical device and plasma devised product (syringe)
More information1. Software Engineering Overview
1. Overview 1. Overview...1 1.1 Total programme structure...1 1.2 Topics covered in module...2 1.3 Examples of SW eng. practice in some industrial sectors...4 1.3.1 European Space Agency (ESA), software
More informationSuzanne B. Schwartz, MD, MBA Director Emergency Preparedness/Operations & Medical Countermeasures (EMCM Program) CDRH/FDA
8 th Annual Safeguarding Health Information: Building Assurance through HIPAA Security HHS Office of Civil Rights and National Institute of Standards & Technology Wednesday September 2, 2015 Suzanne B.
More informationEffective Software Verification for Medical Devices
STERLINGTECH AND KLOCWORK WHITE PAPER NOVEMBER 2009 Effective Software Verification for Medical Devices Achieving compliance and meeting productivity goals with static analysis In addition to producing
More informationSOFTWARE CONFIGURATION MANAGEMENT GUIDEBOOK
Office of Safety and Mission Assurance NASA-GB-9503 SOFTWARE CONFIGURATION MANAGEMENT GUIDEBOOK AUGUST 1995 National Aeronautics and Space Administration Washington, D.C. 20546 PREFACE The growth in cost
More informationSEVEN KEY TACTICS FOR ENSURING QUALITY
SEVEN KEY TACTICS FOR ENSURING QUALITY 1 INTRODUCTION Besides avoiding disasters and fatal flaws, quality assurance (QA) delivers significant benefits for banks. Strong QA planning provides the groundwork
More informationUsing TechExcel s DevSuite to Achieve FDA Software Validation Compliance For Medical Software Device Development
Using TechExcel s DevSuite to Achieve FDA Software Validation Compliance For Medical Software Device Development The FDA requires medical software development teams to comply with its standards for software
More information8. Master Test Plan (MTP)
8. Master Test Plan (MTP) The purpose of the Master Test Plan (MTP) is to provide an overall test planning and test management document for multiple levels of test (either within one project or across
More informationSoftware Development for Medical Devices
Overcoming the Challenges of Compliance, Quality and Cost An MKS White Paper Introduction Software is fast becoming the differentiator for manufacturers of medical devices. The rewards available from software
More informationUsability of Medical Applications Ved Line Kagenow Svenstrup, lks@delta.dk
Usability of Medical Applications Ved Line Kagenow Svenstrup, lks@delta.dk What is usability? The user, rather than the system, at the center of the process. Risk of operating errors that can cause injury
More informationABSTRACT. would end the use of the hefty 1.5-kg ticket racks carried by KSRTC conductors. It would also end the
E-Ticketing 1 ABSTRACT Electronic Ticket Machine Kerala State Road Transport Corporation is introducing ticket machines on buses. The ticket machines would end the use of the hefty 1.5-kg ticket racks
More informationHealthcare Cybersecurity Risk Management: Keys To an Effective Plan
Healthcare Cybersecurity Risk Management: Keys To an Effective Plan Anthony J. Coronado and Timothy L. Wong About the Authors Anthony J. Coronado, BS, is a biomedical engineering manager at Renovo Solutions
More informationJOURNAL OF MEDICAL INFORMATICS & TECHNOLOGIES Vol. 21/2012, ISSN 1642-6037
JOURNAL OF MEDICAL INFORMATICS & TECHNOLOGIES Vol. 21/2012, ISSN 1642-6037 FDA, medical software, recall, safety of medical devices. Leszek DREWNIOK 1, Ewelina PIEKAR 1, Mirosław STASIAK 1, Remigiusz MANIURA
More informationRequirements engineering
Learning Unit 2 Requirements engineering Contents Introduction............................................... 21 2.1 Important concepts........................................ 21 2.1.1 Stakeholders and
More informationGlobal Value 7. Productivity Suite for GammaVision. Optimizing Gamma Spectrometry Processes through Secure Data Management and Measurement Automation.
Productivity Suite for GammaVision Optimizing Gamma Spectrometry Processes through Secure Data Management and Measurement Automation. Global Value was designed to transform the standard GammaVision spectroscopy
More informationThe Shifting Sands of Medical Software Regulation
The Shifting Sands of Medical Software Regulation Suzanne O Shea Ralph Hall September 10, 2014 What Software is Regulated by FDA? FDA regulates medical devices. FDA regulates software that meets the definition
More informationRemote Services. Managing Open Systems with Remote Services
Remote Services Managing Open Systems with Remote Services Reduce costs and mitigate risk with secure remote services As control systems move from proprietary technology to open systems, there is greater
More informationOPERATIONAL STANDARD
1 of 11 1. Introduction The International Safe Transit Association (ISTA), a non-profit association whose objective is to prevent product damage and excess packaging usage within the distribution environment.
More informationIntroduction to Automated Testing
Introduction to Automated Testing What is Software testing? Examination of a software unit, several integrated software units or an entire software package by running it. execution based on test cases
More informationSOFTWARE-IMPLEMENTED SAFETY LOGIC Angela E. Summers, Ph.D., P.E., President, SIS-TECH Solutions, LP
SOFTWARE-IMPLEMENTED SAFETY LOGIC Angela E. Summers, Ph.D., P.E., President, SIS-TECH Solutions, LP Software-Implemented Safety Logic, Loss Prevention Symposium, American Institute of Chemical Engineers,
More information---Information Technology (IT) Specialist (GS-2210) IT Security Competency Model---
---Information Technology (IT) Specialist (GS-2210) IT Security Model--- TECHNICAL COMPETENCIES Computer Forensics Knowledge of tools and techniques pertaining to legal evidence used in the analysis of
More informationGAO MEDICAL DEVICES. FDA Should Expand Its Consideration of Information Security for Certain Types of Devices. Report to Congressional Requesters
GAO United States Government Accountability Office Report to Congressional Requesters August 2012 MEDICAL DEVICES FDA Should Expand Its Consideration of Information Security for Certain Types of Devices
More informationUniversity of Paderborn Software Engineering Group II-25. Dr. Holger Giese. University of Paderborn Software Engineering Group. External facilities
II.2 Life Cycle and Safety Safety Life Cycle: The necessary activities involving safety-related systems, occurring during a period of time that starts at the concept phase of a project and finishes when
More information74% 96 Action Items. Compliance
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated
More informationDesign Controls: Are They Worth the Effort?
Design Controls: Are They Worth the Effort? Compliance-Alliance conducted a survey to measure the effects of FDA s design control regulation on the industry. Most respondents believe the controls have
More informationOhio Supercomputer Center
Ohio Supercomputer Center IT Business Continuity Planning No: Effective: OSC-13 06/02/2009 Issued By: Kevin Wohlever Director of Supercomputer Operations Published By: Ohio Supercomputer Center Original
More information05.0 Application Development
Number 5.0 Policy Owner Information Security and Technology Policy Application Development Effective 01/01/2014 Last Revision 12/30/2013 Department of Innovation and Technology 5. Application Development
More informationDatabase and Data Mining Security
Database and Data Mining Security 1 Threats/Protections to the System 1. External procedures security clearance of personnel password protection controlling application programs Audit 2. Physical environment
More informationEVALUATION REPORT. Weaknesses Identified During the FY 2014 Federal Information Security Management Act Review. March 13, 2015 REPORT NUMBER 15-07
EVALUATION REPORT Weaknesses Identified During the FY 2014 Federal Information Security Management Act Review March 13, 2015 REPORT NUMBER 15-07 EXECUTIVE SUMMARY Weaknesses Identified During the FY 2014
More informationSafety Risk Management in RT: A Software Manufacturer Perspective
Safety Risk Management in RT: A Software Manufacturer Perspective Jim Schewe, Ph.D. Philips Radiation Oncology Systems AAPM Spring Clinical Meeting March 16, 2014 1 Learning Objectives For the session
More informationMedical Device Software Do You Understand How Software is Regulated?
Medical Device Software Do You Understand How Software is Regulated? By Gregory Martin Agenda Relevant directives, standards, and guidance documents recommended to develop, maintain, and validate medical
More informationOffice of Inspector General
DEPARTMENT OF HOMELAND SECURITY Office of Inspector General Security Weaknesses Increase Risks to Critical United States Secret Service Database (Redacted) Notice: The Department of Homeland Security,
More informationCertified Software Quality Engineer (CSQE) Body of Knowledge
Certified Software Quality Engineer (CSQE) Body of Knowledge The topics in this Body of Knowledge include additional detail in the form of subtext explanations and the cognitive level at which the questions
More informationREGULATIONS FOR THE SECURITY OF INTERNET BANKING
REGULATIONS FOR THE SECURITY OF INTERNET BANKING PAYMENT SYSTEMS DEPARTMENT STATE BANK OF PAKISTAN Table of Contents PREFACE... 3 DEFINITIONS... 4 1. SCOPE OF THE REGULATIONS... 6 2. INTERNET BANKING SECURITY
More informationGuideline on Vulnerability and Patch Management
CMSGu2014-03 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Vulnerability and Patch Management National Computer Board
More informationAutodesk PLM 360 Security Whitepaper
Autodesk PLM 360 Autodesk PLM 360 Security Whitepaper May 1, 2015 trust.autodesk.com Contents Introduction... 1 Document Purpose... 1 Cloud Operations... 1 High Availability... 1 Physical Infrastructure
More informationManaged Hosting & Datacentre PCI DSS v2.0 Obligations
Any physical access to devices or data held in an Melbourne datacentre that houses a customer s cardholder data must be controlled and restricted only to approved individuals. PCI DSS Requirements Version
More information<name of project> Software Project Management Plan
The document in this file is adapted from the IEEE standards for Software Project Management Plans, 1058-1998, which conforms to the requirements of ISO standard 12207 Software Life Cycle Processes. Tailor
More informationEnvisioning a Requirements Specification Template for Medical Device Software
Envisioning a Requirements Specification Template for Medical Device Software Hao Wang 1, Yihai Chen 2, Ridha Khedri 3, and Alan Wassyng 4 1 Faculty of Engineering and Natural Sciences, Aalesund University
More informationAAMI TIR 36: Validation of SW for Regulated Processes. Denise Stearns April 2008
AAMI TIR 36: Validation of SW for Regulated Processes Denise Stearns April 2008 Agenda Software for Regulated Processes TIR In Scope Discussion Software V&V Basis for TIR The Journey to Critical Thinking
More informationNERC CIP VERSION 5 COMPLIANCE
BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining
More informationProject Risk Management: IV&V as Insurance for Project Success
Project Risk Management: IV&V as Insurance for Project Success Introduction Software development projects can be expensive and risky: Ever more complex mission-critical requirements lead to increasingly
More informationCALIBRATION DATA MANAGEMENT: MEETING THE REPORTING REQUIREMENTS OF ISO/IEC FDIS 17025.
CALIBRATION DATA MANAGEMENT: MEETING THE REPORTING REQUIREMENTS OF ISO/IEC FDIS 17025. Nicholas Mason Metrology Software Project Manager Calibration Group, Fluke Corporation 6920 Seaway Blvd. Everett,
More informationCompany Quality Manual Document No. QM Rev 0. 0 John Rickey Initial Release. Controlled Copy Stamp. authorized signature
Far West Technology, Inc. ISO 9001 Quality Manual Document No.: QM Revision: 0 Issue Date: 27 August 1997 Approval Signatures President/CEO Executive Vice President Vice President/CFO Change Record Rev
More informationFINAL DOCUMENT. Implementation of risk management principles and activities within a Quality Management System. The Global Harmonization Task Force
GHTF/SG3/N15R8 FINAL DOCUMENT Title: Implementation of risk management principles and activities within a Quality Management System Authoring Group: GHTF Study Group 3 Endorsed by: The Global Harmonization
More informationDeveloping a Mobile Medical App? How to determine if it is a medical device and get it cleared by the US FDA
Developing a Mobile Medical App? How to determine if it is a medical device and get it cleared by the US FDA In this presentation: App stats: Explosive growth Examples already cleared by the US FDA Is
More informationOMCL Network of the Council of Europe QUALITY ASSURANCE DOCUMENT
OMCL Network of the Council of Europe QUALITY ASSURANCE DOCUMENT PA/PH/OMCL (08) 88 R VALIDATION OF COMPUTERISED SYSTEMS ANNEX 2: VALIDATION OF DATABASES (DB), LABORATORY INFORMATION MANAGEMENT SYSTEMS
More informationLecture 20: Software Evolution
Lecture 20: Software Evolution Basics of Software Evolution Laws of software evolution Requirements Growth Software Aging Basics of Change Management Baselines, Change Requests and Configuration Management
More informationLife Sciences Product Development Artifacts Survey Results
Life Sciences Product Development Artifacts Survey Results White Paper About the Survey Seapine Software conducted this survey over a six-week period during the first quarter of 2011. A total of 150 respondents
More informationTitle: Basic Principles of Risk Management for Medical Device Design
Title: Basic Principles of Risk Management for Medical Device Design WHITE PAPER Author: Ganeshkumar Palanichamy Abstract Medical devices developed for human application are used for diagnostic or treatment
More informationThis interpretation of the revised Annex
Reprinted from PHARMACEUTICAL ENGINEERING The Official Magazine of ISPE July/August 2011, Vol. 31 No. 4 www.ispe.org Copyright ISPE 2011 The ISPE GAMP Community of Practice (COP) provides its interpretation
More information