Software in Medical Devices, a blog by MD101 Consulting

To content | To menu | To search

Friday 1 July 2016

How to validate software development tools like Jira or Redmine?

Following the discussion on ISO/TR 80002-2 and AAMI TRI 36 in the previous article, here are some tips on how to validate workflow and data management software like Jira or Redmine.

Continue reading...

Friday 19 June 2015

Validation of software used in production and QMS - Part 1 introduction

Validation of software is an unlimited source of topics!
After discussing in a previous article the validation of software in development process, let's see how to validate software used in production processes and in the management of QMS documents and records.

Continue reading...

Friday 11 April 2014

Validation of compiler and IDE - Why, when and how to? - Part 3

Coming back to the discussion about validating compilers and IDE, here are a few more comments I have on this topic.

Continue reading...

Friday 28 March 2014

Validation of compiler and IDE - Why, when and how to? - Part 2: compilers

We saw in the last post how to validate a software development tool. But we saw also that validating a compiler this way is not a satisfactory task.
Then: Why, when, and how to validate a compiler?

Continue reading...

Friday 14 March 2014

Validation of compiler and IDE - Why, when and how to? - Part 1

Validating the compiler used in software development is a recurring issue. To what extent a compiler should be validated, when, how and why?
In the same vein, we can extend the question of validation to all tools used in the software development environment: integrated development environment, configuration management tools, compiler (and linker), automated test tools.

Continue reading...

Friday 28 February 2014

Goto Fail

If you've haven't heard about Apple's security flaw registered as CVE-2014-1266 on apple website, you probably were on planet Mars.
Basically, it was unsafe to use https connections. I couldn't help but write an article about this!
Components dealing with secured connections are abolutely critical. Applying rigorous development process is the best chance to avoid any trouble with these components.

Continue reading...

Friday 25 October 2013

Testing is overrated

Software testing is the keystone of bugs discovery. Most of software engineers and project managers think this assertion is true!

Continue reading...

Friday 11 October 2013

How to validate a software medical device running on web browsers?

Your company develops medical web apps (HTML/JS, HTML5 or any other client-side technology) and your customers would like them to run on every web browser.

Web browsers are SOUP, according to IEC 62304. In case of Chrome and Firefox there are dozens of versions...

Does it mean that software has to be tested - and documented - with every single browser and every single version of the browser?
That's a nightmare!

Continue reading...

Friday 14 December 2012

En route to Software Verification: one goal, many methods - part 3

In my last post, I explained the benefits of static analysis. This software verification method is mainly relevant to find bugs in mission critical software. But it fits the need of bug-free software for less critical software as well.
Static analysis can be seen as an achievement in the implementation of software verification methods. Yet, other methods exists that fit very specific purposes.

Continue reading...

Friday 7 December 2012

En route to Software Verification: one goal, many methods - part 2

In my last article, I talked about the most classical methods used to verify software: human testing (driven by test cases or not) and unit tests. I was about to talk about static analysis, that I place at a higher level of complexity in the list of verification methods, but I have to say a bit more about unit tests.

Continue reading...

Friday 30 November 2012

En route to Software Verification: one goal, many methods - part 1

Software verification is easy to define: to demonstrate that software works as it was specified (and without bugs!). But there's not a unique way to do it.
Let's see what methods we have in hands to verify software.

Continue reading...

Friday 16 November 2012

V&V: verification & validation, doing it right.

Writing about V&V in two previous posts, I had a lot of comments from people on a well-known social network. They made corrections to my view of V&V and brought their own definitions.
Here is an excerpt of their comments.

Continue reading...

Friday 2 November 2012

What is software validation?

Following the article about software verification, let's see what software validation is.

Continue reading...

Friday 26 October 2012

What is software verification?

Many people make the confusion between verification and validation. There is no exception for software! I'd even say that the confusion is even worse for standalone software.

Let's see first the definition of verification and validation. I borrowed these definitions from the FDA website:

  • Verification is confirming that design output meets the design input requirements,
  • Validation is ensuring that the device conforms to defined user needs and intended uses.

OK, this remains theoretical. How to do that with software medical devices?
In this article I focus on verification and will focus on validation in the next article: What is software validation.

Continue reading...

Friday 31 August 2012

The concept of continuous certification: get rid of the Big Freeze

Safety critical software always face the big freeze before certification.
This happens because watefall model is the prefered software development cycle for safety critical software. Thus you can't change anything if you're in qualification phase for certification.
To be more flexible, some smart people created the concept of continuous certification. The purpose of continuous certification is to apply the principles of agile methods to safety critical software development.

Continue reading...

Friday 6 July 2012

Class C software and agile methods

Are agile methods compatible with the constraints of development set by IEC 62304 standard of class C software?
After a series of three posts about agile methods and risks analysis. I focus in this post on IEC 62304 class C critical software.

Continue reading...

Saturday 23 June 2012

How to combine risk management process with agile software development? - Part 3

We've seen in my last post that it's possible to have agile development methods combined with a risk management process. To be compliant with ISO 14971 standard, a risk management plan that describes this process along iterations, has to be written. And a risk assessment report has to be created in iteration 0 and updated in every iteration, by following the risk management process like the one found in figure 1 or figure B.1 of ISO 14971 standard.

Continue reading...

Sunday 17 June 2012

How to combine risk management process with agile software development? - Part 2

This post is the continuation of the post of last week.
We've seen in that post that fixing bugs during software maintenance is like a small chunk of design, excepted that software specifications do not change. Therefore risk management process when fixing bugs is very close to risk management process during design, without the initial assessment of risks at the beginning of the software development cycle.

Continue reading...

Saturday 9 June 2012

How to combine risk management process with agile software development? - Part 1

This post comes after a series of three posts where I exposed my thoughts about development of software medical devices with agile methods.
These posts were focussed on software development. Risk management deserves its own series of posts. Here is the first of three.

Continue reading...

Saturday 2 June 2012

How to develop medical device software with agile methods? - Part 3

In my previous post, I explained how to adapt agile methods to IEC 62304. I finish this series of 3 posts with some advices about the organization of an iteration and the software development team.

Continue reading...

- page 1 of 2