Software in Medical Devices, by MD101 Consulting

To content | To menu | To search

Friday, 11 November 2022

Computer Software Assurance for Production and Quality System Software

That's a bit like a new album of your favorite group. You've been waiting it for years. At last, it's been released! Are you going to be be impressed or disappointed?
The draft FDA guidance on Computer Software Assurance [CSA] for Production and Quality System Software has been published in September 2022. At last!

Continue reading...

Friday, 15 May 2020

Software release vs design transfer

A recurring question is the confusion, or more precisely the difference between software release of IEC 62304, and design transfer of ISO 13485.

Continue reading...

Saturday, 9 November 2019

Eudamed Software Development LifeCycle

This is the Eudamed Software Development LifeCycle.

Eudamed Software Development Lifecycle.png, Nov 2019


Welcome to the world of software engineering, Eudamed!

Friday, 6 July 2018

IEC 62366-1 and Usability engineering for software

Usability is a requirement, which has been present in regulations since a long time. It stems from the assessment of user error as a hazardous situation. It is supported by the publication AAMI HE75 standard, FDA guidances, and the publication of IEC 62366 in 2008 followed by IEC 62366-1:2015. Although usability engineering is a requirement for the design of medical devices, most of people designing software are not familiar with this process. This article is an application of the process described in IEC 62366-1 to software design.

Continue reading...

Friday, 1 July 2016

How to validate software development tools like Jira or Redmine?

Following the discussion on ISO/TR 80002-2 and AAMI TRI 36 in the previous article, here are some tips on how to validate workflow and data management software like Jira or Redmine.

Continue reading...

Friday, 19 June 2015

Validation of software used in production and QMS - Part 1 introduction

Validation of software is an unlimited source of topics!
After discussing in a previous article the validation of software in development process, let's see how to validate software used in production processes and in the management of QMS documents and records.

Continue reading...

Friday, 11 April 2014

Validation of compiler and IDE - Why, when and how to? - Part 3

Coming back to the discussion about validating compilers and IDE, here are a few more comments I have on this topic.

Continue reading...

Friday, 28 March 2014

Validation of compiler and IDE - Why, when and how to? - Part 2: compilers

We saw in the last post how to validate a software development tool. But we saw also that validating a compiler this way is not a satisfactory task.
Then: Why, when, and how to validate a compiler?

Continue reading...

Friday, 14 March 2014

Validation of compiler and IDE - Why, when and how to? - Part 1

Validating the compiler used in software development is a recurring issue. To what extent a compiler should be validated, when, how and why?
In the same vein, we can extend the question of validation to all tools used in the software development environment: integrated development environment, configuration management tools, compiler (and linker), automated test tools.

Continue reading...

Friday, 28 February 2014

Goto Fail

If you've haven't heard about Apple's security flaw registered as CVE-2014-1266 on apple website, you probably were on planet Mars.
Basically, it was unsafe to use https connections. I couldn't help but write an article about this!
Components dealing with secured connections are abolutely critical. Applying rigorous development process is the best chance to avoid any trouble with these components.

Continue reading...

Friday, 25 October 2013

Testing is overrated

Software testing is the keystone of bugs discovery. Most of software engineers and project managers think this assertion is true!

Continue reading...

Friday, 11 October 2013

How to validate a software medical device running on web browsers?

Your company develops medical web apps (HTML/JS, HTML5 or any other client-side technology) and your customers would like them to run on every web browser.

Web browsers are SOUP, according to IEC 62304. In case of Chrome and Firefox there are dozens of versions...

Does it mean that software has to be tested - and documented - with every single browser and every single version of the browser?
That's a nightmare!

Continue reading...

Friday, 14 December 2012

En route to Software Verification: one goal, many methods - part 3

In my last post, I explained the benefits of static analysis. This software verification method is mainly relevant to find bugs in mission critical software. But it fits the need of bug-free software for less critical software as well.
Static analysis can be seen as an achievement in the implementation of software verification methods. Yet, other methods exists that fit very specific purposes.

Continue reading...

Friday, 7 December 2012

En route to Software Verification: one goal, many methods - part 2

In my last article, I talked about the most classical methods used to verify software: human testing (driven by test cases or not) and unit tests. I was about to talk about static analysis, that I place at a higher level of complexity in the list of verification methods, but I have to say a bit more about unit tests.

Continue reading...

Friday, 30 November 2012

En route to Software Verification: one goal, many methods - part 1

Software verification is easy to define: to demonstrate that software works as it was specified (and without bugs!). But there's not a unique way to do it.
Let's see what methods we have in hands to verify software.

Continue reading...

Friday, 16 November 2012

V&V: verification & validation, doing it right.

Writing about V&V in two previous posts, I had a lot of comments from people on a well-known social network. They made corrections to my view of V&V and brought their own definitions.
Here is an excerpt of their comments.

Continue reading...

Friday, 2 November 2012

What is software validation?

Following the article about software verification, let's see what software validation is.

Continue reading...

Friday, 26 October 2012

What is software verification?

Many people make the confusion between verification and validation. There is no exception for software! I'd even say that the confusion is even worse for standalone software.

Let's see first the definition of verification and validation. I borrowed these definitions from the FDA website:

  • Verification is confirming that design output meets the design input requirements,
  • Validation is ensuring that the device conforms to defined user needs and intended uses.

OK, this remains theoretical. How to do that with software medical devices?
In this article I focus on verification and will focus on validation in the next article: What is software validation.

Continue reading...

Friday, 31 August 2012

The concept of continuous certification: get rid of the Big Freeze

Safety critical software always face the big freeze before certification.
This happens because watefall model is the prefered software development cycle for safety critical software. Thus you can't change anything if you're in qualification phase for certification.
To be more flexible, some smart people created the concept of continuous certification. The purpose of continuous certification is to apply the principles of agile methods to safety critical software development.

Continue reading...

Friday, 6 July 2012

Class C software and agile methods

Are agile methods compatible with the constraints of development set by IEC 62304 standard of class C software?
After a series of three posts about agile methods and risks analysis. I focus in this post on IEC 62304 class C critical software.

Continue reading...

- page 1 of 2