Friday 11 November 2022
By Mitch on Friday 11 November 2022, 13:24
That's a bit like a new album of your favorite group. You've been waiting it for years. At last, it's been released! Are you going to be be impressed or disappointed?
The draft FDA guidance on Computer Software Assurance [CSA] for Production and Quality System Software has been published in September 2022. At last!
Friday 15 May 2020
By Mitch on Friday 15 May 2020, 14:00
A recurring question is the confusion, or more precisely the difference between software release of IEC 62304, and design transfer of ISO 13485.
Saturday 9 November 2019
By Mitch on Saturday 9 November 2019, 20:38
This is the Eudamed Software Development LifeCycle.
Welcome to the world of software engineering, Eudamed!
Friday 6 July 2018
By Mitch on Friday 6 July 2018, 13:41
Usability is a requirement, which has been present in regulations since a long time. It stems from the assessment of user error as a hazardous situation. It is supported by the publication AAMI HE75 standard, FDA guidances, and the publication of IEC 62366 in 2008 followed by IEC 62366-1:2015.
Although usability engineering is a requirement for the design of medical devices, most of people designing software are not familiar with this process. This article is an application of the process described in IEC 62366-1 to software design.
Friday 1 July 2016
By Mitch on Friday 1 July 2016, 13:22
Following the discussion on ISO/TR 80002-2 and AAMI TRI 36 in the previous article, here are some tips on how to validate workflow and data management software like Jira or Redmine.
Friday 19 June 2015
By Mitch on Friday 19 June 2015, 12:34
Validation of software is an unlimited source of topics!
After discussing in a previous article the validation of software in development process, let's see how to validate software used in production processes and in the management of QMS documents and records.
Friday 11 April 2014
By Mitch on Friday 11 April 2014, 13:27
Coming back to the discussion about validating compilers and IDE, here are a few more comments I have on this topic.
Friday 28 March 2014
By Mitch on Friday 28 March 2014, 12:50
We saw in the last post how to validate a software development tool. But we saw also that validating a compiler this way is not a satisfactory task.
Then: Why, when, and how to validate a compiler?
Friday 14 March 2014
By Mitch on Friday 14 March 2014, 13:26
Validating the compiler used in software development is a recurring issue. To what extent a compiler should be validated, when, how and why?
In the same vein, we can extend the question of validation to all tools used in the software development environment: integrated development environment, configuration management tools, compiler (and linker), automated test tools.
Friday 28 February 2014
By Mitch on Friday 28 February 2014, 13:49
If you've haven't heard about Apple's security flaw registered as CVE-2014-1266 on apple website, you probably were on planet Mars.
Basically, it was unsafe to use https connections. I couldn't help but write an article about this!
Components dealing with secured connections are abolutely critical. Applying rigorous development process is the best chance to avoid any trouble with these components.
Friday 25 October 2013
By Mitch on Friday 25 October 2013, 19:05
Software testing is the keystone of bugs discovery. Most of software engineers and project managers think this assertion is true!
Friday 11 October 2013
By Mitch on Friday 11 October 2013, 14:08
Your company develops medical web apps (HTML/JS, HTML5 or any other client-side technology) and your customers would like them to run on every web browser.
Web browsers are SOUP, according to IEC 62304. In case of Chrome and Firefox there are dozens of versions...
Does it mean that software has to be tested - and documented - with every single browser and every single version of the browser?
That's a nightmare!
Friday 14 December 2012
By Mitch on Friday 14 December 2012, 12:35
In my last post, I explained the benefits of static analysis. This software verification method is mainly relevant to find bugs in mission critical software. But it fits the need of bug-free software for less critical software as well.
Static analysis can be seen as an achievement in the implementation of software verification methods. Yet, other methods exists that fit very specific purposes.
Friday 7 December 2012
By Mitch on Friday 7 December 2012, 12:45
In my last article, I talked about the most classical methods used to verify software: human testing (driven by test cases or not) and unit tests. I was about to talk about static analysis, that I place at a higher level of complexity in the list of verification methods, but I have to say a bit more about unit tests.
Friday 30 November 2012
By Mitch on Friday 30 November 2012, 12:06
Software verification is easy to define: to demonstrate that software works as it was specified (and without bugs!). But there's not a unique way to do it.
Let's see what methods we have in hands to verify software.
Friday 16 November 2012
By Mitch on Friday 16 November 2012, 12:34
Writing about V&V in two previous posts, I had a lot of comments from people on a well-known social network. They made corrections to my view of V&V and brought their own definitions.
Here is an excerpt of their comments.
Friday 2 November 2012
By Mitch on Friday 2 November 2012, 14:11
Following the article about software verification, let's see what software validation is.
Friday 26 October 2012
By Mitch on Friday 26 October 2012, 14:09
Many people make the confusion between verification and validation. There is no exception for software! I'd even say that the confusion is even worse for standalone software.
Let's see first the definition of verification and validation. I borrowed these definitions from the FDA website:
- Verification is confirming that design output meets the design input requirements,
- Validation is ensuring that the device conforms to defined user needs and intended uses.
OK, this remains theoretical. How to do that with software medical devices?
In this article I focus on verification and will focus on validation in the next article: What is software validation.
Friday 31 August 2012
By Mitch on Friday 31 August 2012, 16:47
Safety critical software always face the big freeze before certification.
This happens because watefall model is the prefered software development cycle for safety critical software. Thus you can't change anything if you're in qualification phase for certification.
To be more flexible, some smart people created the concept of continuous certification. The purpose of continuous certification is to apply the principles of agile methods to safety critical software development.
Friday 6 July 2012
By Mitch on Friday 6 July 2012, 13:17
Are agile methods compatible with the constraints of development set by IEC
62304 standard of class C software?
series of three posts about agile methods and risks analysis. I focus in
this post on IEC 62304 class C critical software.