To content | To menu | To search
Friday, 4 October 2024
By Mitch on Friday, 4 October 2024, 14:00 - Standards
A new standard is being drafted by the IEC. Its ID will be IEC 81001-5-2 and title: Health software and health IT systems safety, effectiveness and security – Part 5-2: Security Risk Management for Manufacturers.
Friday, 29 March 2024
By Mitch on Friday, 29 March 2024, 13:42 - Regulations
The IMDFR organization published in January 2024 a new document on Medical Device Software: Considerations for Device and Risk Characterization
Say briefly, this document is a gem!
Friday, 6 October 2023
By Mitch on Friday, 6 October 2023, 14:09 - Regulations
The final version of the FDA guidance titled "Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions was published the 27th September 2023.
Friday, 4 September 2020
By Mitch on Friday, 4 September 2020, 14:34 - Regulations
The FDA published in July the final version of the Guidance on Multiple Function Device Products. Despite the absence of the word "software" in the title, it addresses at first software medical devices. It also addresses hardware devices, but we will focus on software in this post.
Monday, 15 October 2018
By Mitch on Monday, 15 October 2018, 14:58 - Templates
Hi there! Long time no see once again. I dig up our series of posts on cybersecurity.
In this post I publish two new templates for cybersecurity risk management.
Friday, 6 July 2018
By Mitch on Friday, 6 July 2018, 13:41 - Processes
Usability is a requirement, which has been present in regulations since a long time. It stems from the assessment of user error as a hazardous situation. It is supported by the publication AAMI HE75 standard, FDA guidances, and the publication of IEC 62366 in 2008 followed by IEC 62366-1:2015. Although usability engineering is a requirement for the design of medical devices, most of people designing software are not familiar with this process. This article is an application of the process described in IEC 62366-1 to software design.
Friday, 5 February 2016
By Mitch on Friday, 5 February 2016, 13:45 - Regulations
The draft guidance about Design Considerations and Pre-market Submission Recommendations for Interoperable Medical Devices was published late January 2016.
Friday, 29 January 2016
By Mitch on Friday, 29 January 2016, 14:30 - Regulations
The FDA released one week ago a new draft guidance on Postmarket Management of Cybersecurity in Medical Devices.
This guidance is the sister of the guidance on Content of Premarket Submissions for Management of Cybersecurity in Medical Devices released in 2014. Both guidances address cybersecurity at different steps of software lifecycle: the 2014 guidance is about cybersecurity during design and development, the 2016 draft guidance is about cybersecurity during post-market surveillance.
Friday, 9 January 2015
By Mitch on Friday, 9 January 2015, 14:16 - Standards
The FDIS (final draft version) of IEC 62366-1 was released in November 2014. This version, also known as IEC 62366 2nd edition, is on the right track to be officially released in Q1 2015. It will supersede the IEC 62366:2007 + Amendment 1:2014.
Friday, 21 November 2014
By Mitch on Friday, 21 November 2014, 12:46 - Regulations
At last! The FDA has published last October a guidance about cybersecurity that matters!
Not that the guidance previously published about Off-the-shelf software cybersecurity wasn’t worth reading it (Guidance to Industry: Cybersecurity for Networked Medical Devices Containing Off-the-Shelf Software), but its scope was more than reduced.
Friday, 28 March 2014
By Mitch on Friday, 28 March 2014, 12:50 - Processes
We saw in the last post how to validate a software development tool. But we saw also that validating a compiler this way is not a satisfactory task.
Then: Why, when, and how to validate a compiler?
Friday, 14 March 2014
By Mitch on Friday, 14 March 2014, 13:26 - Processes
Validating the compiler used in software development is a recurring issue. To what extent a compiler should be validated, when, how and why?
In the same vein, we can extend the question of validation to all tools used in the software development environment: integrated development environment, configuration management tools, compiler (and linker), automated test tools.
Friday, 17 January 2014
By Mitch on Friday, 17 January 2014, 12:36 - Regulations
In the last article, we saw the concerns about the reliability of wireless connections and how to handle them.
Today, we are going to have a look at something quite important for mobile platforms: usability and humans factors engineering (HFE).
Friday, 4 October 2013
By Mitch on Friday, 4 October 2013, 13:24 - Templates
Risk matrixes are a useful way to show graphically the ranges in which risks are acceptable, tolerable and unacceptable. Here is an excel sheet that automates the computation of ranges.
Friday, 20 September 2013
By Mitch on Friday, 20 September 2013, 13:23 - Templates
Here is an update of Risk Management Plan and Risk Analysis Report templates.
Friday, 28 June 2013
By Mitch on Friday, 28 June 2013, 14:28 - Standards
This is today the last article of this series about SOUP.
SOUP is a concept that we find elsewhere than in the IEC 62304 standard. Namely in the FDA guidances.
Friday, 14 June 2013
By Mitch on Friday, 14 June 2013, 13:43 - Standards
After having discussed about open-source software in the last post, we continue today this series about SOUP with the case of standalone software.
Friday, 7 June 2013
By Mitch on Friday, 7 June 2013, 13:52 - Standards
After having discussed about frameworks and runtimes in the last article, we continue today this series about SOUP with the case of open-source software.
Friday, 31 May 2013
By Mitch on Friday, 31 May 2013, 15:06 - Standards
We saw in the first article of this series, what is a SOUP and what is not a SOUP, according to IEC 62304.
Then we continued in the second article by having a look at OS's and drivers.
Let's now see how to deal with runtimes.
Friday, 24 May 2013
By Mitch on Friday, 24 May 2013, 14:03 - Standards
We've seen in the last article, what is a SOUP and what is not a SOUP, according to IEC 62304.
We've also seen that a lot of 3rd party software are SOUPs, to begin with OS, drivers, runtimes, Just-In-Time (JIT) compilers and frameworks.
How to deal with those to be compliant with IEC 62304?
« previous entries - page 1 of 2
