Software Quality Journal

, Volume 22, Issue 3, pp 469–497 | Cite as

A case study on software risk analysis and planning in medical device development

  • Christin Lindholm
  • Jesper Pedersen Notander
  • Martin Höst


Software failures in medical devices can lead to catastrophic situations. Therefore, it is crucial to handle software-related risks when developing medical devices, and there is a need for further analysis of how this type of risk management should be conducted. The objective of this paper is to collect and summarise experiences from conducting risk management with an organisation developing medical devices. Specific focus is put on the first steps of the risk management process, i.e. risk identification, risk analysis, and risk planning. The research is conducted as action research, with the aim of analysing and giving input to the organisation’s introduction of a software risk management process. First, the method was defined based on already available methods and then used. The defined method focuses on user risks, based on scenarios describing the expected use of the medical device in its target environment. During the use of the method, different stakeholders, including intended users, were involved. Results from the case study show that there are challenging problems in the risk management process with respect to definition of the system boundary and system context, the use of scenarios as input to the risk identification, estimation of detectability during risk analysis, and action proposals during risk planning. It can be concluded that the risk management method has potential to be used in the development organisation, although future research is needed with respect to, for example, context limitation and how to allow for flexible updates of the product.


Risk management Risk analysis Risk planning Software development Medical device development 



The authors would like to gratefully acknowledge the persons involved in this case study. The authors would also like to acknowledge Gyllenstiernska Krapperup-stiftelsen for funding the research studies of Christin Lindholm. This work was also partly funded by The Swedish Foundation for Strategic Research under a grant to Lund University for ENGROSS-ENabling GROwing Software Systems. Prof. Boris Magnusson is acknowledged for the support in the study and the writing of this paper.


  1. Boehm, B. (1991). Software risk management: Principles and practices. IEEE Software, 8(1), 32–41.CrossRefGoogle Scholar
  2. Bovee, M. W., Paul, D. L., & Nelson, K. M. (2001). A framework for assessing the use of third-party software quality assurance standards to meet FDA medical device software process control guidelines. IEEE Transactions on Engineering Management, 48(4), 465–478.CrossRefGoogle Scholar
  3. Charette, R. N. (1989). Software engineering risk analysis and management. New York: Intertext.Google Scholar
  4. Chiozza, M. L., & Ponzetti, C. (2009). FMEA: A model for reducing medical errors. Clinica Chimia Acta, 404(1), 75–78.CrossRefGoogle Scholar
  5. Commission of the European Communities (1993). Council Directive 93/42/EEC EEC.Google Scholar
  6. Crouhy, M., Galai, D., & Mark, R. (2006). The essentials of risk management. Maidenherd: McGraw-Hill.Google Scholar
  7. Dey, P. K., Kinch, J., & Ogunlana, S. O. (2007). Managing risk in software development projects a case study. Industrial Management and Data Systems, 107, 284–303.CrossRefGoogle Scholar
  8. Dhillon, B. S. (2000). Medical device reliability and associated areas. Boca Raton: CRC press Taylor & Francis Group.CrossRefGoogle Scholar
  9. Dhillon, B. S. (2008). Reliability technology, human error and quality in health care. Boca Raton: CRC press, Taylor & Francis Group.CrossRefGoogle Scholar
  10. Fairley, R. E. (2005). Software risk management. IEEE Software, May/June, p. 101, 2005.Google Scholar
  11. FDA (1996). Do it by design: An introduction to human factors in medical devices.Google Scholar
  12. FDA (2000). Medical Devise Use-Safety: Incorporating Human factors Engineering into Risk Management.Google Scholar
  13. FDA (2005). Food, Drug and Cosmetic Act section 201(h).Google Scholar
  14. Gall, H. (2008). Functional Safety IEC 61508/IEC 61511. The Impact to Certification and the User, IEEE International Conference on Computer Systems and Applications.Google Scholar
  15. Garde, S., & Knaup, P. (2006). Requirements engineering in health care: the example of chemotherapy planning in paediatric oncology. Requirements Engineering, 11(4), 265–278.CrossRefGoogle Scholar
  16. Habraken, M. M. P., Van der Schaal, T. W., Leistikow, I. P., & Reijnders-Thijssen, P. M. J. (2009). Prospective risk analysis of health care processes: A systematic evaluation of the use of HFMEA in Dutch health care. Ergonomics, 52, 809–819.CrossRefGoogle Scholar
  17. Hall, E. M. (1998). Managing risk: Methods for software systems development. Reading: Addison Wesley.Google Scholar
  18. Hegde, V. (2011). Case study: Risk management for medical devices. In Proceedings of reliability and maintainability symposium (RAMS), Lake Buena Vista, Florida, USA.Google Scholar
  19. Jones, C. (1994). Assessment and control of software risks. Englewood: Prentice-Hall.Google Scholar
  20. Leveson, N. G. (1995). Safeware: System safety and computers. Reading: Addison-Wesley.Google Scholar
  21. Leveson, N. G. (2011). Engineering a safer world: Systems thinking applied to safety, engineering systems. Cambridge: MIT Press.Google Scholar
  22. Leveson, N. G., & Turner, C. (1993). An investigation of the Therac-25 accidents. IEEE Computer, 26, 18–41.CrossRefGoogle Scholar
  23. Linberg, K. R. (1993). Defining the role of software quality assurance in a medical device company. In Proceeding of 6th annual IEEE symposium on compute-based medical systems, pp 278–283.Google Scholar
  24. Lindholm, C., Pedersen Notander, J., & Höst M. (2012). A case study on software risk analysis in medical device development, In Proceeding of 4th software quality days 2012, Vienna, Austria.Google Scholar
  25. McCaffery, F., McFall, D., Donnelly, P., Wilkie F. G., & Steritt, R. (2005). A software process improvement lifecycle framework for the medical device industry. In Proceeding of 12th IEEE international conference and workshops of the engineering of computer-based systems (ECBS′05), pp. 273–280.Google Scholar
  26. McCaffery F., Burton J., & Richardson I. (2009). Improving software risk management in a medical device company. In Proceedings of international conference on software engineering (ICSE), Vancouver, Canada.Google Scholar
  27. McCaffery, F., Burton, J., & Richardson, I. (2010). Risk management capability model for the development of medical device software. Software Quality Journal, 18, 81–107.CrossRefGoogle Scholar
  28. Rakitin, S. R. (2006). Coping with defective software in medical devices. IEEE Computer, 39(4), 40–45.CrossRefGoogle Scholar
  29. Reason, J. (1990). Human error. Cambridge: Cambridge University Press.CrossRefGoogle Scholar
  30. Robson, C. (2002). Real world research (2nd ed.). Oxford, UK: Blackwell Publishers.Google Scholar
  31. Runeson, P., & Höst, M. (2009). Guidelines for conducting and reporting case study research in software engineering. Empirical Software Engineering, 14(2), 131–164.CrossRefGoogle Scholar
  32. Sayre K., Kenner J., & Jones P. (2001). Safety models: an analytical tool for risk analysis of medical device systems. In Proceedings of 14th IEEE symposium on computer-based medical systems (CMBS’01), Maryland, USA.Google Scholar
  33. Schmuland, C. (2005). Value-added medical-device risk management. IEEE Transactions on Device and Materials Reliability, 5(3), 488–493.CrossRefGoogle Scholar
  34. Schneider, P., & Hines, M.L.A. (1990). Classification of Medical Software. In Proceedings of the IEEE symposium on applied computing, pp 20–27.Google Scholar
  35. Sommerville, I. (2007). Software engineering (8th ed.). Readings: Addison Wesley.zbMATHGoogle Scholar
  36. Svensson Fors D., Magnusson B., Gestegård Robertz S., Hedin G., & Nilsson-Nyman E. (2009). Ad-hoc composition of pervasive services in the PalCom architecture. In Proceedings of the ACM international conference on pervasive services (ICPS’09), pp 83–92.Google Scholar
  37. Vishnuvajjala, R.V., Subramaniam, S., Tsai, W.T., Elliot, L., & Mojedehbaksh, R. (1996). Run-time assertion schemes for safety-critical systems. In Proceedings of the 9th IEEE symposium on computer-based medical systems, pp 18–23.Google Scholar
  38. Walsh, T., & Beatty, P. C. W. (2002). Human factors error and patient monitoring. Physiological Measurement, 23(3), 111–132.CrossRefGoogle Scholar
  39. Xiuxu, Z., & Xiaoli, B. (2010). The application of FMEA method in the risk management of medical devices during the lifecycle. In Proceedings of 2nd international conference on e-business and information system security (EBISS), China.Google Scholar
  40. Yin, R. K. (2003). Case study research: Design and methods (3rd ed.). Beverly Hills: Sage.Google Scholar

Copyright information

© Springer Science+Business Media New York 2013

Authors and Affiliations

  • Christin Lindholm
    • 1
  • Jesper Pedersen Notander
    • 1
  • Martin Höst
    • 1
  1. 1.Software Engineering Research Group, Department of Computer Science, Faculty of EngineeringLund UniversityLundSweden

Personalised recommendations