Envisioning a Requirements Specification Template for Medical Device Software

  • Hao Wang
  • Yihai Chen
  • Ridha Khedri
  • Alan Wassyng
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8892)


In many health jurisdictions, software is considered to be medical device software (MDS), when it is used to analyze patient data in order to render a diagnosis or monitor the patient’s health; when it is to be used by a patient to diagnose an ailment; or when it is used to deliver functionality for a medical device. Flaws in MDS can result in patient harm, including death. Legislators and regulatory agencies publish guidelines and regulatory standards that are aimed at ensuring the safety, security and dependability of MDS. These guidelines and standards universally agree that a complete and consistent requirement specification is vital to the success of medical device software. Moreover, we observe that regulators are shifting from being process focused to being product focused in their approval guidance. In this paper, we review challenges associated with requirements used in the development of MDS, current standards and guidelines relevant to MDS, and existing templates for requirement specifications. We then propose a set of design objectives for a ‘good’ MDS requirements template and propose a template structure for MDS requirement specification fulfilling all the design objectives. Our template is, by design, tailored to facilitate the gathering and documenting of high quality requirements for MDS.


Medical Device Security Requirement International Electrotechnical Commission Fault Tree Analysis Implantable Medical Device 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Model (September 2012),
  2. 2.
    Ahmadi, M.: Requirements Documentation for Manufacturing Systems: Template and Management Tool. Master’s thesis, McMaster University (September 2006)Google Scholar
  3. 3.
    Ahmadi, M., Tounsi, N., Khedri, R., Chen, Y., Wang, H., Huang, M.: SMART II. A Tool for the Documentation of Software Requirements Specification (August 2014), (Available for download under the GNU General Public License)
  4. 4.
    Alspaugh, T.A., Faulk, S.R., Britton, K.H., Parker, R.A., Parnas, D.L.: Software Requirements for the A-7E Aircraft. Tech. rep., Naval Research Lab (1992)Google Scholar
  5. 5.
    Chen, Y., Lawford, M., Wang, H., Wassyng, A.: Insulin Pump Software Certification. In: Gibbons, J., MacCaull, W. (eds.) FHIES 2013. LNCS, vol. 8315, pp. 87–106. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  6. 6.
    Dooren, J.C.: FDA Sees Increasing Number Of Insulin Pump Problems. Wall Street Journal (March 2010),
  7. 7.
    Ericson, C.A.: Hazard Analysis Techniques for System Safety. Wiley-Interscience (2005)Google Scholar
  8. 8.
    European Co-ordination of Notified Bodies Medical Devices: European NB-MED Recommendation 2.2 on Council Directives 90/385/EEC, 93/42/EEC and 98/79/EC (June 2001)Google Scholar
  9. 9.
    European Cooperation for Space Standardisation: ECSS-E-ST-40C: Standard on Space Engineering – Software general requirements (2009)Google Scholar
  10. 10.
    Faris, T.H.: Safe and Sound Software: Creating an Efficient and Effective Quality System for Software Medical Device Organizations. ASQ Quality Press (2006)Google Scholar
  11. 11.
    Giakoumakis, E., Xylomenos, G.: Evaluation and Selection Criteria for Software Requirements Specification Standards. Software Engineering Journal 11(5), 307–319 (1996)CrossRefGoogle Scholar
  12. 12.
    Halperin, D., Kohno, T., Heydt-Benjamin, T.S., Fu, K., Maisel, W.H.: Security and Privacy for Implantable Medical Devices. IEEE Pervasive Computing 7(1), 30–39 (2008)CrossRefGoogle Scholar
  13. 13.
    IEC 62304: Medical Device Software – Software Life Cycle Processes (May 2006)Google Scholar
  14. 14.
    IEC 62443: Industrial communication networks–Network and system securityGoogle Scholar
  15. 15.
    IEEE Standard: IEEE Recommended Practice for Software Requirements Specifications. IEEE Std 830-1998 (June 1998)Google Scholar
  16. 16.
    Institute of Medicine: Medical Devices and the Public’s Health: The FDA 510(k) Clearance Process at 35 Years. The National Academies Press (2011)Google Scholar
  17. 17.
    ISO 14971:2007: Medical devices – Application of Risk Management to Medical Devices (2007)Google Scholar
  18. 18.
    ISO/IEC Guide 51:1999: Safety aspects – Guidelines for their inclusion in standards (1999)Google Scholar
  19. 19.
    Jaskolka, J., Khedri, R., Zhang, Q.: Endowing Concurrent Kleene Algebra with Communication Actions. In: Höfner, P., Jipsen, P., Kahl, W., Müller, M.E. (eds.) RAMiCS 2014. LNCS, vol. 8428, pp. 19–36. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  20. 20.
    Lai, L.: Requirements Documentation for Engineering Mechanics Software. Master’s thesis, McMaster University (2004)Google Scholar
  21. 21.
    Leveson, N.: Engineering a Safer World: Applying Systems Thinking to Safety. MIT Press (2012)Google Scholar
  22. 22.
    Networking and Information Technology Research and Development Program (NITRD): High-Confidence Medical Devices: Cyber-Physical Systems for 21st Century Health Care. Tech. rep. (2009)Google Scholar
  23. 23.
    Robertson, J., Robertson, S.: Volere Requirements Specification Template (August 2007)Google Scholar
  24. 24.
    Robertson, J.: The trials of a diabetic hacker. Bloomberg Businessweek (February 2012),
  25. 25.
    Singh, N.K., Wang, H., Lawford, M., Maibaum, T.S.E., Wassyng, A.: Formalizing the Glucose Homeostasis Mechanism. In: Duffy, V.G. (ed.) DHM 2014. LNCS, vol. 8529, pp. 460–471. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  26. 26.
    The Council Of The European Communities: Council Directive 93/42/EEC concerning medical devices (June 1993)Google Scholar
  27. 27.
    U.S. Federal Aviation Administration: DOT/FAA/AR-08/32. Requirements Engineering Management Handbook (June 2009)Google Scholar
  28. 28.
    U.S. Food and Drug Administration: Manufacturer and User Facility Device Experience Database,
  29. 29.
    U.S. Food and Drug Administration: Recognized Consensus Standards Database,
  30. 30.
    U.S. Food and Drug Administration: Guidance for Industry and for FDA Staff: Use of Standards in Substantial Equivalence Determinations (March 2000)Google Scholar
  31. 31.
    U.S. Food and Drug Administration: General Principles of Software Validation; Final Guidance for Industry and FDA Staff (January 2002)Google Scholar
  32. 32.
    U.S. Food and Drug Administration: Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices (May 2005)Google Scholar
  33. 33.
    Vogel, D.A.: Medical Device Software Verification, Validation, and Compliance. Artech House (2011)Google Scholar
  34. 34.
    Weiss, K., Leveson, N., Lundqvist, K., Farid, N., Stringfellow, M.: An Analysis of Causation in Aerospace Accidents. In: DASC 2001: The 20th Conference on Digital Avionics Systems, vol. 1, pp. 4A3/1–4A3/12 (2001)Google Scholar
  35. 35.
    Wiegers, K.E., Beatty, J.: Software Requirements, 3rd edn. (August 2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Hao Wang
    • 1
  • Yihai Chen
    • 2
  • Ridha Khedri
    • 3
  • Alan Wassyng
    • 4
  1. 1.Faculty of Engineering and ScienceAalesund University CollegeNorway
  2. 2.School of Computer Engineering and ScienceShanghai UniversityChina
  3. 3.Department of Computing and SoftwareMcMaster UniversityCanada
  4. 4.McMaster Centre for Software Certification (McSCert)McMaster UniversityCanada

Personalised recommendations