Skip to main content

Safety Critical Software Process Assessment: How MDevSPICE® Addresses the Challenge of Integrating Compliance and Capability

Part of the Communications in Computer and Information Science book series (CCIS,volume 526)

Abstract

One of the primary outcomes of a software process assessment is visibility of the capability of a software process which among other things, informs us of the ability of a process to deliver consistent product quality levels. In safety critical domains, such as the medical device sector, high product quality – and particularly high product safety - is an important consideration. To address this safety concern, the medical device sector traditionally employs audits to determine compliance to software process standards and guidance. Unlike an audit which results in a pass/fail outcome, an assessment provides a process capability profile which identifies areas for improvement and enables a comparison with broader best practice. MDevSPICE® integrates the various medical device software standards and guidance within the infrastructure of a SPICE assessment model, thus encompassing aspects of compliance and capability. This paper describes some of the key enablers of this integration.

Keywords

  • Safety critical software
  • Medical device software
  • Software process improvement
  • Software process assessment
  • MDevSPICE®

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-19860-6_2
  • Chapter length: 6 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   54.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-19860-6
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   69.99
Price excludes VAT (USA)

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Turk, D., France, R., Rumpe, B.: Limitations of agile software processes. In: Proceedings of Third International Conference on eXtreme Programming and Agile Processes in Software Engineering Italy (2002)

    Google Scholar 

  2. Clarke, P., O’Connor, R.V., Yilmaz, M.: A hierarchy of SPI activities for software SMEs: results from ISO/IEC 12207-based SPI assessments. In: Mas, A., Mesquida, A., Rout, T., O’Connor, R.V., Dorling, A. (eds.) SPICE 2012. CCIS, vol. 290, pp. 62–74. Springer, Heidelberg (2012)

    Google Scholar 

  3. European Commission: Directive 93/42/EEC of the European Parliament and of the Council concerning medical devices, in OJ o L 247 of 2007-09-21. EC, Brussels, Belgium (1993)

    Google Scholar 

  4. European Commission: Council directive 90/385/EEC on active implantable medical devices (AIMDD). Brussels, Belgium (1990)

    Google Scholar 

  5. European Commission: Directive 98/79/EC of the European parliament and of the council of 27 October 1998 on in vitro diagnostic medical devices. Brussels, Belgium (1998)

    Google Scholar 

  6. European Commission: Directive 2007/47/EC of the European Parliament and of the Council concerning medical devices, OJ no L247 2007-09-21. EC: Brussels, Belgium (2007)

    Google Scholar 

  7. FDA: Chapter I - Food and drug administration, department of health and human services subchapter H - Medical devices, Part 820 - Quality system regulation. http://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?CFRPart=820 (cited June 03, 2015)

  8. ISO 14971:2007, Medical Devices — Application of risk management to medical devices. ISO, Geneva (2007)

    Google Scholar 

  9. ISO 13485:2003, Medical devices — Quality management systems — Requirements for regulatory purposes. ISO, Geneva (2003)

    Google Scholar 

  10. IEC/TR 80002-1:2009, Medical device software Part 1: Guidance on the application of ISO 14971 to medical device software. BSI, London (2009)

    Google Scholar 

  11. IEC 62304:2006, Medical device software—Software life cycle processes. IEC, Geneva (2006)

    Google Scholar 

  12. IEC/TR 80002-3:2014, Medical Device Software - Part 3: Process reference model for medical device software life cycle processes (IEC 62304). ISO: Geneva, Switzerland (2014)

    Google Scholar 

  13. IEC 62366:2007, Medical devices - Application of usability engineering to medical devices. IEC, Geneva (2007)

    Google Scholar 

  14. BS EN 60601-1:2005 Medical electrical equipment – Part 1: General requirements for basic safety and essential performance. IEC, Geneva (2005)

    Google Scholar 

  15. IEC/CD 82304:2014, Health Software - Part 1: General Requirements for Product Safety. ISO, Geneva (2014)

    Google Scholar 

  16. US FDA Center for Devices and Radiological Health: Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices. CDRH, Rockville (2005)

    Google Scholar 

  17. US FDA Center for Devices and Radiological Health: Off-The-Shelf Software Use in Medical Devices; Guidance for Industry, medical device Reviewers and Compliance. CDRH, Rockville (1999)

    Google Scholar 

  18. US FDA Center for Devices and Radiological Health: General Principles of Software Validation; Final Guidance for Industry and FDA Staff. CDRH, Rockville (2002)

    Google Scholar 

  19. Lepmets, M., Clarke, P., McCaffery, F., Finnegan, A., Dorling, A.: Development of MDevSPICE® - the Medical Device Software Process Assessment Framework. Journal of Software: Evolution and Process (To appear)

    Google Scholar 

  20. FDA: FDA News on Software Failures Responsible for 24% of all Medical Device Recalls (2012). http://www.fdanews.com/newsletter/article?articleId=147391&issueId=15890 (cited June 03, 2015)

  21. Automotive SIG, Automotive SPICE Process Assessment V 2.2 (August 21, 2005)

    Google Scholar 

  22. McCaffery, F., Clarke, P., Lepmets, M.: A lightweight assessment method for medical device software processes. In: Mitasiunas, A., Rout, T., O’Connor, R.V., Dorling, A. (eds.) SPICE 2014. CCIS, vol. 477, pp. 144–156. Springer, Heidelberg (2014)

    Google Scholar 

  23. Clarke, P., O’Connor, R.V.: An approach to evaluating software process adaptation. In: O’Connor, R.V., Rout, T., McCaffery, F., Dorling, A. (eds.) SPICE 2011. CCIS, vol. 155, pp. 28–41. Springer, Heidelberg (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Paul Clarke .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Clarke, P., Lepmets, M., Dorling, A., McCaffery, F. (2015). Safety Critical Software Process Assessment: How MDevSPICE® Addresses the Challenge of Integrating Compliance and Capability. In: Rout, T., O’Connor, R., Dorling, A. (eds) Software Process Improvement and Capability Determination. SPICE 2015. Communications in Computer and Information Science, vol 526. Springer, Cham. https://doi.org/10.1007/978-3-319-19860-6_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-19860-6_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-19859-0

  • Online ISBN: 978-3-319-19860-6

  • eBook Packages: Computer ScienceComputer Science (R0)