The document discusses risk management best practices for developing life critical systems and medical devices. It defines key safety concepts like hazards, risks, and failures. It recommends performing risk analysis early in development using methods like FMEA. It also advocates for model-driven development practices like requirements management, system modeling, and automated document generation to improve safety, quality, and compliance. Success stories are provided of medical device companies using IBM Rational solutions to develop smarter and safer products.
Risk management in development of life critical systems
1. Kimberly Roberts-Cobb Industry Solution Executive IBM Software Group, Rational Tiger Team [email_address] Risk Management in Developing Life Critical Systems
2.
3. Life critical systems and devices are becoming instrumented, interconnected and intelligent, resulting in smarter devices Software, including artificial intelligence, monitors medical device data intake (e.g., physiological data) and sends alerts to caregivers. Chemical and biologic sensors monitor changes in patients’ vital signs and physiology. Micro-manipulation robotics and endoscopic imagery enable minimal invasive surgery. INSTRUMENTED INTERCONNECTED . INTELLIGENT And technological advances are enabling medical systems and devices to become smarter Wireless technologies such as Zigbee (low-power personal area network standard), Bluetooth, WiFi, cell phones, and RFID enable medical devices to communicate with caregivers, electronic medical records, and other devices. Wireless technologies support physiological telemetry systems that monitor patients in real-time Miniaturization in electro-mechanical components and electronics, including nanotechnology, enables devices to become portable, wearable and implantable. Passive, active, electromechanical and semi conductive sensors respond to patients’ physical changes (e.g., pressure, motion, thermal energy). Smart products transcend “one-size-fits-all” products enabling customers to get exactly what they want – tailored to their unique needs
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19. Model system use cases to understand and identify potential hazards and risks (generated from Rational Rhapsody) Best Practice 3: Model Driven Systems Engineering
20. Link requirements to use cases to ensure all uses are fully understood so hazards can be identified earlier (generated from Rational Rhapsody) Best Practice 3: Model Driven Systems Engineering
21. Produce Hazard and fault tables as part of your development and ongoing risk management process not “after the fact” (generated from Rational Rhapsody) Best Practice 3: Model Driven Systems Engineering
22. Link potential faults to requirements for clarity on requirements with hazard mitigations (generated from Rational Rhapsody) Best Practice 3: Model Driven Systems Engineering
23. Control Change for Quality Systems Good Manufacturing Practice Establish an integrated change process across the lifecycle Manage Portfolio & Product Priorities Develop Model-Driven System -> Software Collaboration, Process, Workflow Execute Tests Capture & manage requirements Configuration Management Integrate Suppliers Capture customer requests & market driven enhancements Mechanical Collaborate across Development Disciplines Electrical Software Best Practice 4: Integrated Change and Configuration Management Testing Eco-system Integrated Change Management
24.
25.
26.
27.
28.
29. The design and delivery of smart products is enabled by a collaborative solution that facilitates innovation while fostering visibility and integration to quantify hazards and risks Rational Workbench for Systems and Software Engineering Collaborate Improve Automate Collaborate across diverse engineering disciplines and development teams Achieve “quality by design” with an integrated, automated testing process Manage all system requirements with full traceability across the lifecycle Use modeling to validate requirements, architecture and design throughout the development process Rational Quality Manager Rational RRC/DOORS Rational Team Concert Rational Rhapsody
30. Rational Combined Portfolio in Action Industry’s most comprehensive offering System and Software Lifecycle Process Management Requirements Definition & Management Analysis & Design Quality Management Release Management Team Management Configuration & Change Mgmt Production / Operations Enterprise Architecture/ Architectural Frameworks Measurement & Reporting Product, Project & Portfolio Management
Therac-25 – radiation therapy machine in which patients were given massive overdoses of radiation that led to several patient deaths because of software not detecting a potential unsafe state.
Here are just a few examples of smart medical devices. Operating Room Navigation Systems such as Medtronics LandmarX Element pictured here track the location of surgical instruments in space during the procedure and display the images on the screen. Benefits include im proved procedure precision, reduced trauma to the surrounding healthy anatomy, and decreased healing time. Background: The LandmarX Element endoscopic image guidance system is designed for use in functional endoscopic sinus surgery. The system provides an automated software flow and navigation instruments with rotating arrays. http://www.devicelink.com/expo/awards/awards/index.php?catId=-1&year=-1 2. Implantable defibrillators constantly monitor the rate and rhythm of the heart and deliver an electric shock to restore the heart to a normal condition. Background: http://en.wikipedia.org/wiki/Implantable_cardioverter-defibrillator Smart infusion pumps deliver the precise dosages of medicine and help prevent medical errors. This picture shows the Cardinal Health Alaris System which can store libraries containing information for medication concentration and infusion rate for several hundred medications. The device can also monitor the respiratory system and read bar codes. Background: http://jerryfahrni.com/2009/06/cool-technology-for-pharmacy-6/ “ The Alaris® System by Cardinal Health is designed for infusions and patient monitoring. It helps protect the patient and clinician from consequences of medical errors and helps positively affect patient outcomes through continuous improvements in clinical practice. The point-of-care platform standardizes every type of infusion on a common user interface and adds respiratory monitoring and bar coding as needed. Also a state-of-the-art computer, it bridges the gap between IV and IT to help prevent harm and optimize care.”
The keys to building the right products for the right markets at the right time are -Automating the capture of ideas and collecting them in a central repository – this includes enhancement requests, technology needs, market inputs, competitive intelligence, market information, and other details like personas, customers, and win/loss reports. -Making selections of product features, requirements, capabilities based on value that it provides to the customer and to your organization – you should be maximizing both in order to achieve success -Take advantage of best practices from leading companies and leading product management methods and use a tool that supports them while giving you the flexibility to adapt them to fit your organization’s culture
Establish or improve discipline and governance in SW delivery: Emphasize practices, not processes; platforms, not tools. Architecture by design, not accident Automate software development and testing Enable and increase reuse Establish discipline and governance for requirements engineering across whole product and lifecycle: Provide requirements visibility across all engineering disciplines, across the whole product, not just in silos Manage complexity and change: Use models to drive systems engineering practice—incorporate visual modeling, model execution, joint realization, and systems modeling languages; model, understand and automate dependencies, traceability and impact analysis Manage, assess, and respond to change with control & governance across the entire product lifecycle
Manage cross-domain changes through a centralized requirements change management process Reduce the time to propagate changes throughout the entire design team Reduce discovering ‘missed’ changes late in the project Improve management of multiple engineering disciplines Increase visibility and communication Obtain a more complete impact analysis of changes – with cross-domain visibility Better manage schedules, time to market, costs and ROI Leverage existing investments in Software and Systems development platforms
Complexity of systems is forcing a shift from document based to model based systems, which are more capable of managing complexity via abstraction. The models then become the source – meaning specifications, interface requirements are generated from the models, test plans can be derived from models, analysis and design can be based on models From execute, break, fix; to manage, adapt, co-align From an analysis paradigm to a synthesis paradigm Managing risk aggressively is the essence of IBM Model Driven Systems Development.
Business today is very different than it was only ten years ago, and is continuing to change rapidly. A variety of forces are fundamentally changing the way business works. For example: All businesses are being changed by the Internet. Everyone and every business is connected in ways never before imagined. Businesses must transform to stay competitiveness, but the ability to manage that transformation can be very difficult. Business flexibility is easy to talk about but hard to accomplish. Globalization is changing who we buy from, who we sell to, what we make, and how we make it. It is changing the fundamental economics of every industry. Products must be increasingly differentiated to meet personal and local needs and tastes. Customers have gotten more demanding, as companies are able to deliver increasingly customized experiences. Regulatory compliance is increasing difficult, as companies sell to customers around the world and as new laws and regulations put the burden on companies to prove regulatory compliance or suffer harsh penalties.
Combined Portfolio for technical systems development
“
“ After about 15 minutes of spending with the auditor, he was just blown away on how effective the Rational tools were in terms of addressing all of his audit questions.” Donald Cunningham, Business Analyst at Waters Corporation. See: www.waters.com
“ We rely on Synergy and Change to manage the complexity of the software and to ensure that our global development teams operate as one, for the best result to our customers. This software from IBM is part of our livelihood; it's our DNA.” Toni Wells, President OEM Division, Merge Healthcare OEM Division President What is their business, their product? Merge Healthcare works with IBM Rational Software to create medical imaging solutions. Merge Healthcare's solutions solve mission-critical issues for radiology practices, outpatient imaging centers, hospitals, pharmaceutical companies and device manufacturers worldwide. This solution helps doctors improve efficiency and have more options when delivering patient care. The technology developed by Merge delivers digital medical images – such as x-rays, CT scans and MRIs – to Web-enabled devices, including laptops, smart phones and PDAs. The images are rendered on a server so that they are viewed through a Web browser – without requiring high bandwidths or any local storage. It therefore enables lower cost viewing platforms, does not drive up client-side storage costs, and alleviates HIPAA patient data privacy concerns when doctors review images remotely. Viewing digital images typically requires film, specialized systems, or computers with the capability of handling large downloads. These systems can be expensive to buy and maintain – limiting their distribution in a healthcare setting. Key challenges: Managing change – with support for their custom change process Compliance with FDA requirements Responsive OEM support Ability to build new products quickly by reusing software assets Use of IBM Rational Synergy and Change At Merge Healthcare, the Synergy and Change tools let Merge developers simplify the process of managing changes throughout the life of the application. Tracking and Managing Change; Meeting FDA compliance regulations: Toni and Peter Bascom, Vice President of Engineering at Merge Healthcare recently highlighted these points for a reporter (May, 2009) Synergy and Change specifically improve the traceability and quality of their processes. The integration between Rational products simplifies and streamlines their product development. With IBM Rational software Merge is able to track all defects and change requests that come in, while easily mapping between code and defect, which is critical in ensuring compliance with FDA requirements. Related Quotes from a previous eweek.com article: “ The task-based nature of the [Synergy] product is what was attractive to us,” Bascom said. The product made it easy for developers to see whether a change to the software had been made, and whether that change broke anything that needed to be fixed, he said Customizable Change Process Support: In addition, the tool was easily customizable for what Merge wanted to do. “ We didn’t have to change our process for it to work for us,” he said. “We could change the tool to fit what we wanted to do.” Time to market & Regulatory Compliance: Merge Healthcare provides OEM and End User solutions The tools, according to Bascom, enabled Merge to assure customers that the Cedara WebAccess technology not only meets their needs for getting products to end users in a fast and efficient fashion, but that the product also complies with the demands of the various federal regulations governing privacy and security. Software Reuse Merge is able to develop additional solutions quickly by reusing its existing software assets. Software reuse and component based development are additional capabilities supported well in IBM Rational Synergy and Change. IBM Account Contact: Martin Victorin/Denver/IBM IBM / Merge Press Releases and articles: 1) “IBM and Merge Healthcare Join Forces for Better Development of Advanced Medical Imaging Technology” - Dec 2008 http://www-03.ibm.com/press/us/en/pressrelease/26233.wss 2) IBM Smarter Products May 7 Press Release – Merge is included http://www-03.ibm.com/press/us/en/pressrelease/27449.wss ) 3) “Merge Uses IBM Rational Tools to Build Medical Imaging Software” Dec 9, 2008 http://www.eweek.com/c/a/Application-Development/Merge-Uses-IBM-Rational-Tools-to-Build-Medical-Imaging-Software/ . For additional information, visit www.merge.com.
It was at this point that the Electronics Industry client decided to invest in a new software development approach built around the best practices of IBM’s ALM solution. They installed new processes, tools and automation, which has enabled them to fundamentally transform their software development cost structure and improve business agility. The net result was a reduction in costs by ~ twenty one million dollars over 3 years and enhanced team collaboration, automation and reporting.