Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Static Analysis and the FDA Guidance for Medical Device Software

1 680 vues

Publié le

This presentation explores how adopting MISRA software development standards can help overcome the challenges associated with FDA compliance.

Publié dans : Technologie
  • Soyez le premier à commenter

Static Analysis and the FDA Guidance for Medical Device Software

  1. 1. Parasoft Proprietary and Confidential 1 2014-10-09 Static Analysis and the FDA Guidance for Medical Device Software Investigating the Application of MISRA Jason Schadewald, Product Manager
  2. 2. Parasoft Proprietary and Confidential 2Parasoft Proprietary and Confidential 2 About Parasoft World Renowned for Automated Defect Prevention 27 Yrs Founded in 1987 Highly Focused Privately held No debt, No VCs >2,500 Customers worldwide 27 Years of profitable growth Years of innovation and customer value Patents associated with software quality28
  3. 3. Parasoft Proprietary and Confidential 3Parasoft Proprietary and Confidential 3 FDA Compliance  General Principles of Software Validation; Guidance for Industry and FDA Staff  http://www.fda.gov/RegulatoryInformation/Guida nces/ucm126954.htm  8% of medical device recalls due to software failures  80% caused by defects introduced following changes  Compliance with FDA becoming increasingly rigorous
  4. 4. Parasoft Proprietary and Confidential 4Parasoft Proprietary and Confidential 4 FDA Software Development Guidelines FDA guidelines cover well understood software development best practices FDA guidelines define principles and practices that should be performed but not specific requirements • FDA defines ‘what’ not ‘how’ • “Least burdensome approach” Processes are defined by the Company and must follow the guidelines • Every company has it’s own defined processes FDA Approves process and Audits compliance to process • Process cannot change (without re-approval by the FDA) Archived reports for future Audits are critical
  5. 5. Parasoft Proprietary and Confidential 5Parasoft Proprietary and Confidential 5 Core FDA Concepts Requirements must be defined Software Validation and Defect Prevention Traceability • from Requirements to Tests • from Requirements to Source Code Defined procedures for validation of definitions • Requirements, Design and Test Procedure for managing the project lifecycle
  6. 6. Parasoft Proprietary and Confidential 6Parasoft Proprietary and Confidential 6 FDA on Static Analysis 3.1.2 “Software testing is one of many verification activities intended to confirm that software development output meets its input requirements. Other verification activities include various static and dynamic analyses, code and document inspections, walkthroughs, and other techniques.” 5.2.4 “Source code should be evaluated to verify its compliance with specified coding guidelines.”
  7. 7. Parasoft Proprietary and Confidential 7Parasoft Proprietary and Confidential 7 MISRA Mission Statement: “To provide assistance to the automotive industry in the application and creation within vehicle systems of safe and reliable software.”
  8. 8. Parasoft Proprietary and Confidential 8Parasoft Proprietary and Confidential 8 Why MISRA for Medical?  Coding Standards  Well-defined  Updated  Flexible  Deviation Strategy  Auditable  Why not?
  9. 9. Parasoft Proprietary and Confidential 9Parasoft Proprietary and Confidential 9 Valuable MISRA Features Accounting for language versions (C90 vs C99) Directives and Rules classification Decidability and Scope Mandatory, Required, and Advisory categories
  10. 10. Parasoft Proprietary and Confidential 10Parasoft Proprietary and Confidential 10 Deviate Responsibly “A Specific Deviation is used when a MISRA C guideline is deviated for a single instance in a single file.” – Section 5.4  Which guideline  Scope  Justification  Safety assurance  Consequences and Mitigations
  11. 11. Parasoft Proprietary and Confidential 11Parasoft Proprietary and Confidential 11 Deviations Done Right Rule 16.3 - “An unconditional break statement shall terminate every switch clause” Guideline deviated Scope Justification and Safety Assurance Consequences, Mitigations, Additional Details
  12. 12. Parasoft Proprietary and Confidential 12Parasoft Proprietary and Confidential 12 FDA/MISRA Alignment FDA Guideline MISRA Capability “Least burdensome approach” Lightweight and flexible Company defines standards Proven standards pre-packaged Work must be traceable Provides traceability methodology Process must be auditable Defines auditable reports
  13. 13. Parasoft Proprietary and Confidential 13Parasoft Proprietary and Confidential 13 Other Standards DIY DO-178 IEC 62304 Effective C++ CWE