Feature Article

Developing Medical Device Software to IEC 62304


Posted in Medical Software by Brian Buntz on June 1, 2010

Medical software design standard IEC 62304 has just come into force. This article describes how it will impact the software development process for medical device manufacturers.


Standards for medical device design
Until recently, safety regulations for medical device software, at least formally, were not exceptionally rigorous across the board. In addition, software was not formally classified as a medical product by the Medical Devices Directive. This has now changed. A new regime is in force governing all medical device software development for all classes of device.
 
Previous software safety standards were best suited to medical devices with low levels of risk, as opposed to products where software failure could be extremely serious and result in death. As more electronic products have become dependent on embedded software, the focus has shifted to the reliability of software systems within the devices and the associated risks at all levels of usage. As a result, the new EN/IEC 62304 standard has emerged as a global benchmark for management of the software development lifecycle (Figure 1).
 
Risk analysis for hardware and software design
Medical product designers have used risk management techniques to help reduce the risks associated with device hardware. BS/EN/ISO 14971 has traditionally been adopted as the base standard for risk management for medical devices. The 2007 version of this standard is considerably extended from its previous version, and the techniques described are now intended to be applied to both software and hardware systems.
 
The approach that should be taken is to consider the risks posed by the medical device as a whole, before the software/hardware split has been decided. Hardware risk analysis can then run alongside software risk analysis to define the required safety systems for the device.
 
A harmonised standard
Figure 1: How IEC 62304 fits into the compliance process and its relationship with other standards.
IEC 62304 is a harmonised standard for software design in medical products adopted by the European Union and the United States. Because the standard is “harmonised,” medical device manufacturers adopting it will satisfy the essential requirements contained in Medical Devices Directive 93/42/EEC (MDD) with amendment M5 (2007/47/EC) as related to software development. This is the least onerous route to ensuring compliance with the MDD. US FDA will also accept ANSI/AAMI/IEC 62304:2006 as evidence that medical device software has been designed to an acceptable standard. This standard is identical to the EN/ISO variant in all essential details.
 
Designing to IEC 62304 ensures that quality software is produced by means of a defined and controlled process of software development. This process must contain a set of requirements based on the safety class of the software that is being developed.
 
Software safety classification
Initially the IEC 62304 standard expects the manufacturer to assign a safety class to the software system as a whole. This class-ification is based on the potential to create a hazard that could result in an injury to the user, the patient or other people.
 
The software is classified into three simple classes, as follows:
  • Class A: No injury or damage to health is possible
  • Class B: Nonserious injury is possible
  • Class C: Death or serious injury is possible
Defining “serious injury,” “nonserious injury,” “injury” and “damage to health” is important to apply this classification effectively. It may at first appear to be obvious what constitutes an injury; however, this can be a far more complex question when the context of the device is taken into account. Unfortunately the standard only defines “serious injury,” and this is as follows:
 
Serious Injury
Injury or illness that directly or indirectly
a) is life threatening,
b) results in permanent impairment of a body function or permanent damage to a body structure, or
c) necessitates medical or surgical intervention to prevent permanent impairment of a body function or permanent damage to a body structure.
 
Note: Permanent impairment means an irreversible impairment or damage to a body structure or function excluding trivial impairment or damage.
 
Figure 2: A safety-critical software system can be split into items, each one running on different processors and each with a different safety classification. 
 
It is relatively simple to apply a negative to the above to derive a nonserious injury definition. However, the definition of injury for use with the Class A software safety classification may be debatable. This is complex because of the lack of definition of injury or damage to health. For example, there may be a grey area involving the normal side effects of treatment of a condition as opposed to the device itself causing injury.
 
Procedures for carrying out this initial analysis and defining the class to be applied have been developed. In some cases, the notified body being used can affect this decision. Some will recommend that Class B is the minimum standard to be applied for any medical product, as the Class A safety classification does not insist on a sufficiently rigorous software development process.
 
There are major differences in the development process in terms of cost and time between a Class A and Class B code. It is therefore essential that medical device developers get this right at the outset. The safety classification also has a great impact on the documentation and process that is required.
 
Software items and units
Once the initial safety classification has been carried out for the system, it is possible to break the system down into software items and software units. These are defined as follows:
  • Software Item: “Any identifiable part of a computer program” [ISO/IEC 90003:2004, definition 3.14, modified]
  • Software Unit: “Software item that is not subdivided into other items” [ISO/IEC 90003:2004, definition 3.28, modified]
In practice, the software items can be any subsection of a system or its constituent parts. An architectural diagram is required to show the software items and software units. It is possible to then downgrade the safety classification of parts of the software system provided that these can be segregated. The note on section 5.3.5 of the standard gives an example of this segregation:
 
“An example of segregation is to have software items execute on different processors. The effectiveness of the segregation can be ensured by having no shared resources between the processors.”
 
In practice, this means that a safety-critical software system can be split into items, each one running on different processors and each with a different safety classification (Figure 2). Again, it is important to get this split correct at the outset to ensure that the system is safe and high quality, but also produced within the appropriate cost and time guidelines. Systems are available to analyse medical product software architecture and to define these items. Such processes can greatly reduce timescales and costs for the development of medical devices.
 
Table I: Summary of safety classification effects on the code development documentation and process.
Software Documentation Class A Class B Class C
Software development plan Must contain contents to sections 5.1 IEC 62304:2006. The plan's content list increases as the class increases, but a plan is required for all classes.
Software requirements specification Software requirements specification conforming to 5.2 IEC 62304:2006. The content list for the software requirements specification increases as the class increases, but a document is required for all classes.
Software architecture Not required. Software architecture to 5.3 IEC 62304:2006. Refined to software unit level for Class C.
Software detailed design Not required.   Document detailed design for software
units. (5.4).
Software unit implementation All units are implemented, documented and source controlled (5.5.1).  
Software unit verification Not required. Define process, tests and acceptance
criteria (5.5.2, 5.5.3).
Carry out verification (5.5.5)
Define additional tests and acceptance
criteria (5.5.2, 5.5.3, 5.5.4).
Carry out verification (5.5.5).
Software integration and integration
testing
Not required. Integration testing to 5.6 IEC 62304:2006.
Software system testing Not required. System testing to 5.7 IEC 62304:2006.
Software release Document the version of the software
product that is being released (5.8.4).
List of remaining software anomalies, annotated with an explanation of the
impact on safety or effectiveness, including operator usage and human factors.
 
Impact of safety classification
The safety classification has a tremendous impact on the code development process. It is therefore in the interests of medical device manufacturers to get this right the first time to avoid expensive, time-consuming rework late in a project.
A brief summary of the effects of safety classification on the documentation and process is shown in table I. In practice any company developing medical device software will carry out verification, integration and system testing on all software classes. However, the difference is that formal detailed documentation does not need to be generated for Class A code. Cross-referencing and verification of requirements also does not need to be formally proven. This can save a great deal of time and money in software development.
 
SOUP
Software of unknown provenance, or SOUP, is any code (tools or source code) that does not have formal documentation or was developed by a third party and has no evidence as to the controls on the development process. This code by definition is deemed to be capable of producing faults. It is important to carry out a software risk analysis on any SOUP code being proposed for the software under development and produce a rationale as to why this code should be used.
 
The use of SOUP is affected by the code safety classification. If the code is deemed to be Class A, then SOUP code can be used without further justification. As the class increases, the risks increase and the rationale becomes harder to justify. In practice this means that only simple function, well known and diversely applied SOUP code can be used for Class C applications.
 
A technology solutions provider specialising in electronics design and production services has developed processes to identify and justify the use of SOUP in medical device software. Its own experience with this has proved that such processes can drastically reduce development time-scales and costs. This is a route that medical device developers should incorporate into their design procedures.
 
Conclusion
IEC 62304 is a well considered, logical standard for developing safety critical and high reliability software for medical devices. Now that this standard has been adopted it would be very difficult for a medical device software developer to justify any equivalent approach that meets the requirements of the MDD, without effectively complying with this standard. This is good news for the safety of patients, but also for the manufacturers themselves, as the standard establishes a more level playing field. There is no longer any opportunity for uncontrolled rudimentary software development processes, and this raises quality across the board.
 
In addition, as IEC 62304 is a harmonised standard that has been adopted internationally, it tends to equalise quality expectations between Europe and the United States.
 
For medical device manufacturers, it is important that they select software designers who have well-established risk management systems, as they will already have the foundations in place to meet IEC 62304. Additionally, my professional experience has proved how valuable processes can be to analyse medical product software architecture and usage. Such processes can greatly reduce timescales and costs for the development of medical devices. 
 
Ken Hall
is Technical Director at Triteq Ltd,
3 The Courtyard, Stype, Hungerford,
Berkshire RG17 0RE, UK
tel. +44 1488 684 554
e-mail: ken.hall@triteq.com
www.triteq.com
 
 

 

Related stories

Simplifying IEC 62304 Compliance for Developers
 

Decoding MISRA C:2012 for Medtech Applications



Find more content on:
Your rating: None Average: 4.5 (2 votes)


Login or register to post comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Just admiring your work and

Just admiring your work and wondering how you managed this blog so well. It’s so remarkable that I can't afford to not go through this valuable information whenever I surf the internet!
https://rebelmouse.com/fattyliverdietguidereviews/

Davidjohn

LED lighting for office buildings and commercial interiors. Lights that will brighten up the office, canteen, stairwells...kolon kanseri

Nice informative post which

Nice informative post which is very interesting to read, good work by writer keep it up. It affects a lot of urgent challenges of our society. We can not be untouched to these issues. Well done.

https://www.facebook.com/satelliteinternetdealer
https://www.youtube.com/watch?v=z6taM4HcLPA
http://www.slideshare.net/wirelessinternet

Thanks for a very interesting

Thanks for a very interesting blog. What else may I get that kind of info written in such a perfect approach? I’ve a undertaking that I am simply now operating on, and I have been at the look out for such info.
buy facebook likes cheap

I have recently started a

I have recently started a blog, the info you provide on this site has helped me greatly. Thanks for all of your time & work.
gv-crepi.be

I felt very happy while

I felt very happy while reading this site. This was really very informative site for me. I really liked it. This was really a cordial post. Thanks a lot!.
gv-crepi.be

It was great to see the old

It was great to see the old printshop and everyone who works there again. I am excited to see a printing business still operating and growing, great job guys
buy facebook likes cheap 800

thanks for the tips and

thanks for the tips and information..i really appreciate it..
ice cream scooper

Really great post, Thank you

Really great post, Thank you for sharing This knowledge.Excellently written article, if only all bloggers offered the same level of content as you, the internet would be a much better place. Please keep it up!
cyber monday mattress sales

Thanks for sharing the info,

Thanks for sharing the info, keep up the good work going.... I really enjoyed exploring your site. good resource...
rebelmouse.com

I came onto your blog while

I came onto your blog while focusing just slightly submits. Nice strategy for next, I will be bookmarking at once seize your complete rises
porsche 911 wheels

obat kanker payudara

Obat Tradisional Kanker Payudara Terbaik
Mengertikah Anda definisi dengan Sakit Kanker Payudara? Kanker payudara merupakan kanker yang terdapat pada bagian payudara, atau keganasan yang diawali dari sel dalam payudara. sakit payudara seringkali diderita oleh para wanita, namun ada kemungkinankanker payudara dialami oleh kaum laki-laki. obat kanker payudara

obat kista

Obat Tradisional Kista Juice of Mangosteen diracik dari sari kulit manggis yang kita tahu memiliki manfaatnya. amazon Plus mengandung zat xanthone yang mempunyai super antioksidan berkali-kali ganda dibanding dengan buah-buahan lainnya. amazon Plus dibuat melalui peralatan yang modern serta mencapurkan banyak pakar dibidangnya. obat kista

obat kanker prostat

Pusat Penjualan Obat Herbal Kanker Prostat amazon Nature
Apakah pengertian dari Kanker Prostat? Kanker Prostat merupakan salah satu penyakit kanker yang mana berkembang biak di prostat, sebuah kelenjar dalam sistem reproduksi lelaki. obat kanker prostat

I really want to say thank

I really want to say thank you for the information you have shared. Keep writing these kind of posts and I will be your loyal reader. Thanks again.
bail bond newport beach

I high appreciate this post.

I high appreciate this post. It’s hard to find the good from the bad sometimes, but I think you’ve nailed it! would you mind updating your blog with more information?

https://rebelmouse.com/reverseyourdiabetestodayreview

It was a very good post

It was a very good post indeed. I thoroughly enjoyed reading it in my lunch time. Will surely come and visit this blog more often. Thanks for sharing.
fentermina

Absolutely fantastic posting!

Absolutely fantastic posting! Lots of useful information and inspiration, both of which we all need!Relay appreciate your work.
whitening cream for face

Absolutely fantastic posting!

Absolutely fantastic posting! Lots of useful information and inspiration, both of which we all need!Relay appreciate your work.
pop over to these guys

Offcourse….This is so

Offcourse….This is so beautiful and creative. I just love the colors and whoever gets it in the mail will be smiling.
porsche 911 wheels

Hardware risk analysis can

Hardware risk analysis can then run alongside software risk analysis to define the required safety systems for the device.
agen casino terbaik

I think this is a really good

I think this is a really good article. You make this information interesting and engaging. You give readers a lot to think about and I appreciate that kind of writing.
compra venta relojes

This really is my first time

This really is my first time check out here. From the tons of comments on your articles, I suppose I am not only one having all the enjoyment right here!
http://resepsambal.weebly.com/
https://ui.academia.edu/kimjung
http://resephebat.soup.io/

Great post I would like to

Great post I would like to thank you for the efforts you have made in writing this interesting and knowledgeable article.
Proofreading and editing term papers

The information you have

The information you have posted is very useful. The sites you have referred was good. Thanks for sharing...
40th birthday party ideas

Very informative post! There

Very informative post! There is a lot of information here that can help any business get started with a successful social networking campaign!
blog commenting

The unit measures 133 x 180 x

The unit measures 133 x 180 x 250 mm and is ideal for radar signal processing and other applications that require high-bandwidth signal processing and data communications. Pricing for the Mini ATR depends on the complement of boards and configuration http://nationalsleepfoundation1.soup.io/

Useissa on panostettu

Useissa on panostettu palveluun ja isäntäväki hurmaa savolais-karjalaisella välittömyydellään. Kartanoiden historiallisssa pihapiireissä on tarjolla usein vaatimatonta aittamajoitusta ja itse kartanossa tasokasta, hotellitasoista majoitusta http://sleephealth.snappages.com/

The 2007 version of this

The 2007 version of this standard is considerably extended from its previous version, and the techniques described are now intended to be applied to both software and hardware systems. http://bestmattresses1.dinstudio.com/

Very informative post! There

Very informative post! There is a lot of information here that can help any business get started with a successful social networking campaign!
http://sleepdisorders11.wordpress.com/

The approach that should be

The approach that should be taken is to consider the risks posed by the medical device as a whole, before the software/hardware split has been decided. Hardware risk analysis can then run alongside software risk analysis to define the required safety systems for the device. http://bestmattresses1.dinstudio.com/

I am very enjoyed for this

I am very enjoyed for this blog. Its an informative topic. It help me very much to solve some problems. Its opportunity are so fantastic and working style so speedy.
kopen loopband

I would like to thank you for

I would like to thank you for the efforts you have made in writing this article. I am hoping the same best work from you in the future as well. Thanks...
iphone blast news

Mmm.. good to be here in your

Mmm.. good to be here in your article or post, whatever, I think I should also work hard for my own website like I see some good and updated working in your site.
seo for local business

gold chiavari chairs

The approach that should be taken is to consider the risks posed by the medical device as a whole, before the software/hardware split has been decided. Hardware risk analysis can then run alongside software risk analysis to define the required safety systems for the device. gold chiavari chairs

Hey – great blog, just

Hey – great blog, just looking around some blogs, seems a really nice platform you are using. I’m currently using WordPress for a few of my blogs but looking to change one of them over to a platform similar to yours as a trial run. Anything in particular you would recommend about it?
seo for local business

Great knowledge, do anyone

Great knowledge, do anyone mind merely reference back to it
Diner transportable aarhus

Mmm.. good to be here in your

Mmm.. good to be here in your article or post, whatever, I think I should also work hard for my own website like I see some good and updated working in your site.
mississauga website design

Thanks for sharing this

Thanks for sharing this quality information with us. I really enjoyed reading. Will surely going to share this URL with my friends.
best website to buy instagram followers

Thanks for the post and great

Thanks for the post and great tips..even I also think that hard work is the most important aspect of getting success..
watch free movies online

I recently found many useful

I recently found many useful information in your website especially this blog page. Among the lots of comments on your articles. Thanks for sharing.
do my essay for me

Great article Lot's of

Great article Lot's of information to Read...Great Man Keep Posting and update to People..Thanks
rebelmouse

Mmm.. good to be here in your

Mmm.. good to be here in your article or post, whatever, I think I should also work hard for my own website like I see some good and updated working in your site.
mississauga web design

Thanks for a very interesting

Thanks for a very interesting blog. What else may I get that kind of info written in such a perfect approach? I’ve a undertaking that I am simply now operating on, and I have been at the look out for such info.
man made diamonds

I am always searching online

I am always searching online for articles that can help me. There is obviously a lot to know about this. I think you made some good points in Features also. Keep working, great job!
X431 V

Great post full of useful

Great post full of useful tips! My site is fairly new and I am also having a hard time getting my readers to leave comments. Analytics shows they are coming to the site but I have a feeling “nobody wants to be first”. seo service

Nice blog and absolutely

Nice blog and absolutely outstanding. You can do something much better but i still say this perfect.Keep trying for the best.
isolatie vloer PUR

thank you, the information

thank you, the information presented on this website really helped me in understanding the development of the world, especially in the field of Developing Medical Device Software to IEC 62 304 Jual Crystal X Asli Nasa

I am hoping the same best

I am hoping the same best effort from you in the future as well. In fact your creative writing skills has inspired me.
medical insurance Dubai

Your post had provided me

Your post had provided me with another point of view on this topic. I had absolutely no idea that things can work in this method as well. Thank you for sharing your opinion. obat wasir obat gondok obat jantung koroner