Upload
luis-garcia
View
218
Download
0
Embed Size (px)
Citation preview
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 1/22
®
IBM Software Group
© 2010 IBM Corporation
IEC 62304 for medical device softwaredevelopment – Steps to Compliance
May 15, 2013
Marty Bakal, Electronics Industry Leader,IBM Rational software
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 2/22
IBM Software Group | Rational software
Five forces affecting the industry today
Legal issues
Patient lawsuits Patents Product recalls Liability Data retention
Technology
Systems integration New technologies Compliance
Markets and financial issues
Consolidation Overseas marketplace
expansion Slowing marketplaces Profitability and cost
Regulations
FDA New forms of regulation Patient privacy, HIPAA SOX
New product development
Speed to market Strategic agreements
Significant R & D spend
Healthcare is shifting to a patient-centric model
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 3/22
IBM Software Group | Rational software
IEC 62304 Overview – Stronger focus on Software
IEC 62304:2006 Medical device software – Software life cycle processes
Focused on software development processes for medical devices but does notspecify the methodologies, artifacts or life cycle models themselves
Derived from ISO/IEC 12207, a general standard for software processes
Adoption
FDA Consensus Standard since September 2008
FDA regards complying with IEC62304 as fulfilling “Software Development EnvironmentDescription” section of the Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices
Normative standard in Europe for conformance marking
Standard available for purchase from ISO website (~$225 USD)
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 4/22
IBM Software Group | Rational software
IEC 62304 Structure
Activities
ProcessesSet of interrelated or interacting activities thattransforms inputs into outputs
Tasks
Set of interrelated or interactingtasks
Single piece of work that needsto be done and results in adeliverable
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 5/22
IBM Software Group | Rational software
What IEC 62304 does not do
Does not specify an organizational structure
You can have a hierarchical, matrix, or mixed organization
Does not specify the content of the documentation to be developed
You need to show traceability through all the artifacts but not in some setformat
Does not prescribe a specific lifecycle model
Waterfall, Iterative, Agile, … it is all up to you
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 6/22
IBM Software Group | Rational software
Standards Landscape and Process
Source: European Medical Device & Technology, June 2010
Quality management system
RISK MANAGEMENT
Software safety classification
Software development PROCESS
Software development planning
Software requirements analysis
Software ARCHITECTURAL design
Software detailed design
SOFTWARE UNIT implementation and
verification
Software integration and integration testing
SOFTWARE SYSTEM testing
Software release
Software maintenance PROCESS
Software RISK MANAGEMENT PROCESS
Software configuration managementPROCESS
Software problem resolution PROCESS
Documentation Requirements
Gap Analysis
6
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 7/22
IBM Software Group | Rational software
Overview of SW Development / Maintenance
Systems Development / Maintenance ACTIVITIES (including RISK MANAGEMENT)
Customer Needs/ Maintenance
Customer Needs/ Maintenance
Satisfied
Software RISK MANAGEMENT
Development/ Maintenance
Planning
Requirements/ Problem &Modification
Analysis
ARCHITECTURALdesign
Detaileddesign
UNITImplementation and
VERIFICATION
Integration andintegration
testing
SYSTEMtesting
Softwarerelease
Modification implementation
Software configuration management
Software problem resolution
PROCESSES and ACTIVITIES – as defined in the IEC 62304 standard
7
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 8/22
IBM Software Group | Rational software
Product Development and Verification Life Cycle (Process)
Implementation Software UnitTest
DEFINITION / DEVELOPMENT TEST / VERIFICATION
Change Management and Problem Reporting
Configuration Management
P r o j e c t P l anni n g an d A s s e s sm en t
RequirementTraceability
RequirementsCapture and
Analysis
System Analysisand Design
Software Design Component
Integration andTest
System/SubsystemIntegration and Test
SystemAcceptance
Validating the Product
Traceability for Test Coverage
Verifying the System
Qualifying the ComponentsRequirement
Traceability
RequirementTraceability
Engineering
Test
(Quality)
SystemsEngineering
SoftwareEngineering
DOORS
DOORSRhapsody
DOORSRhapsody
Rhapsody Rhapsody
RhapsodyRQM
RhapsodyRQM
RQM
RTC
Ri sk M an a g em en
t an d S af e t yA s s e s sm en t P r o c e
s s
RT C
D O OR S
Rh a p s o d y
Step - IBM Rational Software Platform for SystemsRational DOORS, Rational Rhapsody, Rational Team Concert, Rational Quality Manager, Rational Publishing Engine
I n t e gr a t e d c ov er a g e of t h e s of t w a
r e an d
s y s t em s en
gi n e er i n gl i f e c y cl e
( i n cl u d e s c om pl i an c e c ov er a g ef or S O UP )
Automate Document Generation RPE
8
Design
HistoryFile
I E C 6 2 3 0 4 s e c t i on 5
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 9/22
IBM Software Group | Rational software
Step - Gap Analysis: Rational DOORS
Determine compliance with IEC 62304 by performing gap analysis
1. Capturing your existing processes in a solution for tagging (Rational DOORS)
2. Identify and tag each of the respective control points in your existing process
3. Capture the IEC 62304 standard as the yardstick to evaluate each of "your processes"control points (Rational DOORS)
4. Display a traceability matrix between the process standard ( IEC 62304) and your process
Identify and remediate process gaps
Document updated process into Rational Method Composer
o Allows change control, version control, publication, and general oversight of processchanges as the process matures.
Compliancestatement
BusinessProcess DefinitionsRegulations
Rich
tracing
9
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 10/22
IBM Software Group | Rational software
Quality Management SystemMake quality management a continuous lifecycle activity
Unify the entire team witha shared view of quality assets
Integrates with RequirementsManagement to insure Customer needs are met
Intelligent automation to improveaccuracy and efficiency
Automated reporting to enhanceproject decision-making andcompliance
QA Manager
Security Officer
Project Manager
Tester
Business Stakeholder
Test Cases
SkillAvailability
Project Logs
Use Cases
Requirements
SecurityMandates
Defect Logs
BusinessObjectives
Quality AssetInfrastructure
Central hubcaptures
everything thatmatters
for qualityreleases
QA Manager
Security Officer Security Officer
Project Manager Project Manager
Tester Tester
Business Stakeholder Business Stakeholder
Test Cases
SkillAvailability
Project Logs
Use Cases
Requirements
SecurityMandates
Defect Logs
BusinessObjectives
Test Cases
SkillAvailability
Project Logs
Use Cases
Requirements
SecurityMandates
Defect Logs
BusinessObjectives
Quality AssetInfrastructure
Central hubcaptures
everything thatmatters
for qualityreleases
“The manufacturer of medical device software shall demonstrate the ability to provide medical devicesoftware that consistently meets customer requirements and applicable regulatory requirements.”
Demonstration of this ability can be by the use of a quality management system that complies with ISO 13485
10
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 11/22
IBM Software Group | Rational software
Step - Risk Management: Rational DOORS
Anticipate possible failures of the system
Define control measureso Inherently safe, Preventive, Corrective, Informative
Systematic risk analysis is to anticipate failuresTop-down: Function analysis - ISO 14971
o Hazard AnalysisBottom-up: Design Analysis – FMEA, FTA
o Failure Modes and Effects Analysis
Each failure leads to risk control (RCM) measures
Each RCM leads to requirements implemented inproduct hardware, software or documentation
Risk Management File documents traceably risk tocontrol measure, to verification of control measure
Risk Management Activities continue after release
Document TRACEABILITY of software HAZARDS
• From hazardous situation to the SOFTWARE ITEM • From SOFTWARE ITEM to the specific software cause
• From the software cause to RISK CONTROL measure
• From RISK CONTROL measure to VERIFICATION of
• RISK CONTROL measure
Hazards
Failures
RCMs
Requirements
User Needs
System
Sub-system
Design
Implementation
Risk Management File
Product Function
DesignRational
DOORS
11
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 12/22
IBM Software Group | Rational software
Step - Safety Critical with MDD: Rational Rhapsody
Typical Safety Critical Workflow
Implement code from textual requirements
Test only on target late in development cycle
Safety Critical with Model-DrivenDevelopment
Consistent Design, Code and Documentation
Visualization of complex requirements
High quality code generation (tool dependent)
Test Driven Development support
Early functional verification on host, detectbugs early in development
Harmony for Embedded RealTime™ processdefines a safety workflow and providesguidance
Safety analysis profile supports FTA, FMEA,FMECA and Hazard analysis – s u p p o r t s
safety classif icat ion and compliance to
section 4.3 of IEC 62304
12
Software safety classification
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 13/22
IBM Software Group | Rational software
Connecting FTA to Requirements (TraceToReq)
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 14/22
IBM Software Group | Rational software
Traceability - Encourage Collaboration Across the Lifecycle Multi-level graphical analysis
Dynamic traceability in columnsSystem
Requirements Linked
SubsystemRequirements
LinkedStakeholder
Requirements
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 15/22
IBM Software Group | Rational software
Agile Development
Grifols Case study
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 16/22
IBM Software Group | Rational software
•Grifols: Agile Case Study
– Plasma derivatives, in vitro diagnostic products and pharmaceutical
products. – €2,600M total turnover (40% US, 40% EU, 20% ROW).
– €130M diagnostic division turnover.
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 17/22
IBM Software Group | Rational software
Waterfall development – Agile development
VS
•Moves in stages.
•Proceeds when stage is
completed.
• Allows some feedback.
•Emphasis in working
software.
•Time boxed iterations.
•Continuous change and
adaptation.Scrum Diagram Source: Scott Ambler
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 18/22
IBM Software Group | Rational software
Making both worlds work together: conflicts and trade-offs
Conflicts Trade-offs
Design Inputs Design Outputs
Design Inputs
Design Outputs
•Guidance from AAMI TIR 45 on applying agile in the development of
medical device software.
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 19/22
IBM Software Group | Rational software
Grifols’ agile cycle
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 20/22
IBM Software Group | Rational software
Grifols - Agile success story
•Planning – building – hardening.
•Off - sprint tasks:
– Backlog “grooming”.
– Formal test procedures.
•Leveraged DOORS
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 21/22
IBM Software Group | Rational software
21
7/23/2019 IBM - IEC62304 and Agile 5-6-13_Bakal
http://slidepdf.com/reader/full/ibm-iec62304-and-agile-5-6-13bakal 22/22
IBM Software Group | Rational software
© Copyright IBM Corporation 2008. All rights reserved.
The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsiblefor any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materialsto IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials maychange at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way.
IBM, the IBM logo, the on-demand business logo, Rational, the Rational logo, and other IBM products and services are trademarks of the International Business Machines Corporation,in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
22