Approach to the development of a Unified Framework for Safety Critical Software Development

Software is increasingly being used to provide functionality in safety critical domains. The complexity involved in the development of software for these domains can bring challenges concerned with safety. International standards are published, providing information on practices which must be implemented in order to satisfy the regulations. This paper details an investigation of the relevant standards that companies need to implement in order to satisfy the regulatory requirements. A literature review was conducted which examines the relevant Quality Management System, Risk Management and Software Development standards across the safety critical domains; and examines the challenges faced by software development organizations with standard and multiple standard implementation. The existing approaches to standards consolidation, integration and harmonization were also examined. To investigate the challenges in implementing these standards, interviews were conducted with a medical device software development company having a Quality Management System in place and beginning to implement the relevant Software Development standards. In addition, an interview was conducted with a consultancy company who has experience in the implementation and maintenance of Quality Management Systems in small and medium enterprises. Following the literature review and interviews conducted, a comparison of the standards was conducted to investigate the similarities and differences in the structure of sections and subsections and to estimate the potential for the further consolidation of these standards. Following the results of the comparisons, a detailed mapping of standard requirements was conducted, mapping requirements of generic and domain specific Quality Management System standards. Future work will focus on the consolidation and integration of standards practices which need to be implemented by companies developing safety critical software and development of Unified Framework that incorporates all necessary requirements to comply with regulatory requirements. There is need for multiple International standards implementation in Safety Critical Software Development to fulfil Regulatory requirements.There are existing approaches of standards harmonization, consolidation or integration to address challenges with multiple standards implementation.A Unified framework will be developed across the multiple standards to comply with regulations in safety critical domains.

[1]  Laurie Zoloth,et al.  Willful modulations of brain activity in disorders of consciousness, by MM Monti, A Vanhaudenhuyse, MR Coleman, M Boly, JD Pickard, L Tshibanda, AM Owen, S Laureys: New England Journal of Medicine , 2010 .

[2]  Fergal McCaffery,et al.  Improving Safety in Medical Devices from Concept to Retirement , 2013, Handbook of Medical and Healthcare Technologies.

[3]  Fergal McCaffery,et al.  US FDA Releases Final Rule on Medical Device Data Systems:What Does This Mean for Device Manufacturers , 2011 .

[4]  Barbara Gallina,et al.  Towards a Safety-Oriented Process Line for Enabling Reuse in Safety Critical Systems Development and Certification , 2012, 2012 35th Annual IEEE Software Engineering Workshop.

[5]  Martin Mc Hugh,et al.  Integrating Agile Practices with a Medical Device Software Development Lifecycle , 2012 .

[6]  Jana Maria Heinsohn,et al.  Einführung in die ISO 26262 "Functional Safety - Road Vehicles" , 2011 .

[7]  Fergal McCaffery,et al.  Piloting MDevSPICE: the medical device software process assessment framework , 2015, ICSSP.

[8]  Barbara Gallina,et al.  Modeling a Safety- and Automotive-Oriented Process Line to Enable Reuse and Flexible Process Derivation , 2014, 2014 IEEE 38th International Computer Software and Applications Conference Workshops.

[9]  Gilbert Regan,et al.  A Methodology for Software Process Improvement Roadmaps for Regulated Domains - Example with IEC 62366 , 2013, EuroSPI.

[10]  Mark Halpin Consensus [Standards] , 2014 .

[11]  Fergal McCaffery,et al.  MDevSPICE - A Comprehensive Solution for Manufacturers and Assessors of Safety-Critical Medical Device Software , 2014, SPICE.

[12]  Martin Mc Hugh,et al.  How Amendments to the Medical Device Directive Affect the Development of Medical Device Software , 2011 .

[13]  Nancy G. Leveson,et al.  An investigation of the Therac-25 accidents , 1993, Computer.

[14]  Fergal McCaffery,et al.  Safety Critical Software Development - Extending Quality Management System Practices to Achieve Compliance with Regulatory Requirements , 2016, SPICE.

[15]  M. Boly,et al.  Willful modulation of brain activity in disorders of consciousness. , 2010, The New England journal of medicine.

[16]  Wei Zhou,et al.  Updated Proposal for a Guide for Quality Management Systems for PV Manufacturing. Supplemental Requirements to ISO 9001-2008 , 2015 .

[17]  Gilbert Regan,et al.  Investigation of Traceability within a Medical Device Organization , 2013, SPICE.

[18]  John C. Knight,et al.  Safety critical systems: challenges and directions , 2002, Proceedings of the 24th International Conference on Software Engineering. ICSE 2002.