Category

Blog
I don’t even really like to use the word retrospective
Read More
A short, short time ago, in this very own galaxy some companies were not making blockbusters, but medical devices. Whispers of quicker development times and better testing made the way past the water cooler until it became time to indulge and implement the mythical software development lifecycle. With the changes came weird language and rumors...
Read More
Testing activities should neither end with the release of the product nor once test documentation is complete, but should continue with the reduction of any test debt. Test debt is essentially a form of technical debt. Like technical debt, test debt is incurred during a project when compromises are made in the creation of test...
Read More
A security company indicated the following: … many companies received emails from Amazon indicating that their AWS S3 bucket policies were left configured as “publicly accessible”. These publicly accessible policies allow potentially sensitive cloud data exposed to cybersecurity threats, and likely are not the intention of the Amazon customers. Amazon recommended that each “bucket” policy...
Read More
Here are some thoughts from a recent conversation between Sherman Eagles, Brian Pate, and Alan Kusinitz of SoftwareCPR®: Cybersecurity vulnerabilities can have unpredictable effects on safety.  Unpredictable effects … to those who have worked to reduce risks of software failures in medical device software, that phrase may be familiar.  That concept is explained in relation to...
Read More
This document provides Sherman Eagle's June 2017 standards status update to be used with the Standards Landscape document. It provides a summary of status updates to primary medical device standards as well as standards specific to Medical Device and Health IT software including Cybersecurity and systems and software engineering standards.
Read More
Cybersecurity firm Sophos published an article on Medical Device cybersecurity and David Overton of SoftwareCPR® suggested we post this as it may be of interest. David pointed out these statements: A significant percentage of medical devices are not secure. Most medical device manufacturers do not take serious steps to secure their devices for two reasons:...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. Created a job aide which compares the IEC 62304 and IEC 82304 elements for requirements. This is only intended to be used as a starting point and requires interpretation based on knowledge of each standard and the type of...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. Use this as a starting point to gather information on the software development environment (and related information) as required in FDA's Guidance for Software Information to be included in open market submissions. It is only intended as a starting...
Read More
Although IEC 82304-1 Health Software: General requirements for safety has been published it is not clear when it will be harmonized in the EU. Nonetheless it appears EU notified bodies are treating it as “state-of-the-art” and are likely to expect it to be used for software products that are regulated as medical devices. IEC TR...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. SoftwareCPR checklist for "IEC 82304-1: Health software - Part 1: General requirements for product safety."  82304 SoftwareCPR Checklist SoftwareCPR can provide conformance assessments, training, or expert consultation for efficient use and implementation of 82304 for medical device software as well...
Read More
This content is only available to Standards Navigator and Standards Navigators PLUS subscribers.  See our Subscribe page for information on subscriptions. This document provides a summary of primary medical device standards as well as standards specific to Medical Device and Health IT software including Cybersecurity and systems and software engineering standards. It includes an assessment of how...
Read More
This document provides a summary of primary medical device standards as well as standards specific to Medical Device and Health IT software including Cybersecurity and systems and software engineering standards. It includes an assessment of how the standards will impact the development of medical device and Health IT software. This is truly a MUST READ...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The attached pdf file contains all Part 11 related warning letter excerpts included on this site as of the date above.  This file is updated periodically, but for the most recent warning letters between these updates, do text...
Read More
This document is the result of an industry-led initiative of the European Commission. It is targeted at app developers and its purpose is to foster justified trust among users of mHealth apps which process personal data. Standards Navigator Draft Health Code of Conduct
Read More
The link provided is our revised checklist for changes in Amendment 1. You will need to login as a paid subscriber to download this checklist.
Read More
Click here to view a summary of my highlights and rationale, along with some practical implementation tips for the new ISO 13485:2016:  SoftwareCPR-ISO13485 revision March 2016 highlights Some of the revisions add items included in FDA’s 21 CFR 820 Quality System Regulation such as Design Transfer, Validation of automation of quality system activities, detailed records, and...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. It contains a training aid that provides an overview comparison between the 2015 Amendment of IEC 62304 and FDA requirements based on 62304 Safety Classes. SCPRed_SoftwareCPR-FDA-62304SafetyClasscomparisonTrainingAide
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. A sample checklist for releasing or updating software is at the link provided. GoLiveiChecklistTrainingExample111115
Read More
/docs/scpred/standardsnavigator/SoftwareCPRStandardsNavigatorReport2015-1.pdf
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. It contains all software and computer related recall excerpts for the years listed. Some of the newest recalls on the site may not be included. This compilation is provided in reverse chronological order and is useful for quick review,...
Read More
/docs/scpred/StandardsNavigator/SoftwareCPRStandardsNavigatorReport2014-11.pdf
Read More
Brian Pate of SoftwareCPR suggest that a good rule of thumb is: If differences in the final product, produced by two different development groups using the same specification element, resulted in unacceptable differences in safety or efficacy then it would likely be a “requirement”. Otherwise it is most likely to be a design specification. This...
Read More
A January 2014 ACM Journal has an interesting article on software verification at NASA JPL for the Mars Curiosity Rover at the link provided. A few things that I found interesting: Their standard for flight software is ISO-C99. The coding standard at JPL (http://lars-lab.jpl.nasa.gov/JPL_Coding_Standard_C.pdf) is risk-based and has 6 “levels of compliance”. LOC-5 and LOC-6...
Read More
Test driven development (TDD) is the creation and execution of automated tests early in development which fail, by design, until a programmed element is implemented. There are many terms to describe the process, but few will refute its value. Re-discovered in 2003, manufacturers are taking hold of this methodology, ensuring new hires can successfully and...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. It contains all software and computer related warning letter excerpts included on this site. Some of the newest warning letters on the site may not be included since we only update this comprehensive document periodically. This compilation is provided...
Read More
Obviously, unit tests have their greatest value at the time of the development of the unit itself. Well-designed unit tests provide evidence that the unit performs its intended function, that the software design executes as intended, and allows the developer (or tester) to test the unit with inputs and states that may be difficult to...
Read More
The document at the link provided is a short checklist for helping ensure or assess requirements quality. It is an educational aid to be used only by knowledgeable individuals and should not be used blindly or considered comprehensive. This was prepared by Brian Pate with input from Alan Kusinitz. Requirement Quality Checklist
Read More
If sample sizes need to be determined there are many statistical methods and assumptions related to this so decisions should be carefully considered. Two of the most commonly used sample tables are ISO 2859 for attibutes and ISO 3951 for variables.
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. Mary Decareau of SoftwareCPR prepared a tiered checklist for EN 62366 Medical devices – Application of usability engineering to medical devices for our internal use and we are making it available to paid subscribers at the link provided and...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The SFDA prepared a draft document entitled "Explanations on the Basic Requirements of Application for Registration of Medical Device Software" on April 28, 2012, which is linked below. This was initially translated to English by JIRA (Japan Industries Association...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The attached pdf file contains all software and computer related warning letter excerpts included on this site. Some of the newest warning letters on the site may not be included since we only update this comprehensive document periodically. This...
Read More
This content is only available to our Standards Navigators subscribers.  See our Subscribe page for information on subscriptions. Read the Swedish formal objection to the harmonization of ISO 13485. Sweden Formal Objection ISO13485 Medical Devices
Read More
This content is only available to Standards Navigators subscribers.  See our Subscribe page for information on subscriptions. The Industry response to the Swedish objection to ISO 13485 can be found at the following link:   Industryresponseto13485objection I had previously posted regarding the Swedish objection at this link:  
Read More
This content is only available to Standards Navigators subscribers.  See our Subscribe page for information on subscriptions. The link provides the formal objection to the harmonization of ISO 14971 from the European Commission.   EN Deharmonization of Cen-Standards 2010-11
Read More
This content is only available to Standards Navigators subscribers.  See our Subscribe page for information on subscriptions. The link provides the response from ISO TC 210 to the EC objections to ISO 14971.  ISO TC210 Comments on deharmonization of EN14971
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. A new work item and draft technical report for guidance in implementing IEC 80001-1:2010. This TR provides practical guidance for doing risk management for hospital networks.The report is at the link provided until the review period ends on 24-Feb-2011. IEC...
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. A new work item and draft technical report for guidance in implementing IEC 80001-1:2010. This TR provides a framework for a dialogue between a medical device manufacturer and a hospital regarding system and data security controls. The report is at...
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. A new work item and draft technical report for guidance in implementing IEC 80001-1:2010. This TR provides guidance for considering risk when using wireless communications in a hospital.  The report is at the link provided until the review period ends...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The pdf at the link provided contains a training template used in SoftwareCPR training on production and quality system software validation. It presents a general validation form for discussion that can be used itself for simple applications or tools...
Read More
The pdf at the link provided is a list of detectable flaws which a manufacturer could be expected to identify and remove. This was provided to the 62304 working group by the FDA for consideration during the work on the second edition of 62304.
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The pdf at the link provided contains selected templates used in SoftwareCPR training on medical device software standards focused on IEC 62304. These are not intended to be ideal for all situations or comprehensive but are intended to serve...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. Slides from a presentation by Molly Ray of SoftwareCPR are at the link provided as a pdf. These slides provide an introduction to pre-market submissions for devices that are, or contain, software. SoftwareCPR Presentation-510k
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The attached zip file contains 3 training templates. One is for an example software development SOP, one is a companion software development plan, and one is a template for software risk analysis incorporating the concept of predefined categories of...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The attached pdf is a SoftwareCPR training aide and should not be used blindly to fill in the blanks. It is a partial example of a software risk analysis procedure and report. It is just one partial approach that...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The pdf at the link provided contains a set of FDA reference documents and partial examples used in SoftwareCPR training courses on Validation of Production and Quality System Software and Part 11. This is just a partial set and...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The attached pdf is a training aide and should not be used blindly to fill in the blanks. It is a partial example of Software Design Specification tailored from an IEEE standard. Design Spec - SoftwareCPR Template-Rev3
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The attached pdf is a training aide and should not be used blindly to fill in the blanks. It is a partial example of a User Interface Design Specification. UI Design - SoftwareCPR Template-Rev2
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The attached pdf is a SoftwareCPR training aide and should not be used blindly to fill in the blanks. It is a partial example for a software requirements specification (SRS) for a small surgical device. SRS-template-embeddev-SoftwareCPRtrainingdocRev2 . . ....
Read More
1 2 3

Upcoming Training

QSS Software Validation
Planned Instructors:  Brian Pate, John Murray
Location: Boston, MA, USA
Dates:  June 2-4, 2020
Registration Link

Receive $300 discount with Premium-Individual subscription purchase (or $333 per person for Premium-Company subscription)! 

Multi-Student Discounts as well!

Email training@softwarecpr.com
to receive discount

Corporate Office

15148 Springview St
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN) and Italy.