Progress Report: July 2010
Software Engineering Applied to Medical Devices: New Requirement Introduced by the Directive 2007/47/EC
by Sebastien Hardy, Certification Department Manager, Electro-Medical Equipment, LNE/G-MED
Many people would not consider software – a set of coded instructions -- to be considered a "medical device." However, as software takes on more critical diagnostic and therapeutic roles, the consequences of such "device" failure can be catastrophic.
That explains why the European Union’s latest directives follow the FDA’s lead in treating certain stand-alone software or embedded software as medical devices, with increased rules to ensure proper function in practice through a combination of three major principles:
- Risk Management
- Quality managemen
- Software Engineering
This newsletter examines practical implications of this need and how the revised directive relates to harmonized standards for Software Engineering (EN 62304, IEC 60601-1 Ed. 3) and Risk Management (EN ISO 14971).
Get a customized Proposal from our Technical Experts.
Use our Certification Application for a detailed proposal. For more urgent requests, feel free to use our Quick Quote proposal form.
Latest MDD Revision Expands Concept of Software Validation
The 2007 revision of the European Medical Device Directive completed its Essential Requirements to enhance the need of software validation around software validation. While the first Essential Requirement for a Medical Device is to be safe for everyone involved, Directive 2007/47/EC clarified the need:
- To consider the software as a medical device itself when it is intended by its manufacturer to be used specifically for diagnostic and/or therapeutic purposes,
- To validate the software according to the state of the art taking into account the principles of development life cycle, risk management, verification and validation.
EN 62304: A "State of The Art" Standard; Software Life Cycle Model Required
While the FDA introduced the need to better control the design of software a decade ago, only recently did the European Union instruct manufacturers to consider through EN 62304 how their software will be designed and maintained to achieve among other things the following goals:
- Reduce the errors made during the design and development process,
- Verify the ability of software to execute series of commands, based on differing inputs,
- Limit the introduction of new defects during software changes
- Maintain accurate and thorough documentation, as the personnel who make maintenance changes to software may not have been involved in the original software development.
- Have careful attention when manufacturer decides to integrate "Software of Unknown Provenance" (SOUP).
Clearly, testing of software is not considered sufficient to determine that software is safe in operation. Therefore, the primary requirement of EN 62304 is that a software life cycle model and a set of processes be followed (i.e. software development, maintenance, risk management, configuration management and problem resolution) to consistently produce high quality, safe medical device software.
In addition, the choice of processes be appropriate to the risks to the patient and other people. Fortunately for manufacturer, this standard does not require a particular software development life cycle model.
Relation of Software Engineering and Risk Management
Note that software is not itself a hazard, but may contribute to hazardous situations. Software should always be considered in a system perspective and software risk management cannot be performed in isolation from the system (i.e. without the use of EN 14971 principles). EN 62304 clearly requires implementation of EN 14971 principles and additional requirements for risk control for software as listed in EN 62304.
In fact, software designs can permit sequences of events, which may contribute to hazardous situations. Therefore, your software risk management shall consists of identifying sequences of events that can lead to a hazardous situation and identifying points in the sequences of events at which the sequence can be interrupted, preventing harm or reducing its probability.
As the Technical report TR 8002-1: 2009* states, software sequences of events which contribute to hazardous situations fall into two categories:
- Sequences of events representing unforeseen software responses to inputs (errors in specification of the software).
- Sequences of events resulting from incorrect coding (errors in implementation of the software).
Relationship between EN 62304 and other standards
Medical device management standards such as ISO 14971 and ISO 13485 provide a frame for the development of products whereas safety standards such as EN 60601-1 Ed. 3 give specific requirements for creating safe medical devices.
When software is part of electro-medical devices, EN 62304 provides more detailed requirements on what is required to develop and maintain safe software whereas EN 62366** can be used to feed your software design inputs.
