Pain Free Medical Software (Part 1 of 2)

Validated Software Corporation
6848 Embarcadero Lane Carlsbad, CA 92011
Call: (760) 230-5293
Email: Info@ValidatedSoftware.com
www.ValidatedSoftware.com

Introducing Valid-62304

Valid-62304 is the latest addition to VSC’s line of verification, validation, and certification (VV&C) products. Valid-62304 is a Medical Validation Suite that is specifically designed for those using µC/OS in a medical device.

If you are:

  • A medical device software developer
  • A medical device software manager
  • A member of a QA, Regulatory or compliance team
  • A member of the technical staff, department head or the executive team

… and are considering using µC/OS in a certified medical device, using Valid-62304 will:

  • Save you time
  • Save you money
  • Reduce certification risk
  • Free up development testing and QA resources for other activities

Technically speaking, because µC/OS was not created specifically for use in a medical device it is considered SOUP. However, in this case µC/OS is SOUP that is supported with a complete set of IEC 62304 Class C certification artifacts that are created by an INDEPENDENT third party i.e. VSC.

Valid-62304 is easy to use and integrate. Packaged as a “drop-in” module, it is delivered as a complete and ready to reference set of µC/OS development life-cycle artifacts covering IEC 62304 Software Lifecycle and Supporting Processes

  • Software Development (5.0)
  • Software Maintenance (6.0)
  • Software Risk Management (7.0)
  • Software Configuration Management (8.0)
  • Software Problem Resolution Management (9.0)

NOTE: See Appendix A below for details

In addition to the artifact types listed in Table 1, Valid-62304 contains the tools and material to support activities such as custom hardware testing and audits.

Valid-62304’s software development and test coverage applies to:

  • All µC/OS APIs and services
  • µC/OS port software functions
  • All permissible configurations of µC/OS

Valid-62304 includes a comprehensive set of test result gathered by VSC and all test code needed to verify those results on your custom hardware. Valid-62304’s testing provides:

  • 100% Feature/Function coverage
  • 100% Statement coverage
  • 100% Decision coverage
  • 100% µC/OS Object Code coverage

Valid-62304 Benefits

Save time, money and reduce certification risk

  • Ready today
  • Delivered for less than $2.50 to $5.00 per LOC*
  • Our µC/OS artifacts have been used since 2000 to support dozens of successful device certifications

Hedge against changing requirements

  • All APIs
  • All services
  • All permissible configurations

Test code included

  • Allows you to verify on your device
  • Extendable to regression and sanity testing

*Depending on µC/OS configuration of APIs and services

µC/OS Core and µC/OS Hardware Abstraction Layer

When people speak of µC/OS they usually speak of it in the context of processor and toolset support i.e.:

  • Example 1 - “Do you offer µC/OS v2.92 for the STMicro STM32L1xx?”
  • Example 2 - “Do you offer µC/OS v2.92 for the Freescale K70?”

From an architectural perspective, both examples contain two separate software components. The first is “µC/OS,” and the second is the “µC/OS hardware abstraction layer” that is specific to the processor and toolset combination.

The first component “is” µC/OS. It contains all of the API’s and services that make up µC/OS. While the project files will differ between the two examples above. As a versioned software component, i.e. v2.92 the same source code that is used for the processor in Example 1 is the same source code that is used for the processor in Example 2.

The second component that Micrium provides is the “µC/OS hardware abstraction layer” (AKA processor port, or just port). The port software provides the glue that binds the µC/OS software to the underlying hardware and because of that will differ from others on a per processor basis. With a ratio of µC/OS to Port source code ratio of more than 10 to1 makes µC/OS highly portable.

As will be shown this benefit extends to Valid-62304 as well.

Using a generic Cortex M3 as an example, the following functionality would be present in the port software:

  • OSTaskStkInit: function to initialize the stack for a newly-created task named OSTaskStkInit().
  • OSTimerInit: interval (system tick) timer initialization.
  • TickISR: system tick interrupt handler which shall call OSTimeTick().
  • TimerInit: function to start the (system tick) timer.
  • OSStartHighRdy: function to start the highest priority ready task.
  • OSCtxSW: function to transfer CPU control to the highest priority ready task during normal processing.
  • OSIntCtxSw: function to transfer CPU control to the highest priority ready task under interrupt handler processing.
  • OS_ENTER_CRITICAL: function to save the current interrupt status and disable interrupts.
  • OS_EXIT_CRITICAL: function to restore the saved interrupt status.
  • TaskBucket: function to provide an abnormal task end function stub.

In addition to the port software functions listed above the processor/toolset/board centric port software you receive from Micrium would also contain start up, initialization and other low-level code that is necessary to create the operating environment for µC/OS’s execution. Once the operating environment is established and control passes to µC/OS Main(), µC/OS interacts with the processor hardware via its port software functions.

Valid-62304 – Core and Port Abstraction

Likewise, Valid-62304 can be viewed as two components and since Valid-62304 is the design documentation for µC/OS it is no surprise that they mirror the µC/OS/Port architecture. The first is the Core µC/OS Validation Suite, or Core VS for short. The Core VS contains the IEC 62304 software development and test artifacts for the core µC/OS software. Valid-62304 also contains a second set of software development and test artifacts for the port software functions. These artifacts are called “Port Aspects of Certification” or Port for short.

Table 1 shows an abbreviated list (in fact, there are over 2,000 files in Valid-62304) detailing the type of development artifacts that are contained in Valid-62304’s Core VS and Port components. Both the Core VS and the Port artifacts have the same overall structure and artifact types. The Core VS is identical (per µC/OS version) regardless of the processor used and like µC/OS it is an “off the shelf” item. Also mirroring the function of its software complement, the “Port Aspects of Certification” bind the Core VS to the processor and toolset.

Starting with the ready-made Core VS, creating Valid-62304 for a processor involves the following high-level tasks:

  • Create the “Port Aspects of Certification” for the port software
  • Test the port software and gather the results
  • Verify that the test results contained in the Core VS are

Valid-62304 Artifacts*

Master Artifact Set Core Port
Project Checklist Yes Yes
Software Safety Validation Plan Yes Yes
Software QA Plan Common
Software Configuration Management Plan Common
Software Validation Plan Common
Software Configuration Index Yes Yes
Software Correlation Matrix Yes Yes
Software Requirements Document Yes Yes
Software Design Plan Yes Yes
Software Design Document Yes Yes
Software Integration Test Plan Yes Yes
Software Integration Test Procedure Yes Yes
Software Integration Test Report Yes Yes
Software Unit Test Plan Yes Yes
Software Unit Test Procedure Yes Yes
Software Unit Test Report Yes Yes
Software Accomplishments Summary Yes Yes
Safety Manual NA Yes
Standards Core Port
Micrium's "C" Coding Standard Common
VSC "C" Coding Standard Common
ASM Coding Standard Common
Code Review Procedure Common
Document Review Procedure Common
Port Requirements Document NA Yes
Software Problem Reporting Procedure Common
Software Design Standard Common
Software Requirements Standard Common
External Standards Referenced Common

Supporting Artifacts

Audit Core Port
QA Check Lists Yes Yes
Source Code review Sheets Yes Yes
Unit Tests Code Review Sheets Yes Yes
Integration Tests Code Review Sheets Yes Yes
Document review sheets Yes Yes
Requirements Trace Matrices Yes Yes
Test Results Core Port
IT Test Results Yes Yes
UT Test Results Yes Yes
Lint Test Results Yes Yes
Code Coverage Results Yes Yes
Source Code Core Port
Source Code Projects - All Yes Yes
Source Code µC/OS Yes Yes
Source Code UT Yes Yes
Source Code IT Yes Yes
Source Code Coverage Yes Yes

*There are over 2000 files in Valid-62304, exact contents and document names subject to change

Conclusions

The µC/OS certification artifacts contained in Valid-62304 are PDF files. No additional modifications or work is required other than integrating the delivery. Integration consists of checking it into your revision control system and referencing its use for “all things µC/OS” in the master doc set for your device. At a minimum, this includes the SSVP, and software accomplishments summary. When it is time to submit your device for approval or certification, include Valid-62304 as part of your submission.

All development and testing occurs on commercial evaluation boards and applies to µC/OS and the µC/OS port software functions that µC/OS depends on directly during run-time operation. VSC provides that test code so that you may verify that the test results gathered from your hardware matches those provided by VSC. The integration test code is provided in source code format so that it may be extended and used for regression, sanity and system based testing as well.

Creating software in accordance with IEC 62304 are reported to run $75 to $150 per line of code for the phases conception through release. Much of that cost is due to creating the supporting development and test artifacts for IEC 62304 certification. With a starting price of $9,999, Valid-62304 together with µC/OS can be fielded for less than $5 per line of code.

To learn more about VSC’s products and how to purchase them, visit http://www.validatedsoftware.com or email Info@ValidatedSoftware.com

This is the first of a two part series on µC/OS and Valid-62304. The second part will delve deeper into the cost of compliance with software standards and look at options for reducing those costs.

Appendix A

Table 1: Valid-62304 Coverage

IEC 62304 Reference Software Lifecycle Process (Activity) Valid-62304 Coverage* Remark
PRIMARY LIFECYCLE PROCESSES
5 SOFTWARE DEVELOPMENT Process
5.1 Software Development Planning Activity Two separate Software Development Plan activities are provided, one for the Core (processor independent) software project and a second for the Port (processor dependent) software.
5.1.1 Software development plan task X
5.1.2 Software Development Plan Maintenance X Plan maintenance is an ongoing activity
5.1.3 Software development plan reference to SYSTEM design and development X
5.1.4 Software development standard, methods and tools task X
5.1.5 Software integration and integration testing planning task X
5.1.6 Software VERIFICATION planning task X
5.1.7 Software RISK MANAGEMENT planning task X
5.1.8 Documentation planning task X
5.1.9 Software configuration management planning task X
5.1.10 Supporting Item Control task X
5.1.11 Software Controlled before Verification X
5.2 Software Requirements Analysis Activity
5.2.1 Define and document software requirements from SYSTEM requirements task X
5.2.2 Software requirements content task X
5.2.3 Include RISK CONTROL measures in software requirements task X
5.2.4 Re-evaluate Medical Device RISK ANALYSIS task X Integrator activity
5.2.5 Update SYSTEM requirements task X
5.2.6 Verify software requirements task X
5.3 Software Architectural Design Activity
5.3.1 Transform software requirements into an ARCHITECTURE task X
5.3.2 Develop an ARCHITECTURE for the interfaces of SOFTWARE ITEMS task X
5.3.3 Specify functional and performance requirements of SOUP item task X Integrator activity
5.3.4 Specify SYSTEM hardware and software required by SOUP item task X Integrator activity
5.3.5 Identify segregation necessary for RISK CONTROL task X Integrator activity
5.3.6 Verify software ARCHITECTURE task X
5.4 Software Detailed Design Activity
5.4.1 Refine SOFTWARE ITEMS into SOFTWARE UNITS task X
5.4.2 Develop detailed design for each SOFTWARE UNIT task X
5.4.3 Develop detailed design for interfaces task X
5.4.4 Verify detailed design task X
5.5 SOFTWARE UNIT implementation and verification Activity
5.5.1 Implement each SOFTWARE UNIT task X
5.5.2 Establish SOFTWARE UNIT VERIFICATION PROCESS task X
5.5.3 SOFTWARE UNIT acceptance criteria task X
5.5.4 Additional software code acceptance criteria task X
5.5.5 Software unit verification X Unit Test plans, procedures and results.
5.6 Software integration and integration testing Activity
5.6.1 Integrate SOFTWARE UNITS task X
5.6.2 Verify software integration task X
5.6.3 Test Integrated Software task X
5.6.4 Integration testing content task X
5.6.5 Verify integration test procedures task X Integration Test plans, procedures and results.
5.6.6 Conduct regression tests task X All tests repeated for any change to code or requirements.
5.6.7 Integration test record contents task X Integration Test results.
5.6.8 Use software problem resolution PROCESS task X Configuration Management/Quality Assurance task
5.7 Software System Testing Activity Limited to scope of RTOS. Does not include application.
5.7.1 Establish tests for software requirements task X Integration/Unit Tests as applicable.
5.7.2 Use software problem resolution PROCESS task X Configuration Management/Quality Assurance task
5.7.3 Retest after changes task X Configuration Management/Quality Assurance task
5.7.4 Verify SOFTWARE SYSTEM testing task X Limited to scope of RTOS. Does not include application.
5.7.5 SOFTWARE SYSTEM test record contents task X Limited to scope of RTOS. Does not include application.
5.8 Software Release Activity
5.8.1 Ensure software VERIFICATION is complete task X Included in SCMP-MED
5.8.2 Document known residual anomalies task X
5.8.3 Evaluate known residual anomalies task X
5.8.4 Document released VERSIONS task X
5.8.5 Document how released software was created task X
5.8.6 Ensure activities and tasks are complete task X
5.8.7 Archive software task X
5.8.8 Assure repeatability of software release task X Configuration Management/Quality Assurance task
6 SOFTWARE MAINTENANCE Process
6.1 Establish software maintenance plan task X
6.2 Problem and Modification Analysis Activity
6.2.1 Document and evaluate feedback task
6.2.1.1 Monitor feedback task X
6.2.1.2 Document and evaluate feedback task X
6.2.1.3 Evaluate PROBLEM REPORT’S affects on SAFETY task X
6.2.2 Use software problem resolution PROCESS task X
6.2.3 Analyze change requests task X
6.2.4 Change request approval task X
6.2.5 Communicate to users and regulators task X
6.3 Modification Implementation Activity
6.3.1 Use established PROCESS to implement modification task X Configuration Management/Quality Assurance task
6.3.2 Re-release modified SOFTWARE SYSTEM task X Configuration Management/Quality Assurance task
SUPPORTING PROCESSES
7 SOFTWARE RISK MANAGEMENT Process (referenced ISO 14971)
7.1 Analysis of software contributing to hazardous situations Activity
7.1.1 Identify SOFTWARE ITEMS that could contribute to a hazardous situation task X
7.1.2 Identify potential causes of contribution to a hazardous situation task X
7.1.3 Review published SOUP anomaly lists task X
7.1.4 Document potential causes task X
7.1.5 Document sequences of events task X
7.2 RISK CONTROL measures Activity
7.2.1 Define RISK CONTROL measures task X
7.2.2 RISK CONTROL measures implemented in software task X
7.3 VERIFICATION of RISK CONTROL measures Activity
7.3.1 Verify RISK CONTROL measures task X
7.3.2 Document any new sequences of events task X
7.3.3 Document TRACEABILITY task X
7.4 RISK MANAGEMENT of software changes Activity
7.4.1 Analyze changes TO MEDICAL DEVICE SOFTWARE with respect to safety task X
7.4.2 Analyze impact software changes on existing RISK CONTROL measures task X
7.4.3 Perform RISK MANAGEMENT ACTIVITIES based on analyses task X
8 SOFTWARE CONFIGURATION MANAGEMENT Process
8.1 Configuration identification Activity
8.1.1 Establish means to identify CONFIGURATION ITEMS task X
8.1.2 Identify SOUP task X Integrator activity
8.1.3 Identify SYSTEM configuration documentation task X
8.2 Change control Activity
8.2.1 Approve Change requests task X
8.2.2 Implement changes task X
8.2.3 Verify changes task X
8.2.4 Provide means for TRACEABILITY of change task X
8.3 Configuration status accounting Activity
8.3.1 Configuration status accounting task X
9 SOFTWARE PROBLEM RESOLUTION Process
9.1 Prepare problem reports activity X
9.2 Investigate the problem activity X
9.3 Advise relevant parties activity X
9.4 Use change control process activity X
9.5 Maintain records activity X
9.6 Analyze problems for trends activity X
9.7 Verify software problem resolution activity X
9.8 Test documentation contents task X

*Valid-62304 coverage applies to all classes of medical device

Tags: ,

Questions or Comments?

Have a question or a suggestion for a future article?
Don't hesitate to contact us and let us know!
All comments and ideas are welcome.