FY 2000 Software Engineering
- Y2K Issue
- Determining Best Practices and Establishing CDRH Software Policy
- Implementation of CDRH Software Policy
OST provides software support for the Center's premarket and postmarket activities by concentrating on the most critical steps in the process of developing and marketing safe software. These areas are Software Safety and Software Risk Management; Software Requirements, Analysis, and Definitions; Software Design Methods; and Software Verification, Validation, and Testing. Tools intended to assist software developers in each of these areas are evaluated and tested. Demonstration projects are developed in order to arrive at metrics for the various tools, and the results are infused into the regulatory process through standards, training, publications, and guidelines. OST participated in over 100 IDE, PMA, and 510(k) reviews where software was the subject. The medical devices included pediatric and adult cochlear implants, LSX, VISX, and excimer lasers, pacemakers, breast cancer scanners, bone densitometers, thermal imaging, CADx systems, labor assistors, implantable pumps, brainstem implants, radiation therapy systems, sterilizers, disinfectant systems, wheelchairs, and linear accelerators. In addition, OST provides software engineering services to ORA by assisting in field investigations, to FDA for developing policy related to Part 11 - Electronic Records and Signature, to CDER for bioresearch monitoring and clinical trials software, and to CBER in developing the Bloodbank Software Reviewers Guidance.
Key words: software, regulatory support, Y2K
In FY 2000, OST was involved in the Y2K issue to a high degree, at several levels. At the policy level, OST provided the FDA focal point to the President's Council on Y2K Issues and technical and administrative support for this representative. As spokesperson for the FDA and with the technical support of many OST engineers, the OST representative was able to steer FDA onto a science-based approach to the Y2K problem: an approach that resulted in an effective solution without an undue waste of resources in reaction to overstated perceived threats. He was supported by sound technical information provided by OST engineers, and he was able to define the problem and work with the FDA Commissioner and her staff, with representatives of the White House and of Congress, with members of the medical device industry, and with technical specialists throughout FDA to achieve an effective solution to the Y2K crisis.
At the operational level, OST provided a technical representative to each of the three triage teams in OSB. These teams reviewed and acted on all reports of Y2K non-compliance in medical devices. OST staff also drafted the Statement of Work for a contract audit of the Y2K programs in a sampling of medical device companies. OST reviewed the technical qualifications of potential contractors for this audit. The audit was performed and successfully predicted that the industry was sufficiently prepared for the transition to Year 2000 so that drastic steps on the part of the FDA were not warranted.
Determining Best Practices and Establishing CDRH Software Policy
Key words: software, standards, policy
The Y2K Bug "scare" served to highlight the potential consequences that defective software could cause in medical devices. As a result, the Center decided to rethink how medical device software was regulated. Under the leadership of OST software engineers, the Center took several steps to identify and apply existing best practices in assuring software reliability to the regulation of medical device software.
OST has lead a joint FDA/industry effort to develop a software safety standard specifically tailored for medical devices by providing the co-chair for the AAMI Software Committee. This group has successfully developed a Medical Device Software Engineering Life Cycle Standard. The draft standard has been submitted to the AAMI and ANSI standards board and is expected to become a U.S. National Standard in June 2001. Once finalized, this standard can be used by the developer of any low- and moderate-risk medical device software. The conformance to this standard will enable manufacturers to submit less premarket software documentation, thereby reducing CDRH workload in reviewing medical device software applications and speeding up time to market for the device.
At the urging of OST engineers, the AAMI Software Committee has initiated an effort to develop a Technical Report on Software Hazard Management. The purpose of this Technical Information Report (TIR) is to provide a consensus reference document that encapsulates the application of the Software Engineering Body of Knowledge to medical device software hazard management. OST is providing the co-chair for this effort.
An OST software engineer represents FDA on the Defense Advanced Research Projects Agency (DARPA) High-Confidence System Workgroup. This is a government-wide committee charged with analyzing and funding research on engineering methods for safer, more secure and more reliable software. FDA provides input concerning public health issues to this forum. This engineering input fosters improvement in the state of the art of software development, which provides manufacturers with the tools necessary to produce safe and effective software.
OST engineers have provided software engineering technical expertise to the FDA Part 11 Committee. The Part 11 Committee is charged with implementation of the Part 11 regulation on Electronic Records and Signature as well as the writing of guidance on various Part 11 topics. OST engineers provide the committee with engineering and design review services.
OST has lead an effort to include software engineering concerns in the proposed revision of the Medical Electrical Equipment Safety Standard IEC 60601-1. Working through the Center's Software STG, comments were collected and consensus was reached on the Center's positions on many key issues. Fifteen pages of comments were submitted for the Standard Committee’s consideration. These software engineering concerns are based on the requirements of U.S. Food and Drug law. The effort will contribute greatly to the harmonization of regulated medical device software.
Implementation of CDRH Software Policy
Key words: software, training, policy, outreach
As the CDRH Software Policy is being developed, implementation of this policy is also beginning. OST engineers are currently participating in three software educational outreach programs. OST engineers are discussing the new policy in open meetings, are providing training both in-house and extramurally, and are producing technical papers that discuss the foundations of the new policy.
OST software engineers co-designed a medical device software engineering seminar that is currently being taught at the University of California, Irvine. OST software engineers are currently working with AAMI to develop a course on software validation that is scheduled to debut in fall 2001. In addition, the software team is preparing to deliver software engineering workshop at the University of Minnesota in July 2001.
For the second year in a row, OST engineers organized and directed a software engineering session at the annual AAMI Standards Conference. OST engineers used their leveraging power and their engineering skills to arrange for six different speakers to contribute to continue educating industry on the use of standards in the development of safe and effective software.
OST prepared and presented to ODE reviewers a six-session training course covering Software Requirements, Hazard Analysis, Standards, and Verification, Validation, and Testing.
An OST engineer co-authored the article "Engineering in Software Testing: Statistical Testing Based on a Usage Model Applied to Medical Device Development" which appeared in the July/August 1999 issue of the AAMI Biomedical Instrumentation & Technology Journal. The article presented the theory behind the concept of applying usage models in developing and testing high reliability software for medical devices. The article, although contributing to advancing knowledge in this area, is of limited practical use to the small software developer because it lacks particulars about how to generate the usage model. This project will ultimately serve two purposes: 1) a usage model for radiation treatment planning (RTP) software will be developed thereby assisting both companies that develop RTP software and reviewers in CDRH who evaluate the product and 2) the research will form the basis for a follow-up journal article on developing usage models. This will be a collaborative effort between ODE, OST, NEMA, and industry. The usage model will be developed using Cleanroom software engineering methodologies. It will be used to evaluate the quality of RTP software. A collateral byproduct of this work may be a NEMA standard for the testing of RTP software using usage models.