How to Build Safer and More Reliable FDA-Approved Software
Ensure business success with top-notch software. Navigate glitches and threats proactively. Propel growth with reliability
Ensure business success with top-notch software. Navigate glitches and threats proactively. Propel growth with reliability
The impact of software innovation on our world is truly remarkable! It addresses significant challenges, streamlining processes and enhancing our overall well-being.
Software has become essential in various industries, from entertainment to farming and even defense. The healthcare sector has also embraced software-based mobile and AI technologies to facilitate advancements and tackle the increasing shortage of healthcare professionals.
Yet lousy software can cause irreparable harm across the industries and infrastructure it’s transforming. McKinsey estimates that 70 percent of medical device recalls are due to a software issue.
The cost of software recalls can be significant in terms of financial losses and damage to a company’s reputation and can also cause physical harm and even death. Some recent examples include:
How can companies reduce risk and ensure their software is safe and reliable? The answers can be found in an active application lifecycle management (ALM) system that includes continuous testing and change management. But first, let’s look at some of the most common software issues.
The exchange of information between different computer systems is essential for the modern economy, but it can be challenging when systems are developed by different teams. One of the most significant issues identified by the U.S. Food & Drug Administration is the need for connectivity or interoperability between these systems. This includes ensuring the easy exchange of information between applications, databases, and other computer systems, as well as verifying and validating the overall design.
An example of an infusion pump recall highlights the importance of proper software updates. Patients in an intensive care unit receive medication through the pump, which is regulated by a companion app used by medical professionals. However, in a recent case, the app was updated without a corresponding update to the device software, putting patients at risk of incorrect dosages. The ALM system helps organize data for both in-house and third-party software, improving product understanding and traceability. Orcanos offers a suspicious indicator feature that alerts users to possible irregularities or non-compliant behavior within the system, aiding in risk identification.
Using incompatible units between different software can cause a failure because the software will not be able to correctly interpret the data. For example, if one software uses meters as the unit of measurement for distance, and another software uses kilometers, the two software will not be able to communicate with each other properly. This can lead to errors in calculations, which can in turn lead to failures.
Here are some specific examples of how incompatible units can cause failures:
To prevent failures caused by incompatible units, it is important to ensure that all software that interacts with each other is using the same units of measurement. This can be done by carefully specifying the units of measurement in all software documentation, and by using a software tool that can automatically convert between different units.
Here are some tips for preventing failures caused by incompatible units:
While this happened many years ago, time hasn’t resolved the issue. Different teams own different pieces of software, and when they inadvertently use different metrics, poor communications can turn a simple disconnect into a catastrophic defect. Orcanos provides a complete collaborative workspace that enhances the efficiency and transparency required for remote teams. With a comprehensive Part 11 or Annex 11 audit log, you can easily monitor and review real-time changes from a single source of truth.
In recent years, there have been several reports of security vulnerabilities in insulin pumps and pacemakers. In 2011, a security researcher demonstrated that he could hack into an insulin pump and deliver a lethal dose of insulin. In 2012, a group of researchers found vulnerabilities in pacemakers that could allow hackers to remotely control the devices.
The FDA has taken some steps to address the security concerns around insulin pumps and pacemakers. In 2017, the FDA issued a guidance document on the security of medical devices. The document provides recommendations for manufacturers on how to design and secure their devices.
However, more needs to be done to address the security concerns around insulin pumps and pacemakers. Manufacturers need to continue to improve the security of their devices. Patients also need to be aware of the risks and take steps to protect themselves.
Here are some tips for patients who use insulin pumps and pacemakers to protect themselves from security threats:
Keep your devices up to date with the latest firmware. Firmware updates often include security patches that can help to protect your devices from vulnerabilities.
The security of insulin pumps and pacemakers is causing growing concern for the FDA due to the potential for them to be exploited by hackers as a means of launching attacks on individuals, hospitals, and networks. The vulnerabilities could range from unaddressed backdoors to outdated code that remains in the system for historical purposes and creates a security gap.
Software issues often arise due to system changes, particularly with regards to coordinating access levels between various groups. This is compounded in modern software, such as web-based, mobile, and AI/ML applications, where changes are more frequent and thus increase the likelihood of errors occurring.
Manufacturers nowadays allocate more time to documenting their work than to producing high-quality products. They utilize various systems such as Jira to work, another system to record evidence, and a third-party quality system to approve their work. This approach not only proves to be inefficient, but it can also lead to issues in monitoring a product post-market. In the event of a complaint, each system must be checked to identify and isolate where the complaint originated. These processes consume valuable time that could have been dedicated to building top-notch products.
The time, effort, and resources allocated toward producing high-quality products should be redirected toward preventing issues that lead to recalls. By generating evidence directly from source systems, a unified source of truth can be created for the entire team to collaborate on and reference. This approach breaks down communication barriers and, in turn, shortens project timelines.
Developing more secure software begins by depending on improved systems, such as utilizing a strong, interconnected Application Lifecycle Management (ALM) platform, which enables you to:
In the manufacturing industry, there is a significant amount of time dedicated to documenting work rather than focusing on producing high-quality products. Manufacturers often utilize multiple systems, such as Jira, a separate system for recording evidence, and a third-party quality system for approving work. This process not only lacks efficiency but also hinders the post-market surveillance of products. When a complaint arises, it becomes necessary to navigate through each system to pinpoint the origin of the complaint. These steps are time-consuming and could be better utilized in preventing issues that lead to product recalls. Integrating AI into such systems (Orcanos “Ask Paul”) allows the consolidation of both quality and design control, and by that, analyzing the root cause of a problem across the board saves time for many people gathering information in the same room for hours, resulting in unparalleled information taken from the best practice of the industry.
When you work and generate evidence from source systems, you are able to create a single source of truth for the entire team to collaborate on and reference. This approach removes silos while reducing project timelines.
For example, you can generate your Software Bill of Materials directly from your design documents that can be linked to source code and perform risk analysis based on the traceability you actually have in your applications. If someone changes the specifications, you can use ALM AI tools that can generate and assess the potential risk that needs to be re-examined.
Shift left is a development practice that involves conducting testing, quality assurance, and performance evaluation at an early stage, even before the code is developed. Another emerging concept in this field is model-based systems engineering, which involves creating computational models to test the functionality of a system before it is built and deployed.
There are several ways to improve the testing process for manufacturers using complex software solutions with multiple moving parts and components.
By implementing these improvements, manufacturers can enhance the testing process for complex software solutions, reducing the risk of errors and ensuring a higher-quality product.
To ensure the reliability of software solutions, manufacturers must establish a testing strategy that covers every stage of the software development lifecycle. This strategy should include unit testing, integration testing, system testing, and user acceptance testing, among others, to ensure comprehensive testing coverage. Additionally, ongoing monitoring and optimization of performance is necessary for continued success.
As our society grows, the complexity of the products and services we provide also increases. This puts a strain on the training of new employees in all areas of the economy. However, building safer software can help alleviate this strain by automating repetitive and even dangerous tasks. Furthermore, it can ultimately save lives. As our dependence on software grows, it is vital to ensure that it performs as expected and is safe to use. This can be achieved by regularly updating the software with security patches and other maintenance releases. However, this can be challenging when different teams are involved in developing various systems. One of the most significant challenges identified by the U.S. Food & Drug Administration (FDA) is the importance of maintenance. Therefore, it is crucial to rely on third-party software only when necessary and to prioritize the development of new products that can be maintained and updated easily.