Static Analysis and the FDA Guidance for Medical Device Software

Parasoft Proprietary and Confidential 1

2014-10-09

Static Analysis andthe FDA Guidance for

Medical Device SoftwareInvestigating the Application of MISRA

Jason Schadewald, Product Manager

Parasoft Proprietary and Confidential 2Parasoft Proprietary and Confidential 2

About ParasoftAbout Parasoft

World Renowned for Automated Defect Prevention

27 Yrs Founded in 1987

HighlyFocused

Privately heldNo debt, No VCs

>2,500 Customers worldwide

27 Years of profitable growthYears of innovation and customer value

Patents associated with software quality28


FDA Compliance

General Principles of Software Validation; Guidance for Industry and FDA Staff http://www.fda.gov/RegulatoryInformation/Guida

nces/ucm126954.htm 8% of medical device recalls due to software

failures 80% caused by defects introduced following

changes Compliance with FDA becoming increasingly

rigorous

http://www.fda.gov/RegulatoryInformation/Guidances/ucm126954.htm

http://www.fda.gov/RegulatoryInformation/Guidances/ucm126954.htm


FDA Software Development Guidelines

FDA guidelines cover well understood software development best practices

FDA guidelines define principles and practices that should be performed but not specific requirements

• FDA defines ‘what’ not ‘how’• “Least burdensome approach”

Processes are defined by the Company and must follow the guidelines

• Every company has it’s own defined processes

FDA Approves process and Audits compliance to process

• Process cannot change (without re-approval by the FDA)

Archived reports for future Audits are critical


Core FDA Concepts

Requirements must be defined

Software Validation and Defect Prevention

Traceability• from Requirements to Tests• from Requirements to Source Code

Defined procedures for validation of definitions• Requirements, Design and Test

Procedure for managing the project lifecycle


FDA on Static Analysis

3.1.2 “Software testing is one of many verification activities intended to confirm that software development output meets its input requirements. Other verification activities include various static and dynamic analyses, code and document inspections, walkthroughs, and other techniques.”

5.2.4 “Source code should be evaluated to verify its compliance with specified coding guidelines.”


MISRAMISRA

Mission Statement:“To provide assistance to the automotive industry in the application and creation within vehicle systems of safe and reliable software.”


Why MISRA for Medical?

Coding Standards Well-defined Updated Flexible

Deviation Strategy Auditable Why not?


Valuable MISRA FeaturesValuable MISRA Features

Accounting for language versions (C90 vs C99)

Directives and Rules classification

Decidability and Scope

Mandatory, Required, and Advisory categories


Deviate ResponsiblyDeviate Responsibly

“A Specific Deviation is used when a MISRA C guideline is deviated for a single instance in a single file.” – Section 5.4

Which guideline Scope Justification Safety assurance Consequences and

Mitigations


Deviations Done RightDeviations Done Right

Rule 16.3 - “An unconditional break statement shall terminate every switch clause”

Guideline deviated

Scope Justification andSafety Assurance

Consequences, Mitigations,Additional Details


FDA/MISRA Alignment

FDA Guideline MISRA Capability

“Least burdensome approach” Lightweight and flexible

Company defines standards Proven standards pre-packaged

Work must be traceable Provides traceability methodology

Process must be auditable Defines auditable reports


Other Standards

DIY DO-178 IEC 62304

Effective C++ CWE

Technology

Static Analysis and the FDA Guidance for Medical Device Software