2. Why the need for Regulation?
FDA Analysis Reveals:
3,140 Medical Device Recalls (1992-1998)
242 (7.7%) attributable to Software Failures
192/242 (79%) caused by software defects introduced
when changes were made to the software after release
Software Validation Best Practices
A principle means of Avoiding such Defects &
Resultant Recalls
3. FDA Guidance on Software Compliance
“General Principles of Software Validation”
Based on generally recognized software validation
principles
Lists elements acceptable to FDA for Software Validation
Recommends conducting Verification Activities throughout
the SDLC
Recommends integration of SDLC Mgt & Risk Mgt activities
5. FDA Verification & Validation
Software Validation
The Software consistently fulfills all of the requirements,
which in turn meet the end users needs
Traceability
“…the validation of software typically includes evidence that all software
requirements have been implemented correctly and completely and are
traceable to system requirements”
Visibility
“A conclusion that software is validated is highly dependent upon
comprehensive software testing, inspections, analyses, and other
verification tasks performed at each stage of the software development
life cycle”
6. FDA Compliance – Summary
A set of Effective Software Verification Activities
Should be performed Throughout the SDLC
Outside Visibility into these regular Activities (Audit)
Full Requirements Traceability
Effective Regression Tests for Post-Release Code Changes
Data Collection, Correlation & Report Generation (Audit)
Process Improvement
Integration of SDLC Management and Risk Management
7. One Final Consideration…
“FDA Worried That Class I Recall Jump
Reflects Industry Rush To Market”
Article preview from "The Gray Sheet"- May 24, 2010
“A recent spike in Class I medical device recalls has led
FDA to question whether manufacturers are sacrificing
quality to rush products to market”
8. Parasoft Concerto = FDA Compliance
Processes and best practices that assists organizations to meet
FDA guidelines and medical device industry standards for
software development
1
10. Project Overview
Will it have the right functionality? on budget? project on time?
Is your project Is your
11. Parasoft Concerto = FDA Compliance
Processes and best practices that assists organizations to meet
FDA guidelines and medical device industry standards for
software development
Control the Process
Manage the Process 1 2
13. Traceability – Natural Workflow
Automated Traceability: Requirements are correlated to Tasks
Tasks are correlated to Code… & Automated Tests… & Validation Scenarios
14. Parasoft Concerto = FDA Compliance
Policy-Driven FDA Compliance allows you to
manage the process by exception
Manage By Exception
3
Control the Process
Manage the Process 1 2
16. Policies for SDLC Management
Will it have the right functionality?
Red = Exception: Take Action
Is you project on time?
Yellow = Warning
Is your project on budget?
Green = On Track
18. Software Development Process Improvement
A closed-loop process to manage and improve the software
development lifecycle
Manage By Exception
3
Control the Process Analyze and Improve
Manage the Process 1 2 4
19. Real-Time FDA Process Compliance
FDA Software Validation Compliance
Verification and Validation
Best Practices, Visibility & Traceability
Parasoft Concerto, the infrastructure for FDA compliance
plus real-time data that tracks:
Is your project on time?
Is your project on budget?
Will it have the right functionality?
Will it work?
Parasoft Proprietary and Confidential