DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Please enter at least three characters to search
Refcards Trend Reports
Events Video Library
Refcards
Trend Reports

Events

View Events Video Library

Zones

Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Because the DevOps movement has redefined engineering responsibilities, SREs now have to become stewards of observability strategy.

Apache Cassandra combines the benefits of major NoSQL databases to support data management needs not covered by traditional RDBMS vendors.

The software you build is only as secure as the code that powers it. Learn how malicious code creeps into your software supply chain.

Generative AI has transformed nearly every industry. How can you leverage GenAI to improve your productivity and efficiency?

Related

  • A Developer's Guide to Modern Queue Patterns
  • Battle of the RabbitMQ Queues: Performance Insights on Classic and Quorum
  • Evaluating Message Brokers
  • Navigating the Maze: A Comprehensive Guide To Selecting the Right Messaging Queue

Trending

  • Code Reviews: Building an AI-Powered GitHub Integration
  • Agile’s Quarter-Century Crisis
  • Apple and Anthropic Partner on AI-Powered Vibe-Coding Tool – Public Release TBD
  • Creating a Web Project: Caching for Performance Optimization
  1. DZone
  2. Testing, Deployment, and Maintenance
  3. Testing, Tools, and Frameworks
  4. Software Hazard Identification

Software Hazard Identification

This article explores software hazard identification using failure modes and effects analysis for medical device software.

By 
Saravanan Karuppiah user avatar
Saravanan Karuppiah
·
Nov. 14, 23 · Tutorial
Likes (1)
Comment
Save
Tweet
Share
1.6K Views

Join the DZone community and get the full member experience.

Join For Free

Custom Software is critical and is an integral part of many complex medical devices. Some of these medical devices are high-risk medical devices as the failure can result in non-serious injury or serious injury or in some cases, even death for the persons using them. Because of this, the software contained in high-risk medical devices must be safe. To enforce this safety aspect, the regulatory requirements ISO 14971 and IEC 62304 that govern software development in medical devices establish the overall mechanism for risk management in the design and development of software for medical devices.

The main stages of software risk management consist of Risk Analysis, Risk evaluation, and Risk control.

Risk Analysis

Based on the Intended use and characteristics related to the safety of medical devices, identify the software hazards(potential source of harm). Based on the identified harm, estimate the risk, which is nothing but the probability of harm multiplied by the severity of harm.

Risk Evaluation

Determine the acceptability of the above-estimated risk using inputs from the cross-functional team, including doctors.

Risk Control

Implement software changes like new safety changes to mitigate and reduce the above-identified risks, particularly unacceptable risks, to make them acceptable risks.

In the above mechanism, identification of software hazards is one of the important vital steps. The software hazard can be identified using a top-down (fault tree analysis — FTA) approach, a bottom-up approach (failure modes and effects analysis — FMEA), or other methods.

Here, we will examine how the software FMEA can be performed to identify the software hazards with the Blood Glucose Meter (Medical Device) example.

A blood glucose meter usually consists of hardware interfaces like buttons, a display, a test strip port, and a microcontroller. Based on the hardware interface, the software subsystems / Modules that are required are:

  • Button software subsystem: Contains functions to identify the button presses and releases and posts them to the Message software subsystem.
  • Display software subsystem: Contains functions to display the glucose reading and other information to the user.
  • Test strip sensor software subsystem: Contains functions to sense the presence of test strips and blood and posts them to the Message software subsystem.
  • Timer software subsystem: Contains functions to provide timer indication, which can be used to time the button press duration, etc.
  • Message software subsystem: Contains functions like Message_Post(), Message_Get() to manage storage and retrieval of messages like button press detected, test strip detected, blood sample detected, blood glucose results available, etc.
  • Controller software subsystem: Contains functions to retrieve the pending messages from the Message software subsystem and perform required operations like determination of blood glucose and send them to the Display software subsystem.

With the above software subsystem identified now, we will look at the steps for performing software FMEA for the function Message_Post() in the Message software subsystem (Any spreadsheet tool can be used for its convenience in handling tables).

ID

Software Subsystem / Module

Software Element / Function Name

Software Failure cause

Software Fault Result

Potential Hazard

SFMEA-MSS_101.000

Message software subsystem

Message_Post()

Message queue full.

Fails to queue messages.

Perceived Device Lockup.
Failure to Respond to Device Messages.

The function Message_Post()is listed in a separate row aligned with the Software subsystem name with its own unique identifier (unique identifier facilitates tracing in other places and other documents).

Then, the function Message_Post() is further analyzed to identify the Software Failure cause, Fault Result, and Potential Hazards. In this example, the Software Failure cause is determined as “Message queue full” due to the fact the message buffer is full with unprocessed messages. The resultant Software Fault Result is determined as “Fails to queue messages” due to the fact no memory is available in the message buffer for new messages. The resultant Potential Hazard is determined as “Perceived Device Lockup,” as the device will not respond to button presses or test strip insertions.

This process shall be repeated for each function in all the software subsystems, thereby facilitating a clear and simple way of identifying all the software hazards. With the identified software hazards, the next step in risk management can proceed.

Custom software Hazard Message queue Risk-based testing

Opinions expressed by DZone contributors are their own.

Related

  • A Developer's Guide to Modern Queue Patterns
  • Battle of the RabbitMQ Queues: Performance Insights on Classic and Quorum
  • Evaluating Message Brokers
  • Navigating the Maze: A Comprehensive Guide To Selecting the Right Messaging Queue

Partner Resources

×

Comments
Oops! Something Went Wrong

The likes didn't load as expected. Please refresh the page and try again.

ABOUT US

  • About DZone
  • Support and feedback
  • Community research
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends:

Likes
There are no likes...yet! 👀
Be the first to like this post!
It looks like you're not logged in.
Sign in to see who liked this post!