Risk Management capability model for the development of medical device software

McCaffery, Fergal and Burton, John and Richardson, Ita (2009) Risk Management capability model for the development of medical device software. Software Quality Journal.

[thumbnail of L_8.pdf]
Download (560kB) | Preview


Failure of medical device (MD) software can have potentially catastrophic effects, leading to injury of patients or even death. Therefore regulators penalise MD manufacturers who do not demonstrate that sufficient attention is devoted to the areas of hazard analysis and risk management (RM) throughout the software lifecycle. This paper has two main objectives. The first objective is to compare how thorough current MD regulations are with relation to the Capability Maturity Model Integration (CMMI®) in specifying what RM practices MD companies should adopt when developing software. The second objective is to present a Risk Management Capability Model (RMCM) for the MD software industry, that is geared towards improving software quality, safety and reliability. Our analysis indicates that 41 RM sub-practices would have to be performed in order to satisfy MD regulations and that only an additional 8 sub-practices would be required in order to satisfy all the CMMI® level 1 requirements. Additionally, MD companies satisfying the CMMI® goals of the RM process area by performing the CMMI® RM practices will not meet the requirements of the MD software RM regulations as an additional 20 MD specific sub-practices had to be added to meet the objectives of RMCM

Item Type: Article
Uncontrolled Keywords: Medical devices; Software; Risk management
Subjects: Computer Science
Research Centres: Regulated Software Research Centre
Depositing User: Sonya Grimley
Date Deposited: 16 Feb 2012 10:08
Last Modified: 11 Nov 2014 16:10

Actions (login required)

View Item View Item


Downloads per month over past year