Comments on: Medical Device Software Forensics http://rdn-consulting.com/blog/2007/10/17/medical-device-software-forensics/ Software Development and Biomedical Engineering Tue, 15 May 2012 17:32:14 +0000 hourly 1 http://wordpress.org/?v=3.3.2 By: andy http://rdn-consulting.com/blog/2007/10/17/medical-device-software-forensics/comment-page-1/#comment-5599 andy Thu, 14 Apr 2011 06:50:18 +0000 http://rdn-consulting.com/blog/2007/10/17/medical-device-software-forensics/#comment-5599 While static code analysis is perhaps not the most efficient way of tracking down bugs causing device failure, it is a good tool to have in the developer's toolbox. Finding 180 parts in 100'000 lines of code warranting closer inspection and actually finding 2 defects (of unknown severity/consequence) is fairly good. Manually inspecting 100'000 lines of code takes days if not weeks. Using a static analysis tool manages to reduce the amount up for inspection down to something that can be reviewed in less than a day. While this is not a safe guard against any device failure (verification & validation anyone?) - it is a good tool for improving overall software quality. Spending some time on grinding the analysis tools might even make it more efficient (and streamline it for ensuring a consistent style and quality of code within ones own guidelines). A be all, end all - nope, but should be kept as one of several options for improving overall quality. While static code analysis is perhaps not the most efficient way of tracking down bugs causing device failure, it is a good tool to have in the developer’s toolbox.

Finding 180 parts in 100’000 lines of code warranting closer inspection and actually finding 2 defects (of unknown severity/consequence) is fairly good. Manually inspecting 100’000 lines of code takes days if not weeks. Using a static analysis tool manages to reduce the amount up for inspection down to something that can be reviewed in less than a day.

While this is not a safe guard against any device failure (verification & validation anyone?) – it is a good tool for improving overall software quality. Spending some time on grinding the analysis tools might even make it more efficient (and streamline it for ensuring a consistent style and quality of code within ones own guidelines).

A be all, end all – nope, but should be kept as one of several options for improving overall quality.

]]> By: Discomfort with Computerized Medical Devices | Bob on Medical Device Software http://rdn-consulting.com/blog/2007/10/17/medical-device-software-forensics/comment-page-1/#comment-5598 Discomfort with Computerized Medical Devices | Bob on Medical Device Software Wed, 13 Apr 2011 02:29:08 +0000 http://rdn-consulting.com/blog/2007/10/17/medical-device-software-forensics/#comment-5598 [...] Static Analysis to Find Bugs in the Real World More Software Forensics and Why Analogies Suck Medical Device Software Forensics Pascal’s 3 part static analysis series that starts here: Guest Article: Static Analysis in [...] [...] Static Analysis to Find Bugs in the Real World More Software Forensics and Why Analogies Suck Medical Device Software Forensics Pascal’s 3 part static analysis series that starts here: Guest Article: Static Analysis in [...]

]]> By: Bob on Medical Device Software » Blog Archive » More Software Forensics and Why Analogies Suck http://rdn-consulting.com/blog/2007/10/17/medical-device-software-forensics/comment-page-1/#comment-718 Bob on Medical Device Software » Blog Archive » More Software Forensics and Why Analogies Suck Wed, 02 Jul 2008 04:27:09 +0000 http://rdn-consulting.com/blog/2007/10/17/medical-device-software-forensics/#comment-718 [...] discussed software forensics tools before. Yes, bad software has hurt and killed people, and there’s no excuse for it.  I still [...] [...] discussed software forensics tools before. Yes, bad software has hurt and killed people, and there’s no excuse for it.  I still [...]

]]> By: Bob on Medical Device Software » Blog Archive » Ever heard of FRACAS? http://rdn-consulting.com/blog/2007/10/17/medical-device-software-forensics/comment-page-1/#comment-239 Bob on Medical Device Software » Blog Archive » Ever heard of FRACAS? Sun, 28 Oct 2007 04:02:05 +0000 http://rdn-consulting.com/blog/2007/10/17/medical-device-software-forensics/#comment-239 [...] interesting one. The difference between CAPA and FRACAS is similar to the argument I made regarding Software Forensics — these techniques should be used to ensure quality before the product is released. [...] [...] interesting one. The difference between CAPA and FRACAS is similar to the argument I made regarding Software Forensics — these techniques should be used to ensure quality before the product is released. [...]

]]>