A reader asked me about OTS software tool validation. He says:
It seems to me that the editor and any other tool used to create the software is exactly that, a productivity tool. The end result (compiled binary installed on a validated PC configuration) is still going to go through verification and validation, therefore, it seems validating any of the items used to actually create the binary is unnecessary.
Any thoughts or guidance to help me understand this process?
This is a great question and the source of a lot of confusion.
The bottom line is that all third party tools (and libraries) used to construct or test FDA regulated software need to be validated.
You may think validating a compiler is unnecessary, but the FDA says otherwise — section 6.3 of the FDA Guidance on General Principles of Software Validation discussion includes “off-the-shelf software development tools, such as software compilers, linkers, editors, and operating systems.”
The form of the required documentation is detailed in the Off-The-Shelf Software Use in Medical Devices guidance document. Section 2.1 has the questions that the OTS software BASIC DOCUMENTATION needs to answer:
- What is it?
- What are the Computer System Specifications for the OTS Software?
- How will you assure appropriate actions are taken by the End User?
- What does the OTS Software do?
- How do you know it works?
- How will you keep track of (control) the OTS Software?