Medical Device Software Process

Regulated Software Research Centre (RSRC) perform medical device software engineering research and have developed a medical device software process assessment model MDevSPICE® to reduce the overhead associated with adhering to all the medical device specific standards and regulations by bringing them together into a single model. Developing MDevSPICE® required the RSRC to have a significant international standards engagement and part of this work lead to the development of IEC 80002-3 (Process Reference Model for IEC 62304), published in May 2014. IEC 80002-3 represents the culmination of many years of dedicated work by the RSRC, creating important new standards within the working groups of both the ISO and the IEC. Through working with international standards working groups such as IEC SC62A/ JWG3, IEC SC62A/JWG7 and ISO/IEC JTC1 SC7 WG10, the RSRC has advanced other standards, including IEC 80001-1-7 (Process Assessment Model for IEC 80001-1) and IEC 80001-2-8 (Guidance on standards for establishing Security Capabilities identified in IEC/TR 80001-2-2).
MDevSPICE® will for the first time concentrate the accumulated medical device software best practices from all leading sources, while also supporting the industry and regulators in consistently and accurately evaluating software process implementation. This is good news for regulators, as a robust and thorough framework grounded in international standards will exist for assessing medical device software producers. And it is good news for the producers too, as all the medical device know-how will for the first time be assembled in a single, authoritative framework.

This research is being led by Dr Fergal McCaffery

Peter Rust is conducting research in the development of a roadmap for IEC 62304. Organizations engaged in medical device software are required to demonstrate compliance with a set of medical device standards and regulations before the device can be marketed. One such standard IEC 62304, Medical device software -- Software life cycle processes, is a standard that defines the processes  that  are  required  to  be  executed  in  order  to  develop  safe  software. Demonstrating  compliance  with  IEC  62304  can  be  problematic  for  organizations that are new to or have limited experience in the domain. The standard defines  what  processes  must  be  carried  out,  but  does  not  state  how.  This  research is focused on generating a roadmap that will guide organizations in the implementation of IEC 62304