Bringing QA expertise to help assure medical device embedded software quality while complying with IEC 62304

Overview of Bringing QA expertise to help assure medical device embedded software quality while complying with IEC 62304

I’d like to thank the team for the release 6.0. This version is a big achievement. It is the first version of the software that uses different components and links different machines from different sites. Let’s go for version 7.0!

The client is a global leader in blood component, therapeutic apheresis, and cellular technologies. The corporation’s main activities are development, manufacturing, export, import, marketing, and distribution of medical devices, supplies, and accessories.

The tested product is a dedicated system intended to collect, store, and process session data from blood transfusion devices (4 of them) that can be connected to the client’s local area network (LAN).

This connection allows viewing and analyzing the gathered data, adapting the device/parameter settings via the customer’s PC, and bi-directional communication with third-party systems linked to the same LAN.

The IT solution consists of 3 applications: the web server application (WSA), the device assistant application (DAA), and the updater.

WSA is responsible for:

  • Presentation (UI)
  • Application configuration
  • Data access
  • Log files management.

DAA is responsible for:

  • Device communication
  • Workflow execution
  • Data access
  • Database backup, mirroring, and maintenance
  • Import data from external sources
  • Default devices settings initialization
  • Log files management.

Updater is responsible for:

  • Updating WSA and DAA files
  • Self-updating.

To ensure software compliance with a range of international security standards established for healthcare-related products, the client turned to a1qa to face the challenge.

As the software was embedded in a medical device, its development and testing should comply with the IEC 62304 standard. It provides a list of tasks and activities that support the safe design and maintenance of medical device software. The goal is to ensure the app does what is intended without causing any unacceptable risks.

Within the IEC 62304 regulation, the IT product is assigned with the safety class according to the possible effects on the patient, operator, or other people resulting from a hazard (being a potential source of harm) to which the system can contribute.

The software safety classes shall initially be assigned based on severity as follows:

  • Class A: No injury or damage to health is possible
  • Class B: Non-SERIOUS INJURY is possible
  • Class C: Death or SERIOUS INJURY is possible.

The IT solution under test is assigned with the safety class C, and it places a heavy burden on the QA team. Helping assure the quality of software that may lead to such severe consequences is highly challenging and responsible, it requires complete attention from QA engineers. The stakes are too high to let a bug make it into the production.

One AI application for bringing QA expertise to assure medical device embedded software quality while complying with IEC 62304 is the use of Natural Language Processing (NLP) algorithms to automate the review and validation of software documentation against the standards outlined in IEC 62304. This can involve the development of AI-powered tools that can analyze and interpret textual information in software documentation, identifying potential non-compliance issues and providing recommendations for corrective actions.

Additionally, Machine Learning algorithms can be utilized to analyze historical data from software development and testing processes to predict potential quality assurance issues, thereby enabling proactive measures to be taken to ensure compliance with IEC 62304. This could involve building predictive models that can identify patterns and trends in software development and testing data, flagging potential non-compliance risks before they escalate.

Furthermore, AI-based anomaly detection systems can be deployed to continuously monitor the behavior of embedded software in medical devices, identifying deviations from expected patterns that could indicate potential quality or compliance issues. These systems can leverage techniques such as clustering, classification, and time-series analysis to detect anomalies and trigger alerts for further investigation by QA experts.

These AI applications can significantly enhance the efficiency and effectiveness of quality assurance processes for medical device embedded software, ensuring compliance with IEC 62304 while proactively identifying and addressing potential quality issues.