Bringing QA expertise to help assure medical device embedded software quality while complying with IEC 62304

Overview of Bringing QA expertise to help assure medical device embedded software quality while complying with IEC 62304

I’d like to thank the team for the release 6.0. This version is a big achievement. It is the first version of the software that uses different components and links different machines from different sites. Let’s go for version 7.0!

The client is a global leader in blood component, therapeutic apheresis, and cellular technologies. The corporation’s main activities are development, manufacturing, export, import, marketing, and distribution of medical devices, supplies, and accessories.

The tested product is a dedicated system intended to collect, store, and process session data from blood transfusion devices (4 of them) that can be connected to the client’s local area network (LAN).

This connection allows viewing and analyzing the gathered data, adapting the device/parameter settings via the customer’s PC, and bi-directional communication with third-party systems linked to the same LAN.

The IT solution consists of 3 applications: the web server application (WSA), the device assistant application (DAA), and the updater.

WSA is responsible for:

  • Presentation (UI)
  • Application configuration
  • Data access
  • Log files management.

DAA is responsible for:

  • Device communication
  • Workflow execution
  • Data access
  • Database backup, mirroring, and maintenance
  • Import data from external sources
  • Default devices settings initialization
  • Log files management.

Updater is responsible for:

  • Updating WSA and DAA files
  • Self-updating.

To ensure software compliance with a range of international security standards established for healthcare-related products, the client turned to a1qa to face the challenge.

As the software was embedded in a medical device, its development and testing should comply with the IEC 62304 standard. It provides a list of tasks and activities that support the safe design and maintenance of medical device software. The goal is to ensure the app does what is intended without causing any unacceptable risks.

Within the IEC 62304 regulation, the IT product is assigned with the safety class according to the possible effects on the patient, operator, or other people resulting from a hazard (being a potential source of harm) to which the system can contribute.

The software safety classes shall initially be assigned based on severity as follows:

  • Class A: No injury or damage to health is possible
  • Class B: Non-SERIOUS INJURY is possible
  • Class C: Death or SERIOUS INJURY is possible.

The IT solution under test is assigned with the safety class C, and it places a heavy burden on the QA team. Helping assure the quality of software that may lead to such severe consequences is highly challenging and responsible, it requires complete attention from QA engineers. The stakes are too high to let a bug make it into the production.

One AI application for bringing QA expertise to assure medical device embedded software quality while complying with IEC 62304 is the use of machine learning algorithms for automated testing and validation. These algorithms can be trained to identify potential issues and bugs in the software, allowing for more comprehensive and efficient testing processes. Additionally, natural language processing (NLP) models can be utilized to analyze and interpret regulatory requirements, ensuring that the software complies with the standards outlined in IEC 62304. Furthermore, AI-powered anomaly detection systems can monitor the behavior of the software in real time, flagging any deviations from expected performance and functionality. This proactive approach can help to mitigate risks and ensure the reliability and safety of medical device software.