FDA: Between Process and Product Evaluation

FDA: Between Process and Product Evaluation

Several institutions and agencies around the world, from both the private and public sectors, have adopted the practice of software validation and certification to ensure higher levels of confidence in software. The US Food and Drug Administration (FDA) is one of these organisations. The FDA has pub...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Abdeen, M.M., Kahl, W., Maibaum, T.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Certification
Computer industry
Drugs
Information security
Information technology
National security
Software measurement
Software quality
Standards development
Taxonomy
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 186
container_issue
container_start_page 181
container_title
container_volume
creator Abdeen, M.M.
Kahl, W.
Maibaum, T.
description Several institutions and agencies around the world, from both the private and public sectors, have adopted the practice of software validation and certification to ensure higher levels of confidence in software. The US Food and Drug Administration (FDA) is one of these organisations. The FDA has published several guidance documents concerning the validation of medical device software. In its guidance documents for both the medical software industry and FDA staff, FDA recommends certain activities to be undertaken and certain deliverables to be prepared. This is believed by the FDA to achieve higher confidence in the software quality and, accordingly, better validation. In this paper, we question the clarity and practicability of the FDA approach for medical software validation. We examine the FDA approach by evaluating the FDA guidance documents. We base our analysis on considering the product versus process evaluation criterion. By focusing on these two concepts, we believe that the FDA validation approach leads to confusion in the minds of both software producers and evaluators and it may well lead to lower quality software than desired being certified, at the time the FDA considers its approach as the least burdensome. As a demonstration of our claim, we analyze "quality planning" as the first activity in the FDA approach. We discuss the corresponding effort for this activity in another product-oriented evaluation approach, the common criteria (CC) for information technology security evaluation. As its main objective, the comparison aims to highlight both the inconsistency and the vagueness of the FDA evaluation function. Reconsideration of these issues by the FDA will lead to a more objective evaluation function and higher confidence in the medical software, which represents the most important concern among the evaluation community and the general public.
doi_str_mv 10.1109/HCMDSS-MDPnP.2007.6
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_4438188</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>4438188</ieee_id><sourcerecordid>4438188</sourcerecordid><originalsourceid>FETCH-LOGICAL-i175t-440cf8872a16d31bfb99e336796d6b47035f0715821fa7c254e789d95821febe3</originalsourceid><addsrcrecordid>eNotjEtLw0AURgdEUGp-QTfZS-K9mcedcVeT1gotBqrrMsncgUhNJUkV_73Pb3MOZ_EJMUfIEcHdrMtttdtl26ru67wAoNycicSRBTJOS7DoLkQyji_wPaXBSH0prlfV4ja94-mDuU_r4djyOKa-Dz8eTu2ULt_94eSn7thfifPoDyMn_5yJ59XyqVxnm8f7h3KxyTokPWVKQRutpcKjCRKb2DjHUhpyJphGEUgdgVDbAqOnttCKybrgfgM3LGdi_vfbMfP-behe_fC5V0patFZ-AR7AQDI</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>FDA: Between Process and Product Evaluation</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Abdeen, M.M. ; Kahl, W. ; Maibaum, T.</creator><creatorcontrib>Abdeen, M.M. ; Kahl, W. ; Maibaum, T.</creatorcontrib><description>Several institutions and agencies around the world, from both the private and public sectors, have adopted the practice of software validation and certification to ensure higher levels of confidence in software. The US Food and Drug Administration (FDA) is one of these organisations. The FDA has published several guidance documents concerning the validation of medical device software. In its guidance documents for both the medical software industry and FDA staff, FDA recommends certain activities to be undertaken and certain deliverables to be prepared. This is believed by the FDA to achieve higher confidence in the software quality and, accordingly, better validation. In this paper, we question the clarity and practicability of the FDA approach for medical software validation. We examine the FDA approach by evaluating the FDA guidance documents. We base our analysis on considering the product versus process evaluation criterion. By focusing on these two concepts, we believe that the FDA validation approach leads to confusion in the minds of both software producers and evaluators and it may well lead to lower quality software than desired being certified, at the time the FDA considers its approach as the least burdensome. As a demonstration of our claim, we analyze "quality planning" as the first activity in the FDA approach. We discuss the corresponding effort for this activity in another product-oriented evaluation approach, the common criteria (CC) for information technology security evaluation. As its main objective, the comparison aims to highlight both the inconsistency and the vagueness of the FDA evaluation function. Reconsideration of these issues by the FDA will lead to a more objective evaluation function and higher confidence in the medical software, which represents the most important concern among the evaluation community and the general public.</description><identifier>ISBN: 9780769530819</identifier><identifier>ISBN: 0769530818</identifier><identifier>DOI: 10.1109/HCMDSS-MDPnP.2007.6</identifier><language>eng</language><publisher>IEEE</publisher><subject>Certification ; Computer industry ; Drugs ; Information security ; Information technology ; National security ; Software measurement ; Software quality ; Standards development ; Taxonomy</subject><ispartof>2007 Joint Workshop on High Confidence Medical Devices, Software, and Systems and Medical Device Plug-and-Play Interoperability (HCMDSS-MDPnP 2007), 2007, p.181-186</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/4438188$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,777,781,786,787,2053,27907,54902</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/4438188$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Abdeen, M.M.</creatorcontrib><creatorcontrib>Kahl, W.</creatorcontrib><creatorcontrib>Maibaum, T.</creatorcontrib><title>FDA: Between Process and Product Evaluation</title><title>2007 Joint Workshop on High Confidence Medical Devices, Software, and Systems and Medical Device Plug-and-Play Interoperability (HCMDSS-MDPnP 2007)</title><addtitle>HCMDSSMDPNP</addtitle><description>Several institutions and agencies around the world, from both the private and public sectors, have adopted the practice of software validation and certification to ensure higher levels of confidence in software. The US Food and Drug Administration (FDA) is one of these organisations. The FDA has published several guidance documents concerning the validation of medical device software. In its guidance documents for both the medical software industry and FDA staff, FDA recommends certain activities to be undertaken and certain deliverables to be prepared. This is believed by the FDA to achieve higher confidence in the software quality and, accordingly, better validation. In this paper, we question the clarity and practicability of the FDA approach for medical software validation. We examine the FDA approach by evaluating the FDA guidance documents. We base our analysis on considering the product versus process evaluation criterion. By focusing on these two concepts, we believe that the FDA validation approach leads to confusion in the minds of both software producers and evaluators and it may well lead to lower quality software than desired being certified, at the time the FDA considers its approach as the least burdensome. As a demonstration of our claim, we analyze "quality planning" as the first activity in the FDA approach. We discuss the corresponding effort for this activity in another product-oriented evaluation approach, the common criteria (CC) for information technology security evaluation. As its main objective, the comparison aims to highlight both the inconsistency and the vagueness of the FDA evaluation function. Reconsideration of these issues by the FDA will lead to a more objective evaluation function and higher confidence in the medical software, which represents the most important concern among the evaluation community and the general public.</description><subject>Certification</subject><subject>Computer industry</subject><subject>Drugs</subject><subject>Information security</subject><subject>Information technology</subject><subject>National security</subject><subject>Software measurement</subject><subject>Software quality</subject><subject>Standards development</subject><subject>Taxonomy</subject><isbn>9780769530819</isbn><isbn>0769530818</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2007</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNotjEtLw0AURgdEUGp-QTfZS-K9mcedcVeT1gotBqrrMsncgUhNJUkV_73Pb3MOZ_EJMUfIEcHdrMtttdtl26ru67wAoNycicSRBTJOS7DoLkQyji_wPaXBSH0prlfV4ja94-mDuU_r4djyOKa-Dz8eTu2ULt_94eSn7thfifPoDyMn_5yJ59XyqVxnm8f7h3KxyTokPWVKQRutpcKjCRKb2DjHUhpyJphGEUgdgVDbAqOnttCKybrgfgM3LGdi_vfbMfP-behe_fC5V0patFZ-AR7AQDI</recordid><startdate>200706</startdate><enddate>200706</enddate><creator>Abdeen, M.M.</creator><creator>Kahl, W.</creator><creator>Maibaum, T.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>200706</creationdate><title>FDA: Between Process and Product Evaluation</title><author>Abdeen, M.M. ; Kahl, W. ; Maibaum, T.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i175t-440cf8872a16d31bfb99e336796d6b47035f0715821fa7c254e789d95821febe3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2007</creationdate><topic>Certification</topic><topic>Computer industry</topic><topic>Drugs</topic><topic>Information security</topic><topic>Information technology</topic><topic>National security</topic><topic>Software measurement</topic><topic>Software quality</topic><topic>Standards development</topic><topic>Taxonomy</topic><toplevel>online_resources</toplevel><creatorcontrib>Abdeen, M.M.</creatorcontrib><creatorcontrib>Kahl, W.</creatorcontrib><creatorcontrib>Maibaum, T.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Abdeen, M.M.</au><au>Kahl, W.</au><au>Maibaum, T.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>FDA: Between Process and Product Evaluation</atitle><btitle>2007 Joint Workshop on High Confidence Medical Devices, Software, and Systems and Medical Device Plug-and-Play Interoperability (HCMDSS-MDPnP 2007)</btitle><stitle>HCMDSSMDPNP</stitle><date>2007-06</date><risdate>2007</risdate><spage>181</spage><epage>186</epage><pages>181-186</pages><isbn>9780769530819</isbn><isbn>0769530818</isbn><abstract>Several institutions and agencies around the world, from both the private and public sectors, have adopted the practice of software validation and certification to ensure higher levels of confidence in software. The US Food and Drug Administration (FDA) is one of these organisations. The FDA has published several guidance documents concerning the validation of medical device software. In its guidance documents for both the medical software industry and FDA staff, FDA recommends certain activities to be undertaken and certain deliverables to be prepared. This is believed by the FDA to achieve higher confidence in the software quality and, accordingly, better validation. In this paper, we question the clarity and practicability of the FDA approach for medical software validation. We examine the FDA approach by evaluating the FDA guidance documents. We base our analysis on considering the product versus process evaluation criterion. By focusing on these two concepts, we believe that the FDA validation approach leads to confusion in the minds of both software producers and evaluators and it may well lead to lower quality software than desired being certified, at the time the FDA considers its approach as the least burdensome. As a demonstration of our claim, we analyze "quality planning" as the first activity in the FDA approach. We discuss the corresponding effort for this activity in another product-oriented evaluation approach, the common criteria (CC) for information technology security evaluation. As its main objective, the comparison aims to highlight both the inconsistency and the vagueness of the FDA evaluation function. Reconsideration of these issues by the FDA will lead to a more objective evaluation function and higher confidence in the medical software, which represents the most important concern among the evaluation community and the general public.</abstract><pub>IEEE</pub><doi>10.1109/HCMDSS-MDPnP.2007.6</doi><tpages>6</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISBN: 9780769530819
ispartof 2007 Joint Workshop on High Confidence Medical Devices, Software, and Systems and Medical Device Plug-and-Play Interoperability (HCMDSS-MDPnP 2007), 2007, p.181-186
issn
language eng
recordid cdi_ieee_primary_4438188
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Certification
Computer industry
Drugs
Information security
Information technology
National security
Software measurement
Software quality
Standards development
Taxonomy
title FDA: Between Process and Product Evaluation
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-17T11%3A28%3A01IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=FDA:%20Between%20Process%20and%20Product%20Evaluation&rft.btitle=2007%20Joint%20Workshop%20on%20High%20Confidence%20Medical%20Devices,%20Software,%20and%20Systems%20and%20Medical%20Device%20Plug-and-Play%20Interoperability%20(HCMDSS-MDPnP%202007)&rft.au=Abdeen,%20M.M.&rft.date=2007-06&rft.spage=181&rft.epage=186&rft.pages=181-186&rft.isbn=9780769530819&rft.isbn_list=0769530818&rft_id=info:doi/10.1109/HCMDSS-MDPnP.2007.6&rft_dat=%3Cieee_6IE%3E4438188%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=4438188&rfr_iscdi=true