HCMDSS Breakout Session

Requirements Specifications for Certifiable Design

Peter Lee, George Pappas, Peter Coronado, Robert Galloway, Purush Iyer, Robert Kircher, Eric Linner, Jane W. S. Liu, Tom Petelenz, Jesse

H. Poore, Majed G. Tomeh

Our charge

Think about the current and needed future practice in specification of medical devices and systems

What we talked about

1. Current standards and practices

2. What is needed / desirable

3. Opportunities

4. Other questions

5. Workshop recommendations

“We are like the barber-surgeons of earlier ages, who prided themselves on the sharpness of their knives and the speed with which they dispatched their duty -- either shaving a beard or amputating a limb. Imagine the dismay with which they greeted some ivory-towered academic who told them that the practice of surgery should be based on a long and detailed study of human anatomy, on familiarity with surgical procedures pioneered by great doctors of the past, and that it should be carried out only in a strictly controlled bug-free environment, far removed from the hair and dust of the normal barber's shop.” – Sir Tony Hoare

http://www2.kenyon.edu/Depts/WMNS/Projects/Wmns36/bloodletting/gal.htm

Current practice

Based primarily on “shall” statements

completeness?

missing behavior in normal vs failure modes

missing “shall not” statements

“User-centered” approach deemed important but deficient today

specification should include user scenarios (and verify against them)

Current practice, cont’d

Some key issues: extrinsic vs intrinsic properties need to iterate specification

development over the design process

important for fault analysis to include extrinsic properties

interoperability is essential certification of requirements vs

certification of device

What is needed / desirable

More formal specifications? abstracts away from data presentation to users useful for testing and verification should be used whenever possible formalize FDA guidance documents?

Composable specifications? implies ability to specify the environment interconnection constraints component interfaces are essential but take effort science opportunities? (eg, ISO 1070)

Opportunities

Reduce cost of certification only 40% of cost is due to development and test –

can we reduce the rest (which includes overhead, FDA, etc)

what would be sufficient evidence for certification?

Cope with diversity of human subjects high-fidelity simulations?

More intelligent, adaptive devices what would be enabled? adjust to new parameters and environments? cope with failure

Other questions

Do we allow devices that cannot be tested for all conditions?

Models are missing for device development who will develop those models? esp. patient models

Component-oriented systems? e.g., sensors, algorithms, control subsystems, etc. certification/verification of interactions of

components?

Networking, communication, data sharing are overriding concerns in the near term

Security, privacy, HIPAA?

Workshop recommendations

People to consider:

OT&E and DoD certification criteria Ernest Seglie, Chief Scientist

NAS study representative

FAA, avionics system experts

Praxis, other formal developments

Patient modeling Steve Jacobsen (biomechanics)