Page 168 - Safety Risk Management for Medical Devices
P. 168
Software Risk Management 147
Hazards. Formal and effective Quality management is essential to control software
changes and assess their impacts.
One of the issues for software maintenance releases is that in many cases the team
that produces the maintenance-releases is not the same as the team that produced the
original software. As such they may be unfamiliar with the rationales for the original
work, or Risk Controls that are in place.
Strategies to reduce risks due to software maintenance include: good documenta-
tion and organizational strategies, e.g., to keep some of the staff who worked on the
original software, available for consultation.
15.10 SOFTWARE RELIABILITY VERSUS SOFTWARE SAFETY
A fact to consider is that reliable software is not necessarily safe. Reliability is defined
as the ability to deliver the intended function for a certain length of time, under cer-
tain operating conditions. Software that is designed to the wrong requirements could
be implemented with no defects, operate as intended 100% of the time, and still be
unsafe. Conversely, unreliable software may be safe. Consider an automatic sphygmo-
manometer (blood pressure monitor) (Fig. 15.4). Imagine that this device has an over-
pressure sensor that would detect if the device applies too high a pressure to the cuff,
possibly injuring the patient. Now consider a condition where the control-software
incorrectly interprets the overpressure sensor and unnecessarily deactivates the device
as a safety Risk Control. In this example, unreliable software creates annoyance to the
user, but does not create a safety Hazard.
Figure 15.4 Automatic sphygmomanometer.
