University of Limerick
Browse
- No file added yet -

A software risk management capability model for medical device software

Download (1.33 MB)
thesis
posted on 2022-10-07, 14:12 authored by John Burton
The Medical Device industry is currently one of the fastest growing industries in the world and a guarantee of the integrity of medical device software has become increasingly important. Failure of the software can have potentially catastrophic effects, leading to injury of patients or even death. Consequently there is a tremendous onus on medical device manufacturers to demonstrate that sufficient attention is devoted to the area of software risk management throughout the software lifecycle. Failure to do so can lead to a lack of approval from the various regulatory bodies with a consequent surrender of the right to market the device in a particular country. Several different standards, guidance papers and industry guides exist which make it difficult to guarantee conformance in all cases. This diverse set of requirements can make software risk management difficult and this thesis examines the possibility of a unified approach whilst investigating the relevance of the Capability Maturity Model Integration (CMMI®) SPI model to the regulatory requirements. It is demonstrated that existing SPI models are not comprehensive enough to satisfy medical device safety requirements and an alternative is proposed. The research presented in this thesis develops a software Risk Management Capability Model (RMCM) for the medical device sector, which meets medical device regulatory requirements and the CMMI® Software Process Improvement (SPI) risk management practices. The RMCM has been evaluated within a medical device company producing medical device software. During the creation of the model a mapping has been performed between medical device regulations and the CMMI® guidelines for software risk management. The research identifies the potential strengths and weaknesses of the CMMI® risk management process area in the specific context of medical device software. The research also identifies weaknesses of current medical device software regulations, through the analysis of the CMMI® SPI model.

History

Degree

  • Doctoral

First supervisor

Richardson, Ita

Second supervisor

Mc Caffery, Fergal

Note

peer-reviewed

Language

English

Also affiliated with

  • LERO - The Irish Software Research Centre

Usage metrics

    University of Limerick Theses

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC