By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Writing Safety Critical Software
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > eHealth > Writing Safety Critical Software
eHealth

Writing Safety Critical Software

ShahidShah
ShahidShah
Share
5 Min Read
SHARE

 

I first started using and mentoring developers on agile software development techniques like eXtreme Programming (XP) and Scrum over a decade ago. Often called “lightweight” methodologies, agile software development lifecycles have been generally misunderstood as lacking enough rigor and sophistication to be used in safety-critical systems. Many have erroneously assumed that Agile, Scrum, and related methodologies can’t really be implemented in risk-focused “important” industries like medical devices because they believe only classic waterfall will be accepted by the FDA.

 

I first started using and mentoring developers on agile software development techniques like eXtreme Programming (XP) and Scrum over a decade ago. Often called “lightweight” methodologies, agile software development lifecycles have been generally misunderstood as lacking enough rigor and sophistication to be used in safety-critical systems. Many have erroneously assumed that Agile, Scrum, and related methodologies can’t really be implemented in risk-focused “important” industries like medical devices because they believe only classic waterfall will be accepted by the FDA.

More Read

Andre Blackman: Sustain or Die Manifesto [PODCAST]
Secure Use of Social Media: Ensuring the Privacy of Protected Health
Mobile Health Around the Globe: Cloud Can (Already) Improve Patient Care
Pfizer Running First US Clinical Study With Remote Participation
4 Biggest Reasons to Rethink Everything About Healthcare Marketing

Recently I ran across a great presentation by the folks at Pathfinder Software entitled “Agile Development for FDA Regulated Medical Software.” Pathfinder’s engineers help explain why the FDA doesn’t know or really care about what software methodology you use as long as you ensure that the output of your development approach results in high quality, safe, reliable software. The explanation that Michael and Tavi from Pathfinder gave about “formal” versus “casual” is quite effective and it reminded me about how often I’ve had to give the same lecture. I’ve been involved in the development of Class I/II/III devices since 1995 and I’ve had to clarify confusion about the use of agile and non-waterfall software development methodologies in almost all of my projects. The confusion has only increased with the introduction of MDDS and the proliferation of mHealth and modern mobile software performing roles traditionally performed by dedicated medical devices.

The FDA’s 21 CFR Part 820 Quality System Regulations (QSR) and the numerous other regulations that derive from it (in both the USA and other countries that follow the FDA) does dictate quite a bit but detailed software development approaches are neither described nor prescribed in the QSR. Waterfall, one of the original plan-driven methodologies, became the standard not because the FDA prescribed it but because that was the norm in the latter half of the 20th century when developing extensible software was expensive and time consuming. It was a time when hardware and software were tied together and programming languages, frameworks, components, and platforms offered little forgiveness when requirements changed. This was world in which everything was custom – from purpose-built operating systems written for specific devices as well all other software components needed by a medical device. Back then it was believed that unless you wrote everything yourself you couldn’t test and depend on the code.

Much of that changed in the 90’s and then upended even further in the early part of the 21st century; we should no longer weighed down by the baggage of the past.These days even our hardware is agile and extensible, real-time operating systems are plentiful, software platforms are malleable, mHealth is well established, and programming languages are sophisticated so we need to be open to reconsidering our development approaches, especially risk-based agile.

Why should we use “risk-based” agile? Because not every single line of code in software can or should be treated equally – some parts of our medical device software can kill people, many parts merely annoy people, but most other parts simply aren’t worth the same attention as the safety-critical components. When you treat every line of code the same (as is often true in a plan-driven approach) and you have a finite amount of resources and time you end up with lower quality software and less reliable medical devices. It’s not fair to blame the FDA for our own bad practices.

Our focus in safety-critical systems is high reliability with a short time to market and excellent functionality that meets ever increasing sophistication of design. In an age when even NASA uses agile techniques to get spacecraft reliably into orbits of planets millions of miles from earth, we need to recognize that agile has a place in medical device and FDA regulated environments.

TAGGED:Health IT
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

dental care
Importance of Good Dental Care for Health and Confidence
Dental health Specialties
October 2, 2025
AI in Healthcare
AI in Healthcare: Technology is Transforming the Global Landscape
Global Healthcare Policy & Law Technology
October 1, 2025
Choosing the Right Swimwear for Health and Safety
News
September 30, 2025
sports concussions
Concussion In Sports: How Common They Are And What You Need To Know
Infographics
September 28, 2025

You Might also Like

Breach of UofM Health System: 4K Affected

January 1, 2013
Image
BusinessSocial Media

The Still-Early State of Online Doctor Reviews

April 2, 2013
Medical InnovationsTechnology

What Will 5G Mean For Healthcare?

November 25, 2019
Surgery And Opioids: Developing Best Practices For Post-Addiction Care
eHealthHealth care

Surgery And Opioids: Developing Best Practices For Post-Addiction Care

March 26, 2018
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?