[trustable-software] Requirements and architecture for Safety

Paul Sherwood paul.sherwood at codethink.co.uk
Mon Nov 5 15:46:25 GMT 2018


Hi Brian,
On 2018-11-05 15:13, Brian Pate wrote:
> It may have been brought up before on this list so I apologize if so.
> But one could also consider IEC 62304:2006 (Amendment 1 was released
> in 2015) as a software development process standard.  62304 was
> developed specifically for establishing a baseline for expected
> activities and documentation/evidence for medical device software.
> The standard allows for scaling the rigor of the process based on a
> safety classification of the software as determined by the system
> level harms/hazards associated with the intended use of the software.
> Additionally, amendment 1 to the standard provides a provision for
> bringing legacy software into compliance that was created prior to the
> release of the standard where documentation/evidence may be missing,
> lacking, or were not done at all.  Obviously this provision requires
> justification through safety risk analysis.

That sounds like a sensible approach - folks now have to weigh up 
whether it's worth paying CHF 700 to read that document, though.

In this context I'm hoping we can get to free, open guidance (including 
provenance and traceability) if at all possible.

br
Paul



More information about the trustable-software mailing list