Medical-Grade Software Development

This book is a practical guide to meeting IEC 62304 software-development requirements within the context of an ISO 13485 quality management system (QMS). The book proves this can be done with a minimum amount of friction, overlap, and back-and-forth between development stages. It essentially shows you how you should shape your medical-software development processes to fit in with the QMS processes in the smartest and leanest way possible.

By following the advice in this book, you can reuse processes from your QMS, ensure your product-realization processes meet the requirements for medical-software development, and marry all the requirements together using tried and tested solutions into one efficient system. The expertise of the authors here goes beyond just the experiences of one real-world project as they tap into over 30 years of experience and countless software and software-assessment projects to distill their advice.

The book takes a hands-on approach by first teaching you the top 25 lessons to know before starting to develop a process for medical-software development. It then walks you through the expectations placed on the key aspects of such a process by the key standards. The book progresses from an overview of both standards and the general requirements involved to a detailed discussion of the expected stages from software development and maintenance to risk management, configuration management, and problem resolution. The book provides insightful advice on how the requirements of the IEC 62304 software-development life cycle can be married with an ISO 13485 QMS, how the development of the technical file should be organized, and how to address conformity assessment, the daily after-approval, and the recent trends that will affect the industry in the coming years.

The book is modeled after the IEC 62304 standard and adopts its clause structure in the numbering of sections for easy reference. The book does not attempt to replicate either standard. For the ISO 13485 standard, it recites the necessary requirements succinctly. For IEC 62304, the discussion is in-depth and also addresses the impact of ISO 13485 on the requirements discussed. In this way, the book drills into both standards to expose the core of each requirement and shape these into a practical, cohesive workflow for developing, maintaining, and improving a Lean software development pipeline.