Compliance in safety-critical development is a tough nut to crack. A set of hugely complex processes help adhere to regulations when developing safety-critical devices with embedded software. In addition to using mature, fully controlled and documented processes during development, you will also need to test, measure, prove, and report on the quality of your end product itself in order to achieve compliance with rigorous safety standards.
Those, however, are not the only causes of headache to developers of such products. Regulatory scrutiny extends to not only the end product and its development processes, but also to the tools used during the development lifecycle. Product developers in the automotive, avionics, and medical device industries are required to qualify the tools they use for software development and verification.
Why validate your software tools?
Software validation is a requirement of several regulations in safety-critical areas. In medical device development, Title 21 Code of Federal Regulations (CFR) Part 820 covers the Quality System regulations. The Federal Aviation Administration (FAA) imposes similar requirements on avionics developers, while ISO 26262 stipulates that automotive developers, too, have to validate their software tools for confident use (including usability).
Related blog post: How to Validate Your ALM Tool in Medical Device Development?
Generally speaking, all the software tools (whether developed in-house or purchased from a vendor) you're using to help your development will have to be qualified. Using a word processor for requirements management? Validate it. Have an automated testing tool in place? That needs to be validated too, as well as (pretty much) everything in between.
Tool certification in general is based upon the concept of “intended use”, which relieves you as the developer of safety-critical products of the obligation to validate the entirety of the tool. Intended use limits the scope of your validation efforts to the features or use cases that are relevant for you, e.g. those features or components of the product that you plan on using during development. You’ll need to demonstrate confidence that your chosen tool fits those intended purposes.
Tool qualification process
In essence, the certification of software platforms used for safety-critical development are not much different to the validation of any piece of equipment.
It all begins with creating a tool validation plan to define the scope of your validation processes: what your intended use is, and what features of the software your planned use cases involve. The plan should also include a description of the test environment, and your method for tool validation, with testing procedures specified. You will have to link intended use and the verification of those uses cases.
Generally, tool validation follows the threefold process of:
Installation Qualification: In the IQ stage, you will test (by inspecting the tool) that the piece of software in question is correctly installed and your team was sufficiently trained on using it.
Operational Qualification: OQ basically means testing. You’ll have to cover all the functions of the tool that you intent do use with test cases, with traceability ensured between test cases and your statements on how you’re planning to use the tool.
Performance Qualification: PQ is basically a pilot run of the piece of software. It includes both the execution of test runs, and having your team use the tool for a certain period to make sure it works as expected.
At the end of the process, you’ll have to compile a Validation Report so as to ensure that auditors thoroughly understand the validation activities you have carried out, as well as their results.
Software tool validation is a laborious, lengthy and costly process. It doesn’t directly contribute to the development of high quality medical or automotive technology, yet it’s required for compliance, making it a necessary burden for developers of all sorts of safety-critical products. As the role of software grows in this group of products, regulatory scrutiny on tool qualification is only likely to increase.
If you’re using codeBeamer ALM to manage the development of safety-critical products, Intland’s Tool Validation Package Template helps you simplify and accelerate compliance with tool qualification requirements. codeBeamer covers the entire lifecycle, making it a single central platform of collaboration to manage the entire lifecycle. This Validation Package Template contains all the assets you’ll need for your tool qualification process, letting you validate this lifecycle-wide tool with minimal effort.
That’s just one of the many ways codeBeamer ALM helps you cut safety-critical product development time and costs. To learn more, schedule a free 1-on-1 product demonstration, or start your free trial of codeBeamer ALM right away.