A case study on software risk analysis and planning in medical device development

Christin Lindholm, Jesper Holmén Notander, Martin Höst

Research output: Contribution to journalArticlepeer-review

Abstract

Software failures in medical devices can lead to catastrophic situations. Therefore, it is crucial to handle software-related risks when developing medical devices, and there is a need for further analysis of how this type of risk management should be conducted. The objective of this paper is to collect and summarise experiences from conducting risk management with an organisation developing medical devices. Specific focus is put on the first steps of the risk management process, i.e. risk identification, risk analysis, and risk planning. The research is conducted as action research, with the aim of analysing and giving input to the organisation’s introduction of a software risk management process. First, the method was defined based on already available methods and then used. The defined method focuses on user risks, based on scenarios describing the expected use of the medical device in its target environment. During the use of the method, different stakeholders, including intended users, were involved. Results from the case study show that there are challenging problems in the risk management process with respect to definition of the system boundary and system context, the use of scenarios as input to the risk identification, estimation of detectability during risk analysis, and action proposals during risk planning. It can be concluded that the risk management method has potential to be used in the development organisation, although future research is needed with respect to, for example, context limitation and how to allow for flexible updates of the product.
Original languageEnglish
Pages (from-to)469-497
JournalSoftware Quality Journal
Volume22
Issue number3
DOIs
Publication statusPublished - 2014

Bibliographical note

Published online before assigned to an issue

Subject classification (UKÄ)

  • Computer Science

Fingerprint

Dive into the research topics of 'A case study on software risk analysis and planning in medical device development'. Together they form a unique fingerprint.

Cite this