Transcription
Development of a Software TestingBest Practice Framework forMedical Device SoftwareAndrzej Beniamin BUJOKA thesis submitted in fulfilment of therequirements for the degree ofMaster of Scienceto theDundalk Institute of TechnologySchool of Informatics and Creative ArtsSupervised by:Dr Peadar GRANTDr Silvana Togneri MACMAHONProf Fergal MCCAFFERYJune 2020
DeclarationWe, the undersigned declare that this thesis entitled Development of a Software TestingBest Practice Framework for Medical Device Software is entirely the author’s own workand has not been taken from the work of others, except as cited and acknowledged withinthe text.The thesis has been prepared according to the regulations of Dundalk Institute ofTechnology and has not been submitted in whole or in part for an award in this or anyother institution.Author Name:AuthorAndrzej Beniamin BujokSignature:Date:05/05/2021Supervisor Name:Peadar GrantSupervisor Signature:Date:05/05/2021i
AcknowledgementsI would like to begin with giving my thanks and dedicating my thesis to my deceasedparents for instilling in me the love of knowledge and art. They motivated me to educatemyself at every stage of my life. I would also like to thank my beloved wife Dorota thatshe has never complained and always supported me during the challenging time of mystudy.I am grateful to my supervisors for accompanying me on my research journey. First ofall, I would like to thank Dr Silvana Togneri MacMahon, who has been supervising mesince I made the first research step, through all subsequent research stages, up to the finishline of this study. Silvana, without your great contribution this study could not becompleted. I also thank Dr Peadar Grant for his contribution, especially in terms ofreviews and comments for my thesis. I thank Prof Fergal McCaffery that he gave me theopportunity to enter the world of science and commence research study. I appreciate mysupervisors for leading me to continually develop research skills and knowledge. Thisjourney was exciting when I experienced the taste of progress, but was challenging whenI struggled with failures, and both, ups and downs affected my personal development.I thank my colleagues, namely Hamsini, but also Surafel and others, for supporting meand each other in various aspects of our research. I also thank medical device softwaredevelopment organisation and software testing organisation for taking part in thisresearch, especially in terms of validation. Finally, I would like to thank LERO, the IrishSoftware Engineering Research Centre, for supporting my research by providing fundsfor my studies.ii
ContentsDeclaration . iAcknowledgements . iiContents .iiiList of Tables. viList of Figures . viiList of Publications .viiiList of Acronyms . ixAbstract . xMap of Thesis – Part 1 . 1Chapter 1Introduction . 21.1Software Testing . 31.2Software Testing Challenges . 41.3Standardisation Organisations & International Standards . 51.4Towards a Software Testing Best Practice Framework . 61.5Research Questions . 71.6Research Objectives . 81.7Research Contributions . 101.8Document Structure . 11Chapter 2Literature Review . 122.1Introduction . 122.2Generic Software Testing . 132.2.1The Purpose of Software Testing . 132.2.2The Evolution of Software Testing . 132.2.3Challenges of Generic Software Testing. 162.2.4Summary & Conclusion . 182.3Medical Device Software Testing . 192.3.1Software Testing Challenges in Medical Device Domain . 192.3.2Medical Device Regulatory Requirements . 202.3.3Medical Device Software Safety . 212.3.4Summary & Conclusion . 22iii
2.4 International Standards Related to Software Testing & Quality and MedicalDevice Software Development . 232.4.1Introduction . 232.4.2Overview of International Standards . 232.4.3Standards from Technical Committee ISO/IEC JTC 1/SC 7 . 252.4.4Standards from Technical Committees ISO/TC 210 & IEC/SC 62A . 262.4.5Standards and Guidance Related to Verification & Validation . 272.4.6Discussion . 282.4.7Existing Approaches to Standards Integration & Consolidation . 302.4.8Summary & Conclusion . 302.5Research Questions and Objectives Revisited . 322.6Approach to the Development of the Framework . 33Map of Thesis – Part 2 . 34Chapter 3Research Design . 353.1Introduction . 353.2Philosophical and Methodological Background . 363.2.1Ontology and Epistemology. 363.2.2Theoretical Perspective . 363.2.3Methodology . 383.2.4Data Collection Methods. 393.3Research Design of this Study. 403.3.1Ontological/Epistemological View . 403.3.2Theoretical Perspective of this Study. 413.3.3Methodology . 423.3.4Data Collection Methods. 443.4Summary . 45Map of Thesis – Part 3 . 47Chapter 4Development of a Software Testing Best Practice Framework . 484.1Introduction . 484.2Framework Design . 504.3High-Level Mapping of ISO/IEC/IEEE 29119-2 & IEC 62304 . 524.4Approach to Consolidating Standards’ Clauses . 544.4.1Logical Dependence of Standards’ Clauses . 544.4.2Summary and Conclusion . 564.5Development of MED-V-STEP Framework . 574.5.1Use of Table B.2 in Annex B of ISO/IEC/IEEE 29119-2. 584.5.2Use of Table C.5 in Annex C.6 of IEC 62304 . 594.5.3Mapping ISO/IEC/IEEE 29119-2 to IEC 62304 . 604.5.4Defining Logical Dependencies of Related Clauses . 63iv
4.6MED-V-STEP Framework . 654.7Summary and Conclusion . 71Chapter 5Focus Group & Questionnaire Validation of MED-V-STEP Framework 725.1Introduction . 725.2Focus Group Preparation . 735.3Validation by Medical Device Organisation . 795.3.1Conducting Focus Group 1 . 795.3.2Findings from Focus Group 1 . 835.3.3Findings from Questionnaire 1 . 885.4Validation by the Software Testing Organisation . 895.4.1Conducting Focus Group 2 . 895.4.2Findings from Focus Group 2 . 905.4.3Findings from Questionnaire 2 . 935.5Summary and Conclusion . 94Map of Thesis – Part 4 . 97Chapter 6Discussion . 986.1Introduction . 986.2Research Questions and Research Objectives Revisited . 986.2.1Identifying Software Testing Challenges . 996.2.2Addressing Identified Challenges . 1016.2.3Developing a Software Testing Best Practice Framework . 1026.2.4Validating MED-V-STEP Framework . 1046.2.5Addressing Overall Research Question . 1066.3Research Contributions . 1076.4Research Limitations . 1096.5Future Work . 1116.6Conclusion . 114References . 116Appendix A: Mapping Table of ISO/IEC/IEEE 29119-2 and IEC 62304 . 123Appendix B: MED-V-STEP in Excel File . 134Appendix C: Data Obtained from Questionnaires . 135v
List of TablesTable 1 Design-Science Research Guidelines (Hevner et al. 2004) . 42Table 2 Sample of Table B.2 mapping ISO/IEC/IEEE 29119-2 to ISO/IEC 12207 (2013bp. 42) . 58Table 3 Sample of Table C.5 mapping IEC 62304 to ISO/IEC 12207 (2015 p. 74) . 59Table 4 Sample Mappings of ISO/IEC/IEEE 29119-2 to IEC 62304 . 61Table 5 Sample of Mapping ISO/IEC/IEEE 29119-2 to IEC 62304 . 61Table 6 Sample of Mapping ISO/IEC/IEEE 29119-2 to IEC 62304 . 62Table 7 Sample of Table of Contents of MED-V-STEP Framework with Processes ofISO/IEC/IEEE 29119-2 . 65Table 8 Test Activity Related to Development Activity . 67Table 9 IEC 62304 Clause Referencing ISO 14971 . 69Table 10 ISO/IEC/IEEE 29119-2 Clauses Providing Detailed Information on IEC 62304Requirement . 70Table 11 Relationship of Software Test and Development Clauses . 82vi
List of FiguresFigure 1 SQA Encompassing Verification & Validation - adapted from Vogel (2011 p.77) . 15Figure 2 International Standards related to Medical Device Software Testing & SQA . 24Figure 3 Research Onion adapted from Saunders et al. (2012, Crotty 1998) . 35Figure 4 Research Choices adapted from Saunders at al. (2012, Crotty 1998) . 40Figure 5 DSR Cycles of Development of a Framework adapted from Hevner (2007). 43Figure 6 MED-V-STEP within SQA – adapted from Vogel (2011 p. 77). 50Figure 7 MED-V-STEP Framework Design Including Related Clauses of IEC 62304 andISO 14971 . 51Figure 8 High-Level Mapping of ISO/IEC/IEEE 29119-2 & IEC 62304 . 52Figure 9 Mapping ISO/IEC/IEEE 29119-2 to ISO/IEC 12207 and ISO/IEC 12207 to IEC62304 . 57Figure 10 Identification of ISO/IEC 12207 Mapped Clauses . 60Figure 11 Logical Dependence of ISO/IEC/IEEE 29119-2 and IEC 62304 Activities . 63Figure 12 Worksheet with Test Process . 66Figure 13 MED-SQA Framework . 112vii
List of PublicationsJournalsBujok, A.B., MacMahon, S.T., Grant, P., Whelan, D., Rickard, W.J. and McCaffery, F.,2017. Approach to the development of a Unified Framework for Safety Critical SoftwareDevelopment. Computer Standards & Interfaces, 54, pp. 152-161. Available /abs/pii/S0920548916301921Conference and Workshop ProceedingsBujok, A.B., MacMahon, S.T., McCaffery, F., Whelan, D., Mulcahy, B. and Rickard,W.J., 2016, June. Safety critical software development–extending quality managementsystem practices to achieve compliance with regulatory requirements. In InternationalConference on Software Process Improvement and Capability Determination (pp. 17-30).Springer International Publishing. Available from: http://eprints.dkit.ie/545/Bujok, A.B., MacMahon, S.T., Grant, P., McCaffery, F., 2017, October. Approach to theDevelopment of a Medical Device Software Quality Assurance Framework. In 11thSystems Testing and Validation Workshop (STV17) and 3rd International Workshop onUser Interface Test Automation (INTUITEST 2017) (pp. 9-23). Proceedings of ihttp://publica.fraunhofer.de/documents/N-
List of AcronymsDSRDesign Science ResearchEUEuropean UnionFDAFood and Drug AdministrationIECInternational Electro-technical CommissionIEEEInstitute of Electrical and Electronics EngineersISOInternational Organisation for StandardizationMED-V-STEPMedical Device-Verification-Software Test ProcessesMED-SQAMedical Device-Software Quality AssuranceQAQuality AssuranceROResearch ObjectiveRQResearch QuestionRSQResearch Sub-QuestionSDLCSoftware Development Life-CycleSLCPsSoftware Life-Cycle ProcessesSQASoftware Quality AssuranceU.S.United States of AmericaV&VVerification & Validationix
Development of a Software Testing Best Practice Frameworkfor Medical Device SoftwareAndrzej Beniamin BujokAbstractSoftware testing is essential to maintain a high quality of software. This is particularlytrue in the medical device domain where software quality is closely related to safety, andsoftware failure can cause injury or death to a patient. The increasing number of adverseevents and recalls of medical devices due to software failures demonstrates the need toimprove the safety of medical device software. Organisations that develop medical devicesoftware are required to test increasingly complex software and detect an increasingnumber of defects. Software safety can be improved by advancing the testing efficiency indetecting software defects that could result in medical device malfunction.International standardisation organisations address these challenges by publishinginternational standards containing information on various aspects of generic and medicaldevice software testing. However, a review of these standards has revealed a lack of aconsolidated set of requirements in the form of a single standard which incorporatessoftware testing best practice and related development and risk management activitiesthat are required for the development of medical device software. This thesis addressesthis lack of consolidated information through the development and validation of thesoftware testing MED-V-STEP framework. This framework maps the activities of the mostrecent generic software testing standard to the relevant activities of the medical devicesoftware development and risk management standards and defines the relationshipsbetween them. The framework enables the implementation of software test processes tomaintain these relationships between test, development and risk management activities.The development of the MED-V-STEP framework generates a contribution by providingorganisations with the knowledge of how to implement generic non-domain-specific testprocesses for testing medical device software to address identified software testingchallenges and improve testing efficiency. The MED-V-STEP framework has beenvalidated by focus groups and questionnaires carried out with medical device softwaredevelopment organisation and software testing organisation. The validation findingsindicate the benefits of testing using the MED-V-STEP framework rather than multiplestandards. The framework was validated as improving the software testing efficiency andenabling implementation of software testing best practice for medical device softwarewith low implementation overhead.x
Map of Thesis – Part 1Chapter 1) IntroductionYou are herePart 1Chapter 2) Literature ReviewPart 2Chapter 3) Research DesignChapter 4) Development ofMED-V-STEP FrameworkPart 3Chapter 5) Validation ofMED-V-STEP FrameworkPart 4Chapter 6) Discussion1
Chapter 1 IntroductionThe potential of software to provide increased functionality has resulted in thedevelopment of increasingly complex and extensive software in various industries overthe past few decades. Using such software offers many benefits but can also bring issuesrelated to quality and safety. Ensuring software quality poses a significant challenge dueto the intangible nature of software. Software development involves software testing andother verification & validation activities to prevent or detect defects that may reduce itsquality or introduce a safety risk to users. This is evident in the healthcare field, in whichthe software functionality improves the services provided by medical devices, but at thesame time may introduce safety problems such as injury to or death of patients. Due tothe significant impact of software on the functionality of medical devices and the servicesthey provide, and the existing software quality and safety issues, this thesis focuses onthe role of software testing in terms of software quality and safety, and the challengesrelated to software testing and improving medical device software testing.Section 1.1 in this chapter outlines the role of testing generic software and medical devicesoftware as well as problems that exist in terms of software quality and safety. Softwaretesting challenges faced by software development organisations in addressing the qualityand safety issues are presented in Section 1.2. Section 1.3 provides an overview of therole of standardisation organisations and international standards in software processimprovement and how they contribute to the improvement of generic software testing andmedical device software testing. This is followed by Section 1.4 outlining the design anddevelopment of an innovative software testing framework to address the challengesassociated with medical device software testing. Section 1.5 specifies the researchquestions to be answered in this thesis, while Section 1.6 specifies the research objectivesto address these research questions. Section 1.7 outlines the contributions generated bythis thesis. The document structure with an overview of the following chapters ispresented in Section 1.8.2
1.1 Software TestingTesting is indispensable in software development to determine software quality (Planning2002, Bertolino 2007). The process of running the software against a number of tests andevaluating the test results is the most frequently used means for assessing software quality(Tian 2005 p.5). Human error in the development process poses a risk of defective andtherefore poor-quality software, as some defects can lead to software malfunction(Graham et al. 2008 p.6). Therefore, one of the main intentions of testing is to detectdefects so that they can be removed. The removal of defects raises the quality of softwareand prevents customer dissatisfaction, loss of revenue and reputation (Mayers 2004 p. 8).Software development in the medical device domain has grown considerably within thelast 20 years, with an increasing number of medical devices relying on software for theirprincipal functionality (Lee and Sokolsky 2010, Rastgarpour and Shanbehzadeh 2011,Toussaint et al. 2007). The functionality of software embedded in medical devices isincreasingly used for diagnostic or treatment purposes, as it improves the quality of thehealth services (National Cancer Institute 2015, Camara et al. 2015, Monti et al. 2010).The growing use of software increases the requirements for software quality, and hencesoftware testing (McHugh et al. 2013, Leveson 2000). Growing functionality increasesthe complexity of software and leads to the evolution of software development to dealwith this complexity (ISO/IEC 2008, IEC 2015). Software testing becomes more complexas a result of an increasing occurrence of defects, the number of which increases due toincreasing complexity of software systems and evolving models of software developmentprocess. In the medical device domain, software testing contributes to safety and reducesthe risk of threat to humans due to defective software (Knight 2002).A series of reports related to generic software quality issues demonstrate a noticeabletrend of challenged and failed software development projects (The Standish Group 2014).There is also an increasing trend in medical device recalls due to software issues (Dix etal. 2016). A recent review reveals an increasing number of recalls of medical devices andadverse events to the patients due to software failures (SRCL 2018). The main causes ofmedical device software quality issues are inappropriate software development processand ineffective software testing (Vector Software 2016, Dix et al. 2016). Since there arequality issues in software development, including that of medical device software, thenext section reviews the literature to identify the most prevalent software testingchallenges in both generic and medical device domains.3
1.2 Software Testing ChallengesIn this thesis, a literature review identified challenges related to testing increasingly largeand complex software systems. Growing software functionality increases software sizeand complexity, requiring more extensive software testing. (Lee et al. 2006). However,software testing must be conducted within a finite time frame, and for both generic andmedical device software, available resources including time and money do not allow forcomplete testing (Vector Software 2016). Software testing represents 20% of the time andmoney spent on the entire development process for generic software, up to 50% for safetycritical software and still, the effective implementation of software testing is challenging(Hailpern and Santhanam 2002, King 2015). Due to these challenges, the emphasis is onimproving the effectiveness of software testing in detecting as many defects as possible,especially those threatening software functionality (Reid 2013).The need to address software quality has resulted in the requirement for standards todescribe good development practices. Currently, there are a number of standards bodiesthat have published standards with the intent to improve software development (Clarkeand O’Connor 2010). The software development life-cycle (SDLC) standards introducevarious life-cycle stages from software development planning to software release andmaintenance (ISO/IEC 2008 p.13). The risk of human error at the early life-cycle stagessuch as requirements specification or design specification brings another challenge tosoftware testing. Incorrect or incomplete requirements specifications are expensive tocorrect when identified at the software testing phase. If, however, human error could beidentified by the software testing activities at early life-cycle stages, it would make thecorrection 100 times less expensive (Langenfeld et al. 2016, Seth et al. 2014). Efficientimplementation of software testing covering early life-cycle stages is a challenge forsoftware development organisations and software testing related standards play a role inthe improvement of its efficient implementation (Gelperin and Hetzel 1988).Greater emphasis on safety in the medical device domain increases the significance ofsoftware testing with respect to the extent of testing (Lee et al. 2006). Providing highquality and safe software is a high priority for medical device software developmentorganisations and is subject to regulatory requirements (European Union 2017). Thecompliance of software development is best achieved with the use of the standard IEC62304 which is harmonised with medical device regulations (European Commission).The importance of harmonised standards for the compliance of medical device softwaredevelopment is discussed in the following section.4
1.3 Standardisation Organisations & International StandardsStandardisation organisations publish international standards that provide recommendedpractices for various professions in various domains (ISO, IEC, IEEE). Compliance withany standard requires the fulfillment of all processes and other requirements specified byit. If the international standard is harmonised with regulations, for example for theEuropean Union or the United States, the fulfilment of standards requirements isconsidered as compliance with relevant regulations (European Commission). If anorganisation using a harmonised standard has been audited by a notified body designatedby a government authority, and was awarded a mark of compliance with regulations, itsproduct can be placed on the market on which it complies with the harmonised standard.This thesis reviewed international standards related to generic software testing and quality(ISO 2018a) and software development in the medical device domain (ISO 2018b), whichhave the potential to contribute to solving software testing challenges in the medicaldevice domain. According to the review’s findings, information on generic softwaretesting and
MED-V-STEP Medical Device-Verification-Software Test Processes MED-SQA Medical Device-Software Quality Assurance QA Quality Assurance RO Research Objective RQ Research Question RSQ Research Sub-Question SDLC Software Development Life-Cycle SLCPs Software Life-Cycle Processes SQA Software Quality Assurance U.S. United States of America
