“If you have a very large system, it’s made up of a whole bunch of functions, methods and modules all linked together into large system images. The problem, whether you’re using code review, runtime testing, or whatever, is finding enough combinations so you can trace through, from source to sink point, exactly what’s going to go on with a pointer, buffer, array, or whatever it happens to be. You need to point out across multiple different function boundaries, that this pointer you’re grabbing from over here, you’re using inappropriately over here, or this memory you’ve allocated here, you’re never releasing on this particular thread.”
On a serious note, the FDA has issued guidance for proper validation of medical device software in the form of the General Principles of Software Validation. The guidance applies to any “…software used as components in medical devices, to software that is itself a medical device, and to software used in production of the device or in implementation of the device manufacturer’s quality system.” The FDA’s guidance covers all aspects of software development – everything from requirements and design reviews to software maintenance and retirement.
Read the full article at ZDNet.co.uk
Loading ...