Approach to the development of a Unified Framework for Safety Critical Software Development

Abstract

Software is increasingly being used to provide functionality in safety critical domains. The complexity involved in the development of software for these domains can bring challenges concerned with safety. International standards are published, providing information on practices which must be implemented in order to satisfy the regulations. This paper details an investigation of the relevant standards that companies need to implement in order to satisfy the regulatory requirements. A literature review was conducted which examines the relevant Quality Management System, Risk Management and Software Development standards across the safety critical domains; and examines the challenges faced by software development organizations with standard and multiple standard implementation. The existing approaches to standards consolidation, integration and harmonization were also examined. To investigate the challenges in implementing these standards, interviews were conducted with a medical device software development company having a Quality Management System in place and beginning to implement the relevant Software Development standards. In addition, an interview was conducted with a consultancy company who has experience in the implementation and maintenance of Quality Management Systems in small and medium enterprises. Following the literature review and interviews conducted, a comparison of the standards was conducted to investigate the similarities and differences in the structure of sections and subsections and to estimate the potential for the further consolidation of these standards. Following the results of the comparisons, a detailed mapping of standard requirements was conducted, mapping requirements of generic and domain specific Quality Management System standards. Future work will focus on the consolidation and integration of standards practices which need to be implemented by companies developing safety critical software and development of Unified Framework that incorporates all necessary requirements to comply with regulatory requirements.