Break-out Session II Group III: Certification HCMDSS November 16-17, 2004 Arlington, Virginia.

Slides:



Advertisements
Similar presentations
1 Towards Building Generic Grid Services Platform A component oriented approach Jeyarajan Thiyagalingam Stavros Isaiadis, Vladimir Getov Distributed and.
Advertisements

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.
June 1, 2004Computer Security: Art and Science © Matt Bishop Slide #18-1 Chapter 18: Introduction to Assurance Overview Why assurance? Trust and.
Break-out Session I Group II: Medical Software and Systems Engineering HCMDSS November 16-17, 2004 Arlington, Virginia.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
Security Models for Trusting Network Appliances From : IEEE ( 2002 ) Author : Colin English, Paddy Nixon Sotirios Terzis, Andrew McGettrick Helen Lowe.
SQM - 1DCS - ANULECTURE Software Quality Management Software Quality Management Processes V & V of Critical Software & Systems Ian Hirst.
High Confidence Medical Device Software and Systems: A programming languages and tools perspective Mark P Jones Department of Computer Science & Electrical.
Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.
Software Issues Derived from Dr. Fawcett’s Slides Phil Pratt-Szeliga Fall 2009.
CSC230 Software Design (Engineering)
Enterprise Architecture
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 18 Slide 1 Software Reuse 2.
HCMDSS Workshop Certification & Requirements Working Group Report (WG 6) June 2-3, 2005 Philadelphia, PA John Hatcliff, Kansas State University
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 18 Slide 1 Software Reuse.
Software Engineering Muhammad Fahad Khan
Software Reuse Prof. Ian Sommerville
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 18 Slide 1 Software Reuse.
CHAPTER 5 Infrastructure Components PART I. 2 ESGD5125 SEM II 2009/2010 Dr. Samy Abu Naser 2 Learning Objectives: To discuss: The need for SQA procedures.
Test Organization and Management
Developing an IS/IT Strategy
TDT4252/DT8802 Exam 2013 Guidelines to answers
Enterprise Interoperability Basic Concepts, Definitions and Approaches
McLean VA, May 3, 2010 SG Systems Systems Requirements Specification Approach Overview.
Software Models (Cont.) 9/22/2015ICS 413 – Software Engineering1 -Component-based software engineering -Formal Development Model.
X-Road – Estonian Interoperability Platform
High Level Architecture Overview and Rules Thanks to: Dr. Judith Dahmann, and others from: Defense Modeling and Simulation Office phone: (703)
1 Chapter 5 Software Engineering Practice. 2 What is “Practice”? Practice is a broad array of concepts, principles, methods, and tools that you must consider.
Composing Adaptive Software Authors Philip K. McKinley, Seyed Masoud Sadjadi, Eric P. Kasten, Betty H.C. Cheng Presented by Ana Rodriguez June 21, 2006.
© 2011 Underwriters Laboratories Inc. All rights reserved. This document may not be reproduced or distributed without authorization. ASSET Safety Management.
IEEE SCC41 PARs Dr. Rashid A. Saeed. 2 SCC41 Standards Project Acceptance Criteria 1. Broad market application  Each SCC41 (P1900 series) standard shall.
Interoperability Framework Overview Health Information Technology (HIT) Standards Committee June 24, 2010 Presented by: Douglas Fridsma, MD, PhD Acting.
Software Engineering Principles Principles form the basis of methods, techniques, methodologies and tools Principles form the basis of methods, techniques,
FOURTH EUROPEAN QUALITY ASSURANCE FORUM "CREATIVITY AND DIVERSITY: CHALLENGES FOR QUALITY ASSURANCE BEYOND 2010", COPENHAGEN, NOVEMBER IV FORUM-
The roots of innovation Future and Emerging Technologies (FET) Future and Emerging Technologies (FET) The roots of innovation Proactive initiative on:
Chapter 18: Introduction to Assurance Dr. Wayne Summers Department of Computer Science Columbus State University
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Software Product Line Material based on slides and chapter by Linda M. Northrop, SEI.
FDT Foil no 1 On Methodology from Domain to System Descriptions by Rolv Bræk NTNU Workshop on Philosophy and Applicablitiy of Formal Languages Geneve 15.
Distribution and components. 2 What is the problem? Enterprise computing is Large scale & complex: It supports large scale and complex organisations Spanning.
March 2004 At A Glance NASA’s GSFC GMSEC architecture provides a scalable, extensible ground and flight system approach for future missions. Benefits Simplifies.
MODEL-BASED SOFTWARE ARCHITECTURES.  Models of software are used in an increasing number of projects to handle the complexity of application domains.
CSCE 548 Secure Software Development Security Operations.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Software Engineering Chapter: Computer Aided Software Engineering 1 Chapter : Computer Aided Software Engineering.
Lecture 13.  Failure mode: when team understands requirements but is unable to meet them.  To ensure that you are building the right system Continually.
SAM-101 Standards and Evaluation. SAM-102 On security evaluations Users of secure systems need assurance that products they use are secure Users can:
© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,
State of Georgia Release Management Training
PROGRAM MANAGEMENT MODULE 2 Dr. Nicole Fitzhugh Professional School Counselor Berwyn Heights Elementary.
19-20 October 2010 IT Directors’ Group meeting 1 Item 6 of the agenda ISA programme Pascal JACQUES Unit B2 - Methodology/Research Local Informatics Security.
Basic Concepts Key Learning Points : The objectives of this chapter are as follows:  To provide an introduction to the basic Concepts of enterprise architectures,
Technical Operations 12 th July 2010 Dr Phil Spiby Eurostep Limited Integrating Systems Engineering Information with AP233.
Harmonised use of accreditation for assessing the competence of various Conformity Assessment Bodies Dr Andreas Steinhorst, EA ERA workshop 13 April 2016,
Building PetaScale Applications and Tools on the TeraGrid Workshop December 11-12, 2007 Scott Lathrop and Sergiu Sanielevici.
Enterprise Architectures Course Code : CPIS-352 King Abdul Aziz University, Jeddah Saudi Arabia.
Slide #18-1 Introduction to Assurance CS461/ECE422 Fall 2008 Based on slides provided by Matt Bishop for use with Computer Security: Art and Science.
Grid Deployment Technical Working Groups: Middleware selection AAA,security Resource scheduling Operations User Support GDB Grid Deployment Resource planning,
Software Reuse. Objectives l To explain the benefits of software reuse and some reuse problems l To discuss several different ways to implement software.
eHealth Standards and Profiles in Action for Europe and Beyond
D33.1B PEER REVIEW OF DIGITAL REPOSITORIES
Software Reuse ©Ian Sommerville 2006.
Object oriented system development life cycle
Model-Driven Analysis Frameworks for Embedded Systems
Tools for Composing and Deploying Grid Middleware Web Services
Chapter 13 Quality Management
CS385T Software Engineering Dr.Doaa Sami
Dept. of Computation, UMIST
Presentation transcript:

Break-out Session II Group III: Certification HCMDSS November 16-17, 2004 Arlington, Virginia

Challenges and Opportunities Certification guidelines/policies are often too general and do not sufficiently guide vendor development process expectations are unclear and vary depending on the "certifying agent” Positive & negative aspects positive: freedom for vendors to follow their own process negative: lack of standard processes leads to lack of incentive to develop tools that aid the certification process confusion/frustration from vendors as they try to anticipate requirements of certifying agent process and validation techniques vary (even within same organization) Imprecise/underspecified certification guidelines

Challenges and Opportunities Systems are certified (not software units/components) lack of officially sanctioned mechanism for certifying components/units/infrastructure no official process for reusing certification efforts/artifacts even when software components themselves are reused must re-certify entire system again for each configuration/assembly of components prohibits “software product-line architectures” which are proving effective in reducing costs in a variety of domains reduces the incentive to develop standard interfaces and infrastructure (e.g., middleware) for hooking devices together barrier to “plug-and-play” vision Non-composibility of certifiable systems

Challenges and Opportunities Effective development of “Systems of systems” of medical devices requires well-defined standards for interfaces and data exchange formats Need definitions of standard interfaces and automated tools that can establish that, e.g., services conform to (correctly implement) the interface clients correctly use the interface composed components don’t inadvertently interfere Lack of standards (especially for interfaces)

Challenges and Opportunities FDA: no certification authority mechanism for introducing/sanctioning tools that reduce certification obligations (however, this concept does exist in FAA certification) reduces the motivation to develop tools to assist in certification reduces the motivation to move to “model- driven development” methods No mechanism for introducing officially sanctioned tools

Challenges and Opportunities Inclusion of COTS components in certified systems OS: dealing with security updates to Windows XP (should update to close security holes, but updating can lead to crashes – Brian Litt (Level 2 devices)) Middleware Compilers Imprecise/underspecified certification guidelines

Challenges and Opportunities What is appropriate “evidence” of high- confidence that allows an agency to confirm that a system is “certified”? currently, process-oriented (not quality- oriented or correctness-oriented) does not admit paradigm of independent verifiable “certificates” or “proofs” of (partial) correctness/authenticity Limited view of certification “evidence”

Challenges and Opportunities Once systems are certified in US, one would hope that they could be deployed in other world areas without recertification according to a different set of guidelines Currently Europe – basically OK – sharing of guidelines Asia – more problematic Certification for other world areas

Current/Existing Solutions Certifiers are smart conscientious people that take their job very seriously Establish that new system to be certified is substantially equivalent to an existing marketed device Certification – state of the practice

Research and Development Needs Support Plug-and-Play vision for medical devices “Modular Certification”? should be able to… certify components, assemble a system from a collection of components while checking “compatibility/non-interference” of components complete recertification of assembled system should not be necessary What are testing requirements in this context? infeasible to test components assembled in every possible configuration Composable certified entities

Research and Development Needs Need notions of “trusted” component or ability to establish authenticity of “certificate” provided with a component e.g., proof-carrying-code paradigm component comes with certificate, and checking the certificate is simpler than generating certificate or verifying the component directly problem similar to that faced with Microsoft device drivers (3 rd party code being inserted into larger framework) Need motivations and frameworks for vendors to develop certifiable infrastructure (OS, middleware, component libraries) Inclusion of COTS and “third-party” components

Logistics to Meet Research Needs “Open Experimental Platform” for High Confidence Medical Devices Funding agency pays for… …vendors to develop representative examples of certified systems …vendors to provide description of development process …vendors to provide “challenge problems” to researchers …vendors to provide “face time” to meet with researchers and evaluate developed tools against base-line development processes Positive Examples of DARPA-funded OEPs… Avionics Mission Computing OEP from Boeing Automotive Control System OEP from Ford

Logistics to Meet Research Needs Encourage teaming of standards/certification bodies ISO, FDA, with vendor representatives motivation: each of these are stakeholders in certification effort Example task Evolution of HL 7 standard (protocol for device communication) good support for exchange of static data poor support for exchange of dynamic/object- based data

Workshop Recommendations Invite someone to talk about DICOM (medical imaging standard) how did this standard arise (war stories) Use this insight to determine how best to arrive at standards for other interfaces and infrastructure Insight on development of standards

Workshop Recommendations Invite third party reviewers for FDA certification to share experiences gleaned from being involved in a wide range of certification efforts Insight on experience with certification efforts

Workshop Recommendations NEMA – National Electrical Manufacturing Association Invite members of trade organizations for presentations & interactions

Workshop Recommendations Invite members of agencies that are able to guide/form policy, e.g., standards incorporation of verification/validation tools to reduce certification obligations Suggestions for FDA included… Dan Schultz Phil Philips Invite high-level members of relevant agencies

Workshop Recommendations Talk about how the use of formal methods tools is used to reduce obligations/efforts associated with validation Invite EDA representative (chip developer)

Workshop Recommendations Invite someone to talk about overall costs of developing certifiable systems Use this information to help researchers understand where they should target & prioritize their efforts if they aim to reduce costs Invite someone give a broad perspective on certification costs

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.