High Confidence Medical Device Software and Systems: A programming languages and tools perspective Mark P Jones Department of Computer Science & Electrical.

Slides:

Advertisements

Similar presentations

Due Diligence of Technology Mission Critical: The Rocky Research scientist, engineers & mfg specialist are dedicated to assist potential investors in.

Advertisements

The ideal of program correctness Tony Hoare CAVSeattleAugust 2006.

Trusted Computing in Government Networks May 16, 2007 Richard C. (Dick) Schaeffer, Jr. Information Assurance Director National Security Agency.

Assessment of Undergraduate Programs Neeraj Mittal Department of Computer Science The University of Texas at Dallas.

© Chinese University, CSE Dept. Software Engineering / Software Engineering Topic 1: Software Engineering: A Preview Your Name: ____________________.

LIFE CYCLE MODELS FORMAL TRANSFORMATION

OBP Research Oy for simpler creation of embedded systems.

The ideal of program correctness Tony Hoare BudapestSeptember 2006.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 24 Slide 1 Critical Systems Validation 2.

Software Construction

Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.

Edward H. Shortliffe, MD, PhD College of Physicians & Surgeons

SWE Introduction to Software Engineering

Break-out Session II Group III: Certification HCMDSS November 16-17, 2004 Arlington, Virginia.

Department of Computer Science & Engineering College of Engineering Dr. Betty H.C. Cheng, Laura A. Campbell, Sascha Konrad The demand for distributed real-time.

5/24/011 Advanced Tool Integration for Embedded Systems Assurance Insup Lee Department of Computer and Information Science University of Pennsylvania.

Software Process and Product Metrics

Introduction to Software Testing

CDRH Software Regulation

Protection of knowledge in the shipbuilding industry Leading expertise for a safer world A Classification Society perspective Vaughan Pomeroy, Technical.

Formal Methods 1. Software Engineering and Formal Methods  Every software engineering methodology is based on a recommended development process  proceeding.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 27 Slide 1 Quality Management 1.

Bernd Bruegge & Allen H. Dutoit Object-Oriented Software Engineering: Using UML, Patterns, and Java 1 Introduction to Software Engineering CEN 4010.

© Siemens AG, CT SE 1, Dr. A. Ulrich C O R P O R A T E T E C H N O L O G Y Research at Siemens CT SE Software & Engineering Development Techniques.

University of Palestine software engineering department Testing of Software Systems Fundamentals of testing instructor: Tasneem Darwish.

Objectives of the Lecture

INTRODUCTION TO RA.

Software Engineering ‘The establishment and use of sound engineering principles (methods) in order to obtain economically software that is reliable and.

What is software? Software is a set of items or objects that form a configuration that includes: –Programs –Documents –Data.

Software Engineering Chapter 23 Software Testing Ku-Yaw Chang Assistant Professor Department of Computer Science and Information.

Ajaz S. Hussain, Ph.D. Deputy Director Office of Pharmaceutical Science, CDER, FDA ACPS Subcommittee on Manufacturing Science: Identification and Prioritization.

Configuring the Software Development Process on Linux Arthur Hicken Parasoft Corporation

Instructor: Peter Clarke

 ELECTRI Council Meeting  Information Technology Assessment for Line Electrical Contractors Vanessa Valentin, Ph.D. Assistant Professor Department of.

By: Dr Alireza Kazemi.  Computer science, the study of complex systems, information and computation using applied mathematics, electrical engineering.

1 New Development Techniques: New Challenges for Verification and Validation Mats Heimdahl Critical Systems Research Group Department of Computer Science.

Overview of Formal Methods. Topics Introduction and terminology FM and Software Engineering Applications of FM Propositional and Predicate Logic Program.

1 PAT and Biological Products Tom Layloff FDA-SGE Management Sciences for Health The views expressed here are those of the author and not necessarily.

An Introduction to Software Engineering. Communication Systems.

V&V of COTS RTOS for Space Flight Projects The 1st Annual NASA Office of Safety and Mission Assurance (OSMA) Software Assurance Symposium (SAS) Michael.

A Systems Perspective on Building Security Into Applications Dr. William J. Hery Polytechnic University

1 Software Engineering Ian Sommerville th edition Instructor: Mrs. Eman ElAjrami University Of Palestine.

FDA Public Meeting on Electronic Records and Signatures June 11, 2004 Presentation of the Industry Coalition on 21CFR Part 11 Alan Goldhammer, PhD Chair.

Formal Methods in Software Engineering

Lach1MAPLD 2005/241 Accessible Formal Verification for Safety-Critical FPGA Design John Lach, Scott Bingham, Carl Elks, Travis Lenhart Charles L. Brown.

Safety-Critical Systems 5 Testing and V&V T

Writing Systems Software in a Functional Language An Experience Report Iavor Diatchki, Thomas Hallgren, Mark Jones, Rebekah Leslie, Andrew Tolmach.

1 SWE 513: Software Engineering People II. 2 Future Experience What will you be doing one year from now? Ten years from now?

CSCE 548 Secure Software Development Security Operations.

Network design Topic 6 Testing and documentation.

High Confidence Software and Systems HCMDSS Workshop Brad Martin June 2, 2005.

CSI—The Lifecycle Stage

Software Quality Assurance SOFTWARE DEFECT. Defect Repair Defect Repair is a process of repairing the defective part or replacing it, as needed. For example,

MNP1163/MANP1163 (Software Construction).  Minimizing complexity  Anticipating change  Constructing for verification  Reuse  Standards in software.

XACML Showcase RSA Conference What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation logic n.

© Andrew IrelandGrand Challenges for Computing Research 2004 The Verifying Compiler Andrew Ireland Dependable Systems Group School of Mathematical & Computer.

Web - Mail – Volumetric Display Market Forecast ( )

The IT Industry The Online World Building and Installing Know the components of computer systems Understand and practically apply appropriate connectivity.

Slide #18-1 Introduction to Assurance CS461/ECE422 Fall 2008 Based on slides provided by Matt Bishop for use with Computer Security: Art and Science.

The IT Industry Computer and Information Systems Systems Security Understand how organisations use business information and the issues related to the use.

Analysis of Current Maturity Models and Standards

Types for Programs and Proofs

Chapter 18 Maintaining Information Systems

Reasonable Assurance of Safety and Effectiveness: An FDA Division of Cardiovascular Devices Perspective Bram Zuckerman, MD, FACC Director, FDA Division.

Preventing Medical Device Recalls

Introduction to Software Testing

Verification and Validation Unit Testing

Chapter 13 Quality Management

Week 13: Errors, Failures, and Risks

Department of Computer Science Abdul Wali Khan University Mardan

Presentation transcript:

High Confidence Medical Device Software and Systems: A programming languages and tools perspective Mark P Jones Department of Computer Science & Electrical Engineering OGI School of Science & Engineering Oregon Health & Science University Beaverton, OR 97006

What is “High Confidence”?  Others take a more realistic (pessimistic?) view:  From a presentation by Dan Schultz, MD, and Director of CDRH, FDA  Some doctors don’t know what we mean by “high confidence”  They use products, and they expect them to work  This is how it should be!  Our goal:  Move from “reasonable” to “high” assurance  If we are successful, the first group of doctors won’t notice

Software Validation:  Process-oriented software validation is a requirement of the Quality System Regulation (21 CFR 820)  Of 3140 medical device recalls between 1992 and 1998 …  242 were attributable to software failures  192 of those were caused by defects introduced when changes were made to software after initial production & distribution (Source: FDA guidance on “General Principles of Software Validation”)  “Lessons from 342 Medical Device Failures” (Wallace and Kuhn, HASE99) classifies recalls between :  Logic: 43%; Calculation: 24%; Change impact: 6%; …  Process-oriented techniques are extremely valuable  Claim: artifact-oriented techniques will provide an essential supplement

Candidate Technologies: Formal Methods: Intel is building & using theorem proving technology:  e.g., software/microcode verification of floating point unit, memory hierarchies, etc…) Microsoft is building & using model checking technology:  e.g., the Static Driver Verifier (SDV), including SLAM, uncovers critical bugs in device drivers, and will ship with the next Windows DDK Domain Specific Languages: Galois has developed Cryptol as a DSL for cryptography:  significant productivity boost for developers of Type 1 crypto Project Timber developed a DSL for component configuration:  smaller code (factor>30), prevented 100s of errors in non-DSL version

Technology Drivers:  To date, the key drivers for the adoption of formal methods and domain specific language technologies have been:  government  security  aviation safety  military ……  economics  Few organizations have the resources of Intel, Microsoft, or the Federal Government to invest in these technologies  But legislative incentives are coming:  FDA approval is no longer a “shield against litigation”  We must prepare Industry  We must protect Innovation

Change Management:  Change is the norm:  requirements, systems, and assurance needs all change  change is a significant contributor to device recalls …  Several commercial software packages have been developed in support of the Quality System Regulations  Programmer’s perspective: “make” tools for quality systems  “Programatica”  Integrate broad and open spectrum of assurance techniques in a software development environment  Fine-grained, automated dependency tracking to reduce cost of recertification  Tools like these can:  embrace current evaluation methodologies  offer an evolution path for introducing and applying formal methods

Open Experimental Platforms:  The academic community needs relevant, open platforms:  to serve as case studies  to provide baselines for comparison and evaluation  to drive development of new tools & prototypes  Examples like this are currently hard to find:  Trade secrets, proprietary IP, patents, …  Nobody likes to advertise their failures …  … or give away their corporate crown jewels  Significant benefits in the long term for device manufacturers and for society  How do we leverage community?  “Open Source” Medical Devices?

Bio Mark Jones is an Associate Professor at the School of Science and Engineering at Oregon Health & Science University (OGI). His area of expertise is in the design, implementation, and application of programming languages. He has worked as an Associate Research Scientist at Yale University, and as a Reader at the University of Nottingham, where he founded and led a research group on Languages and Programming. He was Principal Investigator on the DARPA-funded Project Timber, dealing with the development of new programming language technology to support the design of reliable, real-time embedded systems. Jones is now leading the Programatica project, which is using the construction of a micro kernel implementation with strong security properties to demonstrate and inform the design of tools for evidence management and validation of complex, high-confidence software. He has a Ph.D. from the University of Oxford.