Soup

Soup stands for software of unknown (or uncertain ) pedigree (or provenance ), i.e. software of unknown / unsafe origin and is a term used in connection with the security-critical systems used in the context of the development of medical software or medical products with embedded Software is used. Among other things, it is defined in the standard IEC 62304 Medical Device Software - Software Life Cycle Processes (German version EN 62304).

This does not mean that the manufacturer of the software is unknown, but that the assignable artifacts of development, such as burden- and functional specifications , test protocols, architecture documents, etc., is not sufficient for a reliable statement about risks are the software. For example, a package of commercial off-the-shelf software can be adequately occupied and documented. But if these documents are not available to the public, the package must be treated as a soup. Soup is software that has not been verifiably produced using a known software development process or methodology.

On the other hand, open source projects , for example Apache HTTP Server or Linux , are not developed by a specific commercial company, but the disclosure of the code, the error documentation, etc. and the multiple use in practice make these so transparent that they are also can be used in medical devices.

Problem

An analysis of 3,140 medical device recalls between 1992 and 1998 by the US Food and Drug Administration (FDA) found that 7.7% (242) of these recalls were caused by software errors, of which 79% (192) this error occurred after a software upgrade . This knowledge triggered a concentration of activities by the regulatory authorities around the software update process. Part of these activities deals with risk assessment and led to the development of the IEC 62304 standard.

For a manufacturer of safety-critical software or safety-critical products with embedded soup, this means a risk because compliance with applicable standards for safety-relevant functions cannot be proven and the functionality of the software or products with embedded software cannot be guaranteed in all operating states. In order to minimize the risks, safety-relevant parts of a system are isolated as much as possible from the undesirable effects of SOUP.

It is not forbidden to use soup. However, additional controls are required and the risk of using Soup must be taken into account in the risk management plan. Specific practices must be followed when using soup as part of a medical device. These additional measures can be the review of the software development processes of the provider, the use of comprehensive static program analyzes by the manufacturer and security guidelines.

literature

D. Frankis: Safety in the SOUP . In: Institution of Engineering and Technology Seminar on Pros and Cons of Using Commercial 'Off the Shelf' Components in Aviation Applications, London, UK, 4-4 Sept. 2007 . 2007, ISBN 978-0-86341-801-3 , pp. 9-21 .

Individual evidence

↑ International Electrotechnical Commission: Medical device software - Software life cycle processes (PDF) In: INTERNATIONAL IEC STANDARD 62304 First edition 2006-05 . International Electrotechnical Commission. 2006. Retrieved June 17, 2016.
↑ ^a ^b ^c ^d Chris Hobbs, Industry Viewpoint: Device makers can take COTS, but only with clear SOUP ; Medical Design, November 1, 2011; accessed on November 6, 2015.
^ Felix Redmill: The COTS Debate in Perspective . In: Udo Voges (Ed.): Proceedings of the 20th International Conference on Computer Safety, Reliability and Security, SAFECOMP 2001, Budapest, Hungary, September 26-28, 2001 . Springer, 2001, ISBN 978-3-540-42607-3 , pp. 122 .
^ ^A ^b ^c Anil Kumar, " Easing the IEC 62304 Compliance Journey for Developers to Certify Medical Devices, " Medical Electronics Device Solutions, May 2011; accessed on November 6, 2015.
↑ Ken Hall: Developing Medical Device Software to IEC 62304 . In: EMDT - European Medical Device Technology . June 1, 2010. Retrieved December 11, 2012.
↑ Chris Hobbs: Device makers can take COTS, but only with clear SOUP . In: Medical Design . November 1, 2011.

[IEC62304-1] International Electrotechnical Commission: Medical device software - Software life cycle processes (PDF) In: INTERNATIONAL IEC STANDARD 62304 First edition 2006-05 . International Electrotechnical Commission. 2006. Retrieved June 17, 2016.

[HobbsMD2011-2] Chris Hobbs, Industry Viewpoint: Device makers can take COTS, but only with clear SOUP ; Medical Design, November 1, 2011; accessed on November 6, 2015.

[Redmill-3] Felix Redmill: The COTS Debate in Perspective . In: Udo Voges (Ed.): Proceedings of the 20th International Conference on Computer Safety, Reliability and Security, SAFECOMP 2001, Budapest, Hungary, September 26-28, 2001 . Springer, 2001, ISBN 978-3-540-42607-3 , pp. 122 .

[Kumar2011-4] A ^b ^c Anil Kumar, " Easing the IEC 62304 Compliance Journey for Developers to Certify Medical Devices, " Medical Electronics Device Solutions, May 2011; accessed on November 6, 2015.

[emdt-5] Ken Hall: Developing Medical Device Software to IEC 62304 . In: EMDT - European Medical Device Technology . June 1, 2010. Retrieved December 11, 2012.

[meddevice-6] Chris Hobbs: Device makers can take COTS, but only with clear SOUP . In: Medical Design . November 1, 2011.