Process of designing robust, dependable, safe and secure software for medical devices: Point of care testing device as a case study

This article has been made available through the Brunel Open Access Publishing Fund.Copyright © 2013 Sivanesan Tulasidas et al. This paper presents a holistic methodology for the design of medical device software, which encompasses of a new way of eliciting requirements, system design process, security design guideline, cloud architecture design, combinatorial testing process and agile project management. The paper uses point of care diagnostics as a case study where the software and hardware must be robust, reliable to provide accurate diagnosis of diseases. As software and software intensive systems are becoming increasingly complex, the impact of failures can lead to significant property damage, or damage to the environment. Within the medical diagnostic device software domain such failures can result in misdiagnosis leading to clinical complications and in some cases death. Software faults can arise due to the interaction among the software, the hardware, third party software and the operating environment. Unanticipated environmental changes and latent coding errors lead to operation faults despite of the fact that usually a significant effort has been expended in the design, verification and validation of the software system. It is becoming increasingly more apparent that one needs to adopt different approaches, which will guarantee that a complex software system meets all safety, security, and reliability requirements, in addition to complying with standards such as IEC 62304. There are many initiatives taken to develop safety and security critical systems, at different development phases and in different contexts, ranging from infrastructure design to device design. Different approaches are implemented to design error free software for safety critical systems. By adopting the strategies and processes presented in this paper one can overcome the challenges in developing error free software for medical devices (or safety critical systems).Brunel Open Access Publishing Fund

Software quality evaluation: a bibliometric analysis and future perspectives

The theme of “Software Quality Evaluation”, and its importance, concerns the standardization of the development processes, in order to guarantee a higher quality of the systems. In this scenario, this theme has gained importance in academic research, due to the emphasis that the theme has increasingly presented to organizations, since they understand that the main objective is to guarantee a final product that satisfies the expectations of the client. In order to verify the scientific scenario in recent years, this work aims to carry out a review of the literature on “Software Quality Evaluation”, based on a bibliometric analysis and review. For this, the method of bibliographic revision with four different phases proposed by Marasco (2008) was used. From the data extracted from the Scopus database, the results of the systematic review and bibliometric analysis were analyzed from the information on publications, citations and approaches of the papers that deal with this subject. As results, the present article showed the academic and practical importance of the studies on “Software Quality Evaluation”. In addition, it is possible to identify gaps in the scientific literature that can be filled by future work in the area, based on the studies developed by specialists

Automated blackbox GUI specifications enhancement and test data generation

Applications with a Graphical User Interface (GUI) front-end are ubiquitous nowadays. While automated model-based approaches have been shown to be effective in testing of such applications, most existing techniques produce many infeasible event sequences used as GUI test cases. This happens primarily because the behavioral specifications of the GUI under test are ignored. In this dissertation we present an automated framework that reveals an important set of state-based constraints among GUI events based on infeasible (i.e., unexecutable or partially executable) test cases of a GUI test suite. GUIDiVa, an iterative algorithm at the core of our framework, enumerates all possible constraint violations as potential reasons for test case failure, on the failed event of an infeasible test case. It then selects and adds the most promising constraints of each iteration to a final set based on the Validity Weight of constraints. The results of empirical studies on both seeded and nine non-trivial open-source study subjects show that our framework is capable of capturing important aspects of GUI behavior in the form of state-based event constraints, while considerably reducing the number of insfeasible test cases. The second part of this dissertation deals with the problem of automatic generation of relevant test data for parameterized GUI events (i.e., events associated with widgets that accept user inputs such as textboxes and textareas). Current techniques either manipulate the source code of the application under test (AUT) to generate the test data, or blindly use a set of random string values. We propose a novel way to generate the test data by exploiting the information provided in the GUI structure to extract a set of key identifiers for each parameterized GUI widget. These identifiers are used to compose appropriate online search phrases and collect relevant test data from the Internet. The results of an empirical study on five GUI-based applications show that the proposed approach is applicable and results in execution of some hard-to-cover branches in the subject programs. The proposed technique works from a black-box perspective and is entirely independent from GUI modeling and event sequence generation, thus it does not require source code access and offers the possibility of being integrated with existing GUI testing frameworks

Secure expandable communication framework for POCT system development and deployment

This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University LondonHealth-care delivery in developing countries has many challenges because they do not have enough resources for meeting the healthcare needs and they lack testing lab infras- tructures in communities. It has been proven that Point-Of-Care (POC) testing can be considered as one of the ways to resolve the crisis in healthcare delivery in these com- munities. The POC testing is a mission critical processes in which the patient conduct tests outside of laboratory environment and it needs a secure communication system of architecture support which the research refers as POCT system Almost every ten years there will be a new radio access technology (RAT) is released in the wireless communication system evolution which is primarily driven by the 3GPP standards organisation. It is challenging to develop a predictable communication sys- tem in an environment of frequent changes originated by the 3GPP and the wireless operators. The scalable and expandable network architecture is needed for cost-effective network management, deployment and operation of the POC devices. Security mecha- nisms are necessary to address the specific threats associated with POCT system. Se- curity mechanisms are necessary to address the specific threats associated with POCT system.The POCT system communication must provide secure storage and secure com- munication to maintain patient data privacy and security. The Federal Drug Admin- istration (FDA) reports the leading causes of defects and system failures in medical devices are caused by gaps between the requirements, implementation and testing. The research was conducted, and technical research contributions are made to resolve the issues and challenges related to the POCT system. A communication protocol implemented at the application level, independent of radio access technologies. A new methodology was created by combining Easy Approach to Requirement Specifications (EARS) methodology and Use Case Maps (UCM) model which is a new approach and it addresses the concerns raised by the FDA. Secure cloud architecture was created which is a new way of data storage and security algorithms models were designed to address the security threats in the POCT system. The security algorithms, secure cloud architecture and the communication protocol coexist together to provide Radio access technology Independent Secure and Expandable (RISE) POCT system. These are the contributions to new knowledge that came out of the research. The research was conducted with a team of experts who are the subject matter experts in the areas such as microfluidics, bio-medical, mechanical engineering and medicine