Tag Archive for: Requirements & Requirements Management

This image displays the title of this blog, focused on Secure by Design for medical device.

Secure by Design: A Crucial Imperative for Medical Device Teams

In today’s healthcare landscape, technology plays a crucial role in patient care. Medical devices have become essential for monitoring vital signs and administering treatments. However, as these devices become more connected and complex, ensuring their security is now more important than ever. This is where the concept of “Secure by Design” comes in, serving as a fundamental principle for medical device teams to navigate the intricate world of healthcare technology. Which begs the question, with the rise in security concerns, do regulations now need to consider whether each device is safe, effective, and secure?

Understanding the Landscape

Medical devices have advanced beyond being simple, independent systems. With the rise of the Internet of Things (IoT), devices are now interconnected, allowing for the exchange of data. While this connectivity has many advantages, it also opens vulnerabilities that could be exploited by malicious entities.

Cybersecurity threats not only put patient data at risk, but also the health of those who rely on these devices. It’s also a costly and time-consuming process for medical device companies to manage, and resolve. According to IBM Security analysis of research data compiled by Ponemon Institute, 83% of organizations have had more than one security breach, and the average cost of each breach averaged $4.3 million globally. That number more than doubles for the average cost of a security breach in the United States – $9.44 million – the highest in the world.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

The Essence of Secure by Design

Secure by Design is a proactive approach that prioritizes security in the development process. Rather than treating security as an afterthought, it is integrated into the design and development phases. For medical device teams, this means implementing security measures from the start of a project, considering potential threats and vulnerabilities, and implementing safeguards to reduce risks.

Key Principles of Secure by Design:

  • Risk Assessment: Before beginning development, medical device teams must conduct a thorough risk assessment. This involves identifying potential threats, understanding vulnerabilities, and evaluating the potential impact of security breaches on patients and healthcare providers.
  • Data Encryption: Due to the sensitive nature of healthcare data, encryption is a crucial aspect of secure design. Implementing strong encryption protocols ensures that patient information remains confidential and secure during transmission and storage.
  • Access Control: Limiting access to medical devices is crucial. Secure by Design stresses the importance of implementing strict access controls, ensuring that only authorized personnel can interact with the device. This prevents unauthorized users from tampering with critical settings or accessing sensitive patient data.
  • Regular Software Updates: Vulnerabilities in software can leave devices vulnerable to cyber threats. It is essential for medical device teams to prioritize regular software updates and patches to address potential security risks. This ensures that devices can withstand evolving cyber threats.
  • User Education: Even the most secure devices can be compromised if users are not vigilant. Secure by Design also includes educating end-users on cybersecurity best practices. This ensures that individuals using medical devices are aware of potential risks and take necessary precautions.

Regulatory Landscape and Compliance

The healthcare industry must comply with strict regulations to protect the well-being of patients. Regulatory agencies, such as the Food and Drug Administration (FDA), acknowledge the significance of cybersecurity in medical devices. Following regulatory guidelines is not only a legal obligation, but also a dedication to ensuring the utmost safety and security for patients.

Challenges and Solutions

Implementing Secure by Design in the development of medical devices can be challenging. Balancing the need for innovation with strict security measures is complex. Additionally, the ever-changing landscape of cybersecurity threats requires constant attention.


  • Collaboration and Training: It is crucial to foster collaboration between cybersecurity experts and medical device developers. Ongoing training for the development team ensures they are informed about the latest security threats and mitigation strategies.
  • Third-Party Security Assessment: Engaging third-party security experts to regularly assess medical devices can provide an unbiased perspective on their security. This external validation can uncover blind spots that internal teams may miss.
  • Incident Response Planning: Despite preventative measures, security incidents can still occur. A robust incident response plan allows medical device teams to promptly and effectively address breaches, minimizing their impact on patients and healthcare providers.

RELATED: The Complete Guide to ISO 13485 for Medical Devices

The Future of Medical Device Security

As technology continues to advance, the healthcare industry is constantly evolving. Medical device teams must be proactive in anticipating and addressing potential security challenges to stay ahead of the curve. Secure by Design is not a one-time effort, but an ongoing commitment to the safety and well-being of patients.

It is not just best practice, but a moral imperative for medical device teams to integrate security into the DNA of their development process. By doing so, they contribute to a safer and more resilient healthcare ecosystem. The future of healthcare relies on innovation, connectivity, and security, and it is the responsibility of medical device teams to ensure that these pillars remain strong.

Jama Connect® for Medical Device Development

Jama Connect for Medical Device Development helps medical device teams reduce the effort required to achieve regulatory compliance throughout the development process. With this solution, medical device teams can manage design controls for device requirements and related risks, simplifying regulatory submissions and audit preparations while accelerating time to market. Learn more: Solution Overview: Jama Connect Solution for Medical Device Development

Note: This article was drafted with the aid of AI. Additional content, edits for accuracy, and industry expertise by [Vincent Balgos, McKenzie Jonsson, and Decoteau Wilkerson].

This image portrays an article about manufacturing technology predictions in 2024.

Jama Software is always looking for news that would benefit and inform our industry partners. As such, we’ve curated a series of customer and industry spotlight articles that we found insightful. In this blog post, we share an article, sourced from IndustryWeek, titled “AI, XR and Data: Manufacturing Technology Predictions for 2024” – written by Dennis Scimeca and originally published on January 3, 2024.

AI, XR and Data: Manufacturing Technology Predictions for 2024

If we’re finished with the hype cycle, we’re probably talking about a technology that’s here to stay. So, when IndustryWeek asks manufacturers and analysts for their predictions about manufacturing technology in the coming year, we’re looking for the most mature technologies with the widest adoption rates.

This year’s answers demonstrate the point yet again. Of the dozen technologies we asked about, artificial intelligence (AI), augmented/virtual/mixed reality (XR for short) and the use of data and analytics garnered the most response. Manufacturers next year really should keep their eyes on these three technologies in 2024.

AI’s 2024 Prospects

Artificial intelligence took center stage in 2023 with the arrival of generative AI, specifically ChatGPT and Microsoft’s Bing AI, sparking a slew of marketing campaigns and enthusiastic op-eds about what gen AI would do for manufacturers and the world.

Listening to our audiences (and IndustryWeek’s own analyses) the hype bubble for gen AI burst rather quickly but the topic of AI generally still holds great relevance for the manufacturing world.

“The current market zeitgeist around AI has bled significantly into manufacturing markets, but its deployment will be held back by a staunch lack of trust amongst operators and calls for comprehensive and provable use cases. This is particularly the case for functionality associated with quality management processes and QMS software, due to an entrenched resistance to change and concern around giving up control of processes,” says ABI research industry analyst James Prestwood.

“QMS software vendors are and will continue to take a slower approach to developing AI functionality for solutions, engaging in strong and consistent dialogue with key customers to ensure that the technology is meeting real plant floor challenges. … However, even as solutions are released, adoption will be slow, if in 2024 at all, and will most likely be focused on manufacturer’s lighthouse facilities, rather than being deployed organization wide,” Prestwood adds.

Paul Miller, vice president and principal analyst at Forrester, was a bit more blunt in his assessment.

“Generative AI will not transform the business of manufacturing in 2024,” Miller says. “There are clear opportunities to add ChatGPT-like interfaces in front of complex sets of product documentation and operational data, lending a helping hand to experienced engineers. The human remains in charge, and they must still be responsible for the actions that they take: We’re not yet in a position where these generative AI tools can be relied upon to support inexperienced users in situations where mistakes can be both costly and dangerous.”

RELATED: 2024 Predictions for Product and Engineering Teams

Tim Gaus, smart manufacturing leader and principal at Deloitte, is more optimistic in the long term, but sees few applications right now.

“GenAI holds the potential to create closed-loop manufacturing systems that can automatically make real-time adjustments and self-optimize based on data. This can bring new levels of efficiency to the industry – but as the capabilities of GenAI continue to be explored and mature, organizations will be best served to start testing the technology in areas like maintenance and repair.” .

Of the technology leaders and experts we interviewed, Anu Khare , senior vice president and chief information officer at Oshkosh Corp., sounded the most optimistic about AI’s potential.

“We are entering into the most exciting period of technological evolution since the advent of the Internet. The most impactful and broadest application of technology will be AI (artificial intelligence). Every aspect of business will be infused with and augmented by various AI tools,” Khare says.

According to Khare, predictive insight, task automation, human machine engagement and content generation are the four areas that will most benefit from new AI technology.

“All these technological advances and adoption will create a new relationship between humans and AI, where AI becomes an augmentation tool, just like we use industrial tools in our manufacturing plants,” Khare adds.


XR technology, initially pitched as the next, best thing in gaming instead found its home within the manufacturing world. That’s not to say no one uses VR for entertainment, but we cannot deny the utility of manufacturers blowing up product designs in augmented reality to allow operators to see how their parts fit into the final product, or virtually training operators on dangerous equipment to increase safety or collaborating with colleagues across continents.

Somehow this morphed into discussions of the metaverse, a term borrowed from Neal Stephenson’s 1992 dystopian science fiction novel Snow Crash, but according to our experts XR discussion came down to earth again quickly.

“We see a bit of a resurgence of interest in AR and VR in 2024, as everyone moves away from talking about the industrial metaverse. … . Both AR and VR got caught up in broader hype around the metaverse, and they and other enabling technologies like digital twin and even IoT now risk losing credibility (and project funding) as part of the backlash against that deflating hype bubble. Forrester predicts that over 75% of industrial metaverse projects will rebrand to survive the metaverse winter: project teams will go back to talking about the enabling technologies – and the very real problems they address – and quietly hope that everyone forgets any association with the metaverse,” says Miller.

ABI Research director Eric Abbruzzese expects 2024 will be an important year for the AR/VR/MR market because Apple releases its Vision Pro hardware, the company’s first truly new device in a long time. He there expects an influx of mixed reality content to hit the market next year, both for the Pro and its competitors.

“While mixed reality may have a strong 2024, smart glasses will not. OEMs continue to struggle to create a full smart glasses package that delivers quality of experience alongside acceptable design, form factor, and price. Devices have either been too niche and focused—such as glasses specifically targeting cyclists—or too expensive and bulky for broad use (e.g. Magic Leap),” said Abbruzzese.

“Even if smart glasses from major tech names like Samsung and Meta hit the market in 2024 (which is possible, but releases have traditionally been delayed), these will be first generation smart glass devices mostly targeting developers and early adopters,” he adds.

Dale Tutt, vice president of industry strategy at Siemens Digital Industries Software, adds, “The computing and visualization graphics power that are available makes augmented and virtual reality much more accessible and I think in 2024 there is going to be even greater use of AR/VR.” .

“When I think back to the transition from 2-dimensional drawings on the shop floor to when we started printing 3D pictures with colors to help the technicians install equipment, that had a massive impact and reduced the learning curve. AR/VR provides an even more intuitive environment, so the more that companies can present in virtual and augmented reality, the more effective they are going to make technicians and engineers,” Tutt says.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Data and Digitization

Of all the technologies highlighting this year’s predictions, data digitization and analysis represent the most mature of the trio. Plant-wide lattices of IIoT devices can capture information on vibration, temperature, humidity, quality check results, cycle times, just about anything you can register and quantify with a sensor.

Even the simplest IIoT system, that only tracks products passing in front of photoeyes or logs when and why machines go down can have profound results in increasing OEE and productivity. At the other end of the spectrum, dense IIoT meshes feeding rich data into AI algorithms enable prediction, process tracking and simulation. That’s also a much more complicated proposition.

“In 2024, we’ll continue to see industrial data management evolve and become a priority for organizations if it is not already at the top of the list. Most manufacturers continue to cite industrial data as one of the biggest challenges to innovation due to complexity and accessibility issues,” says Gaus.

Miller adds, “Industrial IoT software platforms do important work, connecting to, managing and extracting data from large fleets of connected devices in production environments. But that’s only part of the picture. Manufacturers need analytics to make sense of the data. They need AI and machine learning to build models and predictions based on the data. They need job scheduling systems and work order management systems, tasking field service engineers to repair machines when machine learning models trained on IoT data spot a problem ahead.”

“IoT platforms are very good at managing and extracting insight from connected devices, but it may not make sense continuing to extend IoT software much further beyond that. Instead, we should be working to effectively surface IoT data inside these more comprehensive enterprise systems,” Miller adds.

Sean Spees, CPG market segment leader for Bosch Rexroth, says in 2024, the emphasis will be “data retrieval and remote assistance. How the data is used and finding a partner with expertise in the digital space to evaluate it to help with predictive maintenance and line conditioning to move towards a lights out factory will be critical.”

Jama Software is always looking for news that would benefit and inform our industry partners. As such, we’ve curated a series of customer and industry spotlight articles that we found insightful. In this blog post, we share an article, sourced from Innovation News Network, titled “Expanding EV infrastructure in the US: Both on- and off-road” – originally published on November 20, 2023.

Expanding EV Infrastructure in the US: Both On- and Off-Road

The expansion of electric vehicle infrastructure in the US has been challenged by various issues, from governance to location. Here, we explore the issues and how they can be combated.

The evolution and expansion of electric vehicle (EV) infrastructure, encompassing both on-road charging stations and off-highway electrification, is a burgeoning topic in the United States. This issue has been characterized by significant regional disparities, with varying levels of availability across different parts of the country.

Furthermore, it is marked by distinct challenges that arise in urban versus rural settings as well as on- and off-road contexts. The role of government support and policy direction also comes into play in shaping this landscape.

As interest in electric vehicles continues to surge, understanding the intricacies behind their supporting infrastructure becomes increasingly crucial. Off-highway electric vehicles have their own unique set of requirements when it comes to charging infrastructure, presenting numerous design and manufacturing challenges.

Looking ahead, predicting future trends within this area is challenging due to its rapidly evolving nature but nonetheless vital for planning and strategizing growth trajectories within this realm.

Availability of EV infrastructure in the US

The uneven distribution of electric vehicle charging stations across the United States underscores a significant disparity, with coastal areas generally boasting greater availability than their counterparts in the Midwest and rural regions.

This can be attributed to several factors, including regional disparities in both population density and average income level, which directly influence infrastructure cost and consumer adoption rates of EV technology.

For instance, densely populated urban centers, particularly those along the coasts such as New York City or San Francisco, tend to have higher per capita incomes. These areas are more likely to invest in expensive EV technology and support the infrastructure costs associated with establishing charging stations.

The increased presence of these facilities subsequently encourages more consumers within these regions to adopt electric vehicles due to decreased concerns over charging time.

In contrast, regions characterized by lower population densities or average income levels –such as many Midwestern states and rural areas – are typically less equipped with EV charging infrastructure. This results from a combination of factors: reduced consumer demand for EV technology due to financial constraints; longer distances between destinations that increase concern over charging times; and higher per-unit infrastructure costs arising from the need for more extensive grid enhancements in less developed areas.

As such, despite growing national interest in reducing carbon emissions through transitioning towards electric vehicles, these challenges contribute significantly towards regional disparities in the availability of EV charging stations across America.

Thus, it is imperative that future efforts aimed at expanding this crucial segment of green transportation infrastructure consider these distinctive geographical characteristics and obstacles.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

The challenges of expanding EV charging infrastructure

Significant stumbling blocks surface when scrutinizing the surge in electric vehicle utilization, particularly pertaining to potential power supply problems, prohibitive price points of charging stations, and a paucity of policies promoting progress. These issues include:

Infrastructure costs

The establishment of an extensive network of charging stations necessitates substantial capital outlay from both public and private sectors. The latter’s involvement is critical since government funding alone may not suffice.

Technological limitations

Current technology restricts rapid mass-charging capabilities, potentially leading to power grid stress during peak demand periods. This limitation necessitates additional investments in technology development and grid reinforcements.

Public awareness

Despite growing interest in electric vehicles, many potential users remain uninformed about their benefits or how to utilize existing EV infrastructure effectively.

Sustainability concerns

While electric vehicles significantly reduce greenhouse gas emissions compared to conventional fuel cars, the production process itself can have a substantial environmental footprint, largely due to battery manufacturing processes.

The availability of EV infrastructure in rural and urban areas

Differences in the accessibility and utilization of EV charging stations between rural and urban areas present a nuanced challenge in promoting wider adoption of this sustainable mode of transportation. Rural EV adoption faces obstacles such as a lack of public charging infrastructure due to less population density and greater travel distances.

Moreover, financial considerations play into these disparities as well; the high cost associated with the installation and maintenance of charging stations may not be justified by the potential low usage in rural settings. This situation leads to EV accessibility being heavily skewed towards urban regions where there is higher demand.

On the other hand, urban planning challenges also arise in expanding EV infrastructure within cities. The densely populated nature of urban environments results in space constraints for installing new charging stations. Available funding also becomes a critical factor – adequate EV infrastructure funding is necessary for both the construction and operation of sufficient charging facilities to meet growing demands.

Additionally, differences between these two types of geographies are reflected not only on human mobility but also have an impact on the environment.

While increased use of electric vehicles can significantly reduce greenhouse gas emissions in densely populated cities, achieving similar outcomes in rural areas can prove much more difficult due to their unique characteristics.

Government support

In light of these challenges, it is noteworthy to mention the initiatives taken by American governmental bodies to bolster the proliferation and accessibility of charging amenities for electric vehicles. The US Government has employed a mixture of methods to support this development:

Federal incentives

At the federal level, several incentives have been introduced over recent years to encourage EV adoption. For instance, the Electric Drive Vehicle Battery and Component Manufacturing Initiative provided $2bn in grants for manufacturing of advanced batteries and electric drive components.

Private partnerships

On top of direct funding, the US government also fosters private partnerships aiming at enhancing electric vehicle infrastructure. An example would be the ‘EV Everywhere Grand Challenge’, launched by the Department of Energy (DOE), which works with national laboratories, universities, private industries, and other governmental agencies to increase availability of high-speed charging stations across country.

Infrastructure financing

Additionally, there are efforts directed at infusing capital into public charging infrastructure through financing programs like the Clean Cities Alternative Fuel Vehicle Deployment Initiatives which allocated millions towards building EV charging stations nationwide.

Technological advancements and environmental impact

Given that environmental impact is a key driver behind the shift towards electric vehicles, governmental policies are expanding physical infrastructure but also investing in research & development for technological advancements that could reduce emissions further while improving EV range and battery life.

Developing off-highway EV charging infrastructure

The development of charging facilities for electric vehicles designed for non-highway use represents a unique and complex challenge, necessitating innovative solutions and strategies. Off-highway adaptations require not only the installation of charging stations in remote or less accessible areas but also the incorporation of infrastructure financing to support their construction and maintenance.

Technological advancements have been pivotal in addressing these challenges, making it feasible to develop energy-efficient charging systems that can withstand harsh environmental conditions while providing reliable service. These advancements range from solar-powered charging stations to smart grid technologies that optimize electricity usage during off-peak hours.

Investing in this type of infrastructure is critical for promoting sustainable solutions within the transportation sector, particularly in industries such as mining, agriculture, and construction where off-road vehicles are prevalent. The integration of renewable energy sources with charging infrastructure offers dual benefits: reducing greenhouse gas emissions associated with traditional fossil fuel-based power generation and extending the reach of EV technology into areas beyond urban centers.

Furthermore, public-private partnerships offer potential avenues for securing necessary funding without placing undue financial burden on local communities or individual businesses.

As such, developing an efficient and resilient off-road EV charging network requires a holistic approach incorporating technological innovation, targeted investment strategies, and sustainability considerations.

RELATED: Jama Connect® for Automotive

The challenges of designing and manufacturing off-highway EVs

Designing and manufacturing electric off-highway vehicles presents unique challenges, with research indicating that a significant one is ensuring these machines can withstand the rigors of heavy-duty applications, an issue reported by 60% of manufacturers. Battery longevity is a critical concern in this regard since off-road vehicles often operate in extreme conditions that could quickly diminish battery life.

Similarly, terrain adaptability is another challenge. Electric vehicles must be designed to handle diverse terrains, from rocky landscapes to sandy dunes, without compromising on performance or energy efficiency.

Material sourcing poses yet another problem due to the need for lightweight but highly durable materials for construction. This brings us to durability concerns which are paramount because, unlike regular city electric cars, off-highway EVs have to endure harsher operational conditions requiring them to be more robust and longer-lasting.

Finally, cost efficiency continues to be an obstacle as developing high-performance, yet affordable electric off-highway vehicles remains a struggle for many manufacturers, due to the high costs associated with batteries and other essential components.

The future of EV infrastructure both on- and off-road

Transitioning from the challenges of designing and manufacturing electric off-highway vehicles, it is pivotal to envision what the future holds for EV infrastructure. This includes both on- and off-road contexts, as each comes with its unique set of considerations pertaining to infrastructure financing, renewable energy integration, vehicle-to-grid technology, and battery disposal methods.

The future landscape of EV infrastructure will likely be shaped by a variety of factors. The pace at which this change occurs may largely hinge upon infrastructure financing – securing sufficient funds to create an expansive network of charging stations that facilitate higher EV adoption rates. As more consumers opt for electric vehicles, there will be an increased demand for reliable and accessible charging facilities.

Therefore, investment in this sector is crucial not only for supporting current users but also promoting further uptake.

Simultaneously, the integration of renewable energy sources into these infrastructures represents a crucial aspect. By harnessing power from sustainable resources such as solar or wind energy, the environmental impact can be further mitigated while optimizing energy usage overall.

Moreover, vehicle-to-grid technology presents another promising avenue where electric cars do not just draw power but can feed surplus back into the grid during peak demand hours – thereby acting as mobile energy storage units. This could revolutionize how electricity grids operate while offering additional revenue streams for EV owners.

Lastly are considerations regarding battery disposal methods. With growing numbers of electric vehicles on- and off-road comes increased volumes of spent batteries which necessitate effective recycling or disposal strategies to minimize environmental harm and potential resource losses.

Thus, these aspects collectively indicate a multifaceted future wherein technological advancements must go together with strategic planning and responsible practices.

The US Government’s solutions offer hope

In conclusion, the path to an electrified future, both on- and off-road, resembles a vast and uncharted road. Despite challenges such as regional disparities in charging station availability, hurdles in infrastructure expansion, and manufacturing complexities for off-highway vehicles, progress is being made.

The US Government’s support, alongside innovative solutions, offers hope that these obstacles can be overcome. As the dawn breaks on this new era of transportation, one cannot help but feel a sense of anticipation for what lies ahead – a highway illuminated by the promise of sustainable mobility.





This image shows someone taking a picture of damage to a damaged vehicle, indicating that the use of a smart phone and technology helps bridge the gap in insurance product development.

In this blog, we recap our whitepaper, “Bridging the Gap in Insurance Product Development: How Jama Connect® Can Streamline Requirements Management” – Download the entire thing HERE

Bridging the Gap in Insurance Product Development: How Jama Connect® Can Streamline Requirements Management

In an industry as longstanding, complex, and regulated as insurance, it’s easy for inefficiencies to creep in. Companies use the same old systems and processes that others have used for decades, and in the crunch to manage the day-to-day business, the drive to update and streamline can get lost in the shuffle.

But in the modern business world, where everything moves at the speed of the Internet and consumers expect new and improved products constantly, insurance companies can’t afford to fall behind on product upgrades and new product development. Old systems and processes keep products from getting to market in a timely manner. How can insurance product developers keep up with demand while meeting business needs and regulatory requirements?

The right requirements management solution can help bridge the gap between product development and the marketplace.

Where The Insurance Industry Needs Requirements Management: Two Scenarios

There are two main scenarios where requirements are needed in the insurance industry. The first is in the policy administration systems that automate the day-to-day operations of an insurance company. While every insurance company is unique, most share processes for day-to-day operations and have some kind of policy administration system. It may be a unique proprietary system, designed specifically for that company, or it may be provided by an outside software vendor. This policy administration system manages the day-to-day operations of the insurance company in three areas:

  1. Policy Administration: To administer an insurance policy, the company must quote, bind, and issue the policy and process endorsements, cancellations, reinstatements, and renewals.
  2. Billing/Accounting Administration: The policy administration system must also manage the financial side of each policy. This administration involves processing initial down payments and providing payment plan options; processing cancellations or reinstatements around non-payment of premiums; processing refunds and collections; and producing an annual statement and statistical reporting.
  3. Claims Administration: Finally, the policy administration system must process insurance claims, including first notice of loss, claims payments, and reinsurance.

Even listing the basic types of information that must be processed doesn’t capture the complexity of the details that have to be managed by the policy administration system. For example, while there is one set of requirements related to insured risk and coverages, there is an entirely different set of requirements for the output to describe both static and variable data that must be printed. In addition, every policy needs to have changes at some point, which are processed as endorsements. There are different rules for different types of endorsements, which will be captured as separate requirements. At each stage and level of the policy there are different requirements that must be applied.

The list of requirements across different functions and processes in the insurance industry is almost endless; managing these requirements according to the massive number of variables across products, risks, jurisdictions, and so on can quickly become overwhelming and cumbersome. In addition, when the requirements aren’t managed or applied properly, gaps and errors can easily arise, leading to administrative challenges at best, legal challenges at worst.

The second area where the insurance industry needs requirements management is in the new and enhanced insurance products and services that insurance companies want to develop and roll out to customers. Designing and introducing new products and services involves new states or geographies with different rules and regulations. Enhancing existing products can involve rate changes or additional coverages. In addition, with new or enhanced products, the policy administration system will need new or upgraded interfaces and other upgrades to the system. Introducing even one new or enhanced product can cause system-wide ripples that can impact everyone from the corporate office to the local agent.

In a world this complex, with this many details, insurance companies need a purpose-built requirements management system to allow them to effectively and efficiently respond to change.

RELATED: How to Solve the Top Five Challenges for Insurance Product Development

Gathering, Documenting, and Reusing Requirements

The common thread to implementing a robust and comprehensive policy administration system is understanding the requirements of the core business processes.

  • Business requirements are the needs of the company, regardless of whether there’s a system to process the work.
  • Stakeholder requirements are the requirements needed for a specific user to be able to process that information in a specific type of system, but they do not need to be specific to the system. These requirements are the ones that a user (such as an agent or claims adjustor) would need to accomplish the business requirements.
  • Solution requirements (functional and non-functional) are the technical requirements that each software solution must have to accomplish stakeholder requirements.

The big key to gathering requirements in all three areas is that the requirements must be reusable. While each software company may have a preference on the format used for the implementation, the business and stakeholder requirements should be reusable within any system so that software requirements can be tailored to the specific implementation strategy.

The Four Main Challenges for Insurance Requirements Management

There are currently four main challenges facing the insurance industry when it comes to requirements management.

1. Introduction of Agile Methodology

The move to agile methodology created a mindset in the insurance industry that requirements weren’t necessary for software development and upgrades. Shortly after the agile revolution began, the IIBA, International Institute of Business Analysis, which is the governing body for business analysts, suggested that business analysts had to adjust to this methodology by evolving to support these new ways of working—not just in software development, but in any area of business analysis where changes happen rapidly. Since then, business analysts often say, “requirements are in the code,” suggesting that requirements are just an extra step that takes too much time.

The reality is that not everyone is a developer who can read and interpret code. Business analysts know the requirements of the business and stakeholders, but they don’t necessarily know how to gauge whether the software meets those requirements. Likewise, software developers may not know the needs of the insurance business without someone who can communicate requirements.

Requirements and requirements management are essential for project success, in part because they reduce the risk of project failure or cost overrun. The solution is not to eliminate requirements to work faster; rather, it’s to manage requirements more efficiently to meet the demands of the market.

2. Unwillingness to Change Outdated Requirements Processes

Change is difficult for a lot of reasons, and it’s not uncommon to hear “we’ve always done it this way” or “if it’s not broken, we don’t need to fix it.”

However, outdated methods of requirements management cannot keep pace with modern needs, and relying on old processes inhibits new product development and innovation. Business analysts should be catalysts for change and demonstrate the efficiencies of new processes throughout the organization.

Another obstacle to change is summed up by the statement, “we’ve managed without requirements management all this time—why is it so important that we do this now?” This attitude represents a misunderstanding about requirements in general. They have always been necessary, and they’ve always been around, whether documented in a specific way or simply discussed in general terms.

Unfortunately, adding new processes to consistently use and reuse requirements can sometimes mean extra work that nobody has time for. Again, this is where business analysts can step
into the fray and be catalysts for change.

3. Reliance on Document-Based Requirements Management Tools

Too many insurance companies rely on document-based tools such as Microsoft Excel spreadsheets and Word documents to manage requirements. These tools are just too time-consuming to manage and can become quickly obsolete if they’re not consistently and constantly updated. It’s also very cumbersome to provide appropriate traceability for testing and test planning using these types of tools. Imagine trying to sit down with four or five different Excel documents and trace the requirements all the way through!

4. Complex Collaboration Across Teams, Departments, and Stakeholders

There is often a great deal of difficulty collaborating within teams, departments, and various stakeholders involved on a project. When it comes to developing and launching new insurance products, collaboration is vital to success, but coordinating schedules and sharing documents can often result in confusion. Fragmented collaboration also introduces the risk of siloed activities and tools; when teams and tools exist independently of one another in different formats and processes, coordination and collaboration become cumbersome at best, impossible at worst. Old tools and processes introduce risk, whereas modern requirements management systems allow people to collaborate at their own pace and provide documentation necessary to clarify and approve requirements.

To solve these challenges, any requirements management system adopted by insurance companies should address four main issues:

  • Maintenance and Traceability: The system must allow requirements to be easily maintained and traced across all teams, stakeholders, and functions throughout the development process. Having the ability to quickly identify requirements and their related functionality is essential for making informed decisions quickly. Lack of maintenance and traceability can lead to major product delays and make it difficult to shift resources from core business tasks to breakthrough innovation initiatives.
  • Easily Adapt for Future Innovation: A requirements management solution for insurance should allow current state requirements to always be ready for future state innovations, drastically reducing the time to market for new and improved products. Having the ability to integrate existing requirements with new functionality is essential to quickly move breakthrough innovative initiatives from development to market.

The traceability functionality really drew Farm Bureau Insurance to Jama Connect because it is easy to identify within the workflow.

“Traceability in Jama Connect® makes it easier to assess the impact of a proposed change,” says Blundy. “It helps identify all areas we have to modify and then gives us the ability to route the change for review and approval with ease. A single source of truth also improves consistency, for example, having templates built into Jama Connect — with all templates located in a single spot — means we’re all using the same template. And we’re following the same processes when writing, sending, and closing requirements.” – HEIDI BLUNDY, BUSINESS AND TECHNICAL ANALYST AT FARM BUREAU INSURANCE

Read the complete story here »

  • Standardization of Reusable Requirements: Having a standard way to reuse existing requirements reduces the risk of project failure, achieves cost savings, and ultimately increases customer satisfaction and return on investment. With standardized requirements, team members who need to review and respond to the requirements can perform their roles more effectively and efficiently.
  • Centralization of Requirements: Effective collaboration in the development of insurance products is vital to successful product development, and having your requirements in a central place to quickly find and use is key to effective collaboration.

Bridging the Gap in Insurance Product Development: How Jama Connect® Can Streamline Requirements Management

This image portrays an event showcasing pioneering excelling in healthcare.

Pioneering Excellence in Healthcare: Q&A with Systems Engineering in Healthcare

On December 5th, 2023, Jama Software® hosted an exclusive one-day thought leadership event, featuring industry experts Chris Unger – Retired GE Healthcare Chief Systems  Engineering Officer – PracticalSE LLC, Bijan Elahi – Founder of MedTech Safety, and Vincent Balgos – Director of Medical Device Solutions at Jama Software. Attendees of this event were invited to deep dive into best practices in Systems Engineering and Risk Management, crucial pillars of successful medical device development.

The following is the transcript of a Q&A session from this event. Please note that the answers were given verbally and may not be exactly as recorded. Some changes have been made for clarity.

“What are some insights for product development teams to consider when keeping up with the speed of innovation?”

Chris Unger: Separate out research (from development), and spend certain time on long lead items. Typically, our programs are 6 to 18 months. And so, if there is basic research that takes more time, make sure you have a certain amount of your budget – 5, 10% – with risk retiring the initial basic piece of the work, and the handoff between research and [development] programs in where we think we can retire the remaining risks in the 12 months. And then the rest of it has to really focus on what is really core. Eating the elephant one bite at a time. Focus on what’s really innovative. But one of my general managers said, ‘You want your product development to be a wall. Big, small, small, big, small.’ Product development should be a phased approach where you work on various scoped tasks. Focus on the high-risk and most innovative stuff. Low-hanging fruit can wait. Spend the time really on the breakthrough, and then maybe every six months for the next year just do small iterations, maybe some covers, maybe some better user interface and workflow, while you’re buying time for the next major innovation to come through. So, portfolio management.

Bijan Elahi: With respect to risk management, innovation in new technologies is useful for reducing risk to medical devices. You may have seen the definition of “state of the art” in the latest edition of ISO 14971 Standard, which says that the manufacturers are required to consider the consolidated findings of technology research practice to incorporate into the medical devices to reduce risks as much as possible. However, it also says that the latest technology state of the art is not necessarily the latest technology [from all industries]. And medical devices, we are a little slower than other industries like semiconductors. So, for us, state of the art must be generally considered good practice, and then innovations that are proven and accessible to be used to reduce risk.

Chris Unger: The other comment I might make is one of the reasons you slow down is scope creep. For every function, every person is like, “I just need my one. It’s just small.” It’s the straw that breaks the camel’s back. And one of our most successful businesses, the ultrasound team, said that time to market and this time blocks delivery was a team effort. Instead of having one person beating away, that all the functions sort of gang up on each other. It’s like, “Well, I didn’t put my extra in.” We’re all committed to delivering this every year, something important every year. And so rather than having the program manager fighting for scope, it’s the team that says, “Look, I’m willing to commit to this limited scope to get something this year, you help me out.” So, make sure it’s the team’s focus on speed to market.

Vincent Balgos: In this post-pandemic event, collaboration can pose a challenge in working remote, hybrid, onsite, especially for systems engineering and risk management where we need to work across the aisle amongst different types of groups.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Vincent Balgos: “So my question to maybe Bijan first, is what are some lessons learned that you’d offer to maintain efficiency and progress, that works better than others? And we are a bunch of engineers here, definitely want to talk about technical, but are there any key soft skills that we may also want to consider as well?”

Bijan Elahi: In one of my classes, I teach that you need to cultivate humility and curiosity. So, what do I mean by that? As I said, risk management is a team sport, and humility does not mean self-deprecation, it means to recognize that the answer is not all within you, it’s within your team. And the curiosity part is that some people are just shy about sharing their thoughts. So, curiosity is to seek it. It doesn’t always just come to you. So, this is a soft skill that I can offer you, to cultivate humility and curiosity.

Chris Unger: This is a good advertisement for the February webinar I am hosting with Jama Software. I was going to plan something on requirements writing techniques, which will probably be later in the year. I’d say a couple of things, make sure that you focus on communication. So, in a crisis, a lot of people just focus on getting their work done. And the first thing that you should maintain, a lesson straight off, is making sure you talk to the team, that you get consistency and use simple forms, and keep publicizing. Example like “What are my decisions? What are the important ones?” Just keep over-communicating, it’s something simple in the survival handbook, “Guys, here’s my list of decisions, here’s my list of risks.” Keep it simple, keep it single reference.

And the other thing I do is, don’t use that to communicate, use that to archive your decisions. I get really annoyed when my team says, “I wrote defects in the tool. Of course, they’re going to respond.” Talk to people, call them up, ask them questions. Do they understand? Do they understand why it’s important to do this? Do they accept that it’s their defect? I had one, my first program at my previous employer, we got to each milestone, we had like a hundred open defects. And people came to me complaining, “Well, I got rid of my defects. I fixed 50 of them and I transitioned 50 to every other defect. But it’s not fair Chris, because everybody else transitioned their defects to me last night. How am I supposed to…” But we’re a team. Don’t reassign the defect in the tool and assume they’ll accept it. Talk to them. Say, “I’m going to reassign these five defects to you. Do you agree that they’re yours?” Talk more than use the tool to communicate. I love Jama Connect. I love the risk management aspect, all the risk files. But if you are going to assign a risk mitigation to somebody, talk to them before you assign them.

Vincent Balgos: “What are some market and technology trends you see coming to the industry in 2024?”

Bijan Elahi: The big ones are Artificial Intelligence (AI) and Machine Learning (ML). A lot of medical devices are now deploying technologies that are based on AI and ML. And this has really created the challenge for risk management. In fact, we don’t know how to really completely answer this yet. This is an unanswered question. And the regulatory agencies, ISO experts, they’re all working on this. So, answering this question of how do we manage the risks of a medical device that is constantly changing? With current medical devices, if you want us to make a change to it, you’re supposed to submit something to the FDA. What about a medical device that is changing by the hour? It’s not really possible to keep making submissions. So, this is one of the challenges that’s happening in 2024.

Chris Unger: Yeah, that’s the obvious thing. I was a skeptic. People a long time ago said, “Are you doing AI machine learning?” And I kept responding with “No, it’s not ready. It’s not ready.” It’s ready. It’s coming. It’s now. It’s 2024. I wouldn’t say it’s a 2024 trend, it’s ongoing and continuing in cybersecurity. I mean, all these things are connected. That we want to network. Radiologists want to work remotely. It was a long time ago that somebody talked to us and said, “Look, this is great. I’m the head of a radiology network in northern Jersey. We’ve got five radiologists. And when people come to my clinic, I’ll do a quick read of every scan in my area, but I’m the liver guy. So, all the liver scans get sent to me. And somebody else is the head guy.

But that means a network, which means you’ve got huge network security. So, cybersecurity is just always going to get more and more critical. And we’ve never been liable. We’ve had hospitals come to us saying, somebody’s stuck a USB stick into your system and you let that virus go and it infected their network, but it went through your product. Why didn’t you protect it? And that was a huge malware. Whatever ransomware hospital costs more money than effective fiber is going to be way more effective.

RELATED: 2024 Predictions for Medical Device & Life Sciences Product, Systems, and Software Development

Audience Question: “I was curious, looking at your workflows with the dotted lines, I recently debated whether usability engineering should be its own pillar containing risk, containing system requirements or embedded within the existing infrastructure for those. Do you have any pros or cons or suggestions on whether you should look at usability engineering independently as a whole? Or as part of the risk plan system requirements plan?”

Bijan Elahi: Usability engineering is very well integrated into risk management. It is its own discipline, and it has its own standard IEC 62366:2015. But a lot of its work products are very similar to an actual integration with an ISO 14971 workflow. So, I can’t say that it should be independent, but I say integrated with risk management.

Chris Unger: Yeah, I think it’s both and, not either or. As Bijan said, there’s a use analysis report that is mandated. So, it’s its own discipline and it’s part of everything. It’s part of workflow. Remember I said, “Gee, we want, custom things that are easy to use. No training needed, just use it.” And that’s a customer value. It’s part of marketing. Think about reliability. So, if I take this and I drop it… what are the stresses? How do I test this stuff? It’s part of uses. When we did things, it was probably two-thirds of our reliability issues were unexpected use cases. So, we had this baby warmer, and it was in Philadelphia, so they had cobblestone streets, and they were just transporting it from one wing of the hospital to the other, no baby in it. And there was an infrared warmer, it went over it and the interim warmer fell over to where the baby would be. Because it was doing a shake test going over the cobblestone. And we didn’t think about that.

Another case we had a mobile X-Ray. Takes an X-ray system, moves it into the surgery, into the ICU, the recovery room. And it’s a battery… It was probably 600, 700 pounds. Great when you have this big hulking tester and they move it over this expected ramp, something like this was easy to move it over. You get 110-pound nurse in a hospital with a two-centimeter step going into the elevator and guess what? The only way they could get over the ramp was to take a running start and use the momentum. We had wheels falling off. What was that? So, we went to the hospital and watched them. Oh! We expected like 5 Gs and the upper limit (UL) is like 50 Gs or 10 x factor plus 200 Gs. Once we designed for 200 Gs, wheels stopped falling off. So, usability is part of reliability engineering. So, it’s part of everything and it’s used in analysis report.

Audience Question: This is a more general question, but for companies that have two or more variants of a product, what are your recommendations? And this is to both of you about managing both product development and product assets. So, let’s say 90% of the assets are common across three variants and how to handle risk management when the clinical usage of those three variants could be different?

Bijan Elahi: With respect to risk management. EU MDR allows you to do risk management for a family of projects. So, if this is a family that are very similar, you can do a common risk management and then do differential risk management for the differences between them to submit.

Vincent Balgos: I’ll also add that varying management configuration is a hot topic within the medical, especially as you build family of products and then you build your… Let’s say child products off that. How do you reuse and share some of that information for efficient product development? So, this is where Jama Software is really a great, unique opportunity where we’ve actually learned from other industries, particularly in automotive and in terms of how they deal with those different types of variants. So, we’re incorporating some good practices off the bat and again, happy to talk with each of you, especially if there’s specific questions on how to solve some problems.

Audience Question: My question is about integration. I mean we see more and more devices now have the ability to work together with solutions from other vendors. How can we can be prepared for that? I mean sometimes if your product is on the market, and somebody wants to use it and integrate it with a different solution. How can we be prepared for that from both a system engineer design perspective and for risk management?

Chris Unger: System engineering is kind of simple. Keep a configuration compatibility matrix to ensure that this version of your product is compatible with what version. And then really think through the use cases. The rainy day and sunny day. We had cases where our monitoring central station… So, we built some temperature monitors, fetal monitors, cardiac monitors, but we also then built a central station that have to work with our sensors but anybody’s sensors in the world. And we did pretty good with that.

We had a recall where somebody would plug in a… I forget what it was… temperature monitor? But it was a safety-critical device in the intensive care unit, and we didn’t have a fast enough response that it was plugging in. Usability. So, the nurse pulled it out, put it in again, pulled it out, and put it in again. And finally, the system had a race condition. It said you pulled it out, and when they put it in it tried to reset. So, the nurse had thought that it was plugged in it, and it wasn’t. And so, the nurse was assuming that the patient’s heart rate was monitored when it wasn’t, we had to recall the entire product. So have a standard interface. Have a compatibility matrix and test the unusual customer uses.

Bijan Elahi: With respect to risk management, if you’re making a medical device that is supposed to work with other medical devices together, then the together becomes a system. The patient is experiencing the risks that could come from the integration of all the devices that connect with your device. To manage the risk of that, what you need to know is which devices are going to plug into your device and then you test them to make sure that they’re safe together. And then you make a list of approved compatible devices that could be used with your device and your manufacturer makes another device that wants to be used with yours and you must check that too. Just keep expanding your list of approved devices.

This image portrays a news article asking "How Can Technology Advance Our Lean Effort?"

Jama Software is always looking for news that would benefit and inform our industry partners. As such, we’ve curated a series of customer and industry spotlight articles that we found insightful. In this blog post, we share an article, sourced from IndustryWeek, titled “How Can Technology Advance Our Lean Effort?” – written by Doug Berger and Conrad Leiva originally published on November 20, 2023.

How Can Technology Advance Our Lean Effort?

Lean has played a significant role for the past few decades in driving efficiency across manufacturing organizations by providing people with the data and methods for eliminating waste, improving factory flow, and focusing on customer value. Lean techniques have promoted simple, intuitive visual and analytical approaches to decision-making, problem-solving, and continuous improvement.

The “digital lean” movement stays true to lean principles while taking advantage of the real-time and data-centric techniques from smart manufacturing and Industry 4.0.

Digital lean amplifies the core strengths of both methodologies. It works best when the operations improvement team pulls in technology to add value for specific process improvements and avoids pushing technology because there is good buzz about it. When deployed to support people and process gains, digital lean unlocks even greater levels of efficiency, quality, velocity, and adaptability in operations.

Extending Value

Digital lean achieves gains with technologies like automated data collection, analytics platforms, digital dashboards, artificial intelligence, and integrated workflow systems. It amplifies both the measurable performance and qualitative employee engagement gains.
The following illustrates the added value that well-placed digital technology can bring to a lean effort in three key areas:

1. Reducing Waste

Reducing downtime through predictive maintenance: Unplanned downtime is wasted time and disruptive. Planned maintenance on a fixed schedule, regardless of equipment condition, is also wasteful. Instead, advanced sensors for conditions such as vibration, force, and temperature can be installed on machines, monitored in real-time, and analyzed by AI-based predictive maintenance algorithms to trigger maintenance when needed based on machine usage and monitored conditions.

Reducing defects with real-time detection: Lean has always had a focus on the waste from out-of-spec quality, material scrap, and rework. Automated in-process quality monitoring through sensors, computer vision, and artificial intelligence (AI) can detect small deviations, including deviations not visible through traditional methods. It can spot in real-time when a process is trending out of its control range, triggering warnings and corrective action.

Reducing waste through enhanced value stream mapping (VSM): The typical VSM is infrequently conducted and based on estimated processing times. Digital process monitoring allows the enterprise to perform VSM with precision processing times, error rates, variations, and other statistics that are not readily available with more traditional manual tracking.

RELATED: Best Practices Guide to Requirements & Requirements Management

2. Reducing Inventory

Minimizing inventory waste through automated material tracking: Auto-ID technology such as radio-frequency identification (RFID) sensors and advanced analytics make it easier to accurately track raw materials, work-in-progress and finished inventory location and levels. The consumption of raw materials is monitored in real-time and triggers replenishment automatically. This reduces unnecessary purchases and out-of-stock due to data errors or not locating inventory. Replenishment levels can be lowered with confidence.

Improving flow with automated movement and handling: Lean has long recognized that any movement of material is less than ideal. Practical considerations often limit the ability to rearrange equipment at a production site. Automated guided vehicles (AGVs) and cobots make it practical to move smaller production batch sizes to achieve continual flow of material, lessening the labor wasted in manual movement. With sensors, routing instructions, and AI, the AGV is automatically placed at the work center in anticipation of completion. From the perspective of the part, it is continuously moving from workstation to workstation with no wait time.

3. Improving People Utilization

Improving work rhythm with real-time digital dashboards: Smart dashboards are configured to automatically use collected data to generate charts, diagrams, and other displays that support everyday decision-making processes. Digital and on-displays mounted in hallways around the plant are updated in real-time. Accurate, timely data is key to improving flow and using people effectively.

Reducing errors with digital work instructions: Operators review the latest standard operating procedures (SOPs), work instructions, and checklists on monitors or mobile devices. This can improve consistency and reduce waste due to operator error.

Eliminating clerical steps with a paperless factory: “Pushing paper” is a form of wasted worker time and expertise. Every instance of a person transcribing information or data entry is non-value-added. The paperless factory eliminates this waste as well as errors introduced through manual data collection.

Improving talent use with online training: Workers are better utilized when they learn to perform a wider range of tasks. Tablets, augmented reality (AR), and virtual reality (VR) are becoming more popular to train workers on new tasks, without risking the impact of learner mistakes on the actual product, especially when the potential mistakes would be a safety concern or costly scrap.

RELATED: Traceable Agile – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Where Do I Start?

Perform a variant of the typical value-stream mapping technique and include the steps involved with handling the paperwork. Review the wasted time and errors in your paper-based processes. Consider the improved productivity through eliminating manual steps.

Better data will give you more visibility into the value stream and areas of waste, constraints, and bottlenecks.

In a ‘What if’ mode of thinking, prioritize your areas of opportunity. Over the past several years, commercial technology solutions have reduced the need for custom solutions. This is making digital lean more available and cost-effective for all-size operations.

Do a use-case search on available technology and identify solutions that are relevant to your business.
Debrief with other companies that have deployed similar solutions.
Go into the selection process with a clear understanding of what your business needs and stick to that plan.
It can be tempting to envision a big transformation by having a long-term end state in mind. Take into consideration that technology is rapidly evolving, and your end state will inevitably change. The key is for each step in your journey to build on the prior one and lay a good foundation for expanding future capabilities. Keep your options open.

Do not underestimate the change management effort. The team will need to develop competence in smart manufacturing technology. Throughout this process, engage those employees who will be most affected. You will make better decisions and have less friction during implementation.

Digital lean harnesses advanced technologies to supercharge traditional lean manufacturing. It provides real-time insights to drive faster, more informed decision-making. It identifies and corrects inefficiencies and waste with higher velocity. Embracing digital lean equips businesses with the agility and adaptability needed to thrive in today’s rapidly evolving market landscape.

Based in the New York City area, Doug Berger is founder and president of the non-profit Industry Reimagined 2030, which is on a mission to revitalize U.S. manufacturing at a national scale.

Based in the Los Angeles area, Conrad Leiva is vice president of ecosystem and workforce development at CESMII–the Smart Manufacturing Institute.

This image depicts a medical professional using the benefits of IEC 62304 implementation.

In this blog, we recap our eBook, “An In-Depth Guide to IEC 62304: Software Lifecycle Processes for Medical Devices” – Download the entire thing HERE.

An In-Depth Guide to IEC 62304: Software Lifecycle Processes for Medical Devices

In the world of modern medicine and healthcare, software plays an integral role in the functionality, monitoring, and management of medical devices. These software components can range from simple interfaces to complex algorithms that drive critical medical decisions.

Ensuring the safety and effectiveness of these software components is of paramount importance, leading to the creation of standards such as IEC 62304, which defines lifecycle requirements for medical device software.

Understanding the Importance of Software in Medical Devices

Medical devices have evolved significantly, integrating software into their core functionality. From pacemakers to diagnostic equipment and even mobile health applications, software contributes to accurate diagnoses, patient monitoring, and treatment delivery. This integration enhances the capabilities of medical devices but also introduces potential risks if not developed and maintained properly.

Overview of IEC 62304

IEC 62304, titled “Medical device software – Software lifecycle processes,” is an international standard that provides a framework for the development of quality medical device software. It establishes standards for managing software development, verification, validation, and maintenance within the context of medical device development.

This eBook delves into IEC 62304, its components, implementation strategies, and benefits, equipping readers with a comprehensive understanding of how to develop medical device software that adheres to rigorous quality and safety standards.

Scope and 2 Application of IEC 62304

What Medical Devices are Covered?

IEC 62304 applies to a wide range of medical devices that incorporate software – software that is a medical device on its own (SaMD) or an integral part of another medical device (SiMD). This includes both standalone software devices and software that is part of a larger medical device. These devices encompass everything from simple mobile health apps to complex medical imaging systems.

Examples include clinical decision support software, manufacturing software used to test the delivery volume of an insulin pump, software used to analyze genetic data, software in pacemaker, etc.

What Types of Software are Included?

The standard encompasses software used for medical device design, development, production, installation, and servicing. This encompasses not only the software that directly interfaces with the patient or provides a medical function but also the supporting software used in manufacturing and quality control.

Key Concepts and Terminology

Software Safety Classes

IEC 62304 introduces a classification system based on the potential harm caused by software failures. The requirements vary depending on the software safety classification There are three classes:

  • Class A: No injury or damage
  • Class B: Non-serious injury
  • Class C: Serious injury

These classes help determine the level of rigor required in the software development process.

Software Lifecycle Processes

The standard outlines processes that span the entire software lifecycle, including planning, requirements analysis, design, implementation, verification, validation, and maintenance. Requirements vary depending on the software safety classification.

Software Safety Requirements

Ensuring the safety of medical device software involves identifying and addressing potential hazards. IEC 62304 mandates an increase in rigor of design control processes and documentation based on the software safety classification.

Software Items

Software items are software components that make up medical device software. By decomposing software into discrete software items, the manufacturer can analyze
failure points and interfaces. It also allows the manufacturer to independently classify and document these subcomponents, thus facilitating the possibility of
reusing these subcomponents in future products.Properly managing these items ensures traceability and facilitates risk management.

RELATED: Application of Risk Analysis Techniques in Jama Connect® to Satisfy ISO 14971

Benefits of IEC 62304 Implementation

Improved Software Quality

Complying with IEC 62304 significantly enhances software quality by providing a
comprehensive framework that guides the development, maintenance, and validation of medical device software. By adhering to its guidelines, teams are compelled to follow a structured approach, resulting in improved software quality. The standard mandates clear documentation of requirements, architecture, design, and verification activities, which in turn fosters transparency and traceability throughout the software development lifecycle.

This meticulous documentation ensures that potential issues and deviations are identified and addressed early, reducing the likelihood of defects and vulnerabilities making their way into the final product. The standard forces manufacturers to consider not only how they will develop the software, but also considerations for maintenance and the end of life of the software. Consequently, software that complies with IEC 62304 exhibits higher reliability, safety, and overall quality, which are very important in the context of medical devices where patient safety is paramount.

Furthermore, IEC 62304 references rigorous risk management practices (such as ISO
14971 principles), leading to the identification and mitigation of potential hazards associated with the software. IEC 62304 concentrates on the software development lifecycle, process, and documentation. The standard necessitates the classification of software components based on their potential risks, facilitating a targeted approach to testing and validation efforts. This risk-driven approach helps allocate resources effectively, concentrating efforts on the most critical aspects of the software.

Additionally, IEC 62304 requires you to have a plan for verification and validation of software. Different regions may have slightly different requirements. For instance, FDA has published “General Principles of Software Validation” Guidance.” These verification and validation activities are vital for identifying and rectifying bugs, security vulnerabilities, and functional issues. By conducting thorough testing and verification activities, software developers can enhance the performance, reliability, and stability of their products, contributing to an overall elevation in software quality.

Enhanced Patient Safety

Compliance with IEC 62304 plays a pivotal role in elevating patient safety thanks to the rigorous guidelines that mandate a systematic and controlled approach to software development, emphasizing risk management and mitigation strategies. By requiring thorough assessment of potential hazards associated
with medical device software, IEC 62304 ensures that developers identify and address safety risks early in the development process. This proactive approach results in the implementation of appropriate controls and safeguards, minimizing the chances of software-related failures that could jeopardize patient well-being.

IEC 62304’s emphasis on documentation and traceability further bolsters patient safety. The standard mandates comprehensive documentation of software requirements, design specifications, and verification and validation activities. This level of transparency enables regulatory bodies, medical professionals, and device users to thoroughly assess the software’s functionality and safety features. In the event of an issue or concern,
standardized documentation facilitates swift identification of the problem’s root cause, enabling prompt resolution to prevent potential harm.

Additionally, by adhering to IEC 62304, developers create a foundation for ongoing software maintenance and updates, ensuring that any changes are managed
systematically and with patient safety in mind. Overall, IEC 62304’s structured approach to software development and its focus on risk management and
documentation significantly enhance patient safety by reducing software-related risks and facilitating effective issue resolution in medical device software.

Regulatory Compliance

Regulatory authorities worldwide, including the FDA and the European Medicines
Agency, recognize IEC 62304 as a reliable framework for the development of safe
and effective medical device software. By adhering to its standards, developers
align their practices with established industry standards, which simplifies the
process of obtaining regulatory approvals.

One of the key ways IEC 62304 aids regulatory compliance is through its emphasis
on risk- based development and design controls. The level of rigor depends on the
safety classification of the software. This aligns well with regulatory expectations, as authorities often require comprehensive risk analyses to assess the potential impact of software-related hazards on patient safety. IEC 62304’s risk-driven approach not only helps in identifying and mitigating risks but also provides the necessary documentation for regulatory submissions, demonstrating that thorough risk evaluations have been conducted and appropriate controls are in place.

IEC 62304’s structured development lifecycle, which includes phases for software
planning, development, verification, validation, and maintenance, aids regulatory
compliance by providing a clear and consistent roadmap. This ensures that essential development steps are followed and documented appropriately. Regulatory agencies often scrutinize these aspects during the approval process, and adherence to IEC 62304 greatly assists in demonstrating that all necessary
processes have been carried out systematically.

RELATED: Application of Risk Analysis Techniques in Jama Connect® to Satisfy ISO 14971

IEC 62304 Lifecycle Process Phases

  1. Software Development Planning: This phase involves creating a comprehensive plan for software development that outlines roles, responsibilities, and the overall approach.
  2. Software Requirements Analysis: Identifying and documenting software requirements, including functional and non-functional aspects, lays the
    foundation for development.
  3. Software Architectural Design: Designing the software architecture defines
    how components will interact and ensures that the software can meet its
    intended purpose.
  4. Software Detailed Design: In this phase, detailed design specifications are
    created based on the architectural design, providing a roadmap for
  5. Software Unit Implementation and Verification: Developers write and test
    individual software units, verifying that they meet the defined requirements.
  6. Software Integration and Integration Testing: Units are integrated into a
    cohesive whole, followed by testing to ensure they work together seamlessly.
  7. Software System Testing: The entire software system undergoes rigorous
    testing to identify and rectify defects.
  8. Software Release: The software is prepared for release, including packaging,
    documentation, and any necessary regulatory submissions.

Software Safety Classification

  • Class A: No Injury or Damage Class – A software failures are unlikely to cause any injury or damage to the patient or user. An example might be a display error that does not affect the device’s functionality.
  • Class B: Non-Serious Injury – Class B failures could potentially lead to non-serious injuries, discomfort, or inconvenience to the patient or user. An example
    could be an incorrect alarm sound that causes temporary stress.
  • Class C: Serious Injury – Class C failures have the potential to cause serious injuries to patients or users. For instance, incorrect dosage calculations by a medical infusion pump fall under this class.

Download the entire eBook HERE:
An In-Depth Guide to IEC 62304: Software Lifecycle Processes for Medical Devices

G2® Once Again Names Jama Connect® the Overall Leader for Requirements Management Software

Jama Connect® was again named far and away the overall leader in the Winter 2024 G2 Grid® Report for Requirements Management Software!

In addition to the honor of being named the leader in requirements management software, we are proud to showcase that we were awarded several additional medals for Winter 2024 in requirements management, including:

  • Leader
  • Enterprise Leader
  • Momentum Leader
  • EMEA Leader
  • Small-Business Leader
  • Mid-Market Leader
  • Users Love Us

Download the full report to see why customers love using Jama Connect for product, systems, and software development.

Learn More About the Winter 2024 G2 Grid for the top Requirements Management Software products HERE!

Jama Software® is honored to be acknowledged as the top requirements management solution. We’re grateful to our customers for sharing their valuable feedback on their experiences using Jama Connect. The “Users Love Us” category, in particular, is a testament to the value our industry-leading requirements management software brings to our customers, and especially for customers who have moved from a document-based approach to complex product, systems, or software developement.

Product Design teams need a requirements management tool like Jama [Connect.] Using Jama Connect allows our software development team to have a well-organized and well-written set of requirements. It allows us to more easily maintain a baseline of features in our continuously evolving software.”

-From review collected and hosted on G2.com, Mark M. — Mid-Market

We strive to provide our customers with the best experience while using our platform. Being named as Leader in particular shows how much our users enjoy working within Jama Connect.

Jama [Connect] is the final death blow to your grandfathers way of managing text based requirements.”

-From review collected and hosted on G2.com, Mark M. — Mid-Market

Read Jama Connect reviews on G2

From all of us at Jama Software to all of you, thank you!

G2 scores products and sellers based on reviews, gathered from their user community, as well as data aggregated from online sources and social networks. Together, these scores are mapped on their proprietary G2 Grid®, which can be used to compare products, streamline the buying process, and quickly identify the best products based on the experiences of your peers.

this image portrays someone who may be working on a software factory.

What is a Software Factory?

A software factory is not a physical factory; instead, it’s a metaphorical one, signifying a structured, systematic approach to software development. It’s based on the principles of manufacturing, where standardization, automation, efficiency, and quality control are paramount. In a software factory, software is produced in a manner akin to an assembly line, where each stage of development follows a well-defined process, ensuring consistency and scalability.

RELATED: Loram Rides the Fast Track to Software Safety with Jama Connect®

Key Components of a Software Factory

  • Standardization: Standardized procedures and equipment are the foundation of a software factory. Because of this standardization, the development process is more predictable and controllable since every piece of software is produced using the same set of procedures.
  • Automation: The software factory model’s foundation is automation. Automation tools are used to speed up development, minimize errors, and reduce manual labor from code generation to testing and deployment.
  • Modular Architecture: Software factories employ modular architecture in a similar way to physical factories that use interchangeable parts. Reusable components are made possible by this method, which speeds up and simplifies the development of new features or apps.
  • Quality Control: A software factory must employ continuous integration and deployment (CI/CD) techniques. By using these procedures, code modifications are automatically tested and released, upholding strict dependability and quality criteria.
  • Collaboration and Communication: Coordinating the efforts of the various teams participating in the development process requires the use of effective collaboration tools and processes. By doing this, it is made sure that everyone is in agreement and that the result meets the intended goals.

Benefits of a Software Factory

  • Increased Efficiency: By automating repetitive tasks and standardizing processes, a software factory significantly increases the efficiency of software development.
  • Consistency and Quality: Standardized processes and automated testing lead to more consistent and higher-quality software products.
  • Scalability: The modular approach and automation make it easier to scale the development process, accommodating more features or higher volumes of software production without a proportional increase in resources or time.
  • Faster Time-to-Market: With streamlined processes and automation, software factories can significantly reduce the time it takes to bring a software product from concept to market.
  • Cost-Effectiveness: Although set up requires an initial investment, the long-term benefits of increased efficiency and reduced manual effort result in significant cost savings.

RELATED: Traceable Agile – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

How Can Jama Connect® Help?

Jama Connect® aids leaders by providing robust requirements and test management, ensuring clarity and alignment throughout the project. With Jama Connect’s Live Traceability™, teams can manage requirements and tests through the systems development process for proven reduction in cycle time and improved product quality.

With the advent of the software factory, software development has undergone a paradigm change from an artisanal, handcrafted approach to one that is more methodical, efficient, and scalable. Organizations can create software more effectively, more cheaply, and with higher quality by adopting the concepts of standardization, automation, modular architecture, quality control, and effective teamwork.

Note: This article was drafted with the aid of AI. Additional content, edits for accuracy, and industry expertise by Steven Meadows, McKenzie Jonsson, and Decoteau Wilkerson.

This image portrays product and engineering predictions for teams in 2024.

2024 Predictions for Product and Engineering Teams

As Product and Engineering Teams move into 2024, we aim to gain a deeper insight into the factors driving transformation in the development of products, systems, and software and explore how teams within this industry are adapting to meet the challenges posed by these evolving complexities.

In the final part of this six-part series, we asked our own industry experts Josh Turpen – Chief Product Officer, and Preston Mitchell – Vice President, Global Solutions, to weigh in on the product development and engineering trends they’re anticipating in the coming year in the coming year and beyond.

We like to stay on top of trends in other industries as well. Read our predictions for Automotive predictions HERE, Aerospace & Defense HERE, Industrial & Consumer Electronics (ICE) HERE, Medical Device & Life Sciences HERE, and SoftTech HERE.

Design Trends – What are the biggest trends you’re seeing in your industry right now? How will they impact product & engineering teams through product, systems, and software development?

Josh Turpen: Software continues to eat hardware. This trend is accelerating in the complex product space, particularly in automotive. This is driving companies to be “agile” but at the cost of quality.

Preston Mitchell: The big trend will be how to focus using the emergent Artificial Intelligence (AI)/ Large Language Models (LLM) solutions so they actually help the team be more efficient or profitable. Plenty of emerging tech in the AI space but remains to be seen how “useful” it will be. There is a huge opportunity to leverage this in ways that are beneficial for teams with the right focus. For example, we’re just starting down this path at Jama Software® with Jama Connect Advisor™, which helps train business analysts/product managers / engineers on how to write their requirements in more concise fashion with less ambiguity.

Biggest Challenges – What are some of the biggest challenges you think product & engineering teams will be working to overcome in 2024?

Turpen: Quality at scale and speed will continue to be a problem. This is exacerbated by the increasing complexity in software.

Opportunities – What are some of the biggest opportunities you think product & engineering teams should be considering in 2024?

Mitchell: Automation. Consider where automation can reduce the complexity and time needed to deliver large scale products. I’ve worked with hundreds of companies that build very complex products and I’m still amazed at how many of their internal processes are manual. AI will certainly be the 2024 buzzword – but currently most AI tools are still beta and rely on a human to prompt for an answer – not exactly automating a repeatable process. When I mean automation opportunity I’m talking about the low-hanging fruit of manual business processes – for example, automating task links between multiple engineering tools.

RELATED: How to Plan for Large Language Model (LLM) Adoption Within Your Engineering Organization

Regulations – What changing regulatory guidelines do you anticipate having an impact on companies in 2024?

Turpen: Companies that seek to identify risks (not just in products, but in process) will come out on top. Anti-fragile product development pipelines are the logistical super-power for the next phase of product development.

Tool Innovation – From a product & engineering toolset perspective, what are some of the processes you think forward-thinking organizations will be working to leverage or incorporate into their process and why?

Turpen: Moving from the individual engineer to the team/product pipeline will give management the opportunity to intervene early to reduce risk. Products that are focused on a best-of-breed world will give companies a leg up on legacy vendors and their suite approaches.

Mitchell: Forward-thinking orgs will adopt data-driven assessment of the product development lifecycle. Today there are no generally accepted measurements of Research and Development (R&D) efficiency. It’s hard for organizations to predict if a product will be delivered on time and without defects. Launch delays and regressions are common and almost generally accepted. Organizations commonly measure a product’s performance after it is launched (revenue, profit, adoption.) Why don’t we measure what happens before it is launched? Why don’t we measure the R&D lifecycle? Forward thinking orgs will adopt ways to measure their development lifecycle to they can better predict success or failure…and some may not like what they find.

Cybersecurity – What role will cybersecurity play in product & engineering development in the coming year and beyond?

Turpen: Cybersecurity will be baked into requirements and, therefore, products for everything from thermostats to ADAS.

Survival Factors – In your opinion, what are the biggest differences between product & engineering companies that will survive to see 2030, and ones that don’t?

Turpen: Agility tempered with quality will be the common trait of survivors. We’re already seeing companies get slapped with criminal charges based on their inability to see and manage risk.

Mitchell: With the hot economy and low interest rates before recent inflation there was a lot of investment in new startups and emerging technologies — think self-driving cars and AI. The economy is still doing well, but tempered with higher interest rates, so the investors of years past are looking for a return on their prior investment and will be more tempered with any new bets they place. The companies that survive to see 2030 will be the ones that find clear use cases that people are willing to pay for in these emerging technologies. New products and tech just “because it’s cool!” will not survive without a commercialization path.

RELATED: Traceable Agile – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Advice – What advice would you give to new product & engineering teams entering the market?

Turpen: Move fast and KNOW what you’re going to break.

Mitchell: Ask questions and seek advice from your peers or mentors who have built something before in your industry. Determine who your ideal “first customer” would be and work hard to speak with them, show them your early prototypes, and validate your assumptions about what they need.

Emerging Topics – What topic(s) do you wish companies were paying more attention to?

Turpen: Management of the engineering process.

Mitchell: Solving very easy efficiency problems in the engineering process like automating flow of data between disparate systems. I just spoke with a customer whose testers were redundantly logging defects in two different systems! Come on! Set aside some time to automate that process!

Identifying Mistakes – What is the biggest mistake you see product and engineering teams making right now?

Turpen: Throwing money at hard problems with little understanding of success and no management of the outcome.

Mitchell: Assuming a tool will solve their problems. Process first, then tool.

Innovation – What is the most innovative thing you’ve seen with product and engineering teams this year that you anticipate other companies following suit in coming years?

Turpen: Moving away from the “big meeting” to an asynchronous, stateful collaboration process.

Predictions – What do you think will remain the same in your industry throughout 2024?

Turpen: Companies who think the answer to their engineering process problems is a monolithic tool will continue to lose ground and engineers to their competitors.

Do you think there will be any major disruptors for product & engineering teams in the coming year? How do you think it will impact the industry?

Turpen: We’ll see the first set of major Intellectual Property (IP) lawsuits based on uncontrolled LLM. This will force companies to think about security and IP protections in their own AI development.

Mitchell: This will not happen in one year, but I foresee AI solutions replacing the need for traditional learning assets like static help guides, training videos, and maybe even support sites. Users don’t need to read a help guide, watch a tutorial, or submit a support ticket if an AI assistant is guiding them in the process and available for quick questions. Effort to build those types of traditional learning assets will be redirected to investments in AI assisted “on the job” learning while using the product.

What do you predict for product & engineering regulations in 2024?

Turpen: A continued increase in the importance of security/safety regulations in the automotive/medical industries with more penalties for poor performance.

Will those trends still be prevalent 5 years from now? 10 years?

Turpen: Yes, this is an area that will only grow in complexity and impact.