This paper presents an analysis of software-related failures of medical devices that caused no death or injury but led to recalls by the manufacturers. The analysis categorizes the failures by their symptoms and faults, and discusses methods of preventing and detecting faults in each category. The nature of the faults provides lessons about the value of generally accepted quality practices for prevention and detection methods applied prior to system release. It also provides some insight into the need for formal requirements specification and for improved testing of complex hardware-software systems.
Click on the file attachment below to read this paper.
About the Author
D. Richard Kuhn is a computer scientist in the Computer Security Division of the National Institute of Standards and Technology (NIST). He is a senior member of the Institute of Electrical and Electronics Engineers (IEEE), received a US Department of Commerce gold medal for scientific/engineering achievement in 2002 and 1998 Excellence in Technology Transfer award from the Federal Laboratory Consortium for research in role based access control, and a US Department of Commerce bronze medal in 1990 for contributions to open system standards.