Biomedical Engineering Reference
In-Depth Information
international authorities. Certification can be applicable to an organisation, tools or
methods, or systems or products. The main objective of the certification bodies is to
provide assurance that an organisation can achieve a certain level of proficiency, and
that they agree to the certain standards or criteria. In the case of product certification,
there are always issues for the certification, whether a methodology or development
process is certified or not.
There are many international standards bodies. More than 300 software stan-
dards and 50 organisations are developing software standards [
34
]. Standards come
in many different flavours, for example, de-facto standards, local, national and inter-
national standards. Some of the standards are more specific related to the defence,
financial, medical, nuclear, transportation, etc. (see the
Appendix
).
There are number of standards addressing safety and security of a system related
to the software development. For example, avionics RTCA-Do-178B [
96
]orthe
IEC 61508 [
35
,
53
] as the fundamental standard for the functional safety of E/E/EP
systems [
35
,
53
]. The IEC 62304 [
51
] standard is for the software life-cycles of
medical device development that addresses to achieve more specific goals through
standard process activity, and helps to design the safe systems. All the necessary
requirements for each life-cycle process are provided by the IEC 62304. The process
standard IEC 62304 [
51
] is a collection of two other standards ISO 14791 and ISO
13485, where the ISO 14791 standard is for quality, and the ISO 13485 is for risk
management.
Institute of Electrical and Electronics Engineers (IEEE) standards [
54
] provides
a safety assurance level for industries, including: power and energy, biomedical and
health care, information technology, transportation, nanotechnology, telecommuni-
cation, information assurance, and many more. The IEEE standard is approved by
authority and considers the users recommendations before apply into the develop-
ment process. All these standards are reviewed at least every five years to qualify
the new amendments in the systems.
Food and Drug Administration (FDA) [
68
] is established by US Department of
Health and Human Services (HHS) in 1930 for regulating the various kinds of prod-
uct like food, cosmetics, medical devices, etc. The FDA is now using standards in
the regulatory review process to provide a safety to the public before using any prod-
uct. The FDA provides some guidelines on the recognition to use of and consensus
standards. The FDA is interested in the standards because they can help to serve as
a common yardstick to assist with mutual recognition, based on the signed Mutual
Recognition Agreement between the European Union and United States. The FDA
standard classifies the medical devices based on risk and the use of medical devices.
The FDA provides some standard guidelines for the medical devices, and the med-
ical devices require to meet these standards. Time to time lots of amendments have
been done in the FDA standards [
33
,
68
] according to the use of medical devices to
provide a safety.
Common Criteria (CC) [
18
] is an international standard that allows an evaluation
of security for the IT products and technology. The CC is an international stan-
dard (ISO/IEC 15408) [
58
] for computer security certification. CC is a collection
of existing criteria: European (Information Technology Security Evaluation Criteria
Search WWH ::
Custom Search