Quellen: Fehlerfreie Medizinsoftware
Von der Vision zur Wirklichkeit
Aktuelle Sicherheitsnormen fordern den Nachweis, dass die funktionalen Anforderungen erfüllt und nicht-funktionale Softwarefehler ausgeschlossen sind. Hierzu zählen Stacküberläufe, Laufzeitfehler sowie Compiler-Fehler. Deren Abwesenheit kann durch Analyse- und Compilertechniken bewiesen werden.
Quellenangaben
[1] IEC/DIS 62304 – Draft International Standard. Health software – Software life cycle processes. 2018
[2] White Paper: Infusion Pump Improvement Initiative. U.S. Food and Drug Administration, Center for Devices and Radiological Health. Silver Spring 2010
[3] J. G. Ronquillo and D. M. Zuckerman: Software-Related Recalls of Health Information Technology and Ohter Medical Devices: Implications for FDA Regulation of Digital Health. In: The Milbank Quaterly. Vol. 95. Seite 535–553. Wiley Periodicals Inc. Hoboken 2017
[4] General Principles of Software Validation; Final Guidance for Industry and FDA staff. U.S. Food and Drug Administration, Center for Devices and Radiological Health, Center for Biologics Evaluation and Research. Silver Spring 2002
[5] Medizinproduktegesetz in der Fassung der Bekanntmachung vom 7. August 2002 (BGBl. I S. 3146); zuletzt geändert durch Artikel 12 des Gesetzes vom 24. Juli 2010 (BGBl. I S. 983).
[6] IEC 61508 — Functional safety of electrical/electronic/programmable electronic safety-related systems. 2010
[7] ISO/FDIS 26262 – Road vehicles – Functional safety. 2018
[8] CENELEC EN 50128 — Railway applications – Communication, signalling and processing systems – Software for railway control and protection systems. 2011.
[9] RTCA DO-178C — Software Considerations in Airborne Systems and Equipment Certification. 2011.
[10] IEC 60601-1:2005/AMD1:2012 — Medical electrical equipment – Part 1: General requirements for basic safety and essential performance. 2012
[11] IEC 61010-1:2010 — Safety requirements for electrical equipment for measurement, control, and laboratory use – Part 1: General requirements. 2010
[12] DIN EN 62304; VDE 0750-101:2016-10 — Medical device software – Software life cycle processes. 2016
[13] EN 45502-1:2015 — Implants for surgery. Active implantable medical devices. General requirements for safety, marketing and for information to be provided by the manufacturer. 2015
[14] ISO 14708-1:2014 — Implants for surgery – Active implantable medical devices. Part 1: General requirements for safety, marketing and for information to be provided by the manufacture. 2014
[15] ISO 14971:2007-03 — Medical devices - Application of risk management to medical devices. 2007
[16] ISO 13485:2016 — Medical devices – Quality management systems – Requirements for regulatory purposes. 2016
[17] FDA: CFR - Code of Federal Regulations Title 21 (1. April 2018), https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?CFRPart=820 (Stand 14. Januar 2019)
[18] MISRA-C:2012 Guidelines for the use of the C language in critical systems. 2013
[19] Software Engineering Institute SEI: SEI CERT C Coding Standard – Rules for Developing Safe, Reliable, and Secure Systems. Carnegie Mellon University. Pittsburgh 2016.
[21] ISO/IEC — Information Technology – Programming Languages, Their Environments and System Software Interfaces – Secure Coding Rules (ISO/IEC TS 17961). 2013
[21] Mitre Corporation: CWE – Common Weakness Enumeration (o.J.), https://cwe.mitre.org (Stand 14. Januar 2019)
[22] Absint GmbH: RuleChecker (o.J.), https://www.absint.com/rulechecker/index.htm (Stand 14. Januar 2019)
[23] Lions, J.L.: ARIANE 5 Failure-Full Report. European Space Agency (1996), http://www-users.math.umn.edu/~arnold//disasters/ariane5rep.html (Stand 14. Januar 2019)
[24] M. Barr: Bookout V. Toyota – 2005 Camry software Analysis (2013) http://www.safetyresearch.net/Library/BarrSlides_FINAL_SCRUBBED.pdf (Stand 14. Januar 2019)
[25] N. G. Leveson and C. S. Turner: An investigation of the therac-25 accidents. In: IEEE Computer. Vol. 26. Seite 18–41, Washington D.C. 1993
[26] P. Cousot and R. Cousot: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL ’77: Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages. Seite 238-252. New York 1977
[27]D. Kästner, A. Miné, L. Mauborgne, X. Rival, J. Feret, P. Cousot, A. Schmidt, H. Hille, S. Wilhelm, and C. Ferdinand: Finding All Potential Runtime Errors and Data Races in Automotive Software. SAE World Congress, Detroit 2017
[28] D. Kästner: Applying Abstract Interpretation to Demonstrate Functional Safety. In: Formal Methods Applied to Industrial Complex Systems (J.-L. Boulanger, ed.). UK: ISTE/Wiley. London 2014
[29] Absint GmbH: StackAnalyzer (o.J.), https://www.absint.com/stackanalyzer/index_de.htm (Stand 14. Januar 2019)
[30] D. Kästner and C. Ferdinand: Proving the Absence of Stack Overflows. In: SAFECOMP ’14: Proceedings of the 33th International Conference on Computer Safety, Reliability and Security. Vol. 8666 of LNCS. Seite 202–213. Springer International Publishing. Basel 2014
[31] J. Souyris, E. Le Pavec, G. Himbert, V. Jégu, G. Borios, and R. Heckmann: Computing the worst case execution time of an avionics program by abstract interpretation. In: Proceedings of the 5th Intl Workshop on Worst-Case Execution Time (WCET) Analysis. Seite 21–24. Springer. Berlin/Heidelberg 2005
[32] Absint GmbH: aiT WCET Analyzer (o.J.), https://www.absint.com/ait/index.htm (Stand 14. Januar 2019)
[33] J. Nowotsch, M. Paulitsch, D. Bühler, H. Theiling, S. Wegener, and M. Schmidt: Multi-core Interference-Sensitive WCET Analysis Leveraging Runtime Resource Capacity Enforcement. In: ECRTS 2014 – 26th Euromicro Conference on Real-Time Systems. The Institute of Electrical and Electronics Engineers. Madrid 2014
[34] Absint GmbH: TimeWeaver, https://www.absint.com/timeweaver/index.htm (Stand 14. Januar 2019)
[35]D. Kästner, M. Pister, C. Ferdinand, and S. Wegener: Obtaining Worst-Case Execution Time Bounds on Modern Microprocessors. Embedded World Congress, Nürnberg 2018
[36] D. Kästner, L. Mauborgne, and C. Ferdinand: Detecting Safety- and Security-Relevant Programming Defects by Sound Static Analysis. In: The Second International Conference on Cyber-Technologies and Cyber-Systems (CYBER 2017) (J.-C. B. Rainer Falk, Steve Chan, ed.). Vol. 2 of IARIA Conferences. Seite 26–31. IARIA XPS Press. Barcelona 2017
[37] Absint GmbH: Astrée (o.J.), https://www.absint.com/astree/index_de.htm (Stand 14. Januar 2019)
[38] A. Miné, L. Mauborgne, X. Rival, J. Feret, P. Cousot, D. Kästner, S. Wilhelm, and C. Ferdinand: Taking Static Analysis to the Next Level: Proving the Absence of Run-Time Errors and Data Races with Astrée. Embedded Real Time Software and Systems Congress, Toulouse 2016
[39] D. Kästner, M. Mauborgne, S. Wilhelm, B. Schmidt, M. Schlund, and C. Ferdinand: Analyze This! Sound Static Analysis for Integration Verification of Large-Scale Automotive Software. SAE World Congress, Detroit 2019.
[40] X. Leroy, S. Blazy, D. Kästner, B. Schommer, M. Pister, and C. Ferdinand: CompCert - A Formally Verified Optimizing Compiler. Embedded Real Time Software and Systems Congress, Toulouse 2016
[41] D. Kästner, L. Mauborgne, and C. Ferdinand: Practical Experience on Qualifying a Formally Verified Compiler: Reducing V&V Effort with CompCert. Forum Safety and Security, Sindelfingen 2018
Lesen Sie mehr zum Thema
