Medical devices, whether an imaging machine outside a patient's body or an infusion pump to be implanted within a patient's body, are growing increasingly complex. No longer are devices primarily mechanical. Instead, they rely heavily on software, typically embedded within these devices.

Much of the device functionality depends on software, especially in situations where a device adapts its response to the biomedical state of a patient. Moreover, today's medical devices are increasingly networked to other devices and systems, further increasing software complexity.

With this increase in software size and complexity, it becomes imperative to ensure that the medical device performs reliably at all times and under all situations. Traditionally, the only way to achieve this validation has been through software testing.

However, as described in the main article on the use of static analysis in safey critical device design, testing alone cannot determine all possible errors in the software. What is needed is a methodology, other than testing, to comprehensively analyze the software and assure that potential causes of device failure are detected in a quick, efficient, automated manner. Static analysis can provide this assurance.

Using static analysis can help medical device manufacturers detect a much larger class of software errors than can be uncovered by testing alone. Moreover, integrating these tools with the IDE or compilers allows for these errors to be detected earlier in the Software Development Life Cycle (SDLC).

As a result, the use of static analysis techniques would not only reduce the cost of software development, but would also lead to fewer device failures and therefore the number of injuries caused due to these failures.

Diagnosis Of Failures
In an ideal situation, all potential errors in a device would be resolved before it is placed on the market. In reality however, there may be latent errors left undiscovered in the software that might lead to a device malfunction.

When such a malfunction does occur, it is often the responsibility of regulatory bodies to perform a post market investigation to examine the root cause of the failure and ensure that appropriate corrective and preventive actions are implemented. In the US, this function is performed by theCenter for Devices and Radiological Health (CDRH).

Clearly, performing a post market investigation is not an easy task, especially when it is carried out by someone with little or no knowledge of the software. Traditionally, the only way to perform such a review has been to manually search the code for potential sources of error " a process that is both tedious and error-prone.

Static analysis tools can improve this process by providing a means for automated error detection. Static analysis can help the investigator uncover potential sources of error in the code, and eliminate the need for tedious manual analysis.

Using automated static analysis techniques would allow the investigator to narrow down the scope of the investigation and may even help detect as yet undiscovered errors in the software.

Further, static analysis may be combined with debugging tools to generate a simulation trace, providing what is effectively a time machine for investigators to replay and quickly comprehend the software interactions leading up to a failure [1].

This detailed account of inputs and system states that led to a device malfunction is similar to the flight data recorder ("black box") on aircraft. An intriguing future possibility is to integrate into fielded medical devices similar black box tracing facilities to aid in the diagnosis of failures.

David Kleidermacher is chief technology officer at Green Hills Software where he has been designing compilers, software development environments, and real-time operating systems for the past 16 years. David frequently publishes articles in trade journals and presents papers at conferences on topics relating to embedded systems. He holds a BS in computer science from Cornell University, and can be reached at davek@ghs.com.

References:
[1] TimeMachines: the future of debuggers; Mike Lindahl; RTC Magazine; October 2006