Live Q&A - A Medical Device Primer for Embedded Software Engineers
Jeff Gable - Watch Now - Duration: 25:12
16:34:09 From Quantum Leaps : In your presentation you mentioned tools for requirements traceability. What are some of such tools popular among your customers in the medical business? 16:36:15 From Quantum Leaps : Also, speaking of tools, which static analysis tools are popular in medical? 16:36:27 From Quantum Leaps : Also, how important is MISRA-C compliance? 16:37:36 From Quantum Leaps : What do you think if HTML documentation? Would this be accepted? 16:38:31 From Dan Rittersdorf : Risk Analysis for Safety and Security are similar but not the same process. How resks are scored for Safety and Security is different. Verification for Cybersecurity requires a certain skillset also. Either way, those that do it need to be able to prove they're competent. What are some ways to get that training for each type of Risk Analysis, and what's re3ally needed to prove competence? Can you recommend training resources? Other ways to become and prove competence? 16:40:24 From Kate Stewart : Have you started seeing requests for SBOM generation? 16:42:04 From René Andrés Ayoroa : Hi Jeff, what do you think are required skills for junior embedded developers to get in the medical industry? 16:42:22 From Aaron Olowin : How detailed do your own processes need to be documented and is there a preferred format for that? 16:43:00 From BobF : Validation of any RTOS choice must be a headache - requires a significantly high level of due diligence? 16:43:25 From Dan Rittersdorf : Replying to "Risk Analysis for Sa..." Thanks! 16:44:29 From Quantum Leaps : How to help customers in generation of SBOM? Would the provision of SPDX-License-Identifier in the source code be helpful? Would it be sufficient? 16:44:52 From Kate Stewart : Side note: 1 config option change will create auto generated SPDX SBOMs for the entire build (including toolchain) for Yocto. 16:46:33 From Dan Rittersdorf : Comment: The FDA is already requiring Cybersecurity plans now. They're just handholding companies through the process between now and October. No free pass even now, but in October, the handholding will turn into RTA letters. 16:49:44 From Kate Stewart : Also SBOMs for Zephyr: see https://docs.zephyrproject.org/latest/develop/west/zephyr-cmds.html#software-bill-of-materials-west-spdx and video overview at https://www.zephyrproject.org/generating-sboms-for-iot-at-build-time/ 16:49:56 From BobF : Rings a bell .... 100% deterministic 16:50:56 From Quantum Leaps : SafeRTOS comes from Wittenstein High Integrity Systems 16:53:51 From Aaron Olowin : The time-triggered OS is likely based on: https://www.safetty.net/publications 16:54:25 From BobF : Got it ! 16:54:36 From Quantum Leaps : Do you see state machines used in medical? 16:55:16 From Keith J : agree - plan to use Miro's stuff in my next project 16:55:20 From Keith J : albeit non-medical :D 16:55:36 From Keith J : Thanks again Jeff! 16:56:06 From Quantum Leaps : Yes, thank you, Jeff! 16:56:07 From René Andrés Ayoroa : Thank you Jeff. 16:56:08 From Doinita Marcu : Thank you! 16:56:11 From Aaron Olowin : Thanks Jeff! Your podcast is good too. 16:56:21 From Dan Rittersdorf : Thank you, Jeff! 16:56:30 From Keith J : keep the podcast coming! 16:56:44 From Stephane to Jeff Gable(Direct Message) : Thank you Jeff!!! 16:56:48 From BobF : Very much about being on the ball, thanks!