Anyone developing medical devices inevitably has to deal with risk management. However, many companies struggle with the topic of risk management. And systems architecture is still in its infancy for many companies. Yet these two disciplines are essential to each other, and with the right methodology, systems architecture and risk management can practically complement each other. A match made in heaven!
Thomas Kammerer from Astrum IT GmbH and I held a workshop and presentation on precisely this topic at Medconf 2018. Using a defibrillator as an example, we showed participants how a risk manager (Thomas) and a systems architect (me) work together in a structured manner. Architecture is a key input for risk management, as system structure and system dynamics are important inputs for hazard and failure analyses. On the other hand, the results of risk management activities provide important inputs for choosing the right architecture.
We demonstrated which architectural representations are important for risk management and how risk management impacts the architecture when assessing hazards or events. Furthermore, we demonstrated how the traceability of safety-relevant requirements and risk control measures is ensured in the architecture.
The goal is to make better architectural decisions and to balance inherently safe design, protective measures, and safety-relevant information, and to develop verifiably safe medical devices.
Content of the lecture
We have structured the content of the lecture as follows:
- Introduction
- Introduction of the example product Automated External Defibrillator (AED)
- System definition and application scenarios
- Foreseeable abuse
- System context and system interfaces
- The environmental conditions
- Hazardous situations and system interfaces
- Inherently safe design (using an example with fault tree analysis and architecture modeling)
- Protective measures
- Descriptive security
- Fault tree analysis and FMEA
- Systematics through system models
- Summary
We showed participants how to document architecture so that it can be used for risk management. We particularly focused on the interface between architecture and risk management.
Medconf Feedback
Sixteen people participated in the half-day workshop. The lecture was also well attended and received very good reviews. I'm pleased that we placed among the top 10 in the evaluation. This shows me that the participants gained a lot. The image below shows the participants' votes using a green sticker, which they could give out as they left the door after the lecture.
I would like to take this opportunity to expressly thank the entire Medconf team. The event was a lot of fun, and we were able to learn a lot and network with others in the industry. A big thank you also goes to Thomas Kammerer, who is very knowledgeable about risk management and also gives seminars and consults here. I really enjoyed the joint presentation and workshop, as well as the preparation itself. And I think the results were impressive.
If you missed the lecture and are interested in the topic, please feel free to contact me for more information.
Best regards
Goran Madzar