University of Minnesota
Software Engineering Center

You are here

Using Static Analysis in Medical Device Development

Date of Event: 
Thursday, July 23, 2009 - 1:30pm
Static Analysis is increasingly recognized by the medical device industry as a fundamental tool for code inspection, bug detection, program understanding, and software life cycle management. In evaluating, selecting and using commercially available Static Analysis tool, the following considerations are given.
  • Is white- box testing necessary?
  • Is static analysis methodology fully implemented in the static analysis automation tools?
  • How effective is a static analysis tool as measured by false negative rate?
  • How efficient is a static analysis tool as measured by false positive rate?
  • Can static analysis help design review?
  • Can static analysis help verification and/or validation?
  • Can static analysis help increase software development productivity and reduce software development cost?
  • How critical is the usability of a static analysis tool in terms of reporting, tracking and customization?
  • How important is the extensibility of a static analysis tool in terms of enforcing user specific rules/checkers?
  • Should we care about performance? Why?
  • How do we integrate a static analysis tool to development environment and configuration management system? Or shouldn’t we do it at all? Why not?
  • Can a static analysis tool suite accommodate unit tests, standard compliance automation, architecture analysis, and software reliability metrics?
  • How does static analysis promote best practices in software development and raise the bar of acceptable coding habits?
  • What are the natural limitations of static analysis that we should be aware of?
I hope the discussion will be beneficial to our industrial practice toward developing safer and more reliable medical device products.
Presentation Files: