Medical device software development articles from Innolitics.

USB-Only Medical Devices: Cutting Through the Cybersecurity Red Tape in Your 510(k) Submission

by J. David Giese on March 24, 2023

This article provides suggestions on what cybersecurity documentation to include in a 510(k) submission for medical devices that only include a USB port.

Striking the Right Balance: Determining the Ideal Granularity for IEC 62304 Software Items in Medical Devices

by J. David Giese on March 16, 2023

The IEC 62304 standard requires medical device manufacturers describes their software’s structure and identify the software items, but how granular should your items be?

Unresolved Anomalies: Best Practices, FAQs, and Examples

by J. David Giese on January 11, 2023

The “Unresolved Anomalies” document is required for the FDA’s pre-market submissions. This article includes best practices, FAQs, and examples for writing this document.

AI/ML from Idea to FDA

by Yujan Shrestha on September 28, 2022

A practical guide of developing an algorithm from idea to FDA clearance.

SBOMs: Best Practices, FAQs, and Examples

by J. David Giese on June 22, 2022

Practical suggestions and tips for authoring SBOMs for medical devices and for using them to monitor for cybersecurity vulnerabilities.

Design Inputs: Best Practices, FAQs, and Examples

by J. David Giese on April 27, 2022

Medical device design begins with design inputs. The FDA says developing your design inputs is “the single most important design control activity,” yet writing good design inputs is difficult. This article presents Innolitics’ answers questions our clients frequently ask us about design inputs and analyzes a number of poorly written example requirements.

Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions

FDA guidance transcribed on April 14, 2022

A transcription of the 2022 Draft Cybersecurity Guidance.

FDA Off-The-Shelf Software Use in Medical Devices Guidance

FDA guidance transcribed on March 04, 2022

A transcription of the US FDA’s 2019 “Off-The-Shelf Software Use in Medical Devices” guidance document.

Content of Premarket Submissions for Device Software Functions

FDA guidance transcribed on February 22, 2022

A transcript of the FDA’s draft guidance document that lists what software-related documents are needed for a 510(k) and other premarket submissions. This replaces the 2005 guidance.

FDA Postmarket Cybersecurity Guidance

FDA guidance transcribed on January 25, 2022

A transcription of the US FDA’s 2016 “Postmarket Management of Cybersecurity in Medical Devices” Guidance Document.

Socratic Dialogue about Software Maintenance

by J. David Giese on January 12, 2022

An example Socratic dialogue exploring various definitions of software maintenance and construction, agile, and the validity of the building/software analogy.

The FDA’s Software Validation Guidance

FDA guidance transcribed on December 10, 2021

A transcription of the FDA’s 2002 “General Principles of Software Validation” Guidance Document, which outlines principles for validating medical device software as well as software used to design, develop, or manufacture medical devices.

How to Grow a 10x Team with Code Reviews

by J. David Giese on October 25, 2021

This article explains why code reviews are essential for growing a 10x software engineering team. The first part of the article is theoretical, while the remainder uses this theory to make practical suggestions about using GitHub pull requests for code reviews.

Is it a General Wellness Product or a Medical Device?

by Jim Luker on September 28, 2021

The 21st Century Cures Act removed FDA’s regulatory oversite of certain types of “General Wellness” products. While this revision is a great opportunity for industry, it is also a cause of confusion and ambiguity. What products will the FDA consider to be “General Wellness” devices? It’s an important question! We’ve seen the FDA crush business ventures when they reclassify a General Wellness device to be a medical device. In this article, we will help you answer this question for your device.

The FDA's 2018 Cybersecurity Guidance

FDA guidance transcribed on August 12, 2021

A convenient transcription of the FDA’s 2018 cybersecurity guidance for software engineers. It includes a list of suggested cybersecurity design controls to secure your device and a list of the cybersecurity documentation you need to include in your premarket submissions.

A Method for Debugging Medical Device Software

by Yujan Shrestha, MD on July 14, 2021

We describe the SKUASH debugging methodology for medical device software defect investigation and documentation. We’ve used this method for several years on client projects, including an industry leading medical-device company with hundreds of installations around the world.

What is a DICOM Conformance Statement?

by Bimba Shrestha on June 14, 2021

The DICOM standard is complicated and different medical devices support it to different extents. A DICOM Conformance Statement is a detailed technical document accompanying most devices that outlines exactly which features of the standard are supported.

Adding Example Values to our DICOM Standard Browser

by Arjun Venkata and Casey Woolfolk on May 19, 2021

Innolitics’ DICOM Standard Browser helps users locate metadata in DICOM files. This article describes how Arjun Venkata, an intern at Innolitics, incorporated example values from DICOM files into the browser using a set of Python scripts.

Fuzzing, Sanitizers and Modern Cybersecurity Practices for Medical Devices

by Bimba Shrestha on April 07, 2021

In our first public 10x talk, we explore how common cybersecurity pitfalls can be mitigated using fuzzing—a modern software testing technique used at scale by companies like Google and Facebook. The high-profile Heartbleed bug is used as an example of how fuzzing can be effective.

A Farewell to Willy Mills

by Innolitics team, compiled by Russell Kan on March 31, 2021

A brief homage to our friend and extraordinary developer, Willy Mills. He was the first engineer we brought on our team and we were fortunate to work with him for several years. We present some of the lessons and stories he has shared with us.

A Technical and Regulatory Perspective on Generative Adversarial Networks in Medical Devices

by Jacob Reinhold and Yujan Shrestha, MD on March 19, 2021

How can machine learning help us improve medical images for human viewers or image processors? This article describes one machine learning method (generative adversarial networks) that has been adopted by the medical imaging community to enhance medical images.

The FDA’s Design Control Guidance

FDA guidance transcribed on February 25, 2021

A nicely formatted transcription of the FDA’s 1997 “Design Controls Guidance for Medical Device Manufacturers.” Design controls are an interrelated set of practices and procedures that are incorporated into the design and development process that make make systematic assessment of the design an integral part of development.

How We Develop AI for 510(k)-Cleared Devices

by Grace Adams and Yujan Shrestha, MD on January 26, 2021

Want to know how we develop safe, effective, and FDA compliant machine learning algorithms? This article describes how we develop machine learning algorithms, points out common pitfalls, and makes documentation recommendations.

How to Prevent Unintentional Data Loss in Web Forms

by Casey Woolfolk on November 27, 2020

Completing a web form requires an investment of time and energy by the user. An accidental navigation can destroy this investment. This article implements a simple yet robust confirmation that is displayed before a destructive navigation occurs.

Medical Software Deployment and HIPAA: Cloud, Native, or Hybrid?

by J. David Giese on October 28, 2020

Should your medical application be built for the cloud, native, or a hybrid approach? In this article, we compare six deployment strategies and how each relates to HIPAA compliance.

A Brief Introduction to the United States Medical Software Regulations, for Developers

by J. David Giese on July 23, 2020

This article provides an introduction to the US regulations that apply to medical software. To keep the article to the point, we omit some details that we feel are distracting and typically unimportant.

How to Choose a Neural Net Architecture for Medical Image Segmentation

by Jacob Reinhold and Yujan Shrestha, MD on July 22, 2020

There are many approaches to choosing a medical imaging segmentation algorithm. In this article, we provide an overview of how to choose a neural network architecture for medical image segmentation.

Get More Out of Your Annotated Medical Images with Self-Supervised Learning

by Jacob Reinhold, J. David Giese, and Yujan Shrestha, MD on May 26, 2020

Annotating medical images is time-consuming and expensive. In this article, we explain how self-supervised learning can stretch limited training data and compare it to transfer learning. We also explore three self-supervised learning medical imaging tasks.

Why Does the DICOM Standard Exist?

by David Giese on May 15, 2020

The DICOM standard’s purpose is to facilitate interoperability between medical imaging systems from different vendors. The standard defines a file format for storing medical images, protocols so applications can exchange them, and a conformance format so buyers can determine which systems can (hopefully) interoperate. But perhaps most importantly, DICOM provides a standardized model of reality. This information model is the foundation on which interoperability is laid.

An Overview of DCMTK — The DICOM Toolkit

by Chris Amow on March 27, 2020

Available since 1995, the DICOM Toolkit (DCMTK) can be helpful to anyone working on systems that use the Digital Imaging and Communications in Medicine (DICOM) standard. This DCMTK introduction is of interest to those exploring DICOM for the first time, as well as those familiar with it but wanting to take a renewed look at the DICOM tools landscape.

How to Use Online Chat Effectively

by J. David Giese on March 23, 2020

Text-based chat eliminates a lot of the feedback available during in-person conversations. In this article, we suggest how to use Slack’s features to make up for some of this missing feedback. Tips also apply to other platforms.

5 Tips for Video Conferencing with Larger Teams

by Yujan Shrestha, MD on March 15, 2020

Does your team struggle to communicate on conference calls? Do people seem distracted, or are they perpetually interrupting one another? In this article, we provide five suggestions extracted from what we have learned over the many years we’ve worked remotely.

Most Makefiles Should .DELETE_ON_ERROR

by J. David Giese on June 30, 2019

Make has been used extensively for forty years and offers incremental builds, parallelization, and a declarative syntax. In this post we’ll take a look at how the .DELETE_ON_ERROR special target helps eliminate possible downstream problems in your makefiles. You’ll also come to understand why most makefiles should include it.

Building a CT Slice Localizer With Keras

by Russell Kan on May 21, 2019

Experienced radiologists can identify the anatomical location of an axial CT slice within a second. They may say the slice is “near the apex of the heart” or “at the C7 vertebrae.” These anatomical landmarks are difficult to describe or detect using manually created features, but neural networks excel at this sort of pattern recognition. Can we create a neural network capable of performing slice localization with similar speed and accuracy to a radiologist?

Visualizing an Image Classification Model

by Reece Stevens on February 05, 2018

If you followed along with our last post, we developed a deep-learning model that achieves our goal of identifying Simpsons characters in an image. However, as with all software development tasks, getting a working program is only half the battle. In order to maintain a program and fix bugs, the developer must understand the system– in particular, they must understand how it fails as well as how it succeeds. This can be quite a difficult task for deep-learning models, as they are black-boxes by nature of their construction. However, there are some techniques we have at our disposal to open up the black box and get a view into what is happening in our trained model; these can help us to find “bugs” in the model’s learning and even indicate how to resolve them. Among the many techniques to visualize the internals of a deep learning model, we will be focusing on the use of class activation maps.

Building an Image Classifier Using Pretrained Models With Keras

by Reece Stevens on February 05, 2018

Deep-learning models are ideal candidates for building image classification systems. In this article, we demonstrate how to leverage Keras and pre-trained image recognition models to create an image classifier that identifies different Simpsons characters.

Graduate from Sed and Sort to Lnav, the Logfile Navigator

by J. David Giese on March 11, 2017

Many medical applications run within a closed network. This arrangement can make investigating software bugs more difficult because the only readily available information is an (often vague and incomplete) recounting of the problem, a zip file filled with system and application logfiles, and the application source code.

Commentary on Code Complete: Refactoring

by J. David Giese on June 08, 2016

Refactoring a codebase means changing its internal structure without altering its observable behaviour. Refactoring is an essential tool for keeping an evolving codebase maintainable. This article is a commentary on a book chapter about refactoring code—Chapter 24 of Code Complete.

Decorating Async JavaScript Functions

by J. David Giese on April 04, 2016

In this article, we explore how to extend async JavaScript functions using a functional design pattern—the decorator.

Advanced BASH Exercises

by J. David Giese on January 01, 2016

In this post, we provide a set of exercises that should help you solidify your knowledge of BASH. Note that these are NOT introductory level questions, and they assume that you are starting with a working knowledge of Linux and BASH.

Software's Hidden Demon: Poor Code Quality

by J. David Giese on November 30, 2015

Poor code quality can be an extremely expensive problem to fix. This article describes what code quality is, why its important, and how to handle issues related to it.

Database Pools

by J. David Giese on October 27, 2015

Developers often don’t think about database connection pools until they are having connection problems. This article explains the purpose of connection pools, how they work, and how to tune them, while remaining agnostic to a particular implementation. It also discusses other types of object pools.

The Business of Programming Languages

by J. David Giese on June 15, 2015

Picking the right programming language for a project can be an important business decision, and making the wrong choice is usually expensive. After reading this, you should have enough background to have an informed conversation with your development team.

Get Medtech Software Tips

Subscribe using RSS

How frequently are they sent?

We send out tips about once a month.

What will I read?

Articles about software development, AI, signal and image processing, medical regulations, and other topics of interest to professionals in the medical device software industry.

You may view previous articles here.

Who creates the content?

The Innolitics team, and experts we collaborate with, write all of our articles.

Want to know more?

Contact us.