DOCSLIB.ORG

Static Analysis for FDA Software Validation Compliance

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Static Analysis for FDA Software Validation Compliance Technical Whitepaper Static Analysis for FDA Software Validation Compliance EXECUTIVE SUMMARY Static analysis, when deployed as part of a continuous quality process, But even with the ideal mixture of testing techniques, quality software has proven to be a very efficient way for developers to expose and cannot be delivered by testing alone. Quality software is delivered prevent many critical defects as the code is being written. The FDA consistently via a solid, repeatable process. Such a process must has publicly recommended that software developers use static embrace everything from software testing and analysis, to quality analysis for ensuring medical device software safety and reliability, planning, to requirements traceability, to change management. This and has touted static analysis as a critical component of an effective process needs to be visible, measurable, and improvable. software development process. To assist organizations that are exploring static analysis for FDA But static analysis is only one piece of the software development compliance, this paper describes Parasoft’s static analysis capabilities puzzle. The FDA also recommends that medical device software in the context of FDA compliance. Because we recognize that static development teams take a software development lifecycle (SDLC) analysis is not a silver bullet for FDA compliance, this paper also approach that integrates risk management strategies with principles describes Parasoft’s broader software solution for medical device for software validation. An integrated SDLC merges validation and software development. Parasoft’s reporting and analytics system verification activities, including unit testing, peer code reviews, extends Parasoft’s static analysis capabilities by combining a pre- static analysis, manual testing, and regression testing. The result of configured system with processes and best practices. The result such an approach is an emphasis on planning, verification, testing, is that organizations are able to produce medical device software traceability, and configuration management. consistently and efficiently with freedom from unacceptable risks. THE FDA COMPLIANCE PARADOX Before jumping into static analysis, it is worth discussing some of the challenges associated with adopting the FDA’s recommended software development approach for gaining approval. Developing software for medical devices that complies with the FDA’s Quality System regulation is a challenging endeavor that’s as much a business issue as it is an engineering feat. One reason for this is the vagueness with which the FDA outlines compliance. The agency does not prescribe specific practices, tools, coding methods, or any other technical activity, but instead prescribes the seemingly innocuous concept of the Least Burdensome Approach. In this approach, organizations determine, and strictly adhere to, their self-defined validation and verification processes. Development activities and outcomes must be clearly defined, documented, verified, and validated against the organization’s process. The goal of this approach is to give medical device makers enough rope to determine how to best ensure public safety. But in practice, the effect has been that organizations have enough rope to hang themselves. This is because the requirements, expressed in FDA 21 CFR, represent extensive planning and testing, which require validation. The following examples are just a few of the challenges software engineers must overcome: • The software validation process cannot be completed without an established software requirements specification, which specifies the intended use. Results must not only verify that the specifications are met, but they must be reproduced consistently (validation). Testing methods like regression testing can be implemented to meet the requirement. © 2017 Parasoft Corporation 2 • Validation must be established and re-established for even small changes. This means that validation activities, including static analysis, unit testing, code review, etc., must be THE VALUE OF PARASOFT’S repeated if the code has changed. Furthermore, as software continues to become more STATIC ANALYSIS TOOLSET and more complex, tests that validate the changes should be conducted in scale with the application to ensure that no other part of the system is affected. Parasoft provides early and effortless de- tection of errors that might otherwise take • Changes to the requirements deemed significantly different enough from the originally weeks to find, through: registered design may require the product to be re-registered per FDA Section 501(K). • STATIC CODE ANALYSIS • There are no “FDA certified” tools or methods. No person, organization, or tool can claim Static analysis prevents defects using any form of some supposed FDA certification. However, any software used to automate thousands of rules tuned to find and any part of the device process or any part of the quality system must also be validated. prevent coding issues. Over 15 years You must be able to run any tools used to assist in the verification and validation efforts of R&D have gone into fine-tuning on a control code base and confirm that the results are consistent, which may affect your Parasoft’s rule set. time-to-market. • DATA FLOW ANALYSIS This technology simulates test case The FDA has established grounds for approval in a way that effectively puts the responsibility execution and detects errors across of ensuring quality and public safety back to the device makers. But device makers are multiple units, components, and files, often dealing with a bigger challenge: bridging the gap between business goals and the exposing runtime errors without hav- development process. ing to run the code. • METRICS ANALYSIS LACK OF SOFTWARE DEVELOPMENT POLICY Calculate a customizable set of industry Software engineers often either don’t know what’s expected or do not understand the business standard metrics and identify pieces objective behind the guidelines driving their products. They are expected to write code that of code that exceed industry standard meets the requirements, without necessarily understanding why requirements have been or custom metrics thresholds. This ex- established in the first place. poses brittle or overly-complex code that could be dangerous to reuse, At Parasoft, we believe that the best way to overcome these challenges, while satisfying the extend, or maintain. FDA’s requirements for medical device software development, is to drive the development process in a platform based on policy-driven development. Policy-driven development involves: To improve overall team productivity, a con- (1) clearly defining expectations and documenting them in understandable polices, (2) training tinuous process ensures that scanning and engineers on the business objectives driving those policies, and (3) monitoring policy adherence remediation tasks are not only deployed in an automated, unobtrusive way. across the SDLC, but also integrated into the team’s workflow. Managers set ex- Integrating these principles into the development process gives businesses the ability to pectations by defining a code compliance accurately and objectively measure productivity and application quality. In addition to reducing policy (e.g., by enabling or customizing risk, the result is lower cost over the total software development lifecycle from build to support. Parasoft’s pre-configured FDA compliance Adopting a policy-driven development process is crucial for achieving the following goals: template). A daily process automatically monitors policy compliance at all layers of • Ensuring that engineers don’t make trade-offs that potentially compromise reliability and the application stack, identifies non-com- performance pliant code, and collects process metrics. • Ensuring that engineers build security into the application, safeguarding it from potential Management gains real-time visibility into attacks overall code-compliance status, allowing • Preventing defects that could result in costly recalls, litigation, or a damaged market teams to document improvements and de- position termine additional actions to ensure appli- • Accurately and consistently applying quality processes cation safety and reliability. • Gaining the traceability and auditability required to ensure continued policy compliance Developers simply respond to tasks report- Software engineers are continually making business decisions. Every line of code, test ed from the automated scan. They can also conducted (or left undone), and guideline or standard followed (or ignored) have profound perform interactive static analysis directly effects on the business. With public safety, potential litigation, market position, and other from their IDE: detected compliance issues consequences on the line, it behooves software development teams and people in traditional are prioritized and automatically assigned business management positions to come together on policy, and implement the strategy into to the developer who introduced it, with di- their software development lifecycle. rect links to the problematic code and an explanation of how to fix it. © 2017 Parasoft Corporation 3 THE IMPORTANCE OF A CONTINUOUS STATIC ANALYSIS PROCESS Having static analysis tightly integrated into the SDLC as described Policy management lies at the core of such an inline process. in the column above — rather than only as an audit at the end of the Parasoft allows you to easily configure policies for specific projects
Load more

Recommended publications
  • Customer Success Story
    Customer Success Story Interesting Dilemma, Critical Solution Lufthansa Cargo AG The purpose of Lufthansa Cargo AG’s SDB Lufthansa Cargo AG ordered the serves more than 500 destinations world- project was to provide consistent shipment development of SDB from Lufthansa data as an infrastructure for each phase of its Systems. However, functional and load wide with passenger and cargo aircraft shipping process. Consistent shipment data testing is performed at Lufthansa Cargo as well as trucking services. Lufthansa is is a prerequisite for Lufthansa Cargo AG to AG with a core team of six business one of the leaders in the international air efficiently and effectively plan and fulfill the analysts and technical architects, headed cargo industry, and prides itself on high transport of shipments. Without it, much is at by Project Manager, Michael Herrmann. stake. quality service. Herrmann determined that he had an In instances of irregularities caused by interesting dilemma: a need to develop inconsistent shipment data, they would central, stable, and optimal-performance experience additional costs due to extra services for different applications without handling efforts, additional work to correct affecting the various front ends that THE CHALLENGE accounting information, revenue loss, and were already in place or currently under poor feedback from customers. construction. Lufthansa owns and operates a fleet of 19 MD-11F aircrafts, and charters other freight- With such critical factors in mind, Lufthansa Functional testing needed to be performed Cargo AG determined that a well-tested API on services that were independent of any carrying planes. To continue its leadership was the best solution for its central shipment front ends, along with their related test in high quality air cargo services, Lufthansa database.
    [Show full text]
  • Testing Web Services: a Survey Technical Report TR-10-01
    Testing Web Services: A Survey Technical report TR-10-01 Mustafa Bozkurt, Mark Harman and Youssef Hassoun Centre for Research on Evolution, Search & Testing King’s College London Strand, London WC2R 2LS, UK mustafa.bozkurt,mark.harman,youssef.hassoun @kcl.ac.uk f g Abstract The Service-Oriented Computing (SOC) paradigm is allowing computer systems to interact with each other in new ways. According to the literature, SOC allows composition of distributed applications free from their platform and thus reduces the cost of such compositions and makes them easier and faster to develop. Currently web services are the most widely accepted service technology due to the level of autonomy and platform-independency they provide. However, web services also bring challenges. For example, testing web services at the client side is not as straightforward as testing traditional software due to the complex nature of web services and the absence of source code. This paper surveys the previous work undertaken on web service testing, showing the strengths and weaknesses of current web service testing strategies and identifying issues for future work. 1 Introduction This paper presents a survey of web service testing techniques. Web services is a rapidly growing concept that drives the Service-Oriented Computing (SOC) at present. Web services present important challenges to software testers. These challanges has led to much work on techniques for testing web services. The present paper seeks to provide a comprehensive survey of existing work. According to Papazoglou [110], SOC is a new computing paradigm that utilizes services as the lightweight constructs to support the development of rapid, low-cost and easy composition of distributed applications.
    [Show full text]
  • A Framework and Tool Supports for Generating Test Inputs of Aspectj Programs
    A Framework and Tool Supports for Generating Test Inputs of AspectJ Programs Tao Xie Jianjun Zhao Department of Computer Science Department of Computer Science & Engineering North Carolina State University Shanghai Jiao Tong University Raleigh, NC 27695 Shanghai 200240, China [email protected] [email protected] ABSTRACT 1. INTRODUCTION Aspect-oriented software development is gaining popularity with Aspect-oriented software development (AOSD) is a new tech- the wider adoption of languages such as AspectJ. To reduce the nique that improves separation of concerns in software develop- manual effort of testing aspects in AspectJ programs, we have de- ment [9, 18, 22, 30]. AOSD makes it possible to modularize cross- veloped a framework, called Aspectra, that automates generation of cutting concerns of a software system, thus making it easier to test inputs for testing aspectual behavior, i.e., the behavior imple- maintain and evolve. Research in AOSD has focused mostly on mented in pieces of advice or intertype methods defined in aspects. the activities of software system design, problem analysis, and lan- To test aspects, developers construct base classes into which the guage implementation. Although it is well known that testing is a aspects are woven to form woven classes. Our approach leverages labor-intensive process that can account for half the total cost of existing test-generation tools to generate test inputs for the woven software development [8], research on testing of AOSD, especially classes; these test inputs indirectly exercise the aspects. To enable automated testing, has received little attention. aspects to be exercised during test generation, Aspectra automati- Although several approaches have been proposed recently for cally synthesizes appropriate wrapper classes for woven classes.
    [Show full text]
  • Parasoft Dottest REDUCE the RISK of .NET DEVELOPMENT
    Parasoft dotTEST REDUCE THE RISK OF .NET DEVELOPMENT TRY IT https://software.parasoft.com/dottest Complement your existing Visual Studio tools with deep static INCREASE analysis and advanced PROGRAMMING EFFICIENCY: coverage. An automated, non-invasive solution that the related code, and distributed to his or her scans the application codebase to iden- IDE with direct links to the problematic code • Identify runtime bugs without tify issues before they become produc- and a description of how to fix it. executing your software tion problems, Parasoft dotTEST inte- grates into the Parasoft portfolio, helping When you send the results of dotTEST’s stat- • Automate unit and component you achieve compliance in safety-critical ic analysis, coverage, and test traceability testing for instant verification and industries. into Parasoft’s reporting and analytics plat- regression testing form (DTP), they integrate with results from Parasoft dotTEST automates a broad Parasoft Jtest and Parasoft C/C++test, allow- • Automate code analysis for range of software quality practices, in- ing you to test your entire codebase and mit- compliance cluding static code analysis, unit testing, igate risks. code review, and coverage analysis, en- abling organizations to reduce risks and boost efficiency. Tests can be run directly from Visual Stu- dio or as part of an automated process. To promote rapid remediation, each problem detected is prioritized based on configur- able severity assignments, automatical- ly assigned to the developer who wrote It snaps right into Visual Studio as though it were part of the product and it greatly reduces errors by enforcing all your favorite rules. We have stuck to the MS Guidelines and we had to do almost no work at all to have dotTEST automate our code analysis and generate the grunt work part of the unit tests so that we could focus our attention on real test-driven development.
    [Show full text]
  • Parasoft Static Application Security Testing (SAST) for .Net - C/C++ - Java Platform
    Parasoft Static Application Security Testing (SAST) for .Net - C/C++ - Java Platform Parasoft® dotTEST™ /Jtest (for Java) / C/C++test is an integrated Development Testing solution for automating a broad range of testing best practices proven to improve development team productivity and software quality. dotTEST / Java Test / C/C++ Test also seamlessly integrates with Parasoft SOAtest as an option, which enables end-to-end functional and load testing for complex distributed applications and transactions. Capabilities Overview STATIC ANALYSIS ● Broad support for languages and standards: Security | C/C++ | Java | .NET | FDA | Safety-critical ● Static analysis tool industry leader since 1994 ● Simple out-of-the-box integration into your SDLC ● Prevent and expose defects via multiple analysis techniques ● Find and fix issues rapidly, with minimal disruption ● Integrated with Parasoft's suite of development testing capabilities, including unit testing, code coverage analysis, and code review CODE COVERAGE ANALYSIS ● Track coverage during unit test execution and the data merge with coverage captured during functional and manual testing in Parasoft Development Testing Platform to measure true test coverage. ● Integrate with coverage data with static analysis violations, unit testing results, and other testing practices in Parasoft Development Testing Platform for a complete view of the risk associated with your application ● Achieve test traceability to understand the impact of change, focus testing activities based on risk, and meet compliance
    [Show full text]
  • Case Study Test the Untestable: Alaska Airlines Solves
    CASE STUDY Testing the Untestable Alaska Airlines Solves the Test Environment Dilemma Case Study Testing the Untestable Alaska Airlines Solves the Test Environment Dilemma OVERVIEW Alaska Airlines is primarily a West Coast carrier that services the states of Alaska and Hawaii with mid-continent and destinations in Canada and Mexico. Alaska Airlines received J.D. Powers' “Highest in Customer Satisfaction Among Traditional Carriers” recognition for twelve years in a row even recently winning first in all but one of the seven categories. A large part of the credit belongs to their software testing team. Their industry-leading, proactive approach to disrupting the traditional software testing process ensures that testers can test faster, earlier, and more completely. Learn how Ryan Papineau and his team used advanced automation in concert with service virtualization to rigorously test their complex flight operations manager software. The result: operations that run smoothly— even if they encounter a snowstorm in July. RELIABLE & ON-DEMAND FALSE REPEATABLE TESTS AUTOMATED TEST CASES POSITIVES 100欥 500 ELIMINATED 2 Case Study Testing the Untestable Alaska Airlines Solves the Test Environment Dilemma THE CHALLENGES At Alaska Airlines, the flight operations manager software is ultimately responsible for transporting 46 million customers to 115 global destinations via approximately 440,000 flights per year, safely and efficiently. This software coordinates a highly complex set of inputs from systems around the organization to ensure flights are on time while evaluating and managing fuel, cargo, baggage, and passenger requirements. In addition to the previously mentioned requirements, the system considers many factors including weather, aircraft characteristics, market, and fuel costs.
    [Show full text]
  • Parasoft Named an Omnichannel Functional Test Automation Leader
    Parasoft Corp. Headquarters 101 E. Huntington Drive Monrovia, CA 91016 USA www.parasoft.com [email protected] Press Release Parasoft Named an Omnichannel Functional Test Automation Leader, Recognized by major analyst firm for Impressive Roadmap Parasoft shines in evaluation specifically around effective test maintenance, strong CI/CD and application lifecycle management (ALM) platform integration MONROVIA (USA) – July 30, 2018 – Parasoft, the global leader in automated software testing, today announced its position as a leader in The Forrester Wave™: Omnichannel Functional Test Automation Tools, Q3 2018, where it received the highest scores possible in the API Testing and Automation and Product Road Map criteria. The report notes Parasoft’s “impressive and concrete road map to increase test automation from design to execution, pushing autonomous testing.” Parasoft will be showcasing its technology and discussing the future of testing in an upcoming webinar, The Future of Test Automation: Next- Generation Technologies to Use Today on August 23rd. To register, click here. According to the report, conducted by Forrester’s Diego Lo Giudice, “Parasoft shined in our evaluation specifically around effective test maintenance, strong CI/CD and application lifecycle management (ALM) platform integration, as well as reporting through its analytics system PIE. Clients like the recent changes, and all reference customers reported achieving test automation of more than 50% in the past 12 months.” After examining past research, user need assessments, and vendor and expert interviews, Forrester evaluated 15 omnichannel functional test automation tool vendors across a comprehensive 26-criteria to help organizations working on enterprise, mobile, and web applications select the right tool.
    [Show full text]
  • Devsecops DEVELOPMENT & DEVOPS INFRASTRUCTURE
    DevSecOps DEVELOPMENT & DEVOPS INFRASTRUCTURE CREATE SECURE APPLICATIONS PARASOFT’S APPROACH - BUILD SECURITY IN WITHOUT DISRUPTING THE Parasoft provides tools that help teams begin their security efforts as DEVELOPMENT PROCESS soon as the code is written, starting with static application security test- ing (SAST) via static code analysis, continuing through testing as part of Parasoft makes DevSecOps possible with API and the CI/CD system via dynamic application security testing (DAST) such functional testing, service virtualization, and the as functional testing, penetration testing, API testing, and supporting in- most complete support for important security stan- frastructure like service virtualization that enables security testing be- dards like CWE, OWASP, and CERT in the industry. fore the complete application is fully available. IMPLEMENT A SECURE CODING LIFECYCLE Relying on security specialists alone prevents the entire DevSecOps team from securing software and systems. Parasoft tooling enables the BENEFIT FROM THE team with security knowledge and training to reduce dependence on PARASOFT APPROACH security specialists alone. With a centralized SAST policy based on in- dustry standards, teams can leverage Parasoft’s comprehensive docs, examples, and embedded training while the code is being developed. ✓ Leverage your existing test efforts for Then, leverage existing functional/API tests to enhance the creation of security security tests – meaning less upfront cost, as well as less maintenance along the way. ✓ Combine quality and security to fully understand your software HARDEN THE CODE (“BUILD SECURITY IN”) Getting ahead of application security means moving beyond just test- ✓ Harden the code – don’t just look for ing into building secure software in the first place.
    [Show full text]
  • Caesars Entertainment Defines and Measures ROI for Test Automation Case Study Caesars Entertainment Defines and Measures ROI for Test Automation
    CASE STUDY Caesars Entertainment Defines and Measures ROI for Test Automation Case Study Caesars Entertainment Defines and Measures ROI for Test Automation OVERVIEW Caesars Entertainment is a global leader in gaming and hospitality. After merging with Eldorado Resorts, the company is the largest casino operator in the United States and includes 24 brands. Caesars' top priority is its guests. They focus on building loyalty and value through a unique combination of great service, superb products, operational excellence, and technology leadership. In an endeavor to modernize and expand their customer-focused loyalty program, Caesars chose to integrate Salesforce as the foundation for the systems. To ensure successful implementation, they couldn't afford to gamble with quality. With test automation a critical factor in delivering a high-quality customer experience, Roosevelt Washington, senior IT manager of quality assurance at Caesars Entertainment, took the lead to successfully adopt test automation practices and deliver measurable value to the business. SAVED IN REDUCED TEST IMPROVED UI ONE YEAR EXECUTION TIME TEST AUTOMATION >$1 million 97% >96% 2 Case Study Caesars Entertainment Defines and Measures ROI for Test Automation THE CHALLENGES As Caesars has grown through acquisitions over the years, so has the number of developed applications. The result is multiple disconnected systems across multiple companies. It's extremely important to Caesars to create a seamless experience for their guests. That means that no matter which of the acquired 22 new properties guests choose to visit, they have a consistent experience. For example, they can take their reward card to any slot machine on any property and it will work the same way.
    [Show full text]
  • Techniques for Improving Regression Testing in Continuous Integration Development Environments
    Techniques for Improving Regression Testing in Continuous Integration Development Environments Sebastian Elbaumy, Gregg Rothermely, John Penixz yUniversity of Nebraska - Lincoln zGoogle, Inc. Lincoln, NE, USA Mountain View, CA, USA {elbaum, grother}@cse.unl.edu [email protected] ABSTRACT 1. INTRODUCTION In continuous integration development environments, software en- In continuous integration development environments, engineers gineers frequently integrate new or changed code with the main- merge code that is under development or maintenance with the line codebase. This can reduce the amount of code rework that is mainline codebase at frequent time intervals [8, 13]. Merged code needed as systems evolve and speed up development time. While is then regression tested to help ensure that the codebase remains continuous integration processes traditionally require that extensive stable and that continuing engineering efforts can be performed testing be performed following the actual submission of code to more reliably. This approach is advantageous because it can re- the codebase, it is also important to ensure that enough testing is duce the amount of code rework that is needed in later phases of performed prior to code submission to avoid breaking builds and development, and speed up overall development time. As a result, delaying the fast feedback that makes continuous integration de- increasingly, organizations that create software are using contin- sirable. In this work, we present algorithms that make continu- uous integration processes to improve their product development, ous integration processes more cost-effective. In an initial pre- and tools for supporting these processes are increasingly common submit phase of testing, developers specify modules to be tested, (e.g., [3, 17, 29]).
    [Show full text]
  • A Brief History of Parasoft Jtest
    A Brief History of Parasoft Jtest The static analysis technology for Jtest is invented The test generation technology for Jtest is invented The patent for Jtest’s test generation technology is First public release filed The patent for Jtest’s static analysis technology is filed Jtest patents awarded Jtest TM awarded Jtest introduces security rule set Jtest wins Best in Show at DevCon Jtest wins Software Magazine’s Productivity award Jtest nominated for JavaWorld Editors’ Choice awards Jtest becomes first product to use Design by Contract (Jcontract) comments to verify Java Automated JUnit test case generation is introduced classes/components at the system level Jtest wins Jolt Product Excellence Award Jtest wins Writer’s Choice Award from Java Report Jtest Tracer becomes the first tool to generate Jtest wins Software Business Magazines’s Best functional unit test cases as the user exercises the Development Tool Award working application Jtest wins Software and Information Industry Association’s Codie award for Best Software Testing Jtest wins JDJ Editors’ Choice Award Product or Service Jtest wins Software Development Magazines’s Jtest receives “Excellent” rating from Information World Productivity Award Jtest security edition released Flow-based static analysis is introduced Automated peer code review is introduced Cactus test generation is introduced Jtest is integrated into Development Testing Platform Jtest wins InfoWorld’s Technology of the Year award (DTP) Jtest wins Codie award for Best Software Testing DTP static analysis components
    [Show full text]
  • Inovytec Achieves FDA Certification with Customized Static Code Analysis Solution Case Study Leading Insurance Company Modernizes Applications with Software Testing
    CASE STUDY Inovytec Achieves FDA Certification With Customized Static Code Analysis Solution Case Study Leading Insurance Company Modernizes Applications With Software Testing OVERVIEW Inovytec is an innovative medical device company that develops cutting- edge solutions for respiratory and cardiac failures. During the COVID-19 crisis, Inovytec has been a vital supplier of ventilators around the world, delivering critical care to patients suffering respiratory symptoms from the contagious disease. The embedded development team at Inovytec delivers medical devices with safety-critical software like the Ventway Sparrow, which is a groundbreaking family of transport and emergency ventilators designed to stand up to the harshest of conditions while providing reliable high- performance ventilation at all times. 100% FDA 510(k) Certification Rules & Guidelines 2 Case Study Leading Insurance Company Modernizes Applications With Software Testing CHALLENGE On a mission to deliver clean code and be compliant with the FDA 510(k) regulation inspection, Inovytec started using Parasoft's C/C++ static code analysis solution. APPROACH To satisfy the FDA 510(k) certification, the embedded software development team customized a set of rules in Parasoft C/C++test to the standard. "Every time we are going to release a new software version of the Ventway Sparrow ventilator, we make sure that the static analysis from Parasoft is configured to run according to the FDA regulation definitions. We not only noticed improvements in code quality, but C/C++test has really helped us in our static analysis verification activities and goal of achieving FDA 510(k) certification,” said Roi Birenshtok, solution architect and team leader of embedded software.
    [Show full text]