Having attended courses about medical software development and IEC 60601, TIR32, IEC62304 and ISO 14971 I've made a short evaluation on medical software development using Visual Source Safe (VSS).
Doing medical software development according to IEC 60601 and especially IEC 62304 (or the FDA guidlines) you will need to validate your development tools.
- For documentation and project output (like code) there are requirements of:
- protection against destruction of data (fire etc) for a defined period of time (usually the product lifetime plus two years).
- protection against modification of data.
The Shortcommings of Visual Source Safe
One of the 'features' of VSS is that if you first add a file a.cs to the repository, the renames a.cs to b.cs and later adds a new file called a.cs, the history of b.cs backwards in time to the point before it was renamed a.cs is destroyed.
Another feature is that the client may choose to permanently delete a file destroying all history of that file.
Finally, VSS is really a fat client system ontop of windows file sharing, so an error in for example a third party product of Visual Studio may cause the VSS integration to Visual Studio to potentially permanently damage the repository.
My conclusion of these features of VSS is that it is not suitable for medical device software development becuase it doesn't support any of the requirements.
For a starting point on problems with VSS, you may start with Coding Horror: Anything but VisualSourceSafe
Comments