Agile Software Development with Verification and ... - Rally Software

Agile Software Development withVerification and Validation inHigh Assurance andRegulated Environments© 2011 Rally Software Development and Leffingwell, LLC.

Stump Us with Your Toughest Questions Q&A Panel of Agile,industry and Rally productexperts standing by toanswer your questions Enter your question intoto the Q&A window Webinar tech supportavailable here© 2011 Rally Software Development and Leffingwell, LLC.2

Dean LeffingwellAgile SoftwareRequirementsLean Requirements Practices forTeams, Programs, and the EnterpriseDean LeffingwellForeword by Don ReinertsenAgile Software Development SeriesAlistair Cockburn and Jim Highsmith,Series Editors© 2011 Rally Software Development and Leffingwell, LLC.3

Michael Meissner, PhDEngineering Executive roles:• Omnyx LLC• Vital Images• ViatronixAgile Evangelist• Scrum in company built ground-up• Scrum in established company• Informal agile developmentBeliever:• Development needs to be fun• Customer needs to be central• Results matter & introspection is keyBackground• 15+ years experience in SoftwareDevelopment in RegulatedEnvironments Craig LangenfeldRoles:• Software Engineer• Project Manager (PMP)• Scrum Master (CSM)• Technical Account Manager/AgileCoachAgile Evangelist• Implemented Agile and Rally in anumber of enterprise healthcareorganizationsBackground• 5 years of Scaling Software Agility atRally Software© 2011 Rally Software Development and Leffingwell, LLC.4

Agenda➵ Agile Crosses the Chasm to High Assurance➵ An Agile, High Assurance Lifecycle Framework➵ Iterating and Continuous Verification➵ Validating System Increments➵ Impact on Quality Management Systems© 2011 Rally Software Development and Leffingwell, LLC.5

AGILE CROSSES THE CHASMTO HIGH ASSURANCEDEVELOPMENT© 2011 Rally Software Development and Leffingwell, LLC.6

Agile gets resultsWe experienced a 20-50%increase in productivity.− BMC Case Studymakes the work moreenjoyable, helps us worktogether, and isempowering− MedtronicProductivityQualityAgile teams average37-50% faster tomarket− QSM researchMoraleTime toMarket© 2011 Rally Software Development and Leffingwell, LLC.7

Agile technical practices drive quality,safety, efficacy…fewer defects were found− Abbott LabsCollectiveOwnershipTest-DrivenDevelopmentCodingStandardsContinuousIntegrationPairProgrammingQualitySimpleDesignAutomatedTestingRefactoring… of 131 respondents, 88%said quality was better orsignificantly better− Shine Technology SurveyUser StoriesHelps us find bugs earlier− Medtronic© 2011 Rally Software Development and Leffingwell, LLC.8

Agile is already in high assurance Abbott Laboratories –– “On the Agile project, fewer defects were found…– availability of working software early on was a significant factor.– An agile approach is the approach best suited to development of FDAregulateddevices.” Association for the Advancement of Medical Instrumentation(AAMI)– Technical Information Report (available later this year), using agile forcomplying with international standards and FDA AFEI DoD Agile Development Conference– “Agile Methods are in widespread use by the U.S. DoD, Prior … thecommercial industry and DoD contractors believed the U.S. DoD wasnot committed to Agile , an enormously incorrect assumption…”Sources: Abbott Labs whitepaper: http://www.computer.org/portal/web/csdl/doi/10.1109/AGILE.2009.50.AAMI report: See http://www.aami.org/applications/search/details.cfm?WebID=P1541_D6110DoD Association for Enterprise Information (AFEI): See http://www.afei.org/Pages/default.aspx.(See http://davidfrico.com/afei-2010.doc)© 2011 Rally Software Development and Leffingwell, LLC.9

Surprise? FDA and IEC guidance doesNOT recommend waterfall[FDA CDRH 2002] It is important to note, that neither this document, norCFR820.30 itself, constrains development to single pass, stage-gated,waterfall activities. From General Principles of Software Validation….. [FDA CDRH 2002]:While this guidance does not recommend any specific life cycle model orany specific technique or method, it does recommend that softwarevalidation and verification activities be conducted throughout the lifecycle.From [FDA CDRH 1997] Design Control Guidance for Medical DeviceManufacturers : Although the waterfall model is a useful tool forintroducing design controls, its usefulness in practice is limited… for morecomplex devices, a concurrent engineering model is more representativeof the design processes in use in the industry.IEC62304 medical device standard states: … these activities and tasksmay overlap or interact and may be performed iteratively or recursively. Itis not the intent to imply that a waterfall model should be used.© 2011 Rally Software Development and Leffingwell, LLC.10

With respect to this one industry, and with respect tothese specific guidelines, any notion that we aremandated to apply a single-pass, waterfall model tosoftware development is an industry myth, onewhich has likely been perpetuated by our ownwaterfall past (“we’ve always done it this way”) andour existing quality management systems, and notbecause “the regulations make us do it”© 2011 Rally Software Development and Leffingwell, LLC.11

AN AGILE, HIGH ASSURANCELIFECYCLE FRAMEWORK© 2011 Rally Software Development and Leffingwell, LLC.12

A Scaled Agile Framework ©2011 Leffingwell, LLC.H H H H See Agile So)ware Requirements: Lean Requirements Prac8ces for Teams, Programs, and the Enterprise and www.scalingso/wareagility.wordpress.com

But high assurance development hasadditional requirementsMedical device exemplar: US FDA mandatesSoftware Verification and ValidationUserNeedsReviewDesignInputDesignProcessVerificationDesignOutputMedicaldeviceValidationSource: FDA CDRH 1997 Design ControlGuidance for Medical Device Manufacturers© 2011 Rally Software Development and Leffingwell, LLC.

So we have additional mandatesCode of Federal Regulations CFR 21 Part 830, Subpart C Design Controlsmandates device design verification and validation.VerificationProvides objective evidence that thedesign outputs of a particular phaseof the software development life cyclemeet all of the specified requirementsfor that phase.ValidationConfirmation …… that softwarespecifications conform to user needsand intended uses, and that theparticular requirements implementedthrough software can be consistentlyfulfilled….Since software is usuallypart of a larger hardware system, thevalidation … includes evidence thatall software requirements have beenimplemented correctly and completelyand are traceable to systemrequirements.Sources:Regulation: Code of Federal Regulations 21 Part 830, Subpart CDesign ControlsGuidance: General Principles of Software Validation© 2011 Rally Software Development and Leffingwell, LLC.15

AndCode of Federal Regulations CFR 21 Part 830, Subpart C Design Controlsmandates a requirements specification.Requirements SpecificationA documented software requirementsspecification (SRS) provides a baseline forboth validation and verification. Thesoftware validation process cannot becompleted without an established softwarerequirements specification(Ref: 21 CFR 820.3(z) and (aa) and 820.30(f)and (gTraceabilityFDA guidelines describe traceability and aprimary mechanism to assure thatverification and validation are completeand consistent.Traceability. The degree to which arelationship can be established betweentwo or more products of the developmentprocess, especially products having apredecessor-successor or mastersubordinaterelationship to one another;e.g., the degree to which the requirementsand design of a given software componentmatch [IEEE]Sources:Regulation: Code of Federal Regulations 21 Part 830, Subpart CDesign ControlsGuidance: General Principles of Software Validation© 2011 Rally Software Development and Leffingwell, LLC.16

A High Assurance, Agile SoftwareDevelopment LifecycleDevelopment SprintsValidation Sprints© 2011 Rally Software Development and Leffingwell, LLC.17

High Assurance Scaled Agile Framework ©2011 Leffingwell LLC.System increment System increment Valida6on Valida6on Valida6on H H Valida6on Valida6on Valida6on H H See Agile So)ware Requirements: Lean Requirements Prac8ces for Teams, Programs, and the Enterprise and www.scalingso/wareagility.wordpress.com

ITERATING AND CONTINUOUSVERIFICATION19

Agile Itera6on Pa:ern

The User StoryUserStoryAs a I can So that As an EPAT (Extracorporeal Pulse Activation Technology) technician,() I can adjust the energy delivered ()in increments so as to deliver higher or lower energy pulses to thepatient’s treatment area ().© 2011 Rally Software Development and Leffingwell, LLC.

View of an Iteration© 2011 Rally Software Development and Leffingwell, LLC.22

High assurance agile requirementsmodelSource: Leffingwell. Agile SoftwareRequirements: Lean Requirements Practicesfor Teams, Programs, and the Enterprise.Addison-Wesley 2011.© 2011 Rally Software © 2011 Development Leffingwell, and LLC. Leffingwell, LLC.

Traceability from User Story to Code andStory Acceptance TestSoftwareRequirementsSpecificationUser StoryImplemented by11..*1 1CodeVerified byVerified by1..*1..*Unit TestStoryAcceptance Test© 2011 Rally Software Development and Leffingwell, LLC.

Traceability from User Story to Code© 2011 Rally Software Development and Leffingwell, LLC.25

Traceability from User Story to Acceptance Test© 2011 Rally Software Development and Leffingwell, LLC. 26

VALIDATING SYSTEMINCREMENTS© 2011 Rally Software Development and Leffingwell, LLC.27

Validating product claimsProductIncrementsFeature1Product RequirementsDocumentPulse amplitude is adjustablefrom 1-5 barTraced to1..*StorySoftwareRequirementsSpecificationAs an operator, I can adjust the pulseamplitude in .1 bar increments so as to beable to make small changes to changeenergy delivered to patient areaAs an operator, I alwayssee the current settingon the display in .1 barincrements, so I can beconfident I’m deliveringthe right energyAs an operator, rotating the energy knob pastthe point where the system is delivering 5 barwill have no further effect© 2011 Rally Software Development and Leffingwell, LLC.

Supporting product claims to implementation© 2011 Rally Software Development and Leffingwell, LLC. 29

Validating Features and System Qualities© 2011 Rally Software Development and Leffingwell, LLC.30

Validation Sprint activities© 2011 Rally Software Development and Leffingwell, LLC.31

© 2011 Rally Software Development and Leffingwell, LLC. 32

© 2011 Rally Software Development and Leffingwell, LLC. 33

(Michael’s slides)IMPACT ON QUALITYMANAGEMENT SYSTEMS© 2011 Rally Software Development and Leffingwell, LLC.34

Important points to reiterate Agile and FDA are not at odds (waterfall is not mandated by regulations) Internal interpretation of regulations often more constraining Agile extremism does not help (working software over documentation) Satisfy Compliance needs while preserving agility and productivity. Agile and Regulations both strive to ensure high product quality© 2011 Rally Software Development and Leffingwell, LLC.35

Quality System (QS) Continuous improvement or (re-)write from scratch Establish cross-functional QS scrum team Run releases and sprints to refine / establish QS Design Controls needs to provide flexibility Software Development Life Cycle (SDLC), Tools, etc. should bespecified in the Design and Development Plan (DDP), not in the QS© 2011 Rally Software Development and Leffingwell, LLC.36

Change ControlsNew Product Development: Establish initial product backlog (PRD, SRS, DDP, etc.) Handle Risk Assessment, FMEAs, etc. outside scrum teams Develop features through sprints and “releases” File deviations per “release” using Engineering Change Order (ECO)Update release or patch: File intended changes using Engineering Change Order (ECO) Develop the features / fix relevant defects Revise the ECO along the way, if changes to plan occurred© 2011 Rally Software Development and Leffingwell, LLC.37

Software Development Life CycleDownloadpresentation slides© 2011 Rally Software Development and Leffingwell, LLC.38

CFR 820.11 Compliance and Tool Validation Tools used to manage Design History File (DHF) artifacts need tobe CFR 820.11 compliant Tool Validation: Establish objective evidence that a tool consistentlymeets the specifications it is being used for If you use RALLY or any other agile tool for such purpose then youneed to validate it For any SAAS vendor, negotiate controlled software releases toyour account or host your solution in-house© 2011 Rally Software Development and Leffingwell, LLC.39

Revision Control across releases If you have all requirements, specifications, defects, test cases, etc. inan agile tool, how do you manage changes to past releases so thatyou can re-run the right design verification tests from back then? You are better off to manage past releases outside the agile tool andonly keep latest greatest revision in agile tool Keeping artifacts of past release externally not a major issue© 2011 Rally Software Development and Leffingwell, LLC.40

Q&A© 2011 Rally Software Development and Leffingwell, LLC.41

More Books– Agile Software Requirements: Lean Requirements Practicesfor Teams, Programs, and the EnterpriseAddison-Wesley, Leffingwell. 2011.– Scaling Software Agility: Best Practices for Large Enterprises.Addison-Wesley, Leffingwell. 2007. Leffingwell Blog– www.scalingsoftwareagility.wordpress.com (high assurancecategory) Rally High Assurance Blog– http://www.rallydev.com/agileblog© 2011 Rally Software Development and Leffingwell, LLC.42